* libmisc/root_flag.c, src/gpasswd.c, src/chsh.c: Add splint
annotations. * src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c: Ignore return value of spw_rewind, pw_rewind, sgr_rewind, and gr_rewind. * lib/commonio.h: Both head and tail cannot be owned. Set tail as dependent. * src/expiry.c: Ignore return value of expire (). * src/expiry.c: The catch_signals function does not use its sig parameter. * src/userdel.c: Last audit_logger parameter is a shadow_audit_result, use SHADOW_AUDIT_FAILURE instead of 0.
This commit is contained in:
nekral-guest
parent
6e2c6ffdf7
commit
82d767d121
15
ChangeLog
15
ChangeLog
@ -1,3 +1,18 @@
|
||||
2011-11-19 Nicolas François <nicolas.francois@centraliens.net>
|
||||
|
||||
* libmisc/root_flag.c, src/gpasswd.c, src/chsh.c: Add splint
|
||||
annotations.
|
||||
* src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
|
||||
Ignore return value of spw_rewind, pw_rewind, sgr_rewind, and
|
||||
gr_rewind.
|
||||
* lib/commonio.h: Both head and tail cannot be owned. Set tail as
|
||||
dependent.
|
||||
* src/expiry.c: Ignore return value of expire ().
|
||||
* src/expiry.c: The catch_signals function does not use its sig
|
||||
parameter.
|
||||
* src/userdel.c: Last audit_logger parameter is a
|
||||
shadow_audit_result, use SHADOW_AUDIT_FAILURE instead of 0.
|
||||
|
||||
2011-11-19 Nicolas François <nicolas.francois@centraliens.net>
|
||||
|
||||
* src/faillog.c: The fail_max field is a short, use a short also
|
||||
|
||||
@ -126,7 +126,8 @@ struct commonio_db {
|
||||
/*
|
||||
* Head, tail, current position in linked list.
|
||||
*/
|
||||
/*@owned@*/ /*@null@*/struct commonio_entry *head, *tail;
|
||||
/*@owned@*/ /*@null@*/struct commonio_entry *head;
|
||||
/*@dependent@*/ /*@null@*/struct commonio_entry *tail;
|
||||
/*@dependent@*/ /*@null@*/struct commonio_entry *cursor;
|
||||
|
||||
/*
|
||||
|
||||
@ -36,6 +36,7 @@
|
||||
#include <assert.h>
|
||||
#include "defines.h"
|
||||
#include "prototypes.h"
|
||||
/*@-exitarg@*/
|
||||
#include "exitcodes.h"
|
||||
|
||||
static void change_root (const char* newroot);
|
||||
|
||||
10
src/chsh.c
10
src/chsh.c
@ -71,8 +71,8 @@ static bool pw_locked = false;
|
||||
/* external identifiers */
|
||||
|
||||
/* local function prototypes */
|
||||
static void fail_exit (int code);
|
||||
static void usage (int status);
|
||||
static /*@noreturn@*/void fail_exit (int code);
|
||||
static /*@noreturn@*/void usage (int status);
|
||||
static void new_fields (void);
|
||||
static bool shell_is_listed (const char *);
|
||||
static bool is_restricted_shell (const char *);
|
||||
@ -83,7 +83,7 @@ static void update_shell (const char *user, char *loginsh);
|
||||
/*
|
||||
* fail_exit - do some cleanup and exit with the given error code
|
||||
*/
|
||||
static void fail_exit (int code)
|
||||
static /*@noreturn@*/void fail_exit (int code)
|
||||
{
|
||||
if (pw_locked) {
|
||||
if (pw_unlock () == 0) {
|
||||
@ -101,7 +101,7 @@ static void fail_exit (int code)
|
||||
/*
|
||||
* usage - print command line syntax and exit
|
||||
*/
|
||||
static void usage (int status)
|
||||
static /*@noreturn@*/void usage (int status)
|
||||
{
|
||||
FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
|
||||
(void) fprintf (usageout,
|
||||
@ -217,7 +217,7 @@ static void process_flags (int argc, char **argv)
|
||||
switch (c) {
|
||||
case 'h':
|
||||
usage (E_SUCCESS);
|
||||
break;
|
||||
/*@notreached@*/break;
|
||||
case 'R': /* no-op, handled in process_root_flag () */
|
||||
break;
|
||||
case 's':
|
||||
|
||||
@ -49,7 +49,7 @@ const char *Prog;
|
||||
static bool cflg = false;
|
||||
|
||||
/* local function prototypes */
|
||||
static RETSIGTYPE catch_signals (int);
|
||||
static RETSIGTYPE catch_signals (unused int sig);
|
||||
static /*@noreturn@*/void usage (int status);
|
||||
static void process_flags (int argc, char **argv);
|
||||
|
||||
@ -203,7 +203,7 @@ int main (int argc, char **argv)
|
||||
* do.
|
||||
* It won't return unless the account is unexpired.
