Enhance security validation and optimize utilities

- Add SERVER_NAME validation to prevent HTTP header injections
- URL-encode Matrix room_id and upload filename per RFC 3986
- Replace bc with awk for float comparison to reduce dependencies
- Replace echo with printf in dispatch error logs for consistency
- Introduce urlencode utility in common library
- Update comprehensive BATS test suites for all modifications

Author: underhax

README.md

@@ -46,7 +46,7 @@ The login monitor focuses on immediate visibility into system access. It monitor
 ### 2. Dependencies
 Install the necessary utilities using the package manager:
 ```bash
-sudo apt update && sudo apt install -y awk bc curl jq procps coreutils file
+sudo apt update && sudo apt install -y awk curl jq procps coreutils file
 ```
 
 ## Installation

opt/monitoring/high-load.sh

@@ -255,7 +255,7 @@ collect_top_procs() {
 
 should_alert() {
   local load_exceeded
-  load_exceeded=$(echo "${LOAD_1} > ${THRESHOLD}" | bc -l)
+  load_exceeded=$(awk -v l="${LOAD_1}" -v t="${THRESHOLD}" 'BEGIN {print (l > t) ? 1 : 0}')
   [[ ${load_exceeded} -eq 1 ]] || return 1
 
   if [[ ${PSI_AVAILABLE} -eq 1 ]]; then
@@ -353,27 +353,27 @@ dispatch_notifications() {
       telegram)
         local message
         message=$(high_load_message_telegram)
-        tg_send_message "${message}" || echo "ERROR: telegram notification failed" >&2
-        tg_send_file "${TOP_PROCS_FILE}" || echo "ERROR: telegram file send failed" >&2
+        tg_send_message "${message}" || printf "ERROR: telegram notification failed\n" >&2
+        tg_send_file "${TOP_PROCS_FILE}" || printf "ERROR: telegram file send failed\n" >&2
         ;;
       matrix)
         local plain html
         plain=$(high_load_message_matrix_plain)
         html=$(high_load_message_matrix_html)
-        mx_send_message "${plain}" "${html}" || echo "ERROR: matrix notification failed" >&2
-        mx_send_file "${TOP_PROCS_FILE}" || echo "ERROR: matrix file send failed" >&2
+        mx_send_message "${plain}" "${html}" || printf "ERROR: matrix notification failed\n" >&2
+        mx_send_file "${TOP_PROCS_FILE}" || printf "ERROR: matrix file send failed\n" >&2
         ;;
       ntfy)
         local message title
         message=$(high_load_message_ntfy)
         title=$(high_load_title_ntfy)
         # shellcheck disable=SC2154
         # Rationale: NTFY_TOKEN is populated from config file.
-        ntfy_send "${message}" "${NTFY_URL}" "${NTFY_TOPIC}" "${NTFY_TOKEN}" "${title}" || echo "ERROR: ntfy notification failed" >&2
-        ntfy_send_file "${TOP_PROCS_FILE}" "${NTFY_URL}" "${NTFY_TOPIC}" "${NTFY_TOKEN}" "${title}" || echo "ERROR: ntfy file send failed" >&2
+        ntfy_send "${message}" "${NTFY_URL}" "${NTFY_TOPIC}" "${NTFY_TOKEN}" "${title}" || printf "ERROR: ntfy notification failed\n" >&2
+        ntfy_send_file "${TOP_PROCS_FILE}" "${NTFY_URL}" "${NTFY_TOPIC}" "${NTFY_TOKEN}" "${title}" || printf "ERROR: ntfy file send failed\n" >&2
         ;;
       *)
-        echo "ERROR: Unknown notifier: ${notifier}" >&2
+        printf "ERROR: Unknown notifier: %s\n" "${notifier}" >&2
         ;;
       esac
     ) &
@@ -384,7 +384,7 @@ dispatch_notifications() {
 
 main() {
   parse_args "$@"
-  check_deps awk bc curl jq ps file stat
+  check_deps awk curl jq ps file stat
 
   if [[ -z ${SERVER_NAME:-} ]] && [[ -f ${CONFIG_CACHE} ]]; then
     # shellcheck source=/dev/null

opt/monitoring/lib/common.sh

@@ -21,6 +21,23 @@ check_deps() {
   [[ ${#missing[@]} -eq 0 ]] || die "Missing required commands: ${missing[*]}"
 }
 
