emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

* libmisc/root_flag.c, src/gpasswd.c, src/chsh.c: Add splint

Browse Source 
annotations.
	* src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
	Ignore return value of spw_rewind, pw_rewind, sgr_rewind, and
	gr_rewind.
	* lib/commonio.h: Both head and tail cannot be owned. Set tail as
	dependent.
	* src/expiry.c: Ignore return value of expire ().
	* src/expiry.c: The catch_signals function does not use its sig
	parameter.
	* src/userdel.c: Last audit_logger parameter is a
	shadow_audit_result, use SHADOW_AUDIT_FAILURE instead of 0.
This commit is contained in:
nekral-guest 2011-11-19 21:51:52 +00:00
parent 6e2c6ffdf7
commit 82d767d121
11 changed files with 41 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
ChangeLog
View File

@ -1,3 +1,18 @@
2011-11-19 Nicolas François <nicolas.francois@centraliens.net>
* libmisc/root_flag.c, src/gpasswd.c, src/chsh.c: Add splint
annotations.
* src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
Ignore return value of spw_rewind, pw_rewind, sgr_rewind, and
gr_rewind.
* lib/commonio.h: Both head and tail cannot be owned. Set tail as
dependent.
* src/expiry.c: Ignore return value of expire ().
* src/expiry.c: The catch_signals function does not use its sig
parameter.
* src/userdel.c: Last audit_logger parameter is a
shadow_audit_result, use SHADOW_AUDIT_FAILURE instead of 0.
2011-11-19 Nicolas François <nicolas.francois@centraliens.net> 2011-11-19 Nicolas François <nicolas.francois@centraliens.net>
* src/faillog.c: The fail_max field is a short, use a short also * src/faillog.c: The fail_max field is a short, use a short also

3
lib/commonio.h
View File

@ -126,7 +126,8 @@ struct commonio_db {
/* /*
* Head, tail, current position in linked list. * Head, tail, current position in linked list.
*/ */
/*@owned@*/ /*@null@*/struct commonio_entry *head, *tail; /*@owned@*/ /*@null@*/struct commonio_entry *head;
/*@dependent@*/ /*@null@*/struct commonio_entry *tail;
/*@dependent@*/ /*@null@*/struct commonio_entry *cursor; /*@dependent@*/ /*@null@*/struct commonio_entry *cursor;
/* /*

1
libmisc/root_flag.c
View File

@ -36,6 +36,7 @@
#include <assert.h> #include <assert.h>
#include "defines.h" #include "defines.h"
#include "prototypes.h" #include "prototypes.h"
/*@-exitarg@*/
#include "exitcodes.h" #include "exitcodes.h"
static void change_root (const char* newroot); static void change_root (const char* newroot);

10
src/chsh.c
View File

@ -71,8 +71,8 @@ static bool pw_locked = false;
/* external identifiers */ /* external identifiers */
/* local function prototypes */ /* local function prototypes */
static void fail_exit (int code); static /*@noreturn@*/void fail_exit (int code);
static void usage (int status); static /*@noreturn@*/void usage (int status);
static void new_fields (void); static void new_fields (void);
static bool shell_is_listed (const char *); static bool shell_is_listed (const char *);
static bool is_restricted_shell (const char *); static bool is_restricted_shell (const char *);
@ -83,7 +83,7 @@ static void update_shell (const char *user, char *loginsh);
/* /*
* fail_exit - do some cleanup and exit with the given error code * fail_exit - do some cleanup and exit with the given error code
*/ */
static void fail_exit (int code) static /*@noreturn@*/void fail_exit (int code)
{ {
if (pw_locked) { if (pw_locked) {
if (pw_unlock () == 0) { if (pw_unlock () == 0) {
@ -101,7 +101,7 @@ static void fail_exit (int code)
/* /*
* usage - print command line syntax and exit * usage - print command line syntax and exit
*/ */
static void usage (int status) static /*@noreturn@*/void usage (int status)
{ {
FILE *usageout = (E_SUCCESS != status) ? stderr : stdout; FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
(void) fprintf (usageout, (void) fprintf (usageout,
@ -217,7 +217,7 @@ static void process_flags (int argc, char **argv)
switch (c) { switch (c) {
case 'h': case 'h':
usage (E_SUCCESS); usage (E_SUCCESS);
break; /*@notreached@*/break;
case 'R': /* no-op, handled in process_root_flag () */ case 'R': /* no-op, handled in process_root_flag () */
break; break;
case 's': case 's':

4
src/expiry.c
View File

@ -49,7 +49,7 @@ const char *Prog;
static bool cflg = false; static bool cflg = false;
/* local function prototypes */ /* local function prototypes */
static RETSIGTYPE catch_signals (int); static RETSIGTYPE catch_signals (unused int sig);
static /*@noreturn@*/void usage (int status); static /*@noreturn@*/void usage (int status);
static void process_flags (int argc, char **argv); static void process_flags (int argc, char **argv);
@ -203,7 +203,7 @@ int main (int argc, char **argv)
* do. * do.
* It won't return unless the account is unexpired. * It won't return unless the account is unexpired.
*/ */
expire (pwd, spwd); (void) expire (pwd, spwd);
return E_SUCCESS; return E_SUCCESS;
} }

15
src/gpasswd.c
View File

@ -113,14 +113,14 @@ static void update_group (struct group *gr);
static void change_passwd (struct group *gr); static void change_passwd (struct group *gr);
#endif #endif
static void log_gpasswd_failure (const char *suffix); static void log_gpasswd_failure (const char *suffix);
static void log_gpasswd_failure_system (unused void *arg); static void log_gpasswd_failure_system (/*@null@*/unused void *arg);
static void log_gpasswd_failure_group (unused void *arg); static void log_gpasswd_failure_group (/*@null@*/unused void *arg);
#ifdef SHADOWGRP #ifdef SHADOWGRP
static void log_gpasswd_failure_gshadow (unused void *arg); static void log_gpasswd_failure_gshadow (/*@null@*/unused void *arg);
#endif #endif
static void log_gpasswd_success (const char *suffix); static void log_gpasswd_success (const char *suffix);
static void log_gpasswd_success_system (unused void *arg); static void log_gpasswd_success_system (/*@null@*/unused void *arg);
static void log_gpasswd_success_group (unused void *arg); static void log_gpasswd_success_group (/*@null@*/unused void *arg);
/* /*
* usage - display usage message * usage - display usage message
@ -185,9 +185,10 @@ static RETSIGTYPE catch_signals (int killed)
*/ */
static bool is_valid_user_list (const char *users) static bool is_valid_user_list (const char *users)
{ {
char *username, *end; const char *username;
char *end;
bool is_valid = true; bool is_valid = true;
char *tmpusers = xstrdup (users); /*@owned@*/char *tmpusers = xstrdup (users);
for (username = tmpusers; for (username = tmpusers;
(NULL != username) && ('\0' != *username); (NULL != username) && ('\0' != *username);

4
src/grpconv.c
View File

@ -183,7 +183,7 @@ int main (int argc, char **argv)
/* /*
* Remove /etc/gshadow entries for groups not in /etc/group. * Remove /etc/gshadow entries for groups not in /etc/group.
*/ */
sgr_rewind (); (void) sgr_rewind ();
while ((sg = sgr_next ()) != NULL) { while ((sg = sgr_next ()) != NULL) {
if (gr_locate (sg->sg_name) != NULL) { if (gr_locate (sg->sg_name) != NULL) {
continue; continue;
@ -204,7 +204,7 @@ int main (int argc, char **argv)
* Update shadow group passwords if non-shadow password is not "x". * Update shadow group passwords if non-shadow password is not "x".
* Add any missing shadow group entries. * Add any missing shadow group entries.
*/ */
gr_rewind (); (void) gr_rewind ();
while ((gr = gr_next ()) != NULL) { while ((gr = gr_next ()) != NULL) {
sg = sgr_locate (gr->gr_name); sg = sgr_locate (gr->gr_name);
if (NULL != sg) { if (NULL != sg) {

2
src/grpunconv.c
View File

@ -188,7 +188,7 @@ int main (int argc, char **argv)
/* /*
* Update group passwords if non-shadow password is "x". * Update group passwords if non-shadow password is "x".
*/ */
gr_rewind (); (void) gr_rewind ();
while ((gr = gr_next ()) != NULL) { while ((gr = gr_next ()) != NULL) {
sg = sgr_locate (gr->gr_name); sg = sgr_locate (gr->gr_name);
if ( (NULL != sg) if ( (NULL != sg)

4
src/pwconv.c
View File

@ -222,7 +222,7 @@ int main (int argc, char **argv)
/* /*
* Remove /etc/shadow entries for users not in /etc/passwd. * Remove /etc/shadow entries for users not in /etc/passwd.
*/ */
spw_rewind (); (void) spw_rewind ();
while ((sp = spw_next ()) != NULL) { while ((sp = spw_next ()) != NULL) {
if (pw_locate (sp->sp_namp) != NULL) { if (pw_locate (sp->sp_namp) != NULL) {
continue; continue;
@ -243,7 +243,7 @@ int main (int argc, char **argv)
* Update shadow entries which don't have "x" as pw_passwd. Add any * Update shadow entries which don't have "x" as pw_passwd. Add any
* missing shadow entries. * missing shadow entries.
*/ */
pw_rewind (); (void) pw_rewind ();
while ((pw = pw_next ()) != NULL) { while ((pw = pw_next ()) != NULL) {
sp = spw_locate (pw->pw_name); sp = spw_locate (pw->pw_name);
if (NULL != sp) { if (NULL != sp) {

2
src/pwunconv.c
View File

@ -187,7 +187,7 @@ int main (int argc, char **argv)
fail_exit (1); fail_exit (1);
} }
pw_rewind (); (void) pw_rewind ();
while ((pw = pw_next ()) != NULL) { while ((pw = pw_next ()) != NULL) {
spwd = spw_locate (pw->pw_name); spwd = spw_locate (pw->pw_name);
if (NULL == spwd) { if (NULL == spwd) {

3
src/userdel.c
View File

@ -1125,7 +1125,8 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog, audit_logger (AUDIT_ADD_USER, Prog,
"removing SELinux user mapping", "removing SELinux user mapping",
user_name, (unsigned int) user_id, 0); user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */ #endif /* WITH_AUDIT */
fail_exit (E_SE_UPDATE); fail_exit (E_SE_UPDATE);
} }