|
||||
*/
|
||||
expire (pwd, spwd);
|
||||
(void) expire (pwd, spwd);
|
||||
|
||||
return E_SUCCESS;
|
||||
}
|
||||
|
||||
@ -113,14 +113,14 @@ static void update_group (struct group *gr);
|
||||
static void change_passwd (struct group *gr);
|
||||
#endif
|
||||
static void log_gpasswd_failure (const char *suffix);
|
||||
static void log_gpasswd_failure_system (unused void *arg);
|
||||
static void log_gpasswd_failure_group (unused void *arg);
|
||||
static void log_gpasswd_failure_system (/*@null@*/unused void *arg);
|
||||
static void log_gpasswd_failure_group (/*@null@*/unused void *arg);
|
||||
#ifdef SHADOWGRP
|
||||
static void log_gpasswd_failure_gshadow (unused void *arg);
|
||||
static void log_gpasswd_failure_gshadow (/*@null@*/unused void *arg);
|
||||
#endif
|
||||
static void log_gpasswd_success (const char *suffix);
|
||||
static void log_gpasswd_success_system (unused void *arg);
|
||||
static void log_gpasswd_success_group (unused void *arg);
|
||||
static void log_gpasswd_success_system (/*@null@*/unused void *arg);
|
||||
static void log_gpasswd_success_group (/*@null@*/unused void *arg);
|
||||
|
||||
/*
|
||||
* usage - display usage message
|
||||
@ -185,9 +185,10 @@ static RETSIGTYPE catch_signals (int killed)
|
||||
*/
|
||||
static bool is_valid_user_list (const char *users)
|
||||
{
|
||||
char *username, *end;
|
||||
const char *username;
|
||||
char *end;
|
||||
bool is_valid = true;
|
||||
char *tmpusers = xstrdup (users);
|
||||
/*@owned@*/char *tmpusers = xstrdup (users);
|
||||
|
||||
for (username = tmpusers;
|
||||
(NULL != username) && ('\0' != *username);
|
||||
|
||||
@ -183,7 +183,7 @@ int main (int argc, char **argv)
|
||||
/*
|
||||
* Remove /etc/gshadow entries for groups not in /etc/group.
|
||||
*/
|
||||
sgr_rewind ();
|
||||
(void) sgr_rewind ();
|
||||
while ((sg = sgr_next ()) != NULL) {
|
||||
if (gr_locate (sg->sg_name) != NULL) {
|
||||
continue;
|
||||
@ -204,7 +204,7 @@ int main (int argc, char **argv)
|
||||
* Update shadow group passwords if non-shadow password is not "x".
|
||||
* Add any missing shadow group entries.
|
||||
*/
|
||||
gr_rewind ();
|
||||
(void) gr_rewind ();
|
||||
while ((gr = gr_next ()) != NULL) {
|
||||
sg = sgr_locate (gr->gr_name);
|
||||
if (NULL != sg) {
|
||||
|
||||
@ -188,7 +188,7 @@ int main (int argc, char **argv)
|
||||
/*
|
||||
* Update group passwords if non-shadow password is "x".
|
||||
*/
|
||||
gr_rewind ();
|
||||
(void) gr_rewind ();
|
||||
while ((gr = gr_next ()) != NULL) {
|
||||
sg = sgr_locate (gr->gr_name);
|
||||
if ( (NULL != sg)
|
||||
|
||||
@ -222,7 +222,7 @@ int main (int argc, char **argv)
|
||||
/*
|
||||
* Remove /etc/shadow entries for users not in /etc/passwd.
|
||||
*/
|
||||
spw_rewind ();
|
||||
(void) spw_rewind ();
|
||||
while ((sp = spw_next ()) != NULL) {
|
||||
if (pw_locate (sp->sp_namp) != NULL) {
|
||||
continue;
|
||||
@ -243,7 +243,7 @@ int main (int argc, char **argv)
|
||||
* Update shadow entries which don't have "x" as pw_passwd. Add any
|
||||
* missing shadow entries.
|
||||
*/
|
||||
pw_rewind ();
|
||||
(void) pw_rewind ();
|
||||
while ((pw = pw_next ()) != NULL) {
|
||||
sp = spw_locate (pw->pw_name);
|
||||
if (NULL != sp) {
|
||||
|
||||
@ -187,7 +187,7 @@ int main (int argc, char **argv)
|
||||
fail_exit (1);
|
||||
}
|
||||
|
||||
pw_rewind ();
|
||||
(void) pw_rewind ();
|
||||
while ((pw = pw_next ()) != NULL) {
|
||||
spwd = spw_locate (pw->pw_name);
|
||||
if (NULL == spwd) {
|
||||
|
||||
@ -1125,7 +1125,8 @@ int main (int argc, char **argv)
|
||||
#ifdef WITH_AUDIT
|
||||
audit_logger (AUDIT_ADD_USER, Prog,
|
||||
"removing SELinux user mapping",
|
||||
user_name, (unsigned int) user_id, 0);
|
||||
user_name, (unsigned int) user_id,
|
||||
SHADOW_AUDIT_FAILURE);
|
||||
#endif /* WITH_AUDIT */
|
||||
fail_exit (E_SE_UPDATE);
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user