+urlencode() {
+  local string="${1}"
+  local strlen=${#string}
+  local encoded=""
+  local pos c o
+
+  for ((pos = 0; pos < strlen; pos++)); do
+    c=${string:pos:1}
+    case "${c}" in
+    [-_.~a-zA-Z0-9]) o="${c}" ;;
+    *) printf -v o '%%%02x' "'${c}" ;;
+    esac
+    encoded+="${o}"
+  done
+  printf '%s' "${encoded}"
+}
+
 load_senders() {
   # shellcheck disable=SC2154
   # Rationale: SENDERS_DIR is defined in the main script and imported via source

opt/monitoring/lib/validation.sh

@@ -24,10 +24,9 @@ validate_bot_config() {
   # Rationale: Configuration file path is resolved dynamically at runtime.
   source "${config_file}"
 
-  [[ -n ${SERVER_NAME:-} ]] || {
-    printf "SERVER_NAME is not set\n" >&2
-    return 1
-  }
+  # shellcheck disable=SC2310
+  # Rationale: Function intentionally returns error code for parent script to handle.
+  validate_server_name "${SERVER_NAME:-}" || return 1
 
   local has_telegram=0
   local has_matrix=0
@@ -350,6 +349,19 @@ validate_matrix_room_id() {
   return 0
 }
 
+validate_server_name() {
+  local val="$1"
+  [[ -n ${val} ]] || {
+    printf "SERVER_NAME is not set\n" >&2
+    return 1
+  }
+  [[ ${val} =~ ^[a-zA-Z0-9\ ._-]+$ ]] || {
+    printf "SERVER_NAME format is invalid (allowed: a-z, A-Z, 0-9, space, ., _, -)\n" >&2
+    return 1
+  }
+  return 0
+}
+
 validate_bot_token() {
   local val="$1"
   [[ -n ${val} ]] || {

opt/monitoring/login.sh

@@ -121,24 +121,24 @@ dispatch_login_notification() {
       telegram)
         local message
         message=$(login_message_telegram)
-        tg_send_message "${message}" || echo "ERROR: telegram notification failed" >&2
+        tg_send_message "${message}" || printf "ERROR: telegram notification failed\n" >&2
         ;;
       matrix)
         local plain html
         plain=$(login_message_matrix_plain)
         html=$(login_message_matrix_html)
-        mx_send_message "${plain}" "${html}" || echo "ERROR: matrix notification failed" >&2
+        mx_send_message "${plain}" "${html}" || printf "ERROR: matrix notification failed\n" >&2
         ;;
       ntfy)
         local message title
         message=$(login_message_ntfy)
         title=$(login_title_ntfy)
         # shellcheck disable=SC2154
         # Rationale: NTFY_* variables are populated from config file at runtime
-        ntfy_send "${message}" "${NTFY_URL}" "${NTFY_TOPIC}" "${NTFY_TOKEN}" "${title}" || echo "ERROR: ntfy notification failed" >&2
+        ntfy_send "${message}" "${NTFY_URL}" "${NTFY_TOPIC}" "${NTFY_TOKEN}" "${title}" || printf "ERROR: ntfy notification failed\n" >&2
         ;;
       *)
-        echo "ERROR: Unknown notifier: ${notifier}" >&2
+        printf "ERROR: Unknown notifier: %s\n" "${notifier}" >&2
         ;;
       esac
     ) &

opt/monitoring/senders/matrix.sh

@@ -16,7 +16,9 @@ mx_send_message() {
   local txn_id
   txn_id=$(mx_txn_id)
 
-  local endpoint="${url}/_matrix/client/v3/rooms/${room_id}/send/m.room.message/${txn_id}"
+  local encoded_room
+  encoded_room=$(urlencode "${room_id}")
+  local endpoint="${url}/_matrix/client/v3/rooms/${encoded_room}/send/m.room.message/${txn_id}"
 
   local payload
   payload=$(jq -n \
@@ -63,8 +65,9 @@ mx_upload_file() {
   local mime_type
   mime_type=$(file -b --mime-type "${file_path}")
 
