From cc47c8fa7b0f4567bb9dd7e692c32a558a166d5c Mon Sep 17 00:00:00 2001 From: "Roland C. Dowdeswell" Date: Mon, 20 Feb 2012 19:45:41 +0000 Subject: [PATCH] Turn on -Wextra -Wno-sign-compare -Wno-unused-paramter and fix issues. We turn on a few extra warnings and fix the fallout that occurs when building with --enable-developer. Note that we get different warnings on different machines and so this will be a work in progress. So far, we have built on NetBSD/amd64 5.99.64 (which uses gcc 4.5.3) and Ubuntu 10.04.3 LTS (which uses gcc 4.4.3). Notably, we fixed 1. a lot of missing structure initialisers, 2. unchecked return values for functions that glibc marks as __attribute__((warn-unused-result)), 3. made minor modifications to slc and asn1_compile which can generate code which generates warnings, and 4. a few stragglers here and there. We turned off the extended warnings for many programs in appl/ as they are nearing the end of their useful lifetime, e.g. rsh, rcp, popper, ftp and telnet. Interestingly, glibc's strncmp() macro needed to be worked around whereas the function calls did not. We have not yet tried this on 32 bit platforms, so there will be a few more warnings when we do. --- appl/afsutil/afslog.c | 11 +- appl/afsutil/pagsh.c | 8 +- appl/ftp/ftp/Makefile.am | 2 + appl/ftp/ftp/cmds.c | 5 +- appl/ftp/ftp/cmdtab.c | 2 +- appl/ftp/ftpd/ftpd.c | 43 ++-- appl/ftp/ftpd/logwtmp.c | 13 +- appl/gssmask/gssmaestro.c | 2 +- appl/gssmask/gssmask.c | 18 +- appl/kf/kf.c | 4 +- appl/kf/kfd.c | 4 +- appl/kx/krb5.c | 8 +- appl/kx/kx.c | 8 +- appl/kx/kxd.c | 14 +- appl/login/env.c | 5 +- appl/login/limits_conf.c | 4 +- appl/login/login.c | 15 +- appl/otp/otp.c | 12 +- appl/otp/otpprint.c | 11 +- appl/popper/Makefile.am | 2 + appl/push/push.c | 2 +- appl/rcp/Makefile.am | 2 + appl/rcp/rcp.c | 32 +-- appl/rsh/Makefile.am | 2 + appl/su/su.c | 16 +- appl/telnet/libtelnet/Makefile.am | 2 + appl/telnet/libtelnet/auth.c | 4 +- appl/telnet/libtelnet/encrypt.c | 2 +- appl/telnet/telnet/Makefile.am | 2 + appl/telnet/telnetd/Makefile.am | 2 + appl/telnet/telnetd/utility.c | 2 +- appl/test/Makefile.am | 2 + appl/test/common.c | 6 +- appl/test/http_client.c | 12 +- appl/test/nt_gss_server.c | 4 +- base/bsearch.c | 2 +- base/test_base.c | 18 +- cf/roken-frag.m4 | 2 +- cf/wflags.m4 | 10 +- kadmin/add-random-users.c | 4 +- kadmin/ank.c | 12 +- kadmin/cpw.c | 9 +- kadmin/get.c | 29 ++- kadmin/kadmin.c | 5 +- kadmin/kadmind.c | 6 +- kadmin/stash.c | 19 +- kcm/cache.c | 5 +- kcm/config.c | 14 +- kcm/glue.c | 11 +- kcm/main.c | 3 +- kcm/protocol.c | 6 +- kdc/config.c | 5 +- kdc/digest.c | 23 +- kdc/hpropd.c | 8 +- kdc/kdc-replay.c | 6 +- kdc/kstash.c | 26 ++- kdc/pkinit.c | 9 +- kpasswd/kpasswd-generator.c | 13 +- kpasswd/kpasswd.c | 7 +- kpasswd/kpasswdd.c | 7 +- kuser/generate-requests.c | 4 +- kuser/kdecode_ticket.c | 4 +- kuser/kinit.c | 16 +- kuser/kswitch.c | 5 +- kuser/kverify.c | 4 +- lib/asn1/asn1_gen.c | 4 +- lib/asn1/asn1_print.c | 9 +- lib/asn1/check-common.c | 15 +- lib/asn1/check-der.c | 80 +++---- lib/asn1/check-gen.c | 21 +- lib/asn1/gen_decode.c | 2 +- lib/asn1/gen_encode.c | 2 +- lib/asn1/main.c | 20 +- lib/com_err/compile_et.c | 4 +- lib/gssapi/krb5/external.c | 96 ++++++-- lib/gssapi/mech/gss_oid.c | 4 +- lib/gssapi/ntlm/external.c | 3 + lib/gssapi/ntlm/init_sec_context.c | 5 +- lib/gssapi/spnego/external.c | 15 +- lib/hdb/db3.c | 23 +- lib/hdb/dbinfo.c | 8 +- lib/hdb/keytab.c | 4 +- lib/hdb/test_dbinfo.c | 4 +- lib/hdb/test_hdbkeys.c | 6 +- lib/hdb/test_mkey.c | 6 +- lib/hx509/ca.c | 4 +- lib/hx509/cert.c | 4 +- lib/hx509/cms.c | 16 +- lib/hx509/error.c | 5 +- lib/hx509/hxtool.c | 6 +- lib/hx509/keyset.c | 5 +- lib/hx509/ks_dir.c | 5 +- lib/hx509/ks_null.c | 5 +- lib/hx509/ks_p11.c | 24 +- lib/hx509/ks_p12.c | 5 +- lib/hx509/lock.c | 5 +- lib/hx509/softp11.c | 24 +- lib/ipc/client.c | 6 +- lib/ipc/tc.c | 4 +- lib/ipc/ts-http.c | 4 +- lib/ipc/ts.c | 4 +- lib/kadm5/ad.c | 7 +- lib/kadm5/context_s.c | 25 ++- lib/kadm5/get_princs_s.c | 7 +- lib/kadm5/init_c.c | 7 +- lib/kadm5/iprop-log.c | 5 +- lib/kadm5/ipropd_master.c | 29 ++- lib/kadm5/ipropd_slave.c | 19 +- lib/kadm5/log.c | 6 +- lib/kadm5/test_pw_quality.c | 8 +- lib/kafs/common.c | 16 +- lib/krb5/addr_families.c | 1 + lib/krb5/config_file.c | 6 +- lib/krb5/crypto-null.c | 3 + lib/krb5/derived-key-test.c | 2 +- lib/krb5/init_creds_pw.c | 15 +- lib/krb5/kcm.c | 5 +- lib/krb5/keytab_any.c | 4 +- lib/krb5/keytab_file.c | 12 +- lib/krb5/keytab_keyfile.c | 4 +- lib/krb5/keytab_memory.c | 4 +- lib/krb5/n-fold-test.c | 2 +- lib/krb5/pkinit.c | 8 +- lib/krb5/replay.c | 5 +- lib/krb5/salt-aes.c | 2 +- lib/krb5/salt-arcfour.c | 2 +- lib/krb5/salt-des.c | 2 +- lib/krb5/salt-des3.c | 4 +- lib/krb5/scache.c | 5 +- lib/krb5/string-to-key-test.c | 2 +- lib/krb5/test_cc.c | 44 ++-- lib/krb5/verify_krb5_conf.c | 338 ++++++++++++++--------------- lib/otp/otptest.c | 2 +- lib/roken/base64-test.c | 2 +- lib/roken/hex-test.c | 2 +- lib/roken/rkpty.c | 6 +- lib/roken/roken_gethostby.c | 3 +- lib/roken/simple_exec.c | 26 ++- lib/roken/test-mem.c | 9 +- lib/sl/slc-gram.y | 17 +- lib/wind/bidi.c | 4 +- lib/wind/combining.c | 2 +- lib/wind/errorlist.c | 2 +- lib/wind/map.c | 2 +- lib/wind/normalize.c | 2 +- lib/wind/test-normalize.c | 2 +- lib/wind/test-utf8.c | 36 +-- 147 files changed, 1083 insertions(+), 665 deletions(-) diff --git a/appl/afsutil/afslog.c b/appl/afsutil/afslog.c index bd6807d01..0ae61b3ae 100644 --- a/appl/afsutil/afslog.c +++ b/appl/afsutil/afslog.c @@ -61,15 +61,16 @@ struct getargs args[] = { { "cell", 'c', arg_strings, &cells, "cells to get tokens for", "cell" }, { "file", 'p', arg_strings, &files, "files to get tokens for", "path" }, { "realm", 'k', arg_string, &realm, "realm for afs cell", "realm" }, - { "unlog", 'u', arg_flag, &unlog_flag, "remove tokens" }, + { "unlog", 'u', arg_flag, &unlog_flag, "remove tokens", NULL }, #ifdef KRB5 { "principal",'P',arg_string,&client_string,"principal to use","principal"}, { "cache", 0, arg_string, &cache_string, "ccache to use", "cache"}, - { "v5", 0, arg_negative_flag, &use_krb5, "don't use Kerberos 5" }, + { "v5", 0, arg_negative_flag, &use_krb5, "don't use Kerberos 5", + NULL }, #endif - { "verbose",'v', arg_flag, &verbose }, - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag }, + { "verbose",'v', arg_flag, &verbose, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, }; static int num_args = sizeof(args) / sizeof(args[0]); diff --git a/appl/afsutil/pagsh.c b/appl/afsutil/pagsh.c index bfc5dce87..5801441d7 100644 --- a/appl/afsutil/pagsh.c +++ b/appl/afsutil/pagsh.c @@ -73,12 +73,12 @@ static char *typename_arg; #endif struct getargs getargs[] = { - { NULL, 'c', arg_flag, &c_flag }, + { NULL, 'c', arg_flag, &c_flag, NULL, NULL }, #ifdef KRB5 - { "cache-type", 0, arg_string, &typename_arg }, + { "cache-type", 0, arg_string, &typename_arg, NULL, NULL }, #endif - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag }, + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, }; static int num_args = sizeof(getargs) / sizeof(getargs[0]); diff --git a/appl/ftp/ftp/Makefile.am b/appl/ftp/ftp/Makefile.am index e47580dfc..8bda036e5 100644 --- a/appl/ftp/ftp/Makefile.am +++ b/appl/ftp/ftp/Makefile.am @@ -2,6 +2,8 @@ include $(top_srcdir)/Makefile.am.common +WFLAGS += $(WFLAGS_LITE) + AM_CPPFLAGS += -I$(srcdir)/../common $(INCLUDE_readline) $(INCLUDE_hcrypto) bin_PROGRAMS = ftp diff --git a/appl/ftp/ftp/cmds.c b/appl/ftp/ftp/cmds.c index dbd5d581e..778cd563a 100644 --- a/appl/ftp/ftp/cmds.c +++ b/appl/ftp/ftp/cmds.c @@ -210,7 +210,7 @@ struct types { { "image", "I", TYPE_I, 0 }, { "ebcdic", "E", TYPE_E, 0 }, { "tenex", "L", TYPE_L, bytename }, - { NULL } + { NULL, NULL, 0, NULL } }; /* @@ -1316,7 +1316,8 @@ user(int argc, char **argv) if (n == CONTINUE) { if (argc < 4) { printf("Account: "); fflush(stdout); - fgets(acctstr, sizeof(acctstr) - 1, stdin); + if (fgets(acctstr, sizeof(acctstr) - 1, stdin) == NULL) + acctstr[0] = '\0'; acctstr[strcspn(acctstr, "\r\n")] = '\0'; argv[3] = acctstr; argc++; } diff --git a/appl/ftp/ftp/cmdtab.c b/appl/ftp/ftp/cmdtab.c index 7b4c32942..f3a5493c9 100644 --- a/appl/ftp/ftp/cmdtab.c +++ b/appl/ftp/ftp/cmdtab.c @@ -197,7 +197,7 @@ struct cmd cmdtab[] = { { "afslog", afsloghelp, 0, 1, 0, afslog }, #endif - { 0 }, + { NULL, NULL, 0, 0, 0, NULL }, }; int NCMDS = (sizeof (cmdtab) / sizeof (cmdtab[0])) - 1; diff --git a/appl/ftp/ftpd/ftpd.c b/appl/ftp/ftpd/ftpd.c index 5be67c866..924ea23b3 100644 --- a/appl/ftp/ftpd/ftpd.c +++ b/appl/ftp/ftpd/ftpd.c @@ -212,25 +212,32 @@ static int version_flag; static const char *good_chars = "+-=_,."; struct getargs args[] = { - { NULL, 'a', arg_string, &auth_string, "required authentication" }, - { NULL, 'i', arg_flag, &interactive_flag, "don't assume stdin is a socket" }, - { NULL, 'p', arg_string, &port_string, "what port to listen to" }, - { NULL, 'g', arg_string, &guest_umask_string, "umask for guest logins" }, + { NULL, 'a', arg_string, &auth_string, "required authentication", NULL }, + { NULL, 'i', arg_flag, &interactive_flag, "don't assume stdin is a socket", + NULL }, + { NULL, 'p', arg_string, &port_string, "what port to listen to", NULL }, + { NULL, 'g', arg_string, &guest_umask_string, "umask for guest logins", + NULL }, { NULL, 'l', arg_counter, &logging, "log more stuff", "" }, - { NULL, 't', arg_integer, &ftpd_timeout, "initial timeout" }, - { NULL, 'T', arg_integer, &maxtimeout, "max timeout" }, - { NULL, 'u', arg_string, &umask_string, "umask for user logins" }, - { NULL, 'U', arg_negative_flag, &restricted_data_ports, "don't use high data ports" }, - { NULL, 'd', arg_flag, &debug, "enable debugging" }, - { NULL, 'v', arg_flag, &debug, "enable debugging" }, - { "builtin-ls", 'B', arg_flag, &use_builtin_ls, "use built-in ls to list files" }, - { "good-chars", 0, arg_string, &good_chars, "allowed anonymous upload filename chars" }, - { "insecure-oob", 'I', arg_negative_flag, &allow_insecure_oob, "don't allow insecure OOB ABOR/STAT" }, + { NULL, 't', arg_integer, &ftpd_timeout, "initial timeout", NULL }, + { NULL, 'T', arg_integer, &maxtimeout, "max timeout", NULL }, + { NULL, 'u', arg_string, &umask_string, "umask for user logins", NULL }, + { NULL, 'U', arg_negative_flag, &restricted_data_ports, + "don't use high data ports", NULL }, + { NULL, 'd', arg_flag, &debug, "enable debugging", NULL }, + { NULL, 'v', arg_flag, &debug, "enable debugging", NULL }, + { "builtin-ls", 'B', arg_flag, &use_builtin_ls, + "use built-in ls to list files", NULL }, + { "good-chars", 0, arg_string, &good_chars, + "allowed anonymous upload filename chars", NULL }, + { "insecure-oob", 'I', arg_negative_flag, &allow_insecure_oob, + "don't allow insecure OOB ABOR/STAT", NULL }, #ifdef KRB5 - { "gss-bindings", 0, arg_flag, &ftp_do_gss_bindings, "Require GSS-API bindings", NULL}, + { "gss-bindings", 0, arg_flag, &ftp_do_gss_bindings, + "Require GSS-API bindings", NULL}, #endif - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); @@ -972,7 +979,7 @@ retrieve(const char *cmd, char *name) {".tar.Z", "/bin/gtar ZcPf - %s", NULL}, {".gz", "/bin/gzip -c -- %s", "/bin/gzip -c -d -- %s"}, {".Z", "/bin/compress -c -- %s", "/bin/uncompress -c -- %s"}, - {NULL, NULL} + {NULL, NULL, NULL} }; struct cmds *p; for(p = cmds; p->ext; p++){ @@ -1272,7 +1279,7 @@ dataconn(const char *name, off_t size, const char *mode) close(pdata); pdata = s; #if defined(IPTOS_THROUGHPUT) - if (from->sa_family == AF_INET) + if (from_ss.ss_family == AF_INET) socket_set_tos(s, IPTOS_THROUGHPUT); #endif reply(150, "Opening %s mode data connection for '%s'%s.", diff --git a/appl/ftp/ftpd/logwtmp.c b/appl/ftp/ftpd/logwtmp.c index 59f45b205..3a1baea69 100644 --- a/appl/ftp/ftpd/logwtmp.c +++ b/appl/ftp/ftpd/logwtmp.c @@ -107,7 +107,9 @@ static void ftpd_logwtmp_wtmp(char *line, char *name, char *host) { static int init = 0; +#ifdef WTMP_FILE static int fd; +#endif #ifdef WTMPX_FILE static int fdx; #endif @@ -117,6 +119,9 @@ ftpd_logwtmp_wtmp(char *line, char *name, char *host) #if defined(WTMPX_FILE) || defined(HAVE_UTMPX_H) struct utmpx utx; #endif +#if defined(WTMP_FILE) || defined(WTMPX_FILE) + ssize_t ret; +#endif #ifdef HAVE_UTMPX_H memset(&utx, 0, sizeof(struct utmpx)); @@ -176,14 +181,18 @@ ftpd_logwtmp_wtmp(char *line, char *name, char *host) #endif init = 1; } +#if defined(WTMP_FILE) || defined(WTMPX_FILE) if(fd >= 0) { #ifdef WTMP_FILE - write(fd, &ut, sizeof(struct utmp)); /* XXX */ + ret = write(fd, &ut, sizeof(struct utmp)); /* XXX */ #endif #ifdef WTMPX_FILE - write(fdx, &utx, sizeof(struct utmpx)); + ret = write(fdx, &utx, sizeof(struct utmpx)); #endif + if (ret == -1) + syslog(LOG_ERR, "ftpd_logwtmp_wtmp(): write(2) failed: %m"); } +#endif } #endif /* !HAVE_ASL_H */ diff --git a/appl/gssmask/gssmaestro.c b/appl/gssmask/gssmaestro.c index c972cada2..90fa43536 100644 --- a/appl/gssmask/gssmaestro.c +++ b/appl/gssmask/gssmaestro.c @@ -280,7 +280,7 @@ wait_log(struct client *c) if (fd < 0) err(1, "failed to build socket for %s's logging port", c->moniker); - ((struct sockaddr *)&sast)->sa_family = c->sa->sa_family; + sast.ss_family = c->sa->sa_family; ret = bind(fd, (struct sockaddr *)&sast, c->salen); if (ret < 0) err(1, "failed to bind %s's logging port", c->moniker); diff --git a/appl/gssmask/gssmask.c b/appl/gssmask/gssmask.c index 98a073849..5a454fc81 100644 --- a/appl/gssmask/gssmask.c +++ b/appl/gssmask/gssmask.c @@ -73,10 +73,13 @@ logmessage(struct client *c, const char *file, unsigned int lineno, char *message; va_list ap; int32_t ackid; + int ret; va_start(ap, fmt); - vasprintf(&message, fmt, ap); + ret = vasprintf(&message, fmt, ap); va_end(ap); + if (ret == -1) + errx(1, "out of memory"); if (logfile) fprintf(logfile, "%s:%u: %d %s\n", file, lineno, level, message); @@ -643,6 +646,7 @@ HandleOP(GetVersionAndCapabilities) { int32_t cap = HAS_MONIKER; char name[256] = "unknown", *str; + int ret; if (targetname) cap |= ISSERVER; /* is server */ @@ -657,7 +661,9 @@ HandleOP(GetVersionAndCapabilities) } #endif - asprintf(&str, "gssmask %s %s", PACKAGE_STRING, name); + ret = asprintf(&str, "gssmask %s %s", PACKAGE_STRING, name); + if (ret == -1) + errx(1, "out of memory"); put32(c, GSSMAGGOTPROTOCOL); put32(c, cap); @@ -1084,6 +1090,7 @@ static struct client * create_client(int fd, int port, const char *moniker) { struct client *c; + int ret; c = ecalloc(1, sizeof(*c)); @@ -1092,9 +1099,14 @@ create_client(int fd, int port, const char *moniker) } else { char hostname[MAXHOSTNAMELEN]; gethostname(hostname, sizeof(hostname)); - asprintf(&c->moniker, "gssmask: %s:%d", hostname, port); + ret = asprintf(&c->moniker, "gssmask: %s:%d", hostname, port); + if (ret == -1) + c->moniker = NULL; } + if (!c->moniker) + errx(1, "out of memory"); + { c->salen = sizeof(c->sa); getpeername(fd, (struct sockaddr *)&c->sa, &c->salen); diff --git a/appl/kf/kf.c b/appl/kf/kf.c index e3e72ab06..bce958b98 100644 --- a/appl/kf/kf.c +++ b/appl/kf/kf.c @@ -51,8 +51,8 @@ static struct getargs args[] = { "Forward forwardable credentials", NULL }, { "forwardable",'G',arg_negative_flag,&forwardable, "Don't forward forwardable credentials", NULL }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); diff --git a/appl/kf/kfd.c b/appl/kf/kfd.c index 71f48c935..ee76a260c 100644 --- a/appl/kf/kfd.c +++ b/appl/kf/kfd.c @@ -49,8 +49,8 @@ static struct getargs args[] = { { "inetd",'i',arg_flag, &do_inetd, "Not started from inetd", NULL }, { "regpag",'R',arg_string,®pag_str,"path to regpag binary","regpag"}, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); diff --git a/appl/kx/krb5.c b/appl/kx/krb5.c index eeb62a2d2..ded9236ef 100644 --- a/appl/kx/krb5.c +++ b/appl/kx/krb5.c @@ -65,17 +65,19 @@ ksyslog(krb5_context context, krb5_error_code ret, const char *fmt, ...) const char *msg; char *str = NULL; va_list va; + int aret; msg = krb5_get_error_message(context, ret); va_start(va, fmt); - vasprintf(&str, fmt, va); + aret = vasprintf(&str, fmt, va); va_end(va); - syslog(LOG_ERR, "%s: %s", str, msg); + syslog(LOG_ERR, "%s: %s", aret != -1 ? str : "(nil)", msg); krb5_free_error_message(context, msg); - free(str); + if (aret != -1) + free(str); } /* diff --git a/appl/kx/kx.c b/appl/kx/kx.c index ffc2e85b5..66363939b 100644 --- a/appl/kx/kx.c +++ b/appl/kx/kx.c @@ -616,13 +616,13 @@ struct getargs args[] = { { "user", 'l', arg_string, &user, "Run as this user", NULL }, { "tcp", 't', arg_flag, &tcp_flag, - "Use a TCP connection for X11" }, + "Use a TCP connection for X11", NULL }, { "passive", 'P', arg_flag, &passive_flag, - "Force a passive connection" }, + "Force a passive connection", NULL }, { "keepalive", 'k', arg_negative_flag, &keepalive_flag, - "disable keep-alives" }, + "disable keep-alives", NULL }, { "debug", 'd', arg_flag, &debug_flag, - "Enable debug information" }, + "Enable debug information", NULL }, { "version", 0, arg_flag, &version_flag, "Print version", NULL }, { "help", 0, arg_flag, &help_flag, NULL, diff --git a/appl/kx/kxd.c b/appl/kx/kxd.c index 8598fb167..11f356f1c 100644 --- a/appl/kx/kxd.c +++ b/appl/kx/kxd.c @@ -336,7 +336,7 @@ doit_conn (kx_context *kc, } #endif memset (&__ss_addr, 0, sizeof(__ss_addr)); - addr->sa_family = kc->thisaddr->sa_family; + __ss_addr.ss_family = kc->thisaddr->sa_family; if (kc->thisaddr_len > sizeof(__ss_addr)) { syslog(LOG_ERR, "error in af"); return 1; @@ -403,6 +403,7 @@ close_connection(int fd, const char *message) char *p; int lsb = 0; size_t mlen; + ssize_t ret; mlen = strlen(message); if(mlen > 255) @@ -433,7 +434,7 @@ close_connection(int fd, const char *message) buf[6] = 0; buf[7] = (p - buf - 8) / 4; } - write(fd, buf, p - buf); + ret = write(fd, buf, p - buf); close(fd); } @@ -707,12 +708,13 @@ static int help_flag = 0; struct getargs args[] = { { "inetd", 'i', arg_negative_flag, &inetd_flag, - "Not started from inetd" }, - { "tcp", 't', arg_flag, &tcp_flag, "Use TCP" }, + "Not started from inetd", NULL }, + { "tcp", 't', arg_flag, &tcp_flag, "Use TCP", + NULL }, { "port", 'p', arg_string, &port_str, "Use this port", "port" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static void diff --git a/appl/login/env.c b/appl/login/env.c index 98ae93086..fc2e8b826 100644 --- a/appl/login/env.c +++ b/appl/login/env.c @@ -53,10 +53,11 @@ extend_env(char *str) void add_env(const char *var, const char *value) { + int aret; int i; char *str; - asprintf(&str, "%s=%s", var, value); - if(str == NULL) + aret = asprintf(&str, "%s=%s", var, value); + if(aret == -1) errx(1, "Out of memory!"); for(i = 0; i < num_env; i++) if(strncmp(env[i], var, strlen(var)) == 0 && diff --git a/appl/login/limits_conf.c b/appl/login/limits_conf.c index 1068b9670..492b14de7 100644 --- a/appl/login/limits_conf.c +++ b/appl/login/limits_conf.c @@ -48,7 +48,7 @@ struct limit { int has_limit; struct rlimit limit; } limits[] = { -#define LIM(X, S) { #X, RLIMIT_##X, S, 0 } +#define LIM(X, S) { #X, RLIMIT_##X, S, 0, {0, 0} } LIM(CORE, 1024), LIM(CPU, 60), LIM(DATA, 1024), @@ -75,7 +75,7 @@ struct limit { maxlogins priority */ - { NULL, 0 } + { NULL, 0, 0, 0, {0, 0} } }; static struct limit * diff --git a/appl/login/login.c b/appl/login/login.c index 6b16f0b71..1d8138b69 100644 --- a/appl/login/login.c +++ b/appl/login/login.c @@ -246,18 +246,19 @@ static char *remote_host; static char *auth_level = NULL; struct getargs args[] = { - { NULL, 'a', arg_string, &auth_level, "authentication mode" }, + { NULL, 'a', arg_string, &auth_level, "authentication mode", NULL }, #if 0 - { NULL, 'd' }, + { NULL, 'd', NULL, NULL, NULL, NULL }, #endif - { NULL, 'f', arg_flag, &f_flag, "pre-authenticated" }, + { NULL, 'f', arg_flag, &f_flag, "pre-authenticated", NULL }, { NULL, 'h', arg_string, &remote_host, "remote host", "hostname" }, - { NULL, 'p', arg_flag, &p_flag, "don't purge environment" }, + { NULL, 'p', arg_flag, &p_flag, "don't purge environment", + NULL }, #if 0 - { NULL, 'r', arg_flag, &r_flag, "rlogin protocol" }, + { NULL, 'r', arg_flag, &r_flag, "rlogin protocol", NULL }, #endif - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag,&help_flag, } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag,&help_flag, NULL, NULL } }; int nargs = sizeof(args) / sizeof(args[0]); diff --git a/appl/otp/otp.c b/appl/otp/otp.c index ef3e4ab15..320646f7e 100644 --- a/appl/otp/otp.c +++ b/appl/otp/otp.c @@ -46,16 +46,16 @@ static int version_flag; static int help_flag; struct getargs args[] = { - { "list", 'l', arg_flag, &listp, "list OTP status" }, - { "delete", 'd', arg_flag, &deletep, "delete OTP" }, - { "open", 'o', arg_flag, &openp, "open a locked OTP" }, - { "renew", 'r', arg_flag, &renewp, "securely renew OTP" }, + { "list", 'l', arg_flag, &listp, "list OTP status", NULL }, + { "delete", 'd', arg_flag, &deletep, "delete OTP", NULL }, + { "open", 'o', arg_flag, &openp, "open a locked OTP", NULL }, + { "renew", 'r', arg_flag, &renewp, "securely renew OTP", NULL }, { "hash", 'f', arg_string, &alg_string, "hash algorithm (md4, md5, or sha)", "algorithm"}, { "user", 'u', arg_string, &user, "user other than current user (root only)", "user" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL } }; int num_args = sizeof(args) / sizeof(args[0]); diff --git a/appl/otp/otpprint.c b/appl/otp/otpprint.c index 662afeb46..056309d3d 100644 --- a/appl/otp/otpprint.c +++ b/appl/otp/otpprint.c @@ -44,13 +44,14 @@ static int version_flag; static int help_flag; struct getargs args[] = { - { "extended", 'e', arg_flag, &extendedp, "print keys in extended format" }, - { "count", 'n', arg_integer, &count, "number of keys to print" }, - { "hexadecimal", 'h', arg_flag, &hexp, "output in hexadecimal" }, + { "extended", 'e', arg_flag, &extendedp, "print keys in extended format", + NULL }, + { "count", 'n', arg_integer, &count, "number of keys to print", NULL }, + { "hexadecimal", 'h', arg_flag, &hexp, "output in hexadecimal", NULL }, { "hash", 'f', arg_string, &alg_string, "hash algorithm (md4, md5, or sha)", "algorithm"}, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; int num_args = sizeof(args) / sizeof(args[0]); diff --git a/appl/popper/Makefile.am b/appl/popper/Makefile.am index 2fb612dd6..d39c45b03 100644 --- a/appl/popper/Makefile.am +++ b/appl/popper/Makefile.am @@ -2,6 +2,8 @@ include $(top_srcdir)/Makefile.am.common +WFLAGS += $(WFLAGS_LITE) + noinst_PROGRAMS = pop_debug libexec_PROGRAMS = popper diff --git a/appl/push/push.c b/appl/push/push.c index 659d10214..5990c28e5 100644 --- a/appl/push/push.c +++ b/appl/push/push.c @@ -223,7 +223,7 @@ doit(int s, unsigned sent_xdele = 0; int out_fd; char from_line[128]; - size_t from_line_length; + ssize_t from_line_length; time_t now; struct write_state write_state; unsigned int numheaders = 1; diff --git a/appl/rcp/Makefile.am b/appl/rcp/Makefile.am index 7bd48bac8..db7ed7f30 100644 --- a/appl/rcp/Makefile.am +++ b/appl/rcp/Makefile.am @@ -2,6 +2,8 @@ include $(top_srcdir)/Makefile.am.common +WFLAGS += $(WFLAGS_LITE) + bin_PROGRAMS = rcp rcp_SOURCES = rcp.c util.c rcp_locl.h extern.h diff --git a/appl/rcp/rcp.c b/appl/rcp/rcp.c index 9297af6d7..2ad8ff607 100644 --- a/appl/rcp/rcp.c +++ b/appl/rcp/rcp.c @@ -58,21 +58,23 @@ static int fflag, tflag; static int version_flag, help_flag; struct getargs args[] = { - { NULL, '4', arg_flag, &usekrb4, "use Kerberos 4 authentication" }, - { NULL, '5', arg_flag, &usekrb5, "use Kerberos 5 authentication" }, - { NULL, 'F', arg_flag, &forwardtkt, "forward credentials" }, - { NULL, 'K', arg_flag, &usebroken, "use BSD authentication" }, - { NULL, 'P', arg_string, &port, "non-default port", "port" }, - { NULL, 'p', arg_flag, &pflag, "preserve file permissions" }, - { NULL, 'r', arg_flag, &iamrecursive, "recursive mode" }, - { NULL, 'x', arg_flag, &doencrypt, "use encryption" }, - { NULL, 'z', arg_flag, &noencrypt, "don't encrypt" }, - { NULL, 'd', arg_flag, &targetshouldbedirectory }, - { NULL, 'e', arg_flag, &eflag, "passed to rsh" }, - { NULL, 'f', arg_flag, &fflag }, - { NULL, 't', arg_flag, &tflag }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { NULL, '4', arg_flag, &usekrb4, "use Kerberos 4 authentication", NULL }, + { NULL, '5', arg_flag, &usekrb5, "use Kerberos 5 authentication", NULL }, + { NULL, 'F', arg_flag, &forwardtkt, "forward credentials", NULL }, + { NULL, 'K', arg_flag, &usebroken, "use BSD authentication", + NULL }, + { NULL, 'P', arg_string, &port, "non-default port", "port" }, + { NULL, 'p', arg_flag, &pflag, "preserve file permissions", + NULL }, + { NULL, 'r', arg_flag, &iamrecursive, "recursive mode", NULL }, + { NULL, 'x', arg_flag, &doencrypt, "use encryption", NULL }, + { NULL, 'z', arg_flag, &noencrypt, "don't encrypt", NULL }, + { NULL, 'd', arg_flag, &targetshouldbedirectory, NULL, NULL }, + { NULL, 'e', arg_flag, &eflag, "passed to rsh", NULL }, + { NULL, 'f', arg_flag, &fflag, NULL, NULL }, + { NULL, 't', arg_flag, &tflag, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static void diff --git a/appl/rsh/Makefile.am b/appl/rsh/Makefile.am index 2cd18752f..86c41b064 100644 --- a/appl/rsh/Makefile.am +++ b/appl/rsh/Makefile.am @@ -4,6 +4,8 @@ include $(top_srcdir)/Makefile.am.common AM_CPPFLAGS += -I$(srcdir)/../login $(INCLUDE_hcrypto) +WFLAGS += $(WFLAGS_LITE) + bin_PROGRAMS = rsh man_MANS = rsh.1 rshd.8 diff --git a/appl/su/su.c b/appl/su/su.c index 902af4b04..578ee1c78 100644 --- a/appl/su/su.c +++ b/appl/su/su.c @@ -80,19 +80,19 @@ char tkfile[256]; struct getargs args[] = { { "kerberos", 'K', arg_negative_flag, &kerberos_flag, - "don't use kerberos" }, + "don't use kerberos", NULL }, { NULL, 'f', arg_flag, &csh_f_flag, - "don't read .cshrc" }, + "don't read .cshrc", NULL }, { "full", 'l', arg_flag, &full_login, - "simulate full login" }, + "simulate full login", NULL }, { NULL, 'm', arg_flag, &env_flag, - "leave environment unmodified" }, + "leave environment unmodified", NULL }, { "instance", 'i', arg_string, &kerberos_instance, - "root instance to use" }, + "root instance to use", NULL }, { "command", 'c', arg_string, &cmd, - "command to execute" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag }, + "command to execute", NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL }, }; diff --git a/appl/telnet/libtelnet/Makefile.am b/appl/telnet/libtelnet/Makefile.am index 66571d5db..c296cb3bb 100644 --- a/appl/telnet/libtelnet/Makefile.am +++ b/appl/telnet/libtelnet/Makefile.am @@ -4,6 +4,8 @@ include $(top_srcdir)/Makefile.am.common AM_CPPFLAGS += -I$(srcdir)/.. $(INCLUDE_hcrypto) +WFLAGS += $(WFLAGS_LITE) + noinst_LIBRARIES = libtelnet.a libtelnet_a_SOURCES = \ diff --git a/appl/telnet/libtelnet/auth.c b/appl/telnet/libtelnet/auth.c index 1c01245d1..5c8647b43 100644 --- a/appl/telnet/libtelnet/auth.c +++ b/appl/telnet/libtelnet/auth.c @@ -166,10 +166,10 @@ Authenticator authenticators[] = { rsaencpwd_status, rsaencpwd_printsub }, #endif - { 0, }, + { 0, 0, NULL, NULL, NULL, NULL, NULL, NULL }, }; -static Authenticator NoAuth = { 0 }; +static Authenticator NoAuth = { 0, 0, NULL, NULL, NULL, NULL, NULL, NULL }; static int i_support = 0; static int i_wont_support = 0; diff --git a/appl/telnet/libtelnet/encrypt.c b/appl/telnet/libtelnet/encrypt.c index 58e081d42..1d3df9323 100644 --- a/appl/telnet/libtelnet/encrypt.c +++ b/appl/telnet/libtelnet/encrypt.c @@ -128,7 +128,7 @@ static long i_support_encrypt = typemask(ENCTYPE_DES_CFB64) ofb64_keyid, ofb64_printsub }, #endif - { 0, }, + { 0, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }, }; static unsigned char str_send[64] = { IAC, SB, TELOPT_ENCRYPT, diff --git a/appl/telnet/telnet/Makefile.am b/appl/telnet/telnet/Makefile.am index 34e0fe641..dec8b1ec3 100644 --- a/appl/telnet/telnet/Makefile.am +++ b/appl/telnet/telnet/Makefile.am @@ -2,6 +2,8 @@ include $(top_srcdir)/Makefile.am.common +WFLAGS += $(WFLAGS_LITE) + AM_CPPFLAGS += -I$(srcdir)/.. $(INCLUDE_hcrypto) bin_PROGRAMS = telnet diff --git a/appl/telnet/telnetd/Makefile.am b/appl/telnet/telnetd/Makefile.am index d8f5b19f3..7e384fa0e 100644 --- a/appl/telnet/telnetd/Makefile.am +++ b/appl/telnet/telnetd/Makefile.am @@ -2,6 +2,8 @@ include $(top_srcdir)/Makefile.am.common +WFLAGS += $(WFLAGS_LITE) + AM_CPPFLAGS += -I$(srcdir)/.. $(INCLUDE_hcrypto) libexec_PROGRAMS = telnetd diff --git a/appl/telnet/telnetd/utility.c b/appl/telnet/telnetd/utility.c index 48d2cf5e2..5b0129c0f 100644 --- a/appl/telnet/telnetd/utility.c +++ b/appl/telnet/telnetd/utility.c @@ -87,7 +87,7 @@ ttloop(void) int stilloob(int s) { - static struct timeval timeout = { 0 }; + static struct timeval timeout = { 0, 0 }; fd_set excepts; int value; diff --git a/appl/test/Makefile.am b/appl/test/Makefile.am index 85f613748..15ed68fca 100644 --- a/appl/test/Makefile.am +++ b/appl/test/Makefile.am @@ -2,6 +2,8 @@ include $(top_srcdir)/Makefile.am.common +WFLAGS += $(WFLAGS_LITE) + noinst_PROGRAMS = tcp_client tcp_server gssapi_server gssapi_client \ uu_server uu_client nt_gss_server nt_gss_client http_client diff --git a/appl/test/common.c b/appl/test/common.c index e0cf264af..40158846b 100644 --- a/appl/test/common.c +++ b/appl/test/common.c @@ -51,9 +51,9 @@ static struct getargs args[] = { { "keytab", 'k', arg_string, &keytab_str, "keytab to use", "keytab" }, { "mech", 'm', arg_string, &mech, "gssapi mech to use", "mech" }, { "password", 'P', arg_string, &password, "password to use", "password" }, - { "fork", 'f', arg_flag, &fork_flag, "do fork" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } + { "fork", 'f', arg_flag, &fork_flag, "do fork", NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); diff --git a/appl/test/http_client.c b/appl/test/http_client.c index c9e1c8492..90a587aac 100644 --- a/appl/test/http_client.c +++ b/appl/test/http_client.c @@ -117,15 +117,17 @@ static char *port_str = "http"; static char *gss_service = "HTTP"; static struct getargs http_args[] = { - { "verbose", 'v', arg_flag, &verbose_flag, "verbose logging", }, + { "verbose", 'v', arg_flag, &verbose_flag, "verbose logging", NULL }, { "port", 'p', arg_string, &port_str, "port to connect to", "port" }, - { "delegate", 0, arg_flag, &delegate_flag, "gssapi delegate credential" }, + { "delegate", 0, arg_flag, &delegate_flag, "gssapi delegate credential", + NULL }, { "gss-service", 's', arg_string, &gss_service, "gssapi service to use", "service" }, { "mech", 'm', arg_string, &mech, "gssapi mech to use", "mech" }, - { "mutual", 0, arg_negative_flag, &mutual_flag, "no gssapi mutual auth" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } + { "mutual", 0, arg_negative_flag, &mutual_flag, "no gssapi mutual auth", + NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL } }; static int num_http_args = sizeof(http_args) / sizeof(http_args[0]); diff --git a/appl/test/nt_gss_server.c b/appl/test/nt_gss_server.c index cdfee1ea5..d6f7cc1be 100644 --- a/appl/test/nt_gss_server.c +++ b/appl/test/nt_gss_server.c @@ -58,8 +58,8 @@ static struct getargs args[] = { { "service", 's', arg_string, &service, "service to use", "service" }, { "dump-auth", 0, arg_string, &auth_file, "dump authorization data", "file" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); diff --git a/base/bsearch.c b/base/bsearch.c index 24fd77cfa..278962172 100644 --- a/base/bsearch.c +++ b/base/bsearch.c @@ -171,7 +171,7 @@ bsearch_common(const char *buf, size_t sz, const char *key, /* Binary search; file should be sorted */ for (l = 0, r = rmax = sz, i = sz >> 1; i >= l && i < rmax; loop_count++) { - heim_assert(i >= 0 && i < sz, "invalid aname2lname db index"); + heim_assert(i < sz, "invalid aname2lname db index"); /* buf[i] is likely in the middle of a line; find the next line */ linep = find_line(buf, i, rmax); diff --git a/base/test_base.c b/base/test_base.c index 78a1c4f4c..838e6cfe2 100644 --- a/base/test_base.c +++ b/base/test_base.c @@ -279,7 +279,7 @@ test_json(void) for (k = strlen(j[i]) - 1; k > 0; k--) { o = heim_json_create_with_bytes(j[i], k, 10, 0, NULL); if (o != NULL) { - fprintf(stderr, "Invalid JSON parsed: %.*s\n", k, j[i]); + fprintf(stderr, "Invalid JSON parsed: %.*s\n", (int)k, j[i]); return EINVAL; } } @@ -585,14 +585,22 @@ static void test_db_iter(heim_data_t k, heim_data_t v, void *arg) { int *ret = arg; + const void *kptr, *vptr; + size_t klen, vlen; heim_assert(heim_get_tid(k) == heim_data_get_type_id(), "..."); - if (heim_data_get_length(k) == strlen("msg") && strncmp(heim_data_get_ptr(k), "msg", strlen("msg")) == 0 && - heim_data_get_length(v) == strlen("abc") && strncmp(heim_data_get_ptr(v), "abc", strlen("abc")) == 0) + kptr = heim_data_get_ptr(k); + klen = heim_data_get_length(k); + vptr = heim_data_get_ptr(v); + vlen = heim_data_get_length(v); + + if (klen == strlen("msg") && !strncmp(kptr, "msg", strlen("msg")) && + vlen == strlen("abc") && !strncmp(vptr, "abc", strlen("abc"))) *ret &= ~(1); - else if (heim_data_get_length(k) == strlen("msg2") && strncmp(heim_data_get_ptr(k), "msg2", strlen("msg2")) == 0 && - heim_data_get_length(v) == strlen("FooBar") && strncmp(heim_data_get_ptr(v), "FooBar", strlen("FooBar")) == 0) + else if (klen == strlen("msg2") && + !strncmp(kptr, "msg2", strlen("msg2")) && + vlen == strlen("FooBar") && !strncmp(vptr, "FooBar", strlen("FooBar"))) *ret &= ~(2); else *ret |= 4; diff --git a/cf/roken-frag.m4 b/cf/roken-frag.m4 index 7e9f8da11..3a06bb4a2 100644 --- a/cf/roken-frag.m4 +++ b/cf/roken-frag.m4 @@ -28,7 +28,7 @@ dnl C characteristics AC_REQUIRE([AC_C___ATTRIBUTE__]) AC_REQUIRE([AC_C_INLINE]) AC_REQUIRE([AC_C_CONST]) -rk_WFLAGS(-Wall -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs) +rk_WFLAGS(-Wall -Wextra -Wno-sign-compare -Wno-unused-parameter -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs) AC_REQUIRE([rk_DB]) diff --git a/cf/wflags.m4 b/cf/wflags.m4 index f610ac61e..53472b8cf 100644 --- a/cf/wflags.m4 +++ b/cf/wflags.m4 @@ -20,10 +20,16 @@ if test -z "$WFLAGS" -a "$GCC" = "yes"; then # -Wmissing-declarations -Wnested-externs # -Wstrict-overflow=5 WFLAGS="ifelse($#, 0,-Wall, $1) $dwflags" - WFLAGS_NOUNUSED="-Wno-unused" WFLAGS_NOIMPLICITINT="-Wno-implicit-int" + + # + # WFLAGS_LITE can be appended to WFLAGS to turn off a host of warnings + # that fail for various bits of older code in appl/. Let's not use it + # for the main libraries, though. + + WFLAGS_LITE="-Wno-extra -Wno-missing-field-initializers -Wno-strict-aliasing -Wno-unused-result" fi AC_SUBST(WFLAGS)dnl -AC_SUBST(WFLAGS_NOUNUSED)dnl +AC_SUBST(WFLAGS_LITE)dnl AC_SUBST(WFLAGS_NOIMPLICITINT)dnl ]) diff --git a/kadmin/add-random-users.c b/kadmin/add-random-users.c index c3beaf206..64f22f5d1 100644 --- a/kadmin/add-random-users.c +++ b/kadmin/add-random-users.c @@ -139,8 +139,8 @@ static int version_flag = 0; static int help_flag = 0; static struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static void diff --git a/kadmin/ank.c b/kadmin/ank.c index 7ed66ff73..c1488d035 100644 --- a/kadmin/ank.c +++ b/kadmin/ank.c @@ -125,10 +125,18 @@ add_one_principal (const char *name, } else if(password == NULL) { char *princ_name; char *prompt; + int aret; - krb5_unparse_name(context, princ_ent, &princ_name); - asprintf (&prompt, "%s's Password: ", princ_name); + ret = krb5_unparse_name(context, princ_ent, &princ_name); + if (ret) + goto out; + aret = asprintf (&prompt, "%s's Password: ", princ_name); free (princ_name); + if (aret == -1) { + ret = ENOMEM; + krb5_set_error_message(context, ret, "out of memory"); + goto out; + } ret = UI_UTIL_read_pw_string (pwbuf, sizeof(pwbuf), prompt, 1); free (prompt); if (ret) { diff --git a/kadmin/cpw.c b/kadmin/cpw.c index a5ca9ff74..425575d89 100644 --- a/kadmin/cpw.c +++ b/kadmin/cpw.c @@ -85,14 +85,19 @@ set_password (krb5_principal principal, char *password, int keepold) { krb5_error_code ret = 0; char pwbuf[128]; + int aret; if(password == NULL) { char *princ_name; char *prompt; - krb5_unparse_name(context, principal, &princ_name); - asprintf(&prompt, "%s's Password: ", princ_name); + ret = krb5_unparse_name(context, principal, &princ_name); + if (ret) + return ret; + aret = asprintf(&prompt, "%s's Password: ", princ_name); free (princ_name); + if (aret == -1) + return ENOMEM; ret = UI_UTIL_read_pw_string(pwbuf, sizeof(pwbuf), prompt, 1); free (prompt); if(ret){ diff --git a/kadmin/get.c b/kadmin/get.c index 6c2bc78d0..802b65dc5 100644 --- a/kadmin/get.c +++ b/kadmin/get.c @@ -66,7 +66,7 @@ static struct field_name { { "aliases", KADM5_TL_DATA, KRB5_TL_ALIASES, 0, "Aliases", "Aliases", 0 }, { "hist-kvno-diff-clnt", KADM5_TL_DATA, KRB5_TL_HIST_KVNO_DIFF_CLNT, 0, "Clnt hist keys", "Historic keys allowed for client", 0 }, { "hist-kvno-diff-svc", KADM5_TL_DATA, KRB5_TL_HIST_KVNO_DIFF_SVC, 0, "Svc hist keys", "Historic keys allowed for service", 0 }, - { NULL } + { NULL, 0, 0, 0, NULL, NULL, 0 } }; struct field_info { @@ -125,12 +125,17 @@ format_keytype(krb5_key_data *k, krb5_salt *def_salt, char *buf, size_t buf_len) { krb5_error_code ret; char *s; + int aret; + buf[0] = '\0'; ret = krb5_enctype_to_string (context, k->key_data_type[0], &s); - if (ret) - asprintf (&s, "unknown(%d)", k->key_data_type[0]); + if (ret) { + aret = asprintf (&s, "unknown(%d)", k->key_data_type[0]); + if (aret == -1) + return; /* Nothing to do here, we have no way to pass the err */ + } strlcpy(buf, s, buf_len); free(s); @@ -140,21 +145,29 @@ format_keytype(krb5_key_data *k, krb5_salt *def_salt, char *buf, size_t buf_len) k->key_data_type[0], k->key_data_type[1], &s); - if (ret) - asprintf (&s, "unknown(%d)", k->key_data_type[1]); + if (ret) { + aret = asprintf (&s, "unknown(%d)", k->key_data_type[1]); + if (aret == -1) + return; /* Again, nothing else to do... */ + } strlcat(buf, s, buf_len); free(s); + aret = 0; if (cmp_salt(def_salt, k) == 0) s = strdup(""); else if(k->key_data_length[1] == 0) s = strdup("()"); else - asprintf (&s, "(%.*s)", k->key_data_length[1], - (char *)k->key_data_contents[1]); + aret = asprintf (&s, "(%.*s)", k->key_data_length[1], + (char *)k->key_data_contents[1]); + if (aret == -1 || s == NULL) + return; /* Again, nothing else we can do... */ strlcat(buf, s, buf_len); free(s); - asprintf (&s, "[%d]", k->key_data_kvno); + aret = asprintf (&s, "[%d]", k->key_data_kvno); + if (aret == -1) + return; strlcat(buf, ")", buf_len); strlcat(buf, s, buf_len); diff --git a/kadmin/kadmin.c b/kadmin/kadmin.c index 538507476..602ef91a5 100644 --- a/kadmin/kadmin.c +++ b/kadmin/kadmin.c @@ -159,6 +159,7 @@ main(int argc, char **argv) kadm5_config_params conf; int optidx = 0; int exit_status = 0; + int aret; setprogname(argv[0]); @@ -181,8 +182,8 @@ main(int argc, char **argv) argv += optidx; if (config_file == NULL) { - asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); - if (config_file == NULL) + aret = asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); + if (aret == -1) errx(1, "out of memory"); } diff --git a/kadmin/kadmind.c b/kadmin/kadmind.c index f99f95723..ba6aabcd9 100644 --- a/kadmin/kadmind.c +++ b/kadmin/kadmind.c @@ -119,8 +119,10 @@ main(int argc, char **argv) argv += optidx; if (config_file == NULL) { - asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); - if (config_file == NULL) + int aret; + + aret = asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); + if (aret == -1) errx(1, "out of memory"); } diff --git a/kadmin/stash.c b/kadmin/stash.c index f9b940ac5..9585535e1 100644 --- a/kadmin/stash.c +++ b/kadmin/stash.c @@ -45,6 +45,7 @@ stash(struct stash_options *opt, int argc, char **argv) krb5_error_code ret; krb5_enctype enctype; hdb_master_key mkey; + int aret; if(!local_flag) { krb5_warnx(context, "stash is only available in local (-l) mode"); @@ -58,8 +59,8 @@ stash(struct stash_options *opt, int argc, char **argv) } if(opt->key_file_string == NULL) { - asprintf(&opt->key_file_string, "%s/m-key", hdb_db_dir(context)); - if (opt->key_file_string == NULL) + aret = asprintf(&opt->key_file_string, "%s/m-key", hdb_db_dir(context)); + if (aret == -1) errx(1, "out of memory"); } @@ -108,10 +109,16 @@ stash(struct stash_options *opt, int argc, char **argv) } { - char *new, *old; - asprintf(&old, "%s.old", opt->key_file_string); - asprintf(&new, "%s.new", opt->key_file_string); - if(old == NULL || new == NULL) { + char *new = NULL, *old = NULL; + int aret; + + aret = asprintf(&old, "%s.old", opt->key_file_string); + if (aret == -1) { + ret = ENOMEM; + goto out; + } + aret = asprintf(&new, "%s.new", opt->key_file_string); + if (aret == -1) { ret = ENOMEM; goto out; } diff --git a/kcm/cache.c b/kcm/cache.c index 1bd220c8a..a527369f7 100644 --- a/kcm/cache.c +++ b/kcm/cache.c @@ -42,12 +42,15 @@ char *kcm_ccache_nextid(pid_t pid, uid_t uid, gid_t gid) { unsigned n; char *name; + int ret; HEIMDAL_MUTEX_lock(&ccache_mutex); n = ++ccache_nextid; HEIMDAL_MUTEX_unlock(&ccache_mutex); - asprintf(&name, "%ld:%u", (long)uid, n); + ret = asprintf(&name, "%ld:%u", (long)uid, n); + if (ret == -1) + return NULL; return name; } diff --git a/kcm/config.c b/kcm/config.c index 26c48be3c..8659c0a99 100644 --- a/kcm/config.c +++ b/kcm/config.c @@ -86,22 +86,22 @@ static struct getargs args[] = { }, { "launchd", 0, arg_flag, &launchd_flag, - "when in use by launchd" + "when in use by launchd", NULL }, #ifdef SUPPORT_DETACH #if DETACH_IS_DEFAULT { "detach", 'D', arg_negative_flag, &detach_from_console, - "don't detach from console" + "don't detach from console", NULL }, #else { "detach", 0 , arg_flag, &detach_from_console, - "detach from console" + "detach from console", NULL }, #endif #endif - { "help", 'h', arg_flag, &help_flag }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, { "system-principal", 'k', arg_string, &system_principal, "system principal name", "principal" @@ -116,11 +116,11 @@ static struct getargs args[] = { }, { "name-constraints", 'n', arg_negative_flag, &name_constraints, - "disable credentials cache name constraints" + "disable credentials cache name constraints", NULL }, { "disallow-getting-krbtgt", 0, arg_flag, &disallow_getting_krbtgt, - "disable fetching krbtgt from the cache" + "disable fetching krbtgt from the cache", NULL }, { "renewable-life", 'r', arg_string, &renew_life, @@ -148,7 +148,7 @@ static struct getargs args[] = { "user", 'u', arg_string, &system_user, "system cache owner", "user" }, - { "version", 'v', arg_flag, &version_flag } + { "version", 'v', arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); diff --git a/kcm/glue.c b/kcm/glue.c index 8b0d17226..b4a131963 100644 --- a/kcm/glue.c +++ b/kcm/glue.c @@ -263,7 +263,16 @@ static const krb5_cc_ops krb5_kcmss_ops = { kcmss_end_get, kcmss_remove_cred, kcmss_set_flags, - kcmss_get_version + kcmss_get_version, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, }; krb5_error_code diff --git a/kcm/main.c b/kcm/main.c index 2b3af2220..71681bd4a 100644 --- a/kcm/main.c +++ b/kcm/main.c @@ -102,7 +102,8 @@ main(int argc, char **argv) #endif #ifdef SUPPORT_DETACH if (detach_from_console) - daemon(0, 0); + if (daemon(0, 0) == -1) + err(1, "daemon"); #endif pidfile(NULL); diff --git a/kcm/protocol.c b/kcm/protocol.c index 0cf7157b7..5d7a63503 100644 --- a/kcm/protocol.c +++ b/kcm/protocol.c @@ -1070,6 +1070,7 @@ kcm_op_get_default_cache(krb5_context context, krb5_error_code ret; const char *name = NULL; char *n = NULL; + int aret; KCM_LOG_REQUEST(context, client, opcode); @@ -1083,8 +1084,9 @@ kcm_op_get_default_cache(krb5_context context, name = n = kcm_ccache_first_name(client); if (name == NULL) { - asprintf(&n, "%d", (int)client->uid); - name = n; + aret = asprintf(&n, "%d", (int)client->uid); + if (aret != -1) + name = n; } if (name == NULL) return ENOMEM; diff --git a/kdc/config.c b/kdc/config.c index 485f20be2..bc5820c75 100644 --- a/kdc/config.c +++ b/kdc/config.c @@ -181,10 +181,11 @@ configure(krb5_context context, int argc, char **argv, int *optidx) { char **files; + int aret; if (config_file == NULL) { - asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); - if (config_file == NULL) + aret = asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); + if (aret == -1 || config_file == NULL) errx(1, "out of memory"); } diff --git a/kdc/digest.c b/kdc/digest.c index 5c90e9e2a..9dfe220f6 100644 --- a/kdc/digest.c +++ b/kdc/digest.c @@ -406,11 +406,12 @@ _kdc_do_digest(krb5_context context, if (ireq.u.init.channel) { char *s; + int aret; - asprintf(&s, "%s-%s:%s", r.u.initReply.nonce, - ireq.u.init.channel->cb_type, - ireq.u.init.channel->cb_binding); - if (s == NULL) { + aret = asprintf(&s, "%s-%s:%s", r.u.initReply.nonce, + ireq.u.init.channel->cb_type, + ireq.u.init.channel->cb_binding); + if (aret == -1 || s == NULL) { ret = ENOMEM; krb5_set_error_message(context, ret, "Failed to allocate channel binding"); @@ -427,6 +428,8 @@ _kdc_do_digest(krb5_context context, } if (strcasecmp(ireq.u.init.type, "CHAP") == 0) { + int aret; + r.u.initReply.identifier = malloc(sizeof(*r.u.initReply.identifier)); if (r.u.initReply.identifier == NULL) { @@ -435,8 +438,8 @@ _kdc_do_digest(krb5_context context, goto out; } - asprintf(r.u.initReply.identifier, "%02X", identifier & 0xff); - if (*r.u.initReply.identifier == NULL) { + aret = asprintf(r.u.initReply.identifier, "%02X", identifier&0xff); + if (aret == -1 || *r.u.initReply.identifier == NULL) { ret = ENOMEM; krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; @@ -997,10 +1000,12 @@ _kdc_do_digest(krb5_context context, } } else { + int aret; + r.element = choice_DigestRepInner_error; - asprintf(&r.u.error.reason, "Unsupported digest type %s", - ireq.u.digestRequest.type); - if (r.u.error.reason == NULL) { + aret = asprintf(&r.u.error.reason, "Unsupported digest type %s", + ireq.u.digestRequest.type); + if (aret == -1 || r.u.error.reason == NULL) { ret = ENOMEM; krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; diff --git a/kdc/hpropd.c b/kdc/hpropd.c index 75b26a15f..7dee4e7b5 100644 --- a/kdc/hpropd.c +++ b/kdc/hpropd.c @@ -145,7 +145,7 @@ main(int argc, char **argv) if(getpeername(sock, sa, &sin_len) < 0) krb5_err(context, 1, errno, "getpeername"); - if (inet_ntop(sa->sa_family, + if (inet_ntop(ss.ss_family, socket_get_address (sa), addr_name, sizeof(addr_name)) == NULL) @@ -207,7 +207,11 @@ main(int argc, char **argv) } if(!print_dump) { - asprintf(&tmp_db, "%s~", database); + int aret; + + aret = asprintf(&tmp_db, "%s~", database); + if (aret == -1) + krb5_errx(context, 1, "hdb_create: out of memory"); ret = hdb_create(context, &db, tmp_db); if(ret) diff --git a/kdc/kdc-replay.c b/kdc/kdc-replay.c index b0510f408..af4e55c35 100644 --- a/kdc/kdc-replay.c +++ b/kdc/kdc-replay.c @@ -37,11 +37,11 @@ static int version_flag; static int help_flag; struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL } }; -const static int num_args = sizeof(args) / sizeof(args[0]); +static const int num_args = sizeof(args) / sizeof(args[0]); static void usage(int ret) diff --git a/kdc/kstash.c b/kdc/kstash.c index 0b75fb8d8..4aad28e3a 100644 --- a/kdc/kstash.c +++ b/kdc/kstash.c @@ -66,6 +66,7 @@ main(int argc, char **argv) { char buf[1024]; krb5_error_code ret; + int aret; krb5_enctype enctype; @@ -84,8 +85,11 @@ main(int argc, char **argv) krb5_errx(context, 1, "random-key and master-key-fd " "is mutual exclusive"); - if (keyfile == NULL) - asprintf(&keyfile, "%s/m-key", hdb_db_dir(context)); + if (keyfile == NULL) { + aret = asprintf(&keyfile, "%s/m-key", hdb_db_dir(context)); + if (aret == -1) + krb5_errx(context, 1, "out of memory"); + } ret = krb5_string_to_enctype(context, enctype_str, &enctype); if(ret) @@ -132,9 +136,21 @@ main(int argc, char **argv) } { - char *new, *old; - asprintf(&old, "%s.old", keyfile); - asprintf(&new, "%s.new", keyfile); + char *new = NULL, *old = NULL; + int aret; + + aret = asprintf(&old, "%s.old", keyfile); + if (aret == -1) { + old = NULL; + ret = ENOMEM; + goto out; + } + aret = asprintf(&new, "%s.new", keyfile); + if (aret == -1) { + new = NULL; + ret = ENOMEM; + goto out; + } if(unlink(new) < 0 && errno != ENOENT) { ret = errno; goto out; diff --git a/kdc/pkinit.c b/kdc/pkinit.c index f56b09c40..619d4c4e9 100644 --- a/kdc/pkinit.c +++ b/kdc/pkinit.c @@ -2035,7 +2035,14 @@ krb5_kdc_pk_initialize(krb5_context context, "pkinit_mappings_file", NULL); if (file == NULL) { - asprintf(&fn, "%s/pki-mapping", hdb_db_dir(context)); + int aret; + + aret = asprintf(&fn, "%s/pki-mapping", hdb_db_dir(context)); + if (aret == -1) { + krb5_warnx(context, "PKINIT: out of memory"); + return ENOMEM; + } + file = fn; } diff --git a/kpasswd/kpasswd-generator.c b/kpasswd/kpasswd-generator.c index 952531d30..1db0bc9af 100644 --- a/kpasswd/kpasswd-generator.c +++ b/kpasswd/kpasswd-generator.c @@ -96,6 +96,7 @@ generate_requests (const char *filename, unsigned nreq) int result_code; krb5_data result_code_string, result_string; char *old_pwd, *new_pwd; + int aret; krb5_get_init_creds_opt_alloc (context, &opt); krb5_get_init_creds_opt_set_tkt_life (opt, 300); @@ -106,8 +107,12 @@ generate_requests (const char *filename, unsigned nreq) if (ret) krb5_err (context, 1, ret, "krb5_parse_name %s", name); - asprintf (&old_pwd, "%s", name); - asprintf (&new_pwd, "%s2", name); + aret = asprintf (&old_pwd, "%s", name); + if (aret == -1) + krb5_errx(context, 1, "out of memory"); + aret = asprintf (&new_pwd, "%s2", name); + if (aret == -1) + krb5_errx(context, 1, "out of memory"); ret = krb5_get_init_creds_password (context, &cred, @@ -163,8 +168,8 @@ static int version_flag = 0; static int help_flag = 0; static struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static void diff --git a/kpasswd/kpasswd.c b/kpasswd/kpasswd.c index e681a359d..491a907f4 100644 --- a/kpasswd/kpasswd.c +++ b/kpasswd/kpasswd.c @@ -64,22 +64,23 @@ change_password(krb5_context context, krb5_error_code ret; char pwbuf[BUFSIZ]; char *msg, *name; + int aret; krb5_data_zero (&result_code_string); krb5_data_zero (&result_string); name = msg = NULL; if (principal == NULL) - asprintf(&msg, "New password: "); + aret = asprintf(&msg, "New password: "); else { ret = krb5_unparse_name(context, principal, &name); if (ret) krb5_err(context, 1, ret, "krb5_unparse_name"); - asprintf(&msg, "New password for %s: ", name); + aret = asprintf(&msg, "New