From 114c3f7d1577c2f4210ac4d80fdd7e9de1811d36 Mon Sep 17 00:00:00 2001
From: Bret N <initbar@users.noreply.github.com>
Date: Sat, 30 May 2015 19:34:23 -0400
Subject: [PATCH] Changed warn() format.

---
 bashcheck | 34 ++++++++++++++++------------------
 1 file changed, 16 insertions(+), 18 deletions(-)

diff --git a/bashcheck b/bashcheck
index a3245fb..24c719d 100755
--- a/bashcheck
+++ b/bashcheck
@@ -1,35 +1,33 @@
 #!/bin/bash
 
 warn() {
-	if [ "$scary" == "1" ]; then
-		echo -e "\033[91mVulnerable to $1\033[39m"
-	else
-		echo -e "\033[93mFound non-exploitable $1\033[39m"
-	fi
+    [ "$scary" == 1 ] && echo -e "\033[91mVulnerable to $1\033[39m" || {
+        echo -e "\033[93mFound non-exploitable $1\033[39m"
+    }
 }
 
-good() {
+pass() {
 	echo -e "\033[92mNot vulnerable to $1\033[39m"
 }
 
 tmpdir=`mktemp -d -t tmp.XXXXXXXX`
 
-[ -n "$1" ] && bash=$(which $1) || bash=$(which bash)
-echo -e "\033[95mTesting $bash ..."
-$bash -c 'echo "Bash version $BASH_VERSION"'
+[ -n "$1" ] && bash=$(which "$1") || bash=$(which bash)
+echo -e "\033[95mBash path: $bash."
+$bash -c 'echo "Bash version: $BASH_VERSION."'
 echo -e "\033[39m"
 
 #r=`a="() { echo x;}" $bash -c a 2>/dev/null`
-if [ -n "$(env 'a'="() { echo x;}" $bash -c a 2>/dev/null)" ]; then
+if [ -n "$(env 'a'="() { echo x; }" $bash -c a 2>/dev/null)" ]; then
 	echo -e "\033[91mVariable function parser active, maybe vulnerable to unknown parser bugs\033[39m"
 	scary=1
-elif [ -n "$(env 'BASH_FUNC_a%%'="() { echo x;}" $bash -c a 2>/dev/null)" ]; then
+elif [ -n "$(env 'BASH_FUNC_a%%'="() { echo x; }" $bash -c a 2>/dev/null)" ]; then
 	echo -e "\033[92mVariable function parser pre/suffixed [%%, upstream], bugs not exploitable\033[39m"
 	scary=0
-elif [ -n "$(env 'BASH_FUNC_a()'="() { echo x;}" $bash -c a 2>/dev/null)" ]; then
+elif [ -n "$(env 'BASH_FUNC_a()'="() { echo x; }" $bash -c a 2>/dev/null)" ]; then
 	echo -e "\033[92mVariable function parser pre/suffixed [(), redhat], bugs not exploitable\033[39m"
 	scary=0
-elif [ -n "$(env '__BASH_FUNC<a>()'="() { echo x;}" $bash -c a 2>/dev/null)" ]; then
+elif [ -n "$(env '__BASH_FUNC<a>()'="() { echo x; }" $bash -c a 2>/dev/null)" ]; then
 	echo -e "\033[92mVariable function parser pre/suffixed [__BASH_FUNC<..>(), apple], bugs not exploitable\033[39m"
 	scary=0
 else
@@ -42,7 +40,7 @@ r=`env x="() { :; }; echo x" $bash -c "" 2>/dev/null`
 if [ -n "$r" ]; then
 	warn "CVE-2014-6271 (original shellshock)"
 else
-	good "CVE-2014-6271 (original shellshock)"
+	pass "CVE-2014-6271 (original shellshock)"
 fi
 
 pushd $tmpdir > /dev/null
@@ -50,7 +48,7 @@ env x='() { function a a>\' $bash -c echo 2>/dev/null > /dev/null
 if [ -e echo ]; then
 	warn "CVE-2014-7169 (taviso bug)"
 else
-	good "CVE-2014-7169 (taviso bug)"
+	pass "CVE-2014-7169 (taviso bug)"
 fi
 popd > /dev/null
 
@@ -60,7 +58,7 @@ grep AddressSanitizer $tmpdir/bashcheck.tmp > /dev/null
 if [ $? == 0 ] || [ $ret == 139 ]; then
 	warn "CVE-2014-7186 (redir_stack bug)"
 else
-	good "CVE-2014-7186 (redir_stack bug)"
+	pass "CVE-2014-7186 (redir_stack bug)"
 fi
 
 
@@ -75,7 +73,7 @@ $($bash -c "f(){ x(){ _;};x(){ _;}<<a;}" 2>/dev/null)
 if [ $? != 0 ]; then
 	warn "CVE-2014-6277 (lcamtuf bug #1)"
 else
-	good "CVE-2014-6277 (lcamtuf bug #1)"
+	pass "CVE-2014-6277 (lcamtuf bug #1)"
 fi
 
 if [ -n "$(env x='() { _;}>_[$($())] { echo x;}' $bash -c : 2>/dev/null)" ]; then
@@ -85,7 +83,7 @@ elif [ -n "$(env BASH_FUNC_x%%='() { _;}>_[$($())] { echo x;}' $bash -c : 2>/dev
 elif [ -n "$(env 'BASH_FUNC_x()'='() { _;}>_[$($())] { echo x;}' $bash -c : 2>/dev/null)" ]; then
 	warn "CVE-2014-6278 (lcamtuf bug #2)"
 else
-	good "CVE-2014-6278 (lcamtuf bug #2)"
+	pass "CVE-2014-6278 (lcamtuf bug #2)"
 fi
 
 rm -rf $tmpdir