From f84b8530c5597c48ea780e41677d87245db1b60a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Mon, 3 Jan 2022 12:41:13 +0100 Subject: [PATCH 1/9] Declare file local functions static --- lib/nss.c | 2 +- src/free_subid_range.c | 2 +- src/get_subid_owners.c | 2 +- src/getsubids.c | 2 +- src/new_subid_range.c | 2 +- src/newgidmap.c | 2 +- src/newuidmap.c | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/nss.c b/lib/nss.c index af3e95ac..d1419f34 100644 --- a/lib/nss.c +++ b/lib/nss.c @@ -29,7 +29,7 @@ bool nss_is_initialized() { return atomic_load(&nss_init_completed); } -void nss_exit() { +static void nss_exit() { if (nss_is_initialized() && subid_nss) { dlclose(subid_nss->handle); free(subid_nss); diff --git a/src/free_subid_range.c b/src/free_subid_range.c index a2d2e8e0..d9a2cd8d 100644 --- a/src/free_subid_range.c +++ b/src/free_subid_range.c @@ -11,7 +11,7 @@ const char *Prog; -void usage(void) +static void usage(void) { fprintf(stderr, "Usage: %s [-g] user start count\n", Prog); fprintf(stderr, " Release a user's subuid (or with -g, subgid) range\n"); diff --git a/src/get_subid_owners.c b/src/get_subid_owners.c index b0f46397..36974b84 100644 --- a/src/get_subid_owners.c +++ b/src/get_subid_owners.c @@ -8,7 +8,7 @@ const char *Prog; -void usage(void) +static void usage(void) { fprintf(stderr, "Usage: [-g] %s subuid\n", Prog); fprintf(stderr, " list uids who own the given subuid\n"); diff --git a/src/getsubids.c b/src/getsubids.c index 4384cfae..c91ae39e 100644 --- a/src/getsubids.c +++ b/src/getsubids.c @@ -9,7 +9,7 @@ const char *Prog; -void usage(void) +static void usage(void) { fprintf(stderr, "Usage: %s [-g] user\n", Prog); fprintf(stderr, " list subuid ranges for user\n"); diff --git a/src/new_subid_range.c b/src/new_subid_range.c index 6cb294d4..523d480a 100644 --- a/src/new_subid_range.c +++ b/src/new_subid_range.c @@ -11,7 +11,7 @@ const char *Prog; -void usage(void) +static void usage(void) { fprintf(stderr, "Usage: %s [-g] [-n] user count\n", Prog); fprintf(stderr, " Find a subuid (or with -g, subgid) range for user\n"); diff --git a/src/newgidmap.c b/src/newgidmap.c index ebf16cde..05996eaa 100644 --- a/src/newgidmap.c +++ b/src/newgidmap.c @@ -73,7 +73,7 @@ static void usage(void) exit(EXIT_FAILURE); } -void write_setgroups(int proc_dir_fd, bool allow_setgroups) +static void write_setgroups(int proc_dir_fd, bool allow_setgroups) { int setgroups_fd; char *policy, policy_buffer[4096]; diff --git a/src/newuidmap.c b/src/newuidmap.c index 9aa2ddcc..546856a2 100644 --- a/src/newuidmap.c +++ b/src/newuidmap.c @@ -62,7 +62,7 @@ static void verify_ranges(struct passwd *pw, int ranges, } } -void usage(void) +static void usage(void) { fprintf(stderr, _("usage: %s [ ] ... \n"), Prog); exit(EXIT_FAILURE); From 45bba0e190da77c16e503c308ef5dfa120cfd46b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Mon, 3 Jan 2022 12:43:01 +0100 Subject: [PATCH 2/9] Use strict prototypes Function declarations with no argument declare functions taking an arbitrary number of arguments. Use the special type void to declare functions taking no argument. --- lib/nss.c | 2 +- lib/prototypes.h | 18 +++++++++--------- libmisc/prefix_flag.c | 12 ++++++------ 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/lib/nss.c b/lib/nss.c index d1419f34..96364b76 100644 --- a/lib/nss.c +++ b/lib/nss.c @@ -29,7 +29,7 @@ bool nss_is_initialized() { return atomic_load(&nss_init_completed); } -static void nss_exit() { +static void nss_exit(void) { if (nss_is_initialized() && subid_nss) { dlclose(subid_nss->handle); free(subid_nss); diff --git a/lib/prototypes.h b/lib/prototypes.h index 6f80df82..43f0cf1d 100644 --- a/lib/prototypes.h +++ b/lib/prototypes.h @@ -164,7 +164,7 @@ extern int getrange (char *range, unsigned long *max, bool *has_max); /* gettime.c */ -extern time_t gettime (); +extern time_t gettime (void); /* get_uid.c */ extern int get_uid (const char *uidstr, uid_t *uid); @@ -243,7 +243,7 @@ extern /*@null@*//*@only@*/struct passwd *get_my_pwent (void); /* nss.c */ #include extern void nss_init(char *nsswitch_path); -extern bool nss_is_initialized(); +extern bool nss_is_initialized(void); struct subid_nss_ops { /* @@ -293,7 +293,7 @@ struct subid_nss_ops { void *handle; }; -extern struct subid_nss_ops *get_subid_nss_handle(); +extern struct subid_nss_ops *get_subid_nss_handle(void); /* pam_pass_non_interactive.c */ @@ -324,12 +324,12 @@ extern struct passwd *prefix_getpwuid(uid_t uid); extern struct passwd *prefix_getpwnam(const char* name); extern struct spwd *prefix_getspnam(const char* name); extern struct group *prefix_getgr_nam_gid(const char *grname); -extern void prefix_setpwent(); -extern struct passwd* prefix_getpwent(); -extern void prefix_endpwent(); -extern void prefix_setgrent(); -extern struct group* prefix_getgrent(); -extern void prefix_endgrent(); +extern void prefix_setpwent(void); +extern struct passwd* prefix_getpwent(void); +extern void prefix_endpwent(void); +extern void prefix_setgrent(void); +extern struct group* prefix_getgrent(void); +extern void prefix_endgrent(void); /* pwd2spwd.c */ #ifndef USE_PAM diff --git a/libmisc/prefix_flag.c b/libmisc/prefix_flag.c index d4dfbc20..4eb51547 100644 --- a/libmisc/prefix_flag.c +++ b/libmisc/prefix_flag.c @@ -248,7 +248,7 @@ extern struct spwd *prefix_getspnam(const char* name) } } -extern void prefix_setpwent() +extern void prefix_setpwent(void) { if (!passwd_db_file) { setpwent(); @@ -261,7 +261,7 @@ extern void prefix_setpwent() if (!fp_pwent) return; } -extern struct passwd* prefix_getpwent() +extern struct passwd* prefix_getpwent(void) { if (!passwd_db_file) { return getpwent(); @@ -271,7 +271,7 @@ extern struct passwd* prefix_getpwent() } return fgetpwent(fp_pwent); } -extern void prefix_endpwent() +extern void prefix_endpwent(void) { if (!passwd_db_file) { endpwent(); @@ -282,7 +282,7 @@ extern void prefix_endpwent() fp_pwent = NULL; } -extern void prefix_setgrent() +extern void prefix_setgrent(void) { if (!group_db_file) { setgrent(); @@ -295,14 +295,14 @@ extern void prefix_setgrent() if (!fp_grent) return; } -extern struct group* prefix_getgrent() +extern struct group* prefix_getgrent(void) { if (!group_db_file) { return getgrent(); } return fgetgrent(fp_grent); } -extern void prefix_endgrent() +extern void prefix_endgrent(void) { if (!group_db_file) { endgrent(); From 946eb8418244675b14efb9a5741963b6ee43a01c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Mon, 3 Jan 2022 12:17:22 +0100 Subject: [PATCH 3/9] Do not drop const qualifier for Basename MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The private Basename() implementation does not modify its argument, so a cast to a non-const char pointer is not necessary. newgrp.c:790:39: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 790 | progbase = (char *) Basename ((char *) prog); | ^ newgrp.c:790:20: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 790 | progbase = (char *) Basename ((char *) prog); | ^ shell.c:48:70: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 48 | (void) snprintf (arg0, sizeof arg0, "-%s", Basename ((char *) file)); | ^ --- libmisc/shell.c | 2 +- src/newgrp.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/libmisc/shell.c b/libmisc/shell.c index 29724063..7c67500d 100644 --- a/libmisc/shell.c +++ b/libmisc/shell.c @@ -45,7 +45,7 @@ int shell (const char *file, /*@null@*/const char *arg, char *const envp[]) * don't want to tell us what it is themselves. */ if (arg == (char *) 0) { - (void) snprintf (arg0, sizeof arg0, "-%s", Basename ((char *) file)); + (void) snprintf (arg0, sizeof arg0, "-%s", Basename (file)); arg0[sizeof arg0 - 1] = '\0'; arg = arg0; } diff --git a/src/newgrp.c b/src/newgrp.c index cb88f6d7..99820832 100644 --- a/src/newgrp.c +++ b/src/newgrp.c @@ -379,7 +379,7 @@ int main (int argc, char **argv) int err = 0; gid_t gid; char *cp; - char *progbase; + const char *progbase; const char *name, *prog; char *group = NULL; char *command = NULL; @@ -787,7 +787,7 @@ int main (int argc, char **argv) * Now I try to find the basename of the login shell. This will * become argv[0] of the spawned command. */ - progbase = (char *) Basename ((char *) prog); + progbase = Basename (prog); /* * Switch back to her home directory if i am doing login From 119cee142ed066033f5e0c58d7d6eda1b5b0637a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Mon, 3 Jan 2022 12:49:02 +0100 Subject: [PATCH 4/9] Declare argument of nss_init const MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit nss_init() does not modify its path argument, thus declare it const. Also drop superfluous prototype. nss.c:54:31: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 54 | nsswitch_path = NSSWITCH; | ^ --- lib/nss.c | 2 +- lib/prototypes.h | 2 +- libmisc/idmapping.h | 2 -- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/lib/nss.c b/lib/nss.c index 96364b76..02742902 100644 --- a/lib/nss.c +++ b/lib/nss.c @@ -38,7 +38,7 @@ static void nss_exit(void) { } // nsswitch_path is an argument only to support testing. -void nss_init(char *nsswitch_path) { +void nss_init(const char *nsswitch_path) { FILE *nssfp = NULL; char *line = NULL, *p, *token, *saveptr; size_t len = 0; diff --git a/lib/prototypes.h b/lib/prototypes.h index 43f0cf1d..cd873bf7 100644 --- a/lib/prototypes.h +++ b/lib/prototypes.h @@ -242,7 +242,7 @@ extern /*@null@*//*@only@*/struct passwd *get_my_pwent (void); /* nss.c */ #include -extern void nss_init(char *nsswitch_path); +extern void nss_init(const char *nsswitch_path); extern bool nss_is_initialized(void); struct subid_nss_ops { diff --git a/libmisc/idmapping.h b/libmisc/idmapping.h index e3527606..81a628b8 100644 --- a/libmisc/idmapping.h +++ b/libmisc/idmapping.h @@ -17,7 +17,5 @@ extern struct map_range *get_map_ranges(int ranges, int argc, char **argv); extern void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings, const char *map_file, uid_t ruid); -extern void nss_init(char *nsswitch_path); - #endif /* _ID_MAPPING_H_ */ From a74114fe34285f587a27562c6938db42142fa6f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Mon, 3 Jan 2022 12:19:00 +0100 Subject: [PATCH 5/9] Declare variable for string literal const MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit newgidmap.c:87:16: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 87 | policy = "deny\n"; | ^ --- src/newgidmap.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/newgidmap.c b/src/newgidmap.c index 05996eaa..5b42431b 100644 --- a/src/newgidmap.c +++ b/src/newgidmap.c @@ -76,7 +76,8 @@ static void usage(void) static void write_setgroups(int proc_dir_fd, bool allow_setgroups) { int setgroups_fd; - char *policy, policy_buffer[4096]; + const char *policy; + char policy_buffer[4096]; /* * Default is "deny", and any "allow" will out-rank a "deny". We don't From 7909308285af36ef6f68a282701e6ea6f69dc57a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Mon, 3 Jan 2022 12:26:25 +0100 Subject: [PATCH 6/9] Declare read-only lookup pointers const MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit pwck.c:587:31: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 587 | spw = (struct spwd *) spw_locate (pwd->pw_name); | ^ grpck.c:599:31: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 599 | sgr = (struct sgrp *) sgr_locate (grp->gr_name); | ^ grpck.c:761:23: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 761 | grp = (struct group *) gr_locate (sgr->sg_name); | ^ --- src/grpck.c | 8 ++++---- src/pwck.c | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/grpck.c b/src/grpck.c index 7accac94..881fb4de 100644 --- a/src/grpck.c +++ b/src/grpck.c @@ -455,7 +455,7 @@ static void check_grp_file (int *errors, bool *changed) struct commonio_entry *gre, *tgre; struct group *grp; #ifdef SHADOWGRP - struct sgrp *sgr; + const struct sgrp *sgr; #endif /* @@ -596,7 +596,7 @@ static void check_grp_file (int *errors, bool *changed) */ if (is_shadow) { - sgr = (struct sgrp *) sgr_locate (grp->gr_name); + sgr = sgr_locate (grp->gr_name); if (sgr == NULL) { printf (_("no matching group file entry in %s\n"), sgr_file); @@ -663,7 +663,7 @@ static void check_grp_file (int *errors, bool *changed) */ static void check_sgr_file (int *errors, bool *changed) { - struct group *grp; + const struct group *grp; struct commonio_entry *sge, *tsge; struct sgrp *sgr; @@ -758,7 +758,7 @@ static void check_sgr_file (int *errors, bool *changed) /* * Make sure this entry exists in the /etc/group file. */ - grp = (struct group *) gr_locate (sgr->sg_name); + grp = gr_locate (sgr->sg_name); if (grp == NULL) { printf (_("no matching group file entry in %s\n"), grp_file); diff --git a/src/pwck.c b/src/pwck.c index ee1df500..28209131 100644 --- a/src/pwck.c +++ b/src/pwck.c @@ -366,7 +366,7 @@ static void check_pw_file (int *errors, bool *changed) { struct commonio_entry *pfe, *tpfe; struct passwd *pwd; - struct spwd *spw; + const struct spwd *spw; uid_t min_sys_id = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL); uid_t max_sys_id = (uid_t) getdef_ulong ("SYS_UID_MAX", 999UL); @@ -584,7 +584,7 @@ static void check_pw_file (int *errors, bool *changed) spw_opened = true; } #endif /* WITH_TCB */ - spw = (struct spwd *) spw_locate (pwd->pw_name); + spw = spw_locate (pwd->pw_name); if (NULL == spw) { printf (_("no matching password file entry in %s\n"), spw_dbname ()); From debea9b76193bee1632f713c0c8e60ed03abdfd2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Mon, 3 Jan 2022 12:23:17 +0100 Subject: [PATCH 7/9] Avoid unused variable warnings when building with PAM MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit newusers.c:467:15: warning: unused variable ‘cp’ [-Wunused-variable] 467 | char *cp; | ^~ newusers.c:611:13: warning: unused variable ‘bad_s’ [-Wunused-variable] 611 | int bad_s; | ^~~~~ --- src/newusers.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/newusers.c b/src/newusers.c index c1d29f83..8e7c620d 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -464,7 +464,9 @@ static int add_passwd (struct passwd *pwd, const char *password) { const struct spwd *sp; struct spwd spent; +#ifndef USE_PAM char *cp; +#endif /* !USE_PAM */ #ifndef USE_PAM void *crypt_arg = NULL; @@ -607,9 +609,11 @@ static int add_passwd (struct passwd *pwd, const char *password) static void process_flags (int argc, char **argv) { int c; +#ifndef USE_PAM #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) int bad_s; #endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */ +#endif /* !USE_PAM */ static struct option long_options[] = { {"badnames", no_argument, NULL, 'b'}, #ifndef USE_PAM From a8166a86ed682af036bef501dc73af9779d346a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Mon, 3 Jan 2022 12:31:49 +0100 Subject: [PATCH 8/9] Declare read-only arguments of run_part(s) const MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit run_part() and run_parts() do not modify their directory, name and action arguments. Also include the header in the implementation to provide the prototypes. useradd.c:2495:59: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 2495 | if (run_parts ("/etc/shadow-maint/useradd-pre.d", (char*)user_name, | ^ useradd.c:2495:24: warning: passing argument 1 of ‘run_parts’ discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 2495 | if (run_parts ("/etc/shadow-maint/useradd-pre.d", (char*)user_name, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from useradd.c:45: ../lib/run_part.h:2:22: note: expected ‘char *’ but argument is of type ‘const char *’ 2 | int run_parts (char *directory, char *name, char *action); | ~~~~~~^~~~~~~~~ useradd.c:2496:25: warning: passing argument 3 of ‘run_parts’ discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 2496 | "useradd")) { | ^~~~~~~~~ --- lib/run_part.c | 5 +++-- lib/run_part.h | 4 ++-- src/useradd.c | 4 ++-- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/lib/run_part.c b/lib/run_part.c index 1ce06be0..884bbefa 100644 --- a/lib/run_part.c +++ b/lib/run_part.c @@ -8,9 +8,10 @@ #include #include #include +#include "run_part.h" #include "shadowlog_internal.h" -int run_part (char *script_path, char *name, char *action) +int run_part (char *script_path, const char *name, const char *action) { int pid; int wait_status; @@ -39,7 +40,7 @@ int run_part (char *script_path, char *name, char *action) return (1); } -int run_parts (char *directory, char *name, char *action) +int run_parts (const char *directory, const char *name, const char *action) { struct dirent **namelist; int scanlist; diff --git a/lib/run_part.h b/lib/run_part.h index d3d80663..0b68dbfc 100644 --- a/lib/run_part.h +++ b/lib/run_part.h @@ -1,2 +1,2 @@ -int run_part (char *script_path, char *name, char *action); -int run_parts (char *directory, char *name, char *action); +int run_part (char *script_path, const char *name, const char *action); +int run_parts (const char *directory, const char *name, const char *action); diff --git a/src/useradd.c b/src/useradd.c index 456b9de5..34376fa5 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -2492,7 +2492,7 @@ int main (int argc, char **argv) (!user_id || (user_id <= uid_max && user_id >= uid_min)); #endif /* ENABLE_SUBIDS */ - if (run_parts ("/etc/shadow-maint/useradd-pre.d", (char*)user_name, + if (run_parts ("/etc/shadow-maint/useradd-pre.d", user_name, "useradd")) { exit(1); } @@ -2715,7 +2715,7 @@ int main (int argc, char **argv) create_mail (); } - if (run_parts ("/etc/shadow-maint/useradd-post.d", (char*)user_name, + if (run_parts ("/etc/shadow-maint/useradd-post.d", user_name, "useradd")) { exit(1); } From b2bc1f692736debf3ba94872db73435d114d19ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Mon, 3 Jan 2022 13:12:31 +0100 Subject: [PATCH 9/9] Do not return garbage in run_parts If scandir(3) returns 0, the uninitialized value of execute_result will be returned. --- lib/run_part.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/run_part.c b/lib/run_part.c index 884bbefa..1e4f154b 100644 --- a/lib/run_part.c +++ b/lib/run_part.c @@ -48,7 +48,7 @@ int run_parts (const char *directory, const char *name, const char *action) int execute_result; scanlist = scandir (directory, &namelist, 0, alphasort); - if (scanlist<0) { + if (scanlist<=0) { return (0); }