Merge pull request e-m-b-a#202 from m-1-k-3/master

modules/F50_base_aggregator.sh

@@ -543,7 +543,7 @@ get_data() {
     STRCPY_CNT=$(grep -a "\[\*\]\ Statistics:" "$LOG_DIR"/"$S13_LOG" | cut -d: -f2)
     ARCH=$(grep -a "\[\*\]\ Statistics1:" "$LOG_DIR"/"$S13_LOG" | cut -d: -f2)
   fi
-  if [[ -f "$LOG_DIR"/"$S14_LOG" && "$STRCPY_CNT" -lt 1 ]]; then
+  if [[ -f "$LOG_DIR"/"$S14_LOG" ]]; then
     STRCPY_CNT_14=$(grep -a "\[\*\]\ Statistics:" "$LOG_DIR"/"$S14_LOG" | cut -d: -f2)
     ARCH=$(grep -a "\[\*\]\ Statistics1:" "$LOG_DIR"/"$S14_LOG" | cut -d: -f2)
   fi

modules/S06_distribution_identification.sh

@@ -110,7 +110,7 @@ get_csv_rule_distri() {
   VERSION_IDENTIFIER="$(echo "$VERSION_IDENTIFIER" | sed -r 's/d-link\ (.*)\ v([0-9].[0-9]+[a-z][0-9]+)/dlink:\1_firmware:\2/')"
   VERSION_IDENTIFIER="$(echo "$VERSION_IDENTIFIER" | sed -r 's/d-link\ (.*)\ v([0-9].[0-9]+)/dlink:\1_firmware:\2/')"
   # dd-wrt v24-sp2
-  VERSION_IDENTIFIER="$(echo "$VERSION_IDENTIFIER" | sed -r 's/dd-wrt\ v([0-9]+)-(sp[0-9])?/dd-wrt:dd-wrt:\1:\2/')"
+  VERSION_IDENTIFIER="$(echo "$VERSION_IDENTIFIER" | sed -r 's/dd-wrt\ v([0-9]+)(-sp[0-9])?/dd-wrt:dd-wrt:\1:\2/')"
   VERSION_IDENTIFIER="$(echo "$VERSION_IDENTIFIER" | sed -r 's/dd-wrt\ \#([0-9]+)/dd-wrt:dd-wrt:\1/')"
   CSV_RULE="$VERSION_IDENTIFIER"
 }

modules/S25_kernel_check.sh

@@ -266,27 +266,31 @@ analyze_kernel_module()
 }
 
 module_analyzer() {
-  LINE=$(modinfo "$LINE" | grep -E "filename|license" | cut -d: -f1,2 | sed ':a;N;$!ba;s/\nlicense//g' | sed 's/filename: //' | sed 's/ //g' | sed 's/:/||license:/')
-  local M_PATH
-  M_PATH="$( echo "$LINE" | cut -d '|' -f 1 )"
-  local LICENSE
-  LICENSE="$( echo "$LINE" | cut -d '|' -f 3 | sed 's/license:/License: /' )"
-  if file "$M_PATH" 2>/dev/null | grep -q 'not stripped'; then
-    if echo "$LINE" | grep -q -e 'license:*GPL' -e 'license:.*BSD' ; then
-      # kernel module is GPL/BSD license then not stripped is fine
-      print_output "[-] Found kernel module ""${NC}""$(print_path "$M_PATH")""  ${ORANGE}""$LICENSE""${NC}"" - ""${GREEN}""NOT STRIPPED""${NC}"
-    elif ! [[ $LICENSE =~ "License:" ]] ; then
-      print_output "[+] Found kernel module ""${NC}""$(print_path "$M_PATH")""  ${ORANGE}""License not found""${NC}"" - ""${RED}""NOT STRIPPED""${NC}"
+  if [[ "$LINE" == *".ko" ]]; then
+    LINE=$(modinfo "$LINE" | grep -E "filename|license" | cut -d: -f1,2 | sed ':a;N;$!ba;s/\nlicense//g' | sed 's/filename: //' | sed 's/ //g' | sed 's/:/||license:/')
+    local M_PATH
+    M_PATH="$( echo "$LINE" | cut -d '|' -f 1 )"
+    local LICENSE
+    LICENSE="$( echo "$LINE" | cut -d '|' -f 3 | sed 's/license:/License: /' )"
+    if file "$M_PATH" 2>/dev/null | grep -q 'not stripped'; then
+      if echo "$LINE" | grep -q -e 'license:*GPL' -e 'license:.*BSD' ; then
+        # kernel module is GPL/BSD license then not stripped is fine
+        print_output "[-] Found kernel module ""${NC}""$(print_path "$M_PATH")""  ${ORANGE}""$LICENSE""${NC}"" - ""${GREEN}""NOT STRIPPED""${NC}"
+      elif ! [[ $LICENSE =~ "License:" ]] ; then
+        print_output "[+] Found kernel module ""${NC}""$(print_path "$M_PATH")""  ${ORANGE}""License not found""${NC}"" - ""${RED}""NOT STRIPPED""${NC}"
+      else
+        # kernel module is NOT GPL license then not stripped is bad!
+        print_output "[+] Found kernel module ""${NC}""$(print_path "$M_PATH")""  ${ORANGE}""$LICENSE""${NC}"" - ""${RED}""NOT STRIPPED""${NC}"
+        KMOD_BAD=$((KMOD_BAD+1))
+      fi
     else
-      # kernel module is NOT GPL license then not stripped is bad!
-      print_output "[+] Found kernel module ""${NC}""$(print_path "$M_PATH")""  ${ORANGE}""$LICENSE""${NC}"" - ""${RED}""NOT STRIPPED""${NC}"
-      KMOD_BAD=$((KMOD_BAD+1))
+      print_output "[-] Found kernel module ""${NC}""$(print_path "$M_PATH")""  ${ORANGE}""$LICENSE""${NC}"" - ""${GREEN}""STRIPPED""${NC}"
     fi
-  else
-    print_output "[-] Found kernel module ""${NC}""$(print_path "$M_PATH")""  ${ORANGE}""$LICENSE""${NC}"" - ""${GREEN}""STRIPPED""${NC}"
-  fi
 
-  echo "$KMOD_BAD" >> "$TMP_DIR"/KMOD_BAD.tmp
+    echo "$KMOD_BAD" >> "$TMP_DIR"/KMOD_BAD.tmp
+  elif [[ "$LINE" == *".o" ]]; then
+    print_output "[-] No support for .o kernel modules - $ORANGE$LINE$NC"
+  fi
 }
 
 # This check is based on source code from lynis: https://github.com/CISOfy/lynis/blob/master/include/tests_usb