Fix some potential problems found by the clang static analyzer,
none serious.
This commit is contained in:
Todd C. Miller
@@ -653,7 +653,8 @@ remove_timestamp(int remove)
|
|||||||
path, strerror(errno));
|
path, strerror(errno));
|
||||||
remove = FALSE;
|
remove = FALSE;
|
||||||
}
|
}
|
||||||
} else {
|
}
|
||||||
|
if (!remove) {
|
||||||
timevalclear(&tv);
|
timevalclear(&tv);
|
||||||
if (touch(-1, path, &tv) == -1 && errno != ENOENT)
|
if (touch(-1, path, &tv) == -1 && errno != ENOENT)
|
||||||
error(1, _("unable to reset %s to the epoch"), path);
|
error(1, _("unable to reset %s to the epoch"), path);
|
||||||
|
|||||||
@@ -77,7 +77,6 @@ group_plugin_load(char *plugin_info)
|
|||||||
/*
|
/*
|
||||||
* Fill in .so path and split out args (if any).
|
* Fill in .so path and split out args (if any).
|
||||||
*/
|
*/
|
||||||
args = strpbrk(plugin_info, " \t");
|
|
||||||
if ((args = strpbrk(plugin_info, " \t")) != NULL) {
|
if ((args = strpbrk(plugin_info, " \t")) != NULL) {
|
||||||
len = snprintf(path, sizeof(path), "%s%.*s",
|
len = snprintf(path, sizeof(path), "%s%.*s",
|
||||||
(*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "",
|
(*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "",
|
||||||
|
|||||||
@@ -2059,7 +2059,7 @@ sudo_ldap_setdefs(struct sudo_nss *nss)
|
|||||||
}
|
}
|
||||||
result = NULL;
|
result = NULL;
|
||||||
rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE,
|
rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE,
|
||||||
filt, NULL, 0, NULL, NULL, NULL, 0, &result);
|
filt, NULL, 0, NULL, NULL, tvp, 0, &result);
|
||||||
if (rc == LDAP_SUCCESS && (entry = ldap_first_entry(ld, result))) {
|
if (rc == LDAP_SUCCESS && (entry = ldap_first_entry(ld, result))) {
|
||||||
DPRINTF(("found:%s", ldap_get_dn(ld, entry)), 1);
|
DPRINTF(("found:%s", ldap_get_dn(ld, entry)), 1);
|
||||||
sudo_ldap_parse_options(ld, entry);
|
sudo_ldap_parse_options(ld, entry);
|
||||||
@@ -2083,7 +2083,7 @@ sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag)
|
|||||||
struct sudo_ldap_handle *handle = nss->handle;
|
struct sudo_ldap_handle *handle = nss->handle;
|
||||||
LDAP *ld;
|
LDAP *ld;
|
||||||
LDAPMessage *entry;
|
LDAPMessage *entry;
|
||||||
int i, rc, setenv_implied, matched = UNSPEC;
|
int i, rc, setenv_implied;
|
||||||
struct ldap_result *lres = NULL;
|
struct ldap_result *lres = NULL;
|
||||||
|
|
||||||
if (handle == NULL || handle->ld == NULL)
|
if (handle == NULL || handle->ld == NULL)
|
||||||
@@ -2098,11 +2098,12 @@ sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag)
|
|||||||
* password is required, so the order of the entries doesn't matter.
|
* password is required, so the order of the entries doesn't matter.
|
||||||
*/
|
*/
|
||||||
if (pwflag) {
|
if (pwflag) {
|
||||||
DPRINTF(("perform search for pwflag %d", pwflag), 1);
|
|
||||||
int doauth = UNSPEC;
|
int doauth = UNSPEC;
|
||||||
|
int matched = UNSPEC;
|
||||||
enum def_tuple pwcheck =
|
enum def_tuple pwcheck =
|
||||||
(pwflag == -1) ? never : sudo_defs_table[pwflag].sd_un.tuple;
|
(pwflag == -1) ? never : sudo_defs_table[pwflag].sd_un.tuple;
|
||||||
|
|
||||||
|
DPRINTF(("perform search for pwflag %d", pwflag), 1);
|
||||||
for (i = 0; i < lres->nentries; i++) {
|
for (i = 0; i < lres->nentries; i++) {
|
||||||
entry = lres->entries[i].entry;
|
entry = lres->entries[i].entry;
|
||||||
if ((pwcheck == any && doauth != FALSE) ||
|
if ((pwcheck == any && doauth != FALSE) ||
|
||||||
@@ -2152,7 +2153,6 @@ sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag)
|
|||||||
if (rc != UNSPEC) {
|
if (rc != UNSPEC) {
|
||||||
/* We have a match. */
|
/* We have a match. */
|
||||||
DPRINTF(("Command %sallowed", rc == TRUE ? "" : "NOT "), 1);
|
DPRINTF(("Command %sallowed", rc == TRUE ? "" : "NOT "), 1);
|
||||||
matched = TRUE;
|
|
||||||
if (rc == TRUE) {
|
if (rc == TRUE) {
|
||||||
DPRINTF(("LDAP entry: %p", entry), 1);
|
DPRINTF(("LDAP entry: %p", entry), 1);
|
||||||
/* Apply entry-specific options. */
|
/* Apply entry-specific options. */
|
||||||
@@ -2354,7 +2354,7 @@ sudo_ldap_result_get(struct sudo_nss *nss, struct passwd *pw)
|
|||||||
}
|
}
|
||||||
result = NULL;
|
result = NULL;
|
||||||
rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, filt,
|
rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, filt,
|
||||||
NULL, 0, NULL, NULL, NULL, 0, &result);
|
NULL, 0, NULL, NULL, tvp, 0, &result);
|
||||||
if (rc != LDAP_SUCCESS) {
|
if (rc != LDAP_SUCCESS) {
|
||||||
DPRINTF(("nothing found for '%s'", filt), 1);
|
DPRINTF(("nothing found for '%s'", filt), 1);
|
||||||
continue;
|
continue;
|
||||||
|
|||||||
@@ -500,34 +500,29 @@ display_bound_defaults(int dtype, struct lbuf *lbuf)
|
|||||||
{
|
{
|
||||||
struct defaults *d;
|
struct defaults *d;
|
||||||
struct member *m, *binding = NULL;
|
struct member *m, *binding = NULL;
|
||||||
char *dname, *dsep;
|
char *dsep;
|
||||||
int atype, nfound = 0;
|
int atype, nfound = 0;
|
||||||
|
|
||||||
switch (dtype) {
|
switch (dtype) {
|
||||||
case DEFAULTS_HOST:
|
case DEFAULTS_HOST:
|
||||||
atype = HOSTALIAS;
|
atype = HOSTALIAS;
|
||||||
dname = "host";
|
|
||||||
dsep = "@";
|
dsep = "@";
|
||||||
break;
|
break;
|
||||||
case DEFAULTS_USER:
|
case DEFAULTS_USER:
|
||||||
atype = USERALIAS;
|
atype = USERALIAS;
|
||||||
dname = "user";
|
|
||||||
dsep = ":";
|
dsep = ":";
|
||||||
break;
|
break;
|
||||||
case DEFAULTS_RUNAS:
|
case DEFAULTS_RUNAS:
|
||||||
atype = RUNASALIAS;
|
atype = RUNASALIAS;
|
||||||
dname = "runas";
|
|
||||||
dsep = ">";
|
dsep = ">";
|
||||||
break;
|
break;
|
||||||
case DEFAULTS_CMND:
|
case DEFAULTS_CMND:
|
||||||
atype = CMNDALIAS;
|
atype = CMNDALIAS;
|
||||||
dname = "cmnd";
|
|
||||||
dsep = "!";
|
dsep = "!";
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
/* sudo_printf(SUDO_CONV_INFO_MSG, _("Per-%s Defaults entries:\n"), dname); */
|
|
||||||
tq_foreach_fwd(&defaults, d) {
|
tq_foreach_fwd(&defaults, d) {
|
||||||
if (d->type != dtype)
|
if (d->type != dtype)
|
||||||
continue;
|
continue;
|
||||||
|
|||||||
@@ -98,7 +98,7 @@ rewind_perms(void)
|
|||||||
int
|
int
|
||||||
set_perms(int perm)
|
set_perms(int perm)
|
||||||
{
|
{
|
||||||
struct perm_state *state, *ostate = NULL;
|
struct perm_state *state, *ostate;
|
||||||
const char *errstr;
|
const char *errstr;
|
||||||
int noexit;
|
int noexit;
|
||||||
|
|
||||||
@@ -112,11 +112,16 @@ set_perms(int perm)
|
|||||||
}
|
}
|
||||||
|
|
||||||
state = &perm_stack[perm_stack_depth];
|
state = &perm_stack[perm_stack_depth];
|
||||||
if (perm_stack_depth)
|
if (perm != PERM_INITIAL) {
|
||||||
|
if (perm_stack_depth == 0) {
|
||||||
|
errstr = _("perm stack underflow");
|
||||||
|
errno = EINVAL;
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
ostate = &perm_stack[perm_stack_depth - 1];
|
ostate = &perm_stack[perm_stack_depth - 1];
|
||||||
|
if (memcmp(state, ostate, sizeof(*state)) == 0)
|
||||||
if (perm != PERM_INITIAL && memcmp(state, ostate, sizeof(*state)) == 0)
|
goto done;
|
||||||
goto done;
|
}
|
||||||
|
|
||||||
switch (perm) {
|
switch (perm) {
|
||||||
case PERM_INITIAL:
|
case PERM_INITIAL:
|
||||||
@@ -339,7 +344,7 @@ bad:
|
|||||||
int
|
int
|
||||||
set_perms(int perm)
|
set_perms(int perm)
|
||||||
{
|
{
|
||||||
struct perm_state *state, *ostate = NULL;
|
struct perm_state *state, *ostate;
|
||||||
const char *errstr;
|
const char *errstr;
|
||||||
int noexit;
|
int noexit;
|
||||||
|
|
||||||
@@ -353,11 +358,16 @@ set_perms(int perm)
|
|||||||
}
|
}
|
||||||
|
|
||||||
state = &perm_stack[perm_stack_depth];
|
state = &perm_stack[perm_stack_depth];
|
||||||
if (perm_stack_depth)
|
if (perm != PERM_INITIAL) {
|
||||||
|
if (perm_stack_depth == 0) {
|
||||||
|
errstr = _("perm stack underflow");
|
||||||
|
errno = EINVAL;
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
ostate = &perm_stack[perm_stack_depth - 1];
|
ostate = &perm_stack[perm_stack_depth - 1];
|
||||||
|
if (memcmp(state, ostate, sizeof(*state)) == 0)
|
||||||
if (perm != PERM_INITIAL && memcmp(state, ostate, sizeof(*state)) == 0)
|
goto done;
|
||||||
goto done;
|
}
|
||||||
|
|
||||||
switch (perm) {
|
switch (perm) {
|
||||||
case PERM_INITIAL:
|
case PERM_INITIAL:
|
||||||
@@ -566,7 +576,7 @@ bad:
|
|||||||
int
|
int
|
||||||
set_perms(int perm)
|
set_perms(int perm)
|
||||||
{
|
{
|
||||||
struct perm_state *state, *ostate = NULL;
|
struct perm_state *state, *ostate;
|
||||||
const char *errstr;
|
const char *errstr;
|
||||||
int noexit;
|
int noexit;
|
||||||
|
|
||||||
@@ -580,11 +590,16 @@ set_perms(int perm)
|
|||||||
}
|
}
|
||||||
|
|
||||||
state = &perm_stack[perm_stack_depth];
|
state = &perm_stack[perm_stack_depth];
|
||||||
if (perm_stack_depth)
|
if (perm != PERM_INITIAL) {
|
||||||
|
if (perm_stack_depth == 0) {
|
||||||
|
errstr = _("perm stack underflow");
|
||||||
|
errno = EINVAL;
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
ostate = &perm_stack[perm_stack_depth - 1];
|
ostate = &perm_stack[perm_stack_depth - 1];
