Changeset 913 in openpam

Timestamp:

Jan 21, 2017, 3:11:12 PM (4 years ago)

Author:

Dag-Erling Smørgrav

Message:

Newer versions of clang take nonnull annotations into account not only
when compiling code that calls the function, but also when compiling the
function itself. This means that NULL checks in the function trigger
condition-always-false warnings. We have a choice between disabling these
warnings, removing the nonnull annotations, or removing the NULL checks.
We prefer to keep the annotations and warnings and remove the checks. In
all cases, passing NULL to the function in question will result in a
segmentation fault, which is often easier to debug than an error return,
especially when most of these checks were for the PAM handle, which can only
be NULL if the caller ignored an error return from pam_start().

Location:

trunk

Files:

• include/security/pam_appl.h (modified) (1 diff)
• lib/libpam/openpam_dispatch.c (modified) (1 diff)
• lib/libpam/openpam_findenv.c (modified) (1 diff)
• lib/libpam/openpam_impl.h (modified) (1 diff)
• lib/libpam/pam_end.c (modified) (2 diffs)
• lib/libpam/pam_get_authtok.c (modified) (1 diff)
• lib/libpam/pam_get_data.c (modified) (2 diffs)
• lib/libpam/pam_get_item.c (modified) (2 diffs)
• lib/libpam/pam_get_user.c (modified) (1 diff)
• lib/libpam/pam_getenv.c (modified) (1 diff)
• lib/libpam/pam_getenvlist.c (modified) (1 diff)
• lib/libpam/pam_putenv.c (modified) (2 diffs)
• lib/libpam/pam_set_data.c (modified) (1 diff)
• lib/libpam/pam_set_item.c (modified) (1 diff)
• lib/libpam/pam_setenv.c (modified) (1 diff)
• t/t_openpam_dispatch.c (modified) (4 diffs)

trunk/include/security/pam_appl.h

@@ -73 +73 @@
 int
 pam_end(pam_handle_t *_pamh,
-        int _status);
+        int _status)
+        OPENPAM_NONNULL((1));
 
 int

trunk/lib/libpam/openpam_dispatch.c

@@ -70 +70 @@
 
         ENTER();
-        if (pamh == NULL)
-                RETURNC(PAM_SYSTEM_ERR);
 
         /* prevent recursion */

trunk/lib/libpam/openpam_findenv.c

@@ -60 +60 @@
 
         ENTER();
-        if (pamh == NULL)
-                RETURNN(-1);
         for (i = 0; i < pamh->env_count; ++i)
                 if (strncmp(pamh->env[i], name, len) == 0 &&

trunk/lib/libpam/openpam_impl.h

@@ -131 +131 @@
  * Internal functions
  */
-int              openpam_configure(pam_handle_t *, const char *);
-int              openpam_dispatch(pam_handle_t *, int, int);
-int              openpam_findenv(pam_handle_t *, const char *, size_t);
-pam_module_t    *openpam_load_module(const char *);
-void             openpam_clear_chains(pam_chain_t **);
+int              openpam_configure(pam_handle_t *, const char *)
+        OPENPAM_NONNULL((1));
+int              openpam_dispatch(pam_handle_t *, int, int)
+        OPENPAM_NONNULL((1));
+int              openpam_findenv(pam_handle_t *, const char *, size_t)
+        OPENPAM_NONNULL((1,2));
+pam_module_t    *openpam_load_module(const char *)
+        OPENPAM_NONNULL((1));
+void             openpam_clear_chains(pam_chain_t **)
+        OPENPAM_NONNULL((1));
 
-int              openpam_check_desc_owner_perms(const char *, int);
-int              openpam_check_path_owner_perms(const char *);
+int              openpam_check_desc_owner_perms(const char *, int)
+        OPENPAM_NONNULL((1));
+int              openpam_check_path_owner_perms(const char *)
+        OPENPAM_NONNULL((1));
 
 #ifdef OPENPAM_STATIC_MODULES
-pam_module_t    *openpam_static(const char *);
+pam_module_t    *openpam_static(const char *)
+        OPENPAM_NONNULL((1));
 #endif
-pam_module_t    *openpam_dynamic(const char *);
+pam_module_t    *openpam_dynamic(const char *)
+        OPENPAM_NONNULL((1));
 
 #define FREE(p)                                 \

trunk/lib/libpam/pam_end.c

@@ -61 +61 @@
 
         ENTER();
-        if (pamh == NULL)
-                RETURNC(PAM_SYSTEM_ERR);
 
         /* clear module data */
@@ -92 +90 @@
 }
 
-/*
- * Error codes:
- *
- *      PAM_SYSTEM_ERR
- */
-
 /**
  * The =pam_end function terminates a PAM transaction and destroys the

trunk/lib/libpam/pam_get_authtok.c

@@ -77 +77 @@
 
         ENTER();
-        if (pamh == NULL || authtok == NULL)
-                RETURNC(PAM_SYSTEM_ERR);
         *authtok = NULL;
         twice = 0;

trunk/lib/libpam/pam_get_data.c

@@ -61 +61 @@
 
         ENTERS(module_data_name);
-        if (pamh == NULL)
-                RETURNC(PAM_SYSTEM_ERR);
         for (dp = pamh->module_data; dp != NULL; dp = dp->next) {
                 if (strcmp(dp->name, module_data_name) == 0) {
@@ -75 +73 @@
  * Error codes:
  *
- *      PAM_SYSTEM_ERR
  *      PAM_NO_MODULE_DATA
  */

trunk/lib/libpam/pam_get_item.c

@@ -60 +60 @@
 
         ENTERI(item_type);
-        if (pamh == NULL)
-                RETURNC(PAM_SYSTEM_ERR);
         switch (item_type) {
         case PAM_SERVICE:
@@ -87 +85 @@
  *
  *      PAM_SYMBOL_ERR
- *      PAM_SYSTEM_ERR
  */
 

trunk/lib/libpam/pam_get_user.c

@@ -70 +70 @@
 
         ENTER();
-        if (pamh == NULL || user == NULL)
-                RETURNC(PAM_SYSTEM_ERR);
         r = pam_get_item(pamh, PAM_USER, (const void **)user);
         if (r == PAM_SUCCESS && *user != NULL)

trunk/lib/libpam/pam_getenv.c

@@ -62 +62 @@
 
         ENTERS(name);
-        if (pamh == NULL)
-                RETURNS(NULL);
-        if (name == NULL || strchr(name, '=') != NULL)
+        if (strchr(name, '=') != NULL)
                 RETURNS(NULL);
         if ((i = openpam_findenv(pamh, name, strlen(name))) < 0)
                 RETURNS(NULL);
-        for (str = pamh->env[i]; *str != '\0'; ++str) {
-                if (*str == '=') {
-                        ++str;
-                        break;
-                }
-        }
+        if ((str = strchr(pamh->env[i], '=')) == NULL)
+                RETURNS("");
         RETURNS(str);
 }

trunk/lib/libpam/pam_getenvlist.c

@@ -61 +61 @@
 
         ENTER();
-        if (pamh == NULL)
-                RETURNP(NULL);
         envlist = malloc(sizeof(char *) * (pamh->env_count + 1));
         if (envlist == NULL) {

trunk/lib/libpam/pam_putenv.c

@@ -59 +59 @@
 {
         char **env, *p;
+        size_t env_size;
         int i;
 
         ENTER();
-        if (pamh == NULL)
-                RETURNC(PAM_SYSTEM_ERR);
 
         /* sanity checks */
-        if (namevalue == NULL || (p = strchr(namevalue, '=')) == NULL)
+        if ((p = strchr(namevalue, '=')) == NULL)
                 RETURNC(PAM_SYSTEM_ERR);
 
@@ -80 +79 @@
         /* grow the environment list if necessary */
         if (pamh->env_count == pamh->env_size) {
-                env = realloc(pamh->env,
-                    sizeof(char *) * (pamh->env_size * 2 + 1));
+                env_size = pamh->env_size * 2 + 1;
+                env = realloc(pamh->env, sizeof(char *) * env_size);
                 if (env == NULL)
                         RETURNC(PAM_BUF_ERR);
                 pamh->env = env;
-                pamh->env_size = pamh->env_size * 2 + 1;
+                pamh->env_size = env_size;
         }
 

trunk/lib/libpam/pam_set_data.c

@@ -65 +65 @@
 
         ENTERS(module_data_name);
-        if (pamh == NULL)
-                RETURNC(PAM_SYSTEM_ERR);
         for (dp = pamh->module_data; dp != NULL; dp = dp->next) {
                 if (strcmp(dp->name, module_data_name) == 0) {

trunk/lib/libpam/pam_set_item.c

@@ -65 +65 @@
 
         ENTERI(item_type);
-        if (pamh == NULL)
-                RETURNC(PAM_SYSTEM_ERR);
         slot = &pamh->item[item_type];
         osize = nsize = 0;

trunk/lib/libpam/pam_setenv.c

@@ -66 +66 @@
 
         ENTER();
-        if (pamh == NULL)
-                RETURNC(PAM_SYSTEM_ERR);
 
         /* sanity checks */
-        if (name == NULL || value == NULL || strchr(name, '=') != NULL)
+        if (*name == '\0' || strchr(name, '=') != NULL)
                 RETURNC(PAM_SYSTEM_ERR);
 

trunk/t/t_openpam_dispatch.c

@@ -48 +48 @@
 const char *pam_return_so;
 
-T_FUNC(null, "null handle")
-{
-        int pam_err;
-
-#if __clang__
-#pragma clang diagnostic push
-#pragma clang diagnostic ignored "-Wnonnull"
-#elif __GNUC__
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Wnonnull"
-#endif
-        pam_err = pam_authenticate(NULL, 0);
-#if __clang__
-#pragma clang diagnostic pop
-#elif __GNUC__
-#pragma GCC diagnostic pop
-#endif
-        return (pam_err == PAM_SYSTEM_ERR);
-}
-
 T_FUNC(empty_policy, "empty policy")
 {
@@ -82 +62 @@
         t_fprintf(tf, "# empty policy\n");
         pam_err = pam_start(tf->name, "test", &pamc, &pamh);
-        t_verbose("pam_start() returned %d\n", pam_err);
+        if (pam_err != PAM_SUCCESS) {
+                t_verbose("pam_start() returned %d\n", pam_err);
+                return (0);
+        }
         /*
          * Note: openpam_dispatch() currently returns PAM_SYSTEM_ERR when
@@ -157 +140 @@
                 }
                 pam_err = pam_start(tf->name, "test", &pamc, &pamh);
-                t_verbose("pam_start() returned %d\n", pam_err);
-                if (pam_err != PAM_SUCCESS)
+                if (pam_err != PAM_SUCCESS) {
+                        t_verbose("pam_start() returned %d\n", pam_err);
+                        t_fclose(tf);
                         continue;
+                }
                 switch (tc->primitive) {
                 case PAM_SM_AUTHENTICATE:
@@ -194 +179 @@
 
 static struct t_test *t_plan[] = {
-        T(null),
         T(empty_policy),
         T(mod_return),