A Better Function For Validating Parameters Are Set
ACM.366 Not set and empty string are not the same thing and the order of the argument matters
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
⚙️ Check out my series on Automating Cybersecurity Metrics | Code.
🔒 Related Stories: AWS Security | Secure Code | Cybersecurity | IAM
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I’ve been cleaning up my code as I migrate it to a new layout for reasons that will become clearer as I progress. In the last post, I showed how aligning template file names with resource types negates the need to specify template file names in my stack deployment function.
In this post I want to improve my function that checks if variables are set.
When you evaluate whether or not a variable is set you have to consider which states mean the variable is “not set.” This varies by programming languages as well so you’ll need to dive into the specifics of the programming language you are using.
Variable was never set. Most languages refer to this as “null”. There’s a place in memory where a value can be stored for that variable and nothing in your programming language or your program ever puts anything into that memory location. It was allocated but never used.
function check_var() {
var=$1
#is the var set?
#no.
}
#call the function without passing anything to the variable
check_varVariable is set to an “empty string.” An empty string is generally referred to as a value that is set to two quotes with nothing in between them like two single quotes or two double quotes. In order to avoid dealing with the scenario where the variable is never set, you can put quotes around the variable when it is passed in like this:
function check_var() {
var="$1"
#is the var set?
#yes. It is set to the empty string: ""
}
#call the function without passing anything to the variable
check_varThe order of parameters when variables are not set
I have a function that checks whether parameters are set. It gets called like this:
But what I realized was that it wasn’t always working due to a logic error on my part. The function name is always set. So if the value wasn’t set, the function name would take the place of the value when passed in as a parameter and I wouldn’t get an error that the value wasn’t set.
To get around that I had to check if the function name was set also and call out that the value might not have had quotes around it when passed to the validate parameter function.
I can fix this by changing the order of my parameters, but this may affect existing code in adverse ways if I fail to update it everywhere. To fix this properly, I need to change all my code that references that function, which I will do as I add it to my new code base. By changing the name of the function, anything I fail to update will break so I know I have to fix it.
This whole issue is a problem in bash. Sometimes I get an error message that says one variable is not set when the variable before it is actually the one that was not set if I don’t quote all my variables. There are ways around this by better defining what gets passed into a function — or better yet, use another language. I’m not dealing with all that right now because I’m trying to get things done. I think the safeguards are reasonable for an open source project (with a license that says the code is not free for all use cases). If I have time I would re-implement all of this in a different language but this works for now. I’m only one person. 😊
Another way to check if a variable is set in bash
By the way, there’s another way to check to see if a variable is set to a value. You can test it out on your particular operating system like this:
Different operating systems may handle this code differently and there are other variations. Always test…
In my case, I get the following result, which is what I want. the first test passes in a value and the second one doesn’t:
But by putting quotes around the values passed into my arguments and checking each one, I can avoid dealing with that scenario. As far as I know. I’m still learning more about bash every day. It’s not my laguage of choice. It’s just the fastest way for me to demonstrate concepts and get the code written.
Follow for updates.
Teri Radichel | © 2nd Sight Lab 2023
About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight LabNeed Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for PresentationFollow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab