Breaking Change ~ Validating Variables
ACM.212 Apologies. I broke the code. Also, validating your variables and bash best practices
Part of my series on Automating Cybersecurity Metrics. The Code.
Free Content on Jobs in Cybersecurity | Sign up for the Email List
In the last post I explained how to use the Security Automation Framework in your own code or just parts of it.
Next I want to explain how and why I broke something and how to fix it.
I apologize. I had to break my code. Here’s why. I realized at some point my method of validating that variables for my functions are set before continuing to run code was not working.
I created that function in an earlier post, but somehow it was not properly validating that variables exist anymore. Odd. I don’t know if I started doing things differently or the myriad of weird errors related to passing variables to bash functions somehow changed under the hood. In any case, I finally looked into the problem.
Here’s what causes it.
If you pass in arguments to the function without quotes around them, any variables that are not set collapse and the code uses the argument after that as the next positional argument.
var1="1"
#forgot to set var2
var3="3"
funkyfunc {
v1=$1
v2=$2
v3=$3
echo 'var1: '$v1
echo 'var2: '$v2
echo 'var3: '$v3
}
funkyfunc 1 2 3
results:
var1: 1
var2: 3
var3: So what happened is that I was checking values exist as shown above where var1 was the name of the argument, var2 was the value and var3 was the function name. The function name was set and the value was not. But I was only checking if the value was set (var2 in the example above) and it always passed because the function always has a name.
To fix that I now check if the value and the function are set.
That causes my error message to correctly throw an error, however it creates another problem. If you fail to put quotes about your variables when passing them into the function (a best practice) then you get a validation error.
To help indicate what the problem was I improved the error message, but now I have to go through all my code and update all calls that validate functions to put quotes around variables. I’ll get to that eventually but for now at least you know what I did. :)
And this is why you have multiple branches and don’t check things straight into production code. But in my case, I have no QA team and not getting paid enough for this code to worry about it. I could have delayed checkin the code but I wanted to get code into the repo related to blog posts. I’ll fix it shortly.
Follow for updates.
Teri Radichel | © 2nd Sight Lab 2023
The best way to support this blog is to sign up for the email list and clap for stories you like. That also helps me determine what stories people like and what to write about more often. Other ways to follow and support are listed below. Thank you!
About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
Author: Cybersecurity for Executives in the Age of Cloud
Presentations: Presentations by Teri Radichel
Recognition: SANS Difference Makers Award, AWS Security Hero, IANS Faculty
Certifications: SANS
Education: BA Business, Master of Software Engineering, Master of Infosec
Company: Cloud Penetration Tests, Assessments, Training ~ 2nd Sight LabLike this story? Use the options below to help me write more!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
❤️ Clap
❤️ Referrals
❤️ Medium: Teri Radichel
❤️ Email List: Teri Radichel
❤️ Twitter: @teriradichel
❤️ Mastodon: @[email protected]
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
❤️ Buy a Book: Teri Radichel on Amazon
❤️ Request a penetration test, assessment, or training
via LinkedIn: Teri Radichel
❤️ Schedule a consulting call with me through IANS ResearchMy Cybersecurity Book: Cybersecurity for Executives in the Age of Cloud