-  local filename
+  local filename encoded_filename
   filename=$(basename "${file_path}")
+  encoded_filename=$(urlencode "${filename}")
 
   local upload_response content_uri
   upload_response=$(curl -fsSL \
@@ -76,7 +79,7 @@ mx_upload_file() {
     -H "Authorization: Bearer ${access_token}" \
     -H "Content-Type: ${mime_type}" \
     --data-binary "@${file_path}" \
-    "${url}/_matrix/media/v3/upload?filename=${filename}") || {
+    "${url}/_matrix/media/v3/upload?filename=${encoded_filename}") || {
     printf "ERROR [matrix]: File upload curl failed\n" >&2
     return 1
   }
@@ -104,7 +107,9 @@ mx_send_file() {
   filename=$(basename "${file_path}")
   txn_id=$(mx_txn_id)
 
-  local endpoint="${url}/_matrix/client/v3/rooms/${room_id}/send/m.room.message/${txn_id}"
+  local encoded_room
+  encoded_room=$(urlencode "${room_id}")
+  local endpoint="${url}/_matrix/client/v3/rooms/${encoded_room}/send/m.room.message/${txn_id}"
 
   local payload
   payload=$(jq -n \

tests/high-load.bats

@@ -172,7 +172,7 @@ setup() {
     if [[ "$1" == "-v" ]]; then return 0; fi
     builtin command "$@"
   }
-  run check_deps awk bc curl jq ps file stat
+  run check_deps awk curl jq ps file stat
   [ "$status" -eq 1 ]
   [[ "$output" == *"Missing required commands: awk"* ]]
 }
@@ -278,19 +278,19 @@ setup() {
   [ -z "$FAILED_SERVICES" ]
 }
 
-@test "main calls check_deps with awk bc curl jq ps file stat" {
+@test "main calls check_deps with awk curl jq ps file stat" {
   check_deps() { printf "DEPS_CALLED:%s\n" "$*"; }
 
   run main --threshold 5.0
-  [[ "$output" == *"DEPS_CALLED:awk bc curl jq ps file stat"* ]]
+  [[ "$output" == *"DEPS_CALLED:awk curl jq ps file stat"* ]]
 }
 
 @test "main fails when check_deps reports missing commands" {
-  check_deps() { die "Missing required commands: bc"; }
+  check_deps() { die "Missing required commands: jq"; }
 
   run main --threshold 5.0
   [ "$status" -eq 1 ]
-  [[ "$output" == *"Missing required commands: bc"* ]]
+  [[ "$output" == *"Missing required commands: jq"* ]]
 }
 
 @test "main fails without --threshold" {

tests/senders.bats

@@ -14,6 +14,7 @@ teardown_file() {
 setup() {
   export SCRIPT_DIR="${BATS_TEST_DIRNAME}/../opt/monitoring"
   export SENDERS_DIR="${SCRIPT_DIR}/senders"
+  source "${SCRIPT_DIR}/lib/common.sh"
   source "${SENDERS_DIR}/telegram.sh"
   source "${SENDERS_DIR}/matrix.sh"
   source "${SENDERS_DIR}/ntfy.sh"

tests/validation.bats

@@ -487,6 +487,36 @@ teardown_file() {
   [ "$status" -eq 1 ]
 }
 
+@test "validate_server_name accepts valid names" {
+  run validate_server_name "my-server-01"
+  [ "$status" -eq 0 ]
+  run validate_server_name "prod.web.us-east"
+  [ "$status" -eq 0 ]
+  run validate_server_name "Server_Name.123"
+  [ "$status" -eq 0 ]
+  run validate_server_name "server name"
+  [ "$status" -eq 0 ]
+}
+
+@test "validate_server_name rejects empty name" {
+  run validate_server_name ""
+  [ "$status" -eq 1 ]
+  [[ "$output" == *"SERVER_NAME is not set"* ]]
+}
+
+@test "validate_server_name rejects CRLF injection" {
+  run validate_server_name $'server\r\nX-Injected: true'
+  [ "$status" -eq 1 ]
+  [[ "$output" == *"SERVER_NAME format is invalid"* ]]
+}
+
+@test "validate_server_name rejects special chars" {
+  run validate_server_name "server/../../etc"
+  [ "$status" -eq 1 ]
+  run validate_server_name 'server$(whoami)'
+  [ "$status" -eq 1 ]
+}
+
 @test "validate_ntfy_topic accepts valid topic" {
   run validate_ntfy_topic "my-topic"
   [ "$status" -eq 0 ]