Skip to content

Commit 6bc771e

Browse files
author
David Cooper
committed
Fix pattern matches
This commit fixes three lines of code that use Bash substring matching. In each case, a list of strings to match was enclosed in brackets. This resulted in a match if the string to test contained any character from any of the strings to match. This commit fixes the issue by removing the brackets. (The bugs were introduced in b8e9b09 and 8149c2d)
1 parent c49d9f6 commit 6bc771e

1 file changed

Lines changed: 4 additions & 4 deletions

File tree

testssl.sh

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -3050,7 +3050,7 @@ run_cookie_flags() { # ARG1: Path
30503050
fi
30513051

30523052
if [[ ! "$HTTP_STATUS_CODE" =~ 20 ]]; then
3053-
if [[ "$HTTP_STATUS_CODE" =~ [301|302] ]]; then
3053+
if [[ "$HTTP_STATUS_CODE" =~ 301|302 ]]; then
30543054
msg302=" -- maybe better try target URL of 30x"
30553055
msg302_=" (30x detected, better try target URL of 30x)"
30563056
else
@@ -10181,7 +10181,7 @@ run_npn() {
1018110181
fileout "$jsonID" "INFO" "not offered"
1018210182
else
1018310183
# now comes a strange thing: "Protocols advertised by server:" is empty but connection succeeded
10184-
if [[ "$tmpstr" =~ [h2|spdy|http] ]]; then
10184+
if [[ "$tmpstr" =~ h2|spdy|http ]]; then
1018510185
out "$tmpstr"
1018610186
outln " (advertised)"
1018710187
fileout "$jsonID" "INFO" "offered with $tmpstr (advertised)"
@@ -14225,9 +14225,9 @@ run_ccs_injection(){
1422514225
fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe"
1422614226
fi
1422714227
elif [[ "${tls_hello_ascii:0:4}" == "1503" ]]; then
14228-
if [[ ! "${tls_hello_ascii:5:2}" =~ [03|02|01|00] ]]; then
14228+
if [[ ! "${tls_hello_ascii:5:2}" =~ 03|02|01|00 ]]; then
1422914229
pr_warning "test failed "
14230-
out "no proper TLS repy (debug info: protocol sent: 1503${tls_hexcode#x03, x}, reply: ${tls_hello_ascii:0:14}"
14230+
out "no proper TLS reply (debug info: protocol sent: 1503${tls_hexcode#x03, x}, reply: ${tls_hello_ascii:0:14}"
1423114231
fileout "$jsonID" "DEBUG" "test failed, around line $LINENO, debug info (${tls_hello_ascii:0:14})" "$cve" "$cwe" "$hint"
1423214232
ret=1
1423314233
elif [[ "$byte6" == "15" ]]; then

0 commit comments

Comments
 (0)