You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[Fix] _json_escape_string: replace sed pipeline with bash parameter expansion.
Two defects fixed in one rewrite. (1) The quoted "$sed" invocation
tried to execve a binary literally named "sed -E" on FreeBSD, where
internals.conf sets sed="$sed -E", silently breaking post_scan_hook
JSON payload construction. (2) The N;s/\n/\\n/;P;D sed cycle only
escaped the first newline in multi-line input, leaving subsequent
LF bytes raw in JSON output for paths with two or more embedded
newlines. The bash parameter expansion form is portable, correct
for any number of newlines, and removes an external process from
the hook hot path. Backslash is escaped first so subsequent escape
sequences do not get re-escaped.
[New] tests: J-01 through J-15 unit coverage for _json_escape_string
including regression tests for the multi-newline bug and both a
runtime (J-14) and structural (J-15) guard against $sed
reintroduction. Expected values are pre-constructed using a BS
local to avoid the Rocky 9 bash 5.1 BATS preprocessor gotcha for
multi-backslash assertion strings.
[Change] conf.maldet / maldet.1: correct post_scan_hook_timeout docs.
The prior text claimed a 5-second grace period before SIGKILL, but
_scan_hook_exec_sync/_async invoke timeout(1) without --kill-after,
so a hook that traps SIGTERM continues to run until it completes.
Updated both conf.maldet and the man page to match actual behavior.
[Change] lmd_clamav, lmd_config, lmd_init: inline rationale comments for
the three deferred-or-rejected items from the PR #478 Copilot
review. lmd_clamav.sh mktemp -d failure is deferred to 2.0.2 with
blast-radius documented. lmd_config.sh ps-u-iworx grep is a false
positive because the user-filtered ps excludes the root-owned
grep child. lmd_init.sh chown user:root is deferred to 2.0.2 with
FreeBSD wheel-vs-root group divergence documented alongside
identical class-usage in lmd_quarantine.sh; pr#478
0 commit comments