From a5c13a57cf692052a5436ed7ddf55f1aa79ac6fd Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Tue, 4 Nov 2025 09:17:08 +0100 Subject: [PATCH] Fix pattern for matching /etc/hosts entries (3.2) `grep -w` matches also `string1-whatsoever` so that entries like ``` 192.168.0.10 anystring anystring-apache 192.168.0.11 anystring-tomcat ``` matched 3 entries over 2 lines. This PR fixes #2937 for 3.2 by improving the pattern, so that `string1` needs a trailing whitespace or an EOL -- besides a leading whitespace.. --- testssl.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/testssl.sh b/testssl.sh index 1e089f61..7b441b64 100755 --- a/testssl.sh +++ b/testssl.sh @@ -21886,24 +21886,27 @@ filter_ip4_address() { # For security testing sometimes we have local entries. Getent is BS under Linux for localhost: No network, no resolution # arg1 is the entry we want to look up in the host file +# get_local_aaaa() { local ip6="" local etchosts="/etc/hosts /c/Windows/System32/drivers/etc/hosts" [[ -z "$1" ]] && echo "" && return 1 - # Also multiple records should work fine - ip6=$(grep -wih "$1" $etchosts 2>/dev/null | grep ':' | grep -Ev '^#|\.local' | grep -Ei "[[:space:]]$1" | awk '{ print $1 }') + # grep: find hostname with trailing lf or space. -w doesn't work here + ip6=$(grep -Eih "[[:space:]]$1([[:space:]]|$)" $etchosts 2>/dev/null | grep ':' | grep -Ev '^#|\.local' | awk '{ print $1 }') if is_ipv6addr "$ip6"; then echo "$ip6" else echo "" fi } + get_local_a() { local ip4="" local etchosts="/etc/hosts /c/Windows/System32/drivers/etc/hosts" - ip4=$(grep -wih "$1" $etchosts 2>/dev/null | grep -Ev ':|^#|\.local' | grep -Ei "[[:space:]]$1" | awk '{ print $1 }') + # grep: find hostname with trailing lf or space. -w doesn't work here + ip4=$(grep -Eih "[[:space:]]$1([[:space:]]|$)" $etchosts 2>/dev/null | grep -Ev ':|^#|\.local' | awk '{ print $1 }') if is_ipv4addr "$ip4"; then echo "$ip4" else