|
||||||
|
if (memcmp(state, ostate, sizeof(*state)) == 0)
|
||||||
if (perm != PERM_INITIAL && memcmp(state, ostate, sizeof(*state)) == 0)
|
goto done;
|
||||||
goto done;
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Since we only have setuid() and seteuid() and semantics
|
* Since we only have setuid() and seteuid() and semantics
|
||||||
@@ -795,7 +810,7 @@ bad:
|
|||||||
int
|
int
|
||||||
set_perms(int perm)
|
set_perms(int perm)
|
||||||
{
|
{
|
||||||
struct perm_state *state, *ostate = NULL;
|
struct perm_state *state, *ostate;
|
||||||
const char *errstr;
|
const char *errstr;
|
||||||
int noexit;
|
int noexit;
|
||||||
|
|
||||||
@@ -809,11 +824,16 @@ set_perms(int perm)
|
|||||||
}
|
}
|
||||||
|
|
||||||
state = &perm_stack[perm_stack_depth];
|
state = &perm_stack[perm_stack_depth];
|
||||||
if (perm_stack_depth)
|
if (perm != PERM_INITIAL) {
|
||||||
|
if (perm_stack_depth == 0) {
|
||||||
|
errstr = _("perm stack underflow");
|
||||||
|
errno = EINVAL;
|
||||||
|
goto bad;
|
||||||
|
}
|
||||||
ostate = &perm_stack[perm_stack_depth - 1];
|
ostate = &perm_stack[perm_stack_depth - 1];
|
||||||
|
if (memcmp(state, ostate, sizeof(*state)) == 0)
|
||||||
if (perm != PERM_INITIAL && memcmp(state, ostate, sizeof(*state)) == 0)
|
goto done;
|
||||||
goto done;
|
}
|
||||||
|
|
||||||
switch (perm) {
|
switch (perm) {
|
||||||
case PERM_INITIAL:
|
case PERM_INITIAL:
|
||||||
|
|||||||
@@ -4,7 +4,7 @@
|
|||||||
/* A lexical scanner generated by flex */
|
/* A lexical scanner generated by flex */
|
||||||
|
|
||||||
/* Scanner skeleton version:
|
/* Scanner skeleton version:
|
||||||
* $Header: /home/cvs/openbsd/src/usr.bin/lex/flex.skl,v 1.11 2010/08/04 18:24:50 millert Exp $
|
* $Header: /cvs/src/usr.bin/lex/flex.skl,v 1.11 2010/08/04 18:24:50 millert Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#define FLEX_SCANNER
|
#define FLEX_SCANNER
|
||||||
@@ -3609,8 +3609,10 @@ parse_include(char *base)
|
|||||||
|
|
||||||
/* Make a copy of path and return it. */
|
/* Make a copy of path and return it. */
|
||||||
len += (int)(ep - cp);
|
len += (int)(ep - cp);
|
||||||
if ((path = malloc(len + 1)) == NULL)
|
if ((path = malloc(len + 1)) == NULL) {
|
||||||
yyerror(_("unable to allocate memory"));
|
yyerror(_("unable to allocate memory"));
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
if (subst) {
|
if (subst) {
|
||||||
/* substitute for %h */
|
/* substitute for %h */
|
||||||
char *pp = path;
|
char *pp = path;
|
||||||
|
|||||||
@@ -900,8 +900,10 @@ parse_include(char *base)
|
|||||||
|
|
||||||
/* Make a copy of path and return it. */
|
/* Make a copy of path and return it. */
|
||||||
len += (int)(ep - cp);
|
len += (int)(ep - cp);
|
||||||
if ((path = malloc(len + 1)) == NULL)
|
if ((path = malloc(len + 1)) == NULL) {
|
||||||
yyerror(_("unable to allocate memory"));
|
yyerror(_("unable to allocate memory"));
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
if (subst) {
|
if (subst) {
|
||||||
/* substitute for %h */
|
/* substitute for %h */
|
||||||
char *pp = path;
|
char *pp = path;
|
||||||
|
|||||||
Reference in New Issue
Block a user