password for %s: ", name); } - if (msg == NULL) + if (aret == -1 || msg == NULL) krb5_errx (context, 1, "out of memory"); ret = UI_UTIL_read_pw_string (pwbuf, sizeof(pwbuf), msg, 1); diff --git a/kpasswd/kpasswdd.c b/kpasswd/kpasswdd.c index 97d39fc5d..8078efd29 100644 --- a/kpasswd/kpasswdd.c +++ b/kpasswd/kpasswdd.c @@ -689,7 +689,7 @@ doit (krb5_keytab keytab, int port) krb5_addr2sockaddr (context, &addrs.val[i], sa, &sa_size, port); - sockets[i] = socket (sa->sa_family, SOCK_DGRAM, 0); + sockets[i] = socket (__ss.ss_family, SOCK_DGRAM, 0); if (sockets[i] < 0) krb5_err (context, 1, errno, "socket"); if (bind (sockets[i], sa, sa_size) < 0) { @@ -798,6 +798,7 @@ main (int argc, char **argv) krb5_error_code ret; char **files; int port, i; + int aret; krb5_program_setup(&context, argc, argv, args, num_args, NULL); @@ -809,8 +810,8 @@ main (int argc, char **argv) } if (config_file == NULL) { - asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); - if (config_file == NULL) + aret = asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); + if (aret == -1) errx(1, "out of memory"); } diff --git a/kuser/generate-requests.c b/kuser/generate-requests.c index 8f50427ad..3a790539b 100644 --- a/kuser/generate-requests.c +++ b/kuser/generate-requests.c @@ -98,8 +98,8 @@ static int version_flag = 0; static int help_flag = 0; static struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static void diff --git a/kuser/kdecode_ticket.c b/kuser/kdecode_ticket.c index 2d30b5f38..edb0cc843 100644 --- a/kuser/kdecode_ticket.c +++ b/kuser/kdecode_ticket.c @@ -79,8 +79,8 @@ print_and_decode_tkt (krb5_context context, struct getargs args[] = { { "enctype", 'e', arg_string, &etype_str, "encryption type to use", "enctype"}, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static void diff --git a/kuser/kinit.c b/kuser/kinit.c index b4c532564..5e01928ec 100644 --- a/kuser/kinit.c +++ b/kuser/kinit.c @@ -332,9 +332,10 @@ store_ntlmkey(krb5_context context, krb5_ccache id, krb5_error_code ret; krb5_data data; char *name; + int aret; - asprintf(&name, "ntlm-key-%s", domain); - if (name == NULL) { + aret = asprintf(&name, "ntlm-key-%s", domain); + if (aret == -1 || name == NULL) { krb5_clear_error_message(context); return ENOMEM; } @@ -549,10 +550,15 @@ get_new_tickets(krb5_context context, if (passwd[0] == '\0') { char *p, *prompt; + int aret = 0; - krb5_unparse_name (context, principal, &p); - asprintf (&prompt, N_("%s's Password: ", ""), p); - free (p); + ret = krb5_unparse_name (context, principal, &p); + if (!ret) { + aret = asprintf (&prompt, N_("%s's Password: ", ""), p); + free (p); + } + if (ret || aret == -1) + errx(1, "failed to generate passwd prompt: not enough memory"); if (UI_UTIL_read_pw_string(passwd, sizeof(passwd)-1, prompt, 0)){ memset(passwd, 0, sizeof(passwd)); diff --git a/kuser/kswitch.c b/kuser/kswitch.c index cdb6ee11c..ba56bf274 100644 --- a/kuser/kswitch.c +++ b/kuser/kswitch.c @@ -146,13 +146,14 @@ kswitch(struct kswitch_options *opt, int argc, char **argv) } else if (opt->cache_string) { const krb5_cc_ops *ops; char *str; + int aret; ops = krb5_cc_get_prefix_ops(kcc_context, opt->type_string); if (ops == NULL) krb5_err(kcc_context, 1, 0, "krb5_cc_get_prefix_ops"); - asprintf(&str, "%s:%s", ops->prefix, opt->cache_string); - if (str == NULL) + aret = asprintf(&str, "%s:%s", ops->prefix, opt->cache_string); + if (aret == -1) krb5_errx(kcc_context, 1, N_("out of memory", "")); ret = krb5_cc_resolve(kcc_context, str, &id); diff --git a/kuser/kverify.c b/kuser/kverify.c index 64bd54a2b..83b3b00c8 100644 --- a/kuser/kverify.c +++ b/kuser/kverify.c @@ -37,8 +37,8 @@ static int help_flag = 0; static int version_flag = 0; static struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static void diff --git a/lib/asn1/asn1_gen.c b/lib/asn1/asn1_gen.c index 01dc68051..58532ee70 100644 --- a/lib/asn1/asn1_gen.c +++ b/lib/asn1/asn1_gen.c @@ -150,8 +150,8 @@ doit(const char *fn) static int version_flag; static int help_flag; struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; int num_args = sizeof(args) / sizeof(args[0]); diff --git a/lib/asn1/asn1_print.c b/lib/asn1/asn1_print.c index 84446e0d8..59b9af3b2 100644 --- a/lib/asn1/asn1_print.c +++ b/lib/asn1/asn1_print.c @@ -315,10 +315,11 @@ doit (const char *filename) static int version_flag; static int help_flag; struct getargs args[] = { - { "indent", 0, arg_negative_flag, &indent_flag }, - { "inner", 0, arg_flag, &inner_flag, "try to parse inner structures of OCTET STRING" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "indent", 0, arg_negative_flag, &indent_flag, NULL, NULL }, + { "inner", 0, arg_flag, &inner_flag, + "try to parse inner structures of OCTET STRING", NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; int num_args = sizeof(args) / sizeof(args[0]); diff --git a/lib/asn1/check-common.c b/lib/asn1/check-common.c index ac96b91b1..e086082ba 100644 --- a/lib/asn1/check-common.c +++ b/lib/asn1/check-common.c @@ -178,15 +178,20 @@ static RETSIGTYPE segv_handler(int sig) { int fd; + ssize_t ret; char msg[] = "SIGSEGV i current test: "; fd = open("/dev/stdout", O_WRONLY, 0600); if (fd >= 0) { - write(fd, msg, sizeof(msg)); - write(fd, current_test, strlen(current_test)); - write(fd, " ", 1); - write(fd, current_state, strlen(current_state)); - write(fd, "\n", 1); + ret = write(fd, msg, sizeof(msg)); + if (ret != -1) + ret = write(fd, current_test, strlen(current_test)); + if (ret != -1) + ret = write(fd, " ", 1); + if (ret != -1) + ret = write(fd, current_state, strlen(current_state)); + if (ret != -1) + ret = write(fd, "\n", 1); close(fd); } _exit(1); diff --git a/lib/asn1/check-der.c b/lib/asn1/check-der.c index fa80a4254..f4da5bc7f 100644 --- a/lib/asn1/check-der.c +++ b/lib/asn1/check-der.c @@ -58,16 +58,16 @@ static int test_integer (void) { struct test_case tests[] = { - {NULL, 1, "\x00"}, - {NULL, 1, "\x7f"}, - {NULL, 2, "\x00\x80"}, - {NULL, 2, "\x01\x00"}, - {NULL, 1, "\x80"}, - {NULL, 2, "\xff\x7f"}, - {NULL, 1, "\xff"}, - {NULL, 2, "\xff\x01"}, - {NULL, 2, "\x00\xff"}, - {NULL, 4, "\x7f\xff\xff\xff"} + {NULL, 1, "\x00", NULL}, + {NULL, 1, "\x7f", NULL}, + {NULL, 2, "\x00\x80", NULL}, + {NULL, 2, "\x01\x00", NULL}, + {NULL, 1, "\x80", NULL}, + {NULL, 2, "\xff\x7f", NULL}, + {NULL, 1, "\xff", NULL}, + {NULL, 2, "\xff\x01", NULL}, + {NULL, 2, "\x00\xff", NULL}, + {NULL, 4, "\x7f\xff\xff\xff", NULL} }; int values[] = {0, 127, 128, 256, -128, -129, -1, -255, 255, @@ -184,14 +184,14 @@ static int test_unsigned (void) { struct test_case tests[] = { - {NULL, 1, "\x00"}, - {NULL, 1, "\x7f"}, - {NULL, 2, "\x00\x80"}, - {NULL, 2, "\x01\x00"}, - {NULL, 2, "\x02\x00"}, - {NULL, 3, "\x00\x80\x00"}, - {NULL, 5, "\x00\x80\x00\x00\x00"}, - {NULL, 4, "\x7f\xff\xff\xff"} + {NULL, 1, "\x00", NULL}, + {NULL, 1, "\x7f", NULL}, + {NULL, 2, "\x00\x80", NULL}, + {NULL, 2, "\x01\x00", NULL}, + {NULL, 2, "\x02\x00", NULL}, + {NULL, 3, "\x00\x80\x00", NULL}, + {NULL, 5, "\x00\x80\x00\x00\x00", NULL}, + {NULL, 4, "\x7f\xff\xff\xff", NULL} }; unsigned int values[] = {0, 127, 128, 256, 512, 32768, @@ -237,7 +237,7 @@ test_octet_string (void) heim_octet_string s1 = {8, "\x01\x23\x45\x67\x89\xab\xcd\xef"}; struct test_case tests[] = { - {NULL, 8, "\x01\x23\x45\x67\x89\xab\xcd\xef"} + {NULL, 8, "\x01\x23\x45\x67\x89\xab\xcd\xef", NULL} }; int ntests = sizeof(tests) / sizeof(*tests); int ret; @@ -278,8 +278,8 @@ test_bmp_string (void) heim_bmp_string s2 = { 2, bmp_d2 }; struct test_case tests[] = { - {NULL, 2, "\x00\x20"}, - {NULL, 4, "\x00\x20\x00\x20"} + {NULL, 2, "\x00\x20", NULL}, + {NULL, 4, "\x00\x20\x00\x20", NULL} }; int ntests = sizeof(tests) / sizeof(*tests); int ret; @@ -326,8 +326,8 @@ test_universal_string (void) heim_universal_string s2 = { 2, universal_d2 }; struct test_case tests[] = { - {NULL, 4, "\x00\x00\x00\x20"}, - {NULL, 8, "\x00\x00\x00\x20\x00\x00\x00\x20"} + {NULL, 4, "\x00\x00\x00\x20", NULL}, + {NULL, 8, "\x00\x00\x00\x20\x00\x00\x00\x20", NULL} }; int ntests = sizeof(tests) / sizeof(*tests); int ret; @@ -370,7 +370,7 @@ test_general_string (void) char *s1 = "Test User 1"; struct test_case tests[] = { - {NULL, 11, "\x54\x65\x73\x74\x20\x55\x73\x65\x72\x20\x31"} + {NULL, 11, "\x54\x65\x73\x74\x20\x55\x73\x65\x72\x20\x31", NULL} }; int ret, ntests = sizeof(tests) / sizeof(*tests); @@ -404,8 +404,8 @@ static int test_generalized_time (void) { struct test_case tests[] = { - {NULL, 15, "19700101000000Z"}, - {NULL, 15, "19851106210627Z"} + {NULL, 15, "19700101000000Z", NULL}, + {NULL, 15, "19851106210627Z", NULL} }; time_t values[] = {0, 500159187}; int i, ret; @@ -446,10 +446,10 @@ static int test_oid (void) { struct test_case tests[] = { - {NULL, 2, "\x29\x01"}, - {NULL, 1, "\x29"}, - {NULL, 2, "\xff\x01"}, - {NULL, 1, "\xff"} + {NULL, 2, "\x29\x01", NULL}, + {NULL, 1, "\x29", NULL}, + {NULL, 2, "\xff\x01", NULL}, + {NULL, 1, "\xff", NULL} }; heim_oid values[] = { { 3, oid_comp1 }, @@ -490,7 +490,7 @@ static int test_bit_string (void) { struct test_case tests[] = { - {NULL, 1, "\x00"} + {NULL, 1, "\x00", NULL} }; heim_bit_string values[] = { { 0, "" } @@ -528,13 +528,13 @@ static int test_heim_integer (void) { struct test_case tests[] = { - {NULL, 2, "\xfe\x01"}, - {NULL, 2, "\xef\x01"}, - {NULL, 3, "\xff\x00\xff"}, - {NULL, 3, "\xff\x01\x00"}, - {NULL, 1, "\x00"}, - {NULL, 1, "\x01"}, - {NULL, 2, "\x00\x80"} + {NULL, 2, "\xfe\x01", NULL}, + {NULL, 2, "\xef\x01", NULL}, + {NULL, 3, "\xff\x00\xff", NULL}, + {NULL, 3, "\xff\x01\x00", NULL}, + {NULL, 1, "\x00", NULL}, + {NULL, 1, "\x01", NULL}, + {NULL, 2, "\x00\x80", NULL} }; heim_integer values[] = { @@ -592,8 +592,8 @@ static int test_boolean (void) { struct test_case tests[] = { - {NULL, 1, "\xff"}, - {NULL, 1, "\x00"} + {NULL, 1, "\xff", NULL}, + {NULL, 1, "\x00", NULL} }; int values[] = { 1, 0 }; diff --git a/lib/asn1/check-gen.c b/lib/asn1/check-gen.c index 85274a696..614190548 100644 --- a/lib/asn1/check-gen.c +++ b/lib/asn1/check-gen.c @@ -98,18 +98,21 @@ test_principal (void) struct test_case tests[] = { { NULL, 29, "\x30\x1b\xa0\x10\x30\x0e\xa0\x03\x02\x01\x01\xa1\x07\x30\x05\x1b" - "\x03\x6c\x68\x61\xa1\x07\x1b\x05\x53\x55\x2e\x53\x45" + "\x03\x6c\x68\x61\xa1\x07\x1b\x05\x53\x55\x2e\x53\x45", + NULL }, { NULL, 35, "\x30\x21\xa0\x16\x30\x14\xa0\x03\x02\x01\x01\xa1\x0d\x30\x0b\x1b" "\x03\x6c\x68\x61\x1b\x04\x72\x6f\x6f\x74\xa1\x07\x1b\x05\x53\x55" - "\x2e\x53\x45" + "\x2e\x53\x45", + NULL }, { NULL, 54, "\x30\x34\xa0\x26\x30\x24\xa0\x03\x02\x01\x03\xa1\x1d\x30\x1b\x1b" "\x04\x68\x6f\x73\x74\x1b\x13\x6e\x75\x74\x63\x72\x61\x63\x6b\x65" "\x72\x2e\x65\x2e\x6b\x74\x68\x2e\x73\x65\xa1\x0a\x1b\x08\x45\x2e" - "\x4b\x54\x48\x2e\x53\x45" + "\x4b\x54\x48\x2e\x53\x45", + NULL } }; @@ -171,7 +174,8 @@ test_authenticator (void) "\x45\x2e\x4b\x54\x48\x2e\x53\x45\xa2\x10\x30\x0e\xa0" "\x03\x02\x01\x01\xa1\x07\x30\x05\x1b\x03\x6c\x68\x61" "\xa4\x03\x02\x01\x0a\xa5\x11\x18\x0f\x31\x39\x37\x30" - "\x30\x31\x30\x31\x30\x30\x30\x31\x33\x39\x5a" + "\x30\x31\x30\x31\x30\x30\x30\x31\x33\x39\x5a", + NULL }, { NULL, 67, "\x62\x41\x30\x3f\xa0\x03\x02\x01\x05\xa1\x07\x1b\x05" @@ -179,7 +183,8 @@ test_authenticator (void) "\x01\xa1\x0d\x30\x0b\x1b\x03\x6c\x68\x61\x1b\x04\x72" "\x6f\x6f\x74\xa4\x04\x02\x02\x01\x24\xa5\x11\x18\x0f" "\x31\x39\x37\x30\x30\x31\x30\x31\x30\x30\x31\x36\x33" - "\x39\x5a" + "\x39\x5a", + NULL } }; @@ -532,7 +537,7 @@ test_time (void) "time 1" }, { NULL, 17, "\x18\x0f\x32\x30\x30\x39\x30\x35\x32\x34\x30\x32\x30\x32\x34\x30" - "\x5a" + "\x5a", "time 2" } }; @@ -1185,7 +1190,7 @@ check_fail_largetag(void) {NULL, 0, "", "empty buffer"}, {NULL, 7, "\x30\x05\xa1\x03\x02\x02\x01", "one too short" }, - {NULL, 7, "\x30\x04\xa1\x03\x02\x02\x01" + {NULL, 7, "\x30\x04\xa1\x03\x02\x02\x01", "two too short" }, {NULL, 7, "\x30\x03\xa1\x03\x02\x02\x01", "three too short" }, @@ -1220,7 +1225,7 @@ check_fail_sequence(void) {NULL, 0, "", "empty buffer"}, {NULL, 24, "\x30\x16\xa0\x03\x02\x01\x01\xa1\x08\x30\x06\xbf\x7f\x03\x02\x01\x01" - "\x02\x01\x01\xa2\x03\x02\x01\x01" + "\x02\x01\x01\xa2\x03\x02\x01\x01", "missing one byte from the end, internal length ok"}, {NULL, 25, "\x30\x18\xa0\x03\x02\x01\x01\xa1\x08\x30\x06\xbf\x7f\x03\x02\x01\x01" diff --git a/lib/asn1/gen_decode.c b/lib/asn1/gen_decode.c index db7696883..336b18b40 100644 --- a/lib/asn1/gen_decode.c +++ b/lib/asn1/gen_decode.c @@ -193,7 +193,7 @@ range_check(const char *name, "e = ASN1_MAX_CONSTRAINT; %s;\n" "}\n", name, length, (long long)r->max, forwstr); - if (r->min - 1 == r->max || r->min < r->max) + if ((r->min - 1 == r->max || r->min < r->max) && r->min > 0) fprintf (codefile, "if ((%s)->%s < %lld) {\n" "e = ASN1_MIN_CONSTRAINT; %s;\n" diff --git a/lib/asn1/gen_encode.c b/lib/asn1/gen_encode.c index b8afceaee..f043f6097 100644 --- a/lib/asn1/gen_encode.c +++ b/lib/asn1/gen_encode.c @@ -50,7 +50,7 @@ classname(Der_class class) { const char *cn[] = { "ASN1_C_UNIV", "ASN1_C_APPL", "ASN1_C_CONTEXT", "ASN1_C_PRIV" }; - if(class < ASN1_C_UNIV || class > ASN1_C_PRIVATE) + if(class > ASN1_C_PRIVATE) return "???"; return cn[class]; } diff --git a/lib/asn1/main.c b/lib/asn1/main.c index f22dc8792..2c20013c1 100644 --- a/lib/asn1/main.c +++ b/lib/asn1/main.c @@ -70,16 +70,16 @@ char *option_file; int version_flag; int help_flag; struct getargs args[] = { - { "template", 0, arg_flag, &template_flag }, - { "encode-rfc1510-bit-string", 0, arg_flag, &rfc1510_bitstring }, - { "decode-dce-ber", 0, arg_flag, &support_ber }, - { "support-ber", 0, arg_flag, &support_ber }, - { "preserve-binary", 0, arg_strings, &preserve }, - { "sequence", 0, arg_strings, &seq }, - { "one-code-file", 0, arg_flag, &one_code_file }, - { "option-file", 0, arg_string, &option_file }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "template", 0, arg_flag, &template_flag, NULL, NULL }, + { "encode-rfc1510-bit-string", 0, arg_flag, &rfc1510_bitstring, NULL, NULL}, + { "decode-dce-ber", 0, arg_flag, &support_ber, NULL, NULL }, + { "support-ber", 0, arg_flag, &support_ber, NULL, NULL }, + { "preserve-binary", 0, arg_strings, &preserve, NULL, NULL }, + { "sequence", 0, arg_strings, &seq, NULL, NULL }, + { "one-code-file", 0, arg_flag, &one_code_file, NULL, NULL }, + { "option-file", 0, arg_string, &option_file, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; int num_args = sizeof(args) / sizeof(args[0]); diff --git a/lib/com_err/compile_et.c b/lib/com_err/compile_et.c index c72abdecc..c0700583e 100644 --- a/lib/com_err/compile_et.c +++ b/lib/com_err/compile_et.c @@ -186,8 +186,8 @@ generate(void) int version_flag; int help_flag; struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; int num_args = sizeof(args) / sizeof(args[0]); diff --git a/lib/gssapi/krb5/external.c b/lib/gssapi/krb5/external.c index f31244678..deae016bc 100644 --- a/lib/gssapi/krb5/external.c +++ b/lib/gssapi/krb5/external.c @@ -202,67 +202,131 @@ static gss_mo_desc krb5_mo[] = { }, { GSS_C_MA_MECH_CONCRETE, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_ITOK_FRAMED, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_AUTH_INIT, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_AUTH_TARG, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_AUTH_INIT_ANON, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_DELEG_CRED, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_INTEG_PROT, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_CONF_PROT, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_MIC, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_WRAP, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_PROT_READY, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_REPLAY_DET, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_OOS_DET, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_CBINDINGS, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_PFS, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_CTX_TRANS, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL } }; diff --git a/lib/gssapi/mech/gss_oid.c b/lib/gssapi/mech/gss_oid.c index 916d1e4dd..de70cca6a 100644 --- a/lib/gssapi/mech/gss_oid.c +++ b/lib/gssapi/mech/gss_oid.c @@ -254,13 +254,13 @@ struct _gss_oid_name_table _gss_ont_ma[] = { { GSS_C_MA_AUTH_INIT_INIT, "GSS_C_MA_AUTH_INIT_INIT", "auth-init-princ-initial", "" }, { GSS_C_MA_MECH_CONCRETE, "GSS_C_MA_MECH_CONCRETE", "concrete-mech", "Indicates that a mech is neither a pseudo-mechanism nor a composite mechanism" }, { GSS_C_MA_SASL_MECH_NAME, "GSS_C_MA_SASL_MECH_NAME", "SASL mechanism name", "The name of the SASL mechanism" }, - { NULL } + { NULL, NULL, NULL, NULL } }; struct _gss_oid_name_table _gss_ont_mech[] = { { GSS_KRB5_MECHANISM, "GSS_KRB5_MECHANISM", "Kerberos 5", "Heimdal Kerberos 5 mechanism" }, { GSS_SPNEGO_MECHANISM, "GSS_SPNEGO_MECHANISM", "SPNEGO", "Heimdal SPNEGO mechanism" }, { GSS_NTLM_MECHANISM, "GSS_NTLM_MECHANISM", "NTLM", "Heimdal NTLM mechanism" }, - { NULL } + { NULL, NULL, NULL, NULL } }; diff --git a/lib/gssapi/ntlm/external.c b/lib/gssapi/ntlm/external.c index d0474f4ec..aea76cb78 100644 --- a/lib/gssapi/ntlm/external.c +++ b/lib/gssapi/ntlm/external.c @@ -120,6 +120,9 @@ static gssapi_mech_interface_desc ntlm_mech = { NULL, NULL, NULL, + NULL, + NULL, + NULL, }; gssapi_mech_interface diff --git a/lib/gssapi/ntlm/init_sec_context.c b/lib/gssapi/ntlm/init_sec_context.c index bae04e174..384e9815a 100644 --- a/lib/gssapi/ntlm/init_sec_context.c +++ b/lib/gssapi/ntlm/init_sec_context.c @@ -103,6 +103,7 @@ get_user_ccache(const ntlm_name name, char **username, struct ntlm_buf *key) krb5_error_code ret; char *confname; krb5_data data; + int aret; *username = NULL; krb5_data_zero(&data); @@ -128,8 +129,8 @@ get_user_ccache(const ntlm_name name, char **username, struct ntlm_buf *key) if (ret) goto out; - asprintf(&confname, "ntlm-key-%s", name->domain); - if (confname == NULL) { + aret = asprintf(&confname, "ntlm-key-%s", name->domain); + if (aret == -1) { krb5_clear_error_message(context); ret = ENOMEM; goto out; diff --git a/lib/gssapi/spnego/external.c b/lib/gssapi/spnego/external.c index ca06d46e8..937ab1d11 100644 --- a/lib/gssapi/spnego/external.c +++ b/lib/gssapi/spnego/external.c @@ -66,11 +66,19 @@ static gss_mo_desc spnego_mo[] = { }, { GSS_C_MA_MECH_NEGO, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL }, { GSS_C_MA_MECH_PSEUDO, - GSS_MO_MA + GSS_MO_MA, + NULL, + NULL, + NULL, + NULL } }; @@ -134,6 +142,9 @@ static gssapi_mech_interface_desc spnego_mech = { NULL, NULL, NULL, + NULL, + NULL, + NULL, }; gssapi_mech_interface diff --git a/lib/hdb/db3.c b/lib/hdb/db3.c index e4d326b4a..6155bc8ef 100644 --- a/lib/hdb/db3.c +++ b/lib/hdb/db3.c @@ -176,16 +176,24 @@ DB_rename(krb5_context context, HDB *db, const char *new_name) int ret; char *old, *new; - asprintf(&old, "%s.db", db->hdb_name); - asprintf(&new, "%s.db", new_name); + ret = asprintf(&old, "%s.db", db->hdb_name); + if (ret == -1) + return ENOMEM; + ret = asprintf(&new, "%s.db", new_name); + if (ret == -1) { + free(old); + return ENOMEM; + } ret = rename(old, new); free(old); - free(new); - if(ret) + if(ret) { + free(new); return errno; + } free(db->hdb_name); - db->hdb_name = strdup(new_name); + new[strlen(new) - 3] = '\0'; + db->hdb_name = new; return 0; } @@ -271,6 +279,7 @@ DB_open(krb5_context context, HDB *db, int flags, mode_t mode) krb5_error_code ret; DB *d; int myflags = 0; + int aret; if (flags & O_CREAT) myflags |= DB_CREATE; @@ -284,8 +293,8 @@ DB_open(krb5_context context, HDB *db, int flags, mode_t mode) if (flags & O_TRUNC) myflags |= DB_TRUNCATE; - asprintf(&fn, "%s.db", db->hdb_name); - if (fn == NULL) { + aret = asprintf(&fn, "%s.db", db->hdb_name); + if (aret == -1) { krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } diff --git a/lib/hdb/dbinfo.c b/lib/hdb/dbinfo.c index 52e394106..a85e3fc50 100644 --- a/lib/hdb/dbinfo.c +++ b/lib/hdb/dbinfo.c @@ -153,12 +153,14 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp) p = strrchr(di->dbname, '.'); if(p == NULL || strchr(p, '/') != NULL) /* final pathname component does not contain a . */ - asprintf(&di->mkey_file, "%s.mkey", di->dbname); + ret = asprintf(&di->mkey_file, "%s.mkey", di->dbname); else /* the filename is something.else, replace .else with .mkey */ - asprintf(&di->mkey_file, "%.*s.mkey", - (int)(p - di->dbname), di->dbname); + ret = asprintf(&di->mkey_file, "%.*s.mkey", + (int)(p - di->dbname), di->dbname); + if (ret == -1) + return ENOMEM; } if(di->acl_file == NULL) di->acl_file = strdup(default_acl); diff --git a/lib/hdb/keytab.c b/lib/hdb/keytab.c index c72b797da..84a8ea9c0 100644 --- a/lib/hdb/keytab.c +++ b/lib/hdb/keytab.c @@ -420,5 +420,7 @@ krb5_kt_ops hdb_kt_ops = { hdb_next_entry, hdb_end_seq_get, NULL, /* add */ - NULL /* remove */ + NULL, /* remove */ + NULL, + 0 }; diff --git a/lib/hdb/test_dbinfo.c b/lib/hdb/test_dbinfo.c index efe50afb6..b94b75bb3 100644 --- a/lib/hdb/test_dbinfo.c +++ b/lib/hdb/test_dbinfo.c @@ -38,8 +38,8 @@ static int help_flag; static int version_flag; struct getargs args[] = { - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); diff --git a/lib/hdb/test_hdbkeys.c b/lib/hdb/test_hdbkeys.c index 873c00f3a..ce4e59fa1 100644 --- a/lib/hdb/test_hdbkeys.c +++ b/lib/hdb/test_hdbkeys.c @@ -40,9 +40,9 @@ static int version_flag; static int kvno_integer = 1; struct getargs args[] = { - { "kvno", 'd', arg_integer, &kvno_integer }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } + { "kvno", 'd', arg_integer, &kvno_integer, NULL, NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); diff --git a/lib/hdb/test_mkey.c b/lib/hdb/test_mkey.c index 11032d078..97399c6b5 100644 --- a/lib/hdb/test_mkey.c +++ b/lib/hdb/test_mkey.c @@ -8,9 +8,9 @@ static int help_flag; static int version_flag; struct getargs args[] = { - { "mkey-file", 0, arg_string, &mkey_file }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } + { "mkey-file", 0, arg_string, &mkey_file, NULL, NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); diff --git a/lib/hx509/ca.c b/lib/hx509/ca.c index cb5a7be62..e2a95fe7e 100644 --- a/lib/hx509/ca.c +++ b/lib/hx509/ca.c @@ -965,8 +965,8 @@ build_proxy_prefix(hx509_context context, const Name *issuer, Name *subject) } t = time(NULL); - asprintf(&tstr, "ts-%lu", (unsigned long)t); - if (tstr == NULL) { + ret = asprintf(&tstr, "ts-%lu", (unsigned long)t); + if (ret == -1 || tstr == NULL) { hx509_set_error_string(context, 0, ENOMEM, "Failed to copy subject name"); return ENOMEM; diff --git a/lib/hx509/cert.c b/lib/hx509/cert.c index 70e575603..75b7b3810 100644 --- a/lib/hx509/cert.c +++ b/lib/hx509/cert.c @@ -3425,7 +3425,9 @@ _hx509_cert_to_env(hx509_context context, hx509_cert cert, hx509_env *env) *env = NULL; /* version */ - asprintf(&buf, "%d", _hx509_cert_get_version(_hx509_get_cert(cert))); + ret = asprintf(&buf, "%d", _hx509_cert_get_version(_hx509_get_cert(cert))); + if (ret == -1) + goto out; ret = hx509_env_add(context, &envcert, "version", buf); free(buf); if (ret) diff --git a/lib/hx509/cms.c b/lib/hx509/cms.c index 4e0a2e03f..49a948570 100644 --- a/lib/hx509/cms.c +++ b/lib/hx509/cms.c @@ -209,7 +209,7 @@ unparse_CMSIdentifier(hx509_context context, CMSIdentifier *id, char **str) { - int ret; + int ret = -1; *str = NULL; switch (id->element) { @@ -227,8 +227,8 @@ unparse_CMSIdentifier(hx509_context context, free(name); return ret; } - asprintf(str, "certificate issued by %s with serial number %s", - name, serial); + ret = asprintf(str, "certificate issued by %s with serial number %s", + name, serial); free(name); free(serial); break; @@ -242,15 +242,19 @@ unparse_CMSIdentifier(hx509_context context, if (len < 0) return ENOMEM; - asprintf(str, "certificate with id %s", keyid); + ret = asprintf(str, "certificate with id %s", keyid); free(keyid); break; } default: - asprintf(str, "certificate have unknown CMSidentifier type"); + ret = asprintf(str, "certificate have unknown CMSidentifier type"); break; } - if (*str == NULL) + /* + * In the following if, we check ret and *str which should be returned/set + * by asprintf(3) in every branch of the switch statement. + */ + if (ret == -1 || *str == NULL) return ENOMEM; return 0; } diff --git a/lib/hx509/error.c b/lib/hx509/error.c index 32c92cf1b..be09414bf 100644 --- a/lib/hx509/error.c +++ b/lib/hx509/error.c @@ -194,13 +194,14 @@ hx509_err(hx509_context context, int exit_code, va_list ap; const char *msg; char *str; + int ret; va_start(ap, fmt); - vasprintf(&str, fmt, ap); + ret = vasprintf(&str, fmt, ap); va_end(ap); msg = hx509_get_error_string(context, error_code); if (msg == NULL) msg = "no error"; - errx(exit_code, "%s: %s", str, msg); + errx(exit_code, "%s: %s", ret != -1 ? str : "ENOMEM", msg); } diff --git a/lib/hx509/hxtool.c b/lib/hx509/hxtool.c index 4bd467f42..204110b03 100644 --- a/lib/hx509/hxtool.c +++ b/lib/hx509/hxtool.c @@ -372,9 +372,9 @@ cms_create_sd(struct cms_create_sd_options *opt, int argc, char **argv) infile = argv[0]; if (argc < 2) { - asprintf(&outfile, "%s.%s", infile, - opt->pem_flag ? "pem" : "cms-signeddata"); - if (outfile == NULL) + ret = asprintf(&outfile, "%s.%s", infile, + opt->pem_flag ? "pem" : "cms-signeddata"); + if (ret == -1 || outfile == NULL) errx(1, "out of memory"); } else outfile = argv[1]; diff --git a/lib/hx509/keyset.c b/lib/hx509/keyset.c index c0275d949..fcfc0b3b7 100644 --- a/lib/hx509/keyset.c +++ b/lib/hx509/keyset.c @@ -752,11 +752,12 @@ _hx509_pi_printf(int (*func)(void *, const char *), void *ctx, { va_list ap; char *str; + int ret; va_start(ap, fmt); - vasprintf(&str, fmt, ap); + ret = vasprintf(&str, fmt, ap); va_end(ap); - if (str == NULL) + if (ret == -1 || str == NULL) return; (*func)(ctx, str); free(str); diff --git a/lib/hx509/ks_dir.c b/lib/hx509/ks_dir.c index 264b1bf55..1740dfe42 100644 --- a/lib/hx509/ks_dir.c +++ b/lib/hx509/ks_dir.c @@ -211,7 +211,10 @@ static struct hx509_keyset_ops keyset_dir = { NULL, dir_iter_start, dir_iter, - dir_iter_end + dir_iter_end, + NULL, + NULL, + NULL }; void diff --git a/lib/hx509/ks_null.c b/lib/hx509/ks_null.c index 136d2d434..5ac0beb7b 100644 --- a/lib/hx509/ks_null.c +++ b/lib/hx509/ks_null.c @@ -87,7 +87,10 @@ struct hx509_keyset_ops keyset_null = { NULL, null_iter_start, null_iter, - null_iter_end + null_iter_end, + NULL, + NULL, + NULL }; void diff --git a/lib/hx509/ks_p11.c b/lib/hx509/ks_p11.c index 120bf43ef..bb70f8dfe 100644 --- a/lib/hx509/ks_p11.c +++ b/lib/hx509/ks_p11.c @@ -226,6 +226,7 @@ static const RSA_METHOD p11_rsa_pkcs1_method = { 0, NULL, NULL, + NULL, NULL }; @@ -330,8 +331,10 @@ p11_init_slot(hx509_context context, break; } - asprintf(&slot->name, "%.*s", - (int)i, slot_info.slotDescription); + ret = asprintf(&slot->name, "%.*s", (int)i, + slot_info.slotDescription); + if (ret == -1) + return ENOMEM; if ((slot_info.flags & CKF_TOKEN_PRESENT) == 0) return 0; @@ -422,7 +425,12 @@ p11_get_session(hx509_context context, memset(&prompt, 0, sizeof(prompt)); - asprintf(&str, "PIN code for %s: ", slot->name); + ret = asprintf(&str, "PIN code for %s: ", slot->name); + if (ret == -1 || str == NULL) { + if (context) + hx509_set_error_string(context, 0, ENOMEM, "out of memory"); + return ENOMEM; + } prompt.prompt = str; prompt.type = HX509_PROMPT_TYPE_PASSWORD; prompt.reply.data = pin; @@ -717,9 +725,9 @@ collect_cert(hx509_context context, if ((CK_LONG)query[2].ulValueLen != -1) { char *str; - asprintf(&str, "%.*s", - (int)query[2].ulValueLen, (char *)query[2].pValue); - if (str) { + ret = asprintf(&str, "%.*s", + (int)query[2].ulValueLen, (char *)query[2].pValue); + if (ret != -1 && str) { hx509_cert_set_friendly_name(cert, str); free(str); } @@ -1176,7 +1184,9 @@ static struct hx509_keyset_ops keyset_pkcs11 = { p11_iter_start, p11_iter, p11_iter_end, - p11_printinfo + p11_printinfo, + NULL, + NULL }; #endif /* HAVE_DLOPEN */ diff --git a/lib/hx509/ks_p12.c b/lib/hx509/ks_p12.c index 0ca13de1e..098cb5ebe 100644 --- a/lib/hx509/ks_p12.c +++ b/lib/hx509/ks_p12.c @@ -697,7 +697,10 @@ static struct hx509_keyset_ops keyset_pkcs12 = { NULL, p12_iter_start, p12_iter, - p12_iter_end + p12_iter_end, + NULL, + NULL, + NULL }; void diff --git a/lib/hx509/lock.c b/lib/hx509/lock.c index b72d45962..52f72dba1 100644 --- a/lib/hx509/lock.c +++ b/lib/hx509/lock.c @@ -47,7 +47,10 @@ struct hx509_lock_data { }; static struct hx509_lock_data empty_lock_data = { - { 0, NULL } + { 0, NULL }, + NULL, + NULL, + NULL }; hx509_lock _hx509_empty_lock = &empty_lock_data; diff --git a/lib/hx509/softp11.c b/lib/hx509/softp11.c index 38f587e0f..2fb81a024 100644 --- a/lib/hx509/softp11.c +++ b/lib/hx509/softp11.c @@ -615,7 +615,11 @@ add_certificate(const char *cert_file, if (pin) { char *str; - asprintf(&str, "PASS:%s", pin); + ret = asprintf(&str, "PASS:%s", pin); + if (ret == -1 || !str) { + st_logf("failed to allocate memory\n"); + return CKR_GENERAL_ERROR; + } hx509_lock_init(context, &lock); hx509_lock_command_string(lock, str); @@ -815,6 +819,7 @@ get_config_file_for_user(void) #ifndef _WIN32 char *home = NULL; + int ret; if (!issuid()) { fn = getenv("SOFTPKCS11RC"); @@ -828,9 +833,11 @@ get_config_file_for_user(void) home = pw->pw_dir; } if (fn == NULL) { - if (home) - asprintf(&fn, "%s/.soft-token.rc", home); - else + if (home) { + ret = asprintf(&fn, "%s/.soft-token.rc", home); + if (ret == -1) + fn = NULL; + } else fn = strdup("/etc/soft-token.rc"); } #else /* Windows */ @@ -1205,8 +1212,13 @@ C_Login(CK_SESSION_HANDLE hSession, VERIFY_SESSION_HANDLE(hSession, NULL); if (pPin != NULL_PTR) { - asprintf(&pin, "%.*s", (int)ulPinLen, pPin); - st_logf("type: %d password: %s\n", (int)userType, pin); + int aret; + + aret = asprintf(&pin, "%.*s", (int)ulPinLen, pPin); + if (aret != -1 && pin) + st_logf("type: %d password: %s\n", (int)userType, pin); + else + st_logf("memory error: asprintf failed\n"); } /* diff --git a/lib/ipc/client.c b/lib/ipc/client.c index bb7d9750b..a51e91c99 100644 --- a/lib/ipc/client.c +++ b/lib/ipc/client.c @@ -352,10 +352,12 @@ common_path_init(const char *service, return ENOMEM; s->fd = -1; - asprintf(&s->path, "/var/run/.heim_%s-%s", service, file); + if (asprintf(&s->path, "/var/run/.heim_%s-%s", service, file) == -1) { + free(s); + return ENOMEM; + } *ctx = s; - return 0; } diff --git a/lib/ipc/tc.c b/lib/ipc/tc.c index 8b56d21aa..b8f8e278d 100644 --- a/lib/ipc/tc.c +++ b/lib/ipc/tc.c @@ -46,8 +46,8 @@ static int help_flag; static int version_flag; static struct getargs args[] = { - { "help", 'h', arg_flag, &help_flag }, - { "version", 'v', arg_flag, &version_flag } + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 'v', arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); diff --git a/lib/ipc/ts-http.c b/lib/ipc/ts-http.c index b493079d9..fbeb31956 100644 --- a/lib/ipc/ts-http.c +++ b/lib/ipc/ts-http.c @@ -44,8 +44,8 @@ static int help_flag; static int version_flag; static struct getargs args[] = { - { "help", 'h', arg_flag, &help_flag }, - { "version", 'v', arg_flag, &version_flag } + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 'v', arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); diff --git a/lib/ipc/ts.c b/lib/ipc/ts.c index 680d77bc9..e0f846eee 100644 --- a/lib/ipc/ts.c +++ b/lib/ipc/ts.c @@ -44,8 +44,8 @@ static int help_flag; static int version_flag; static struct getargs args[] = { - { "help", 'h', arg_flag, &help_flag }, - { "version", 'v', arg_flag, &version_flag } + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 'v', arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); diff --git a/lib/kadm5/ad.c b/lib/kadm5/ad.c index 6fd42d66e..731a37e03 100644 --- a/lib/kadm5/ad.c +++ b/lib/kadm5/ad.c @@ -484,13 +484,14 @@ ad_get_cred(kadm5_ad_context *context, const char *password) kadm5_ret_t ret; krb5_ccache cc; char *service; + int aret; if (context->ccache) return 0; - asprintf(&service, "%s/%s@%s", KRB5_TGS_NAME, - context->realm, context->realm); - if (service == NULL) + aret = asprintf(&service, "%s/%s@%s", KRB5_TGS_NAME, + context->realm, context->realm); + if (aret == -1 || service == NULL) return ENOMEM; ret = _kadm5_c_get_cred_cache(context->context, diff --git a/lib/kadm5/context_s.c b/lib/kadm5/context_s.c index d5b9d4f25..fe716a240 100644 --- a/lib/kadm5/context_s.c +++ b/lib/kadm5/context_s.c @@ -130,6 +130,7 @@ find_db_spec(kadm5_server_context *ctx) krb5_context context = ctx->context; struct hdb_dbinfo *info, *d; krb5_error_code ret; + int aret; if (ctx->config.realm) { /* fetch the databases */ @@ -169,12 +170,24 @@ find_db_spec(kadm5_server_context *ctx) if (ctx->config.dbname == NULL) ctx->config.dbname = strdup(hdb_default_db(context)); - if (ctx->config.acl_file == NULL) - asprintf(&ctx->config.acl_file, "%s/kadmind.acl", hdb_db_dir(context)); - if (ctx->config.stash_file == NULL) - asprintf(&ctx->config.stash_file, "%s/m-key", hdb_db_dir(context)); - if (ctx->log_context.log_file == NULL) - asprintf(&ctx->log_context.log_file, "%s/log", hdb_db_dir(context)); + if (ctx->config.acl_file == NULL) { + aret = asprintf(&ctx->config.acl_file, "%s/kadmind.acl", + hdb_db_dir(context)); + if (aret == -1) + return ENOMEM; + } + if (ctx->config.stash_file == NULL) { + aret = asprintf(&ctx->config.stash_file, "%s/m-key", + hdb_db_dir(context)); + if (aret == -1) + return ENOMEM; + } + if (ctx->log_context.log_file == NULL) { + aret = asprintf(&ctx->log_context.log_file, "%s/log", + hdb_db_dir(context)); + if (aret == -1) + return ENOMEM; + } #ifndef NO_UNIX_SOCKETS set_socket_name(context, &ctx->log_context.socket_name); diff --git a/lib/kadm5/get_princs_s.c b/lib/kadm5/get_princs_s.c index a351e4390..26c3d6729 100644 --- a/lib/kadm5/get_princs_s.c +++ b/lib/kadm5/get_princs_s.c @@ -96,9 +96,14 @@ kadm5_s_get_principals(void *server_handle, d.exp = expression; { krb5_realm r; + int aret; + krb5_get_default_realm(context->context, &r); - asprintf(&d.exp2, "%s@%s", expression, r); + aret = asprintf(&d.exp2, "%s@%s", expression, r); free(r); + if (aret == -1 || d.exp2 == NULL) { + return ENOMEM; + } } d.princs = NULL; d.count = 0; diff --git a/lib/kadm5/init_c.c b/lib/kadm5/init_c.c index f21cd32e6..f6fd6d3dc 100644 --- a/lib/kadm5/init_c.c +++ b/lib/kadm5/init_c.c @@ -479,11 +479,12 @@ kadm_connect(kadm5_client_context *ctx) } if (ctx->realm) - asprintf(&service_name, "%s@%s", KADM5_ADMIN_SERVICE, ctx->realm); + error = asprintf(&service_name, "%s@%s", KADM5_ADMIN_SERVICE, + ctx->realm); else - asprintf(&service_name, "%s", KADM5_ADMIN_SERVICE); + error = asprintf(&service_name, "%s", KADM5_ADMIN_SERVICE); - if (service_name == NULL) { + if (error == -1 || service_name == NULL) { freeaddrinfo (ai); rk_closesocket(s); krb5_clear_error_message(context); diff --git a/lib/kadm5/iprop-log.c b/lib/kadm5/iprop-log.c index b201de66d..598fbc52a 100644 --- a/lib/kadm5/iprop-log.c +++ b/lib/kadm5/iprop-log.c @@ -47,11 +47,12 @@ get_kadmin_context(const char *config_file, char *realm) krb5_error_code ret; void *kadm_handle; char **files; + int aret; if (config_file == NULL) { char *file; - asprintf(&file, "%s/kdc.conf", hdb_db_dir(context)); - if (file == NULL) + aret = asprintf(&file, "%s/kdc.conf", hdb_db_dir(context)); + if (aret == -1 || file == NULL) errx(1, "out of memory"); config_file = file; } diff --git a/lib/kadm5/ipropd_master.c b/lib/kadm5/ipropd_master.c index e92526e26..a60c21ed8 100644 --- a/lib/kadm5/ipropd_master.c +++ b/lib/kadm5/ipropd_master.c @@ -623,24 +623,25 @@ open_stats(krb5_context context) { char *statfile = NULL; const char *fn; - FILE *f; + int ret; if (slave_stats_file) fn = slave_stats_file; else { - asprintf(&statfile, "%s/slaves-stats", hdb_db_dir(context)); + ret = asprintf(&statfile, "%s/slaves-stats", hdb_db_dir(context)); + if (ret == -1) + return NULL; fn = krb5_config_get_string_default(context, NULL, statfile, "kdc", "iprop-stats", NULL); - } - f = fopen(fn, "w"); - if (statfile) free(statfile); - - return f; + } + if (fn == NULL) + return NULL; + return fopen(fn, "w"); } static void @@ -776,6 +777,7 @@ main(int argc, char **argv) uint32_t current_version = 0, old_version = 0; krb5_keytab keytab; char **files; + int aret; (void) krb5_program_setup(&context, argc, argv, args, num_args, NULL); @@ -789,8 +791,8 @@ main(int argc, char **argv) setup_signal(); if (config_file == NULL) { - asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); - if (config_file == NULL) + aret = asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); + if (aret == -1 || config_file == NULL) errx(1, "out of memory"); } @@ -811,8 +813,13 @@ main(int argc, char **argv) krb5_errx (context, 1, "couldn't parse time: %s", slave_time_missing); #ifdef SUPPORT_DETACH - if (detach_from_console) - daemon(0, 0); + if (detach_from_console) { + aret = daemon(0, 0); + if (aret == -1) { + /* not much to do if detaching fails... */ + krb5_err(context, 1, aret, "failed to daemon(3)ise"); + } + } #endif pidfile (NULL); krb5_openlog (context, "ipropd-master", &log_facility); diff --git a/lib/kadm5/ipropd_slave.c b/lib/kadm5/ipropd_slave.c index f80ac0544..55523d2ea 100644 --- a/lib/kadm5/ipropd_slave.c +++ b/lib/kadm5/ipropd_slave.c @@ -107,6 +107,7 @@ get_creds(krb5_context context, const char *keytab_str, krb5_creds creds; char *server; char keytab_buf[256]; + int aret; if (keytab_str == NULL) { ret = krb5_kt_default_name (context, keytab_buf, sizeof(keytab_buf)); @@ -127,8 +128,8 @@ get_creds(krb5_context context, const char *keytab_str, ret = krb5_get_init_creds_opt_alloc(context, &init_opts); if (ret) krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc"); - asprintf (&server, "%s/%s", IPROP_NAME, serverhost); - if (server == NULL) + aret = asprintf (&server, "%s/%s", IPROP_NAME, serverhost); + if (aret == -1 || server == NULL) krb5_errx (context, 1, "malloc: no memory"); ret = krb5_get_init_creds_keytab(context, &creds, client, keytab, @@ -374,7 +375,9 @@ receive_everything (krb5_context context, int fd, krb5_warnx(context, "receive complete database"); - asprintf(&dbname, "%s-NEW", server_context->db->hdb_name); + ret = asprintf(&dbname, "%s-NEW", server_context->db->hdb_name); + if (ret == -1) + krb5_err(context, 1, ENOMEM, "asprintf"); ret = hdb_create(context, &mydb, dbname); if(ret) krb5_err(context,1, ret, "hdb_create"); @@ -563,6 +566,7 @@ main(int argc, char **argv) time_t reconnect_max; time_t reconnect; time_t before = 0; + int aret; const char *master; @@ -615,8 +619,13 @@ main(int argc, char **argv) slave_status(context, status_file, "bootstrapping\n"); #ifdef SUPPORT_DETACH - if (detach_from_console) - daemon(0, 0); + if (detach_from_console){ + aret = daemon(0, 0); + if (aret == -1) { + /* not much to do if detaching fails... */ + krb5_err(context, 1, aret, "failed to daemon(3)ise"); + } + } #endif pidfile (NULL); krb5_openlog (context, "ipropd-slave", &log_facility); diff --git a/lib/kadm5/log.c b/lib/kadm5/log.c index 76084b09a..a3e23e36a 100644 --- a/lib/kadm5/log.c +++ b/lib/kadm5/log.c @@ -1015,9 +1015,13 @@ static HEIMDAL_MUTEX signal_mutex = HEIMDAL_MUTEX_INITIALIZER; const char * kadm5_log_signal_socket(krb5_context context) { + int ret = 0; + HEIMDAL_MUTEX_lock(&signal_mutex); if (!default_signal) - asprintf(&default_signal, "%s/signal", hdb_db_dir(context)); + ret = asprintf(&default_signal, "%s/signal", hdb_db_dir(context)); + if (ret == -1) + default_signal = NULL; HEIMDAL_MUTEX_unlock(&signal_mutex); return krb5_config_get_string_default(context, diff --git a/lib/kadm5/test_pw_quality.c b/lib/kadm5/test_pw_quality.c index e3c8d2f0f..ebef429c4 100644 --- a/lib/kadm5/test_pw_quality.c +++ b/lib/kadm5/test_pw_quality.c @@ -42,10 +42,10 @@ static char *principal; static char *password; static struct getargs args[] = { - { "principal", 0, arg_string, &principal }, - { "password", 0, arg_string, &password }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "principal", 0, arg_string, &principal, NULL, NULL }, + { "password", 0, arg_string, &password, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; int num_args = sizeof(args) / sizeof(args[0]); diff --git a/lib/kafs/common.c b/lib/kafs/common.c index a14eea8dd..ff42cf7ec 100644 --- a/lib/kafs/common.c +++ b/lib/kafs/common.c @@ -349,13 +349,19 @@ _kafs_try_get_cred(struct kafs_data *data, const char *user, const char *cell, if (kafs_verbose) { const char *estr = (*data->get_error)(data, ret); char *str; - asprintf(&str, "%s tried afs%s%s@%s -> %s (%d)", - data->name, cell ? "/" : "", - cell ? cell : "", realm, estr ? estr : "unknown", ret); - (*kafs_verbose)(kafs_verbose_ctx, str); + int aret; + + aret = asprintf(&str, "%s tried afs%s%s@%s -> %s (%d)", + data->name, cell ? "/" : "", + cell ? cell : "", realm, estr ? estr : "unknown", ret); + if (aret != -1) { + (*kafs_verbose)(kafs_verbose_ctx, str); + free(str); + } else { + (*kafs_verbose)(kafs_verbose_ctx, "out of memory"); + } if (estr) (*data->free_error)(data, estr); - free(str); } return ret; diff --git a/lib/krb5/addr_families.c b/lib/krb5/addr_families.c index 5d321a7e9..52252a03d 100644 --- a/lib/krb5/addr_families.c +++ b/lib/krb5/addr_families.c @@ -799,6 +799,7 @@ static struct addr_operations at[] = { NULL, NULL, NULL, + NULL, NULL } }; diff --git a/lib/krb5/config_file.c b/lib/krb5/config_file.c index 4ac25ae28..00b3d6d58 100644 --- a/lib/krb5/config_file.c +++ b/lib/krb5/config_file.c @@ -444,8 +444,10 @@ krb5_config_parse_file_multi (krb5_context context, home = pw->pw_dir; } if (home) { - asprintf(&newfname, "%s%s", home, &fname[1]); - if (newfname == NULL) { + int aret; + + aret = asprintf(&newfname, "%s%s", home, &fname[1]); + if (aret == -1 || newfname == NULL) { krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; diff --git a/lib/krb5/crypto-null.c b/lib/krb5/crypto-null.c index b647a6d10..12ded391c 100644 --- a/lib/krb5/crypto-null.c +++ b/lib/krb5/crypto-null.c @@ -45,6 +45,9 @@ static struct _krb5_key_type keytype_null = { 0, NULL, NULL, + NULL, + NULL, + NULL, NULL }; diff --git a/lib/krb5/derived-key-test.c b/lib/krb5/derived-key-test.c index a67c95a54..ba58c8bce 100644 --- a/lib/krb5/derived-key-test.c +++ b/lib/krb5/derived-key-test.c @@ -72,7 +72,7 @@ static struct testcase { {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0xaa}, 5, {0x26, 0xdc, 0xe3, 0x34, 0xb5, 0x45, 0x29, 0x2f, 0x2f, 0xea, 0xb9, 0xa8, 0x70, 0x1a, 0x89, 0xa4, 0xb9, 0x9e, 0xb9, 0x94, 0x2c, 0xec, 0xd0, 0x16}, {0xf4, 0x8f, 0xfd, 0x6e, 0x83, 0xf8, 0x3e, 0x73, 0x54, 0xe6, 0x94, 0xfd, 0x25, 0x2c, 0xf8, 0x3b, 0xfe, 0x58, 0xf7, 0xd5, 0xba, 0x37, 0xec, 0x5d}}, - {0} + {0, {0}, 0, {0}, {0}} }; int diff --git a/lib/krb5/init_creds_pw.c b/lib/krb5/init_creds_pw.c index 0cc866cd3..708710c3d 100644 --- a/lib/krb5/init_creds_pw.c +++ b/lib/krb5/init_creds_pw.c @@ -2473,10 +2473,19 @@ krb5_get_init_creds_password(krb5_context context, krb5_prompt prompt; krb5_data password_data; char *p, *q; + int aret = -1; - krb5_unparse_name (context, client, &p); - asprintf (&q, "%s's Password: ", p); - free (p); + ret = krb5_unparse_name (context, client, &p); + if (!ret) { + aret = asprintf (&q, "%s's Password: ", p); + free (p); + } + if (!ret || aret == -1 || !q) { + if (!ret) + ret = ENOMEM; + krb5_clear_error_message (context); + goto out; + } prompt.prompt = q; password_data.data = buf; password_data.length = sizeof(buf); diff --git a/lib/krb5/kcm.c b/lib/krb5/kcm.c index 5a28b5138..6d783d7d5 100644 --- a/lib/krb5/kcm.c +++ b/lib/krb5/kcm.c @@ -963,6 +963,7 @@ kcm_get_default_name(krb5_context context, const krb5_cc_ops *ops, krb5_storage *request, *response; krb5_data response_data; char *name; + int aret; *str = NULL; @@ -981,9 +982,9 @@ kcm_get_default_name(krb5_context context, const krb5_cc_ops *ops, if (ret) return ret; - asprintf(str, "%s:%s", ops->prefix, name); + aret = asprintf(str, "%s:%s", ops->prefix, name); free(name); - if (str == NULL) + if (aret == -1 || str == NULL) return ENOMEM; return 0; diff --git a/lib/krb5/keytab_any.c b/lib/krb5/keytab_any.c index d5ac4883d..a808311b8 100644 --- a/lib/krb5/keytab_any.c +++ b/lib/krb5/keytab_any.c @@ -257,5 +257,7 @@ const krb5_kt_ops krb5_any_ops = { any_next_entry, any_end_seq_get, any_add_entry, - any_remove_entry + any_remove_entry, + NULL, + 0 }; diff --git a/lib/krb5/keytab_file.c b/lib/krb5/keytab_file.c index ccaf62fcb..51cdd3178 100644 --- a/lib/krb5/keytab_file.c +++ b/lib/krb5/keytab_file.c @@ -776,7 +776,9 @@ const krb5_kt_ops krb5_fkt_ops = { fkt_next_entry, fkt_end_seq_get, fkt_add_entry, - fkt_remove_entry + fkt_remove_entry, + NULL, + 0 }; const krb5_kt_ops krb5_wrfkt_ops = { @@ -790,7 +792,9 @@ const krb5_kt_ops krb5_wrfkt_ops = { fkt_next_entry, fkt_end_seq_get, fkt_add_entry, - fkt_remove_entry + fkt_remove_entry, + NULL, + 0 }; const krb5_kt_ops krb5_javakt_ops = { @@ -804,5 +808,7 @@ const krb5_kt_ops krb5_javakt_ops = { fkt_next_entry, fkt_end_seq_get, fkt_add_entry, - fkt_remove_entry + fkt_remove_entry, + NULL, + 0 }; diff --git a/lib/krb5/keytab_keyfile.c b/lib/krb5/keytab_keyfile.c index 120083215..5c1dbff6e 100644 --- a/lib/krb5/keytab_keyfile.c +++ b/lib/krb5/keytab_keyfile.c @@ -462,7 +462,9 @@ const krb5_kt_ops krb5_akf_ops = { akf_next_entry, akf_end_seq_get, akf_add_entry, - NULL /* remove */ + NULL, /* remove */ + NULL, + 0 }; #endif /* HEIMDAL_SMALLER */ diff --git a/lib/krb5/keytab_memory.c b/lib/krb5/keytab_memory.c index 0ee684d36..c0deeab92 100644 --- a/lib/krb5/keytab_memory.c +++ b/lib/krb5/keytab_memory.c @@ -232,5 +232,7 @@ const krb5_kt_ops krb5_mkt_ops = { mkt_next_entry, mkt_end_seq_get, mkt_add_entry, - mkt_remove_entry + mkt_remove_entry, + NULL, + 0 }; diff --git a/lib/krb5/n-fold-test.c b/lib/krb5/n-fold-test.c index 452964522..2938b44b3 100644 --- a/lib/krb5/n-fold-test.c +++ b/lib/krb5/n-fold-test.c @@ -87,7 +87,7 @@ static struct testcase { 0x08, 0xa5, 0x08, 0x41, 0x22, 0x9a, 0xd7, 0x98, 0xfa, 0xb9, 0x54, 0x0c, 0x1b} }, - {NULL, 0} + {NULL, 0, {0}} }; int diff --git a/lib/krb5/pkinit.c b/lib/krb5/pkinit.c index 1103a1780..e34188afa 100644 --- a/lib/krb5/pkinit.c +++ b/lib/krb5/pkinit.c @@ -183,10 +183,10 @@ find_cert(krb5_context context, struct krb5_pk_identity *id, hx509_query *q, hx509_cert *cert) { struct certfind cf[4] = { - { "MobileMe EKU" }, - { "PKINIT EKU" }, - { "MS EKU" }, - { "any (or no)" } + { "MobileMe EKU", NULL }, + { "PKINIT EKU", NULL }, + { "MS EKU", NULL }, + { "any (or no)", NULL } }; int ret = HX509_CERT_NOT_FOUND; size_t i, start = 1; diff --git a/lib/krb5/replay.c b/lib/krb5/replay.c index 965dd4443..747552fbd 100644 --- a/lib/krb5/replay.c +++ b/lib/krb5/replay.c @@ -205,6 +205,7 @@ krb5_rc_store(krb5_context context, time_t t; FILE *f; int ret; + size_t count; ent.stamp = time(NULL); checksum_authenticator(rep, ent.data); @@ -217,7 +218,9 @@ krb5_rc_store(krb5_context context, return ret; } rk_cloexec_file(f); - fread(&tmp, sizeof(ent), 1, f); + count = fread(&tmp, sizeof(ent), 1, f); + if(count != 1) + return KRB5_RC_IO_UNKNOWN; t = ent.stamp - tmp.stamp; while(fread(&tmp, sizeof(ent), 1, f)){ if(tmp.stamp < t) diff --git a/lib/krb5/salt-aes.c b/lib/krb5/salt-aes.c index 32dafd68c..d2076269d 100644 --- a/lib/krb5/salt-aes.c +++ b/lib/krb5/salt-aes.c @@ -99,5 +99,5 @@ struct salt_type _krb5_AES_salt[] = { "pw-salt", AES_string_to_key }, - { 0 } + { 0, NULL, NULL } }; diff --git a/lib/krb5/salt-arcfour.c b/lib/krb5/salt-arcfour.c index ab5e51270..f8a4b391e 100644 --- a/lib/krb5/salt-arcfour.c +++ b/lib/krb5/salt-arcfour.c @@ -108,5 +108,5 @@ struct salt_type _krb5_arcfour_salt[] = { "pw-salt", ARCFOUR_string_to_key }, - { 0 } + { 0, NULL, NULL } }; diff --git a/lib/krb5/salt-des.c b/lib/krb5/salt-des.c index 56b285f72..804b3f254 100644 --- a/lib/krb5/salt-des.c +++ b/lib/krb5/salt-des.c @@ -219,6 +219,6 @@ struct salt_type _krb5_des_salt[] = { DES_AFS3_string_to_key }, #endif - { 0 } + { 0, NULL, NULL } }; #endif diff --git a/lib/krb5/salt-des3.c b/lib/krb5/salt-des3.c index 79140a274..f2e40f2d5 100644 --- a/lib/krb5/salt-des3.c +++ b/lib/krb5/salt-des3.c @@ -136,7 +136,7 @@ struct salt_type _krb5_des3_salt[] = { "pw-salt", DES3_string_to_key }, - { 0 } + { 0, NULL, NULL } }; #endif @@ -146,5 +146,5 @@ struct salt_type _krb5_des3_salt_derived[] = { "pw-salt", DES3_string_to_key_derived }, - { 0 } + { 0, NULL, NULL } }; diff --git a/lib/krb5/scache.c b/lib/krb5/scache.c index 5c422c6a4..9bdc9d7d0 100644 --- a/lib/krb5/scache.c +++ b/lib/krb5/scache.c @@ -1445,7 +1445,10 @@ KRB5_LIB_VARIABLE const krb5_cc_ops krb5_scc_ops = { scc_end_cache_get, scc_move, scc_get_default_name, - scc_set_default + scc_set_default, + NULL, + NULL, + NULL }; #endif diff --git a/lib/krb5/string-to-key-test.c b/lib/krb5/string-to-key-test.c index cb7081b9e..898857591 100644 --- a/lib/krb5/string-to-key-test.c +++ b/lib/krb5/string-to-key-test.c @@ -86,7 +86,7 @@ static struct testcase { {0x6d, 0x2f, 0xcd, 0xf2, 0xd6, 0xfb, 0xbc, 0x3d, 0xdc, 0xad, 0xb5, 0xda, 0x57, 0x10, 0xa2, 0x34, 0x89, 0xb0, 0xd3, 0xb6, 0x9d, 0x5d, 0x9d, 0x4a}}, {"Juri\xc5\xa1i\xc4\x87@ATHENA.MIT.EDU", "\xc3\x9f", ETYPE_DES3_CBC_SHA1, {0x16, 0xd5, 0xa4, 0x0e, 0x1c, 0xe3, 0xba, 0xcb, 0x61, 0xb9, 0xdc, 0xe0, 0x04, 0x70, 0x32, 0x4c, 0x83, 0x19, 0x73, 0xa7, 0xb9, 0x52, 0xfe, 0xb0}}, - {NULL} + {NULL, NULL, 0, {0}} }; int diff --git a/lib/krb5/test_cc.c b/lib/krb5/test_cc.c index 911fba524..c8290b6aa 100644 --- a/lib/krb5/test_cc.c +++ b/lib/krb5/test_cc.c @@ -293,31 +293,31 @@ struct { } cc_names[] = { { "foo", 0, "foo" }, { "foo%}", 0, "foo%}" }, - { "%{uid}", 0 }, + { "%{uid}", 0, NULL }, { "foo%{null}", 0, "foo" }, { "foo%{null}bar", 0, "foobar" }, - { "%{", 1 }, - { "%{foo %{", 1 }, - { "%{{", 1 }, - { "%{{}", 1 }, - { "%{nulll}", 1 }, - { "%{does not exist}", 1 }, - { "%{}", 1 }, + { "%{", 1, NULL }, + { "%{foo %{", 1, NULL }, + { "%{{", 1, NULL }, + { "%{{}", 1, NULL }, + { "%{nulll}", 1, NULL }, + { "%{does not exist}", 1, NULL }, + { "%{}", 1, NULL }, #ifdef KRB5_USE_PATH_TOKENS - { "%{APPDATA}", 0 }, - { "%{COMMON_APPDATA}", 0}, - { "%{LOCAL_APPDATA}", 0}, - { "%{SYSTEM}", 0}, - { "%{WINDOWS}", 0}, - { "%{TEMP}", 0}, - { "%{USERID}", 0}, - { "%{uid}", 0}, - { "%{USERCONFIG}", 0}, - { "%{COMMONCONFIG}", 0}, - { "%{LIBDIR}", 0}, - { "%{BINDIR}", 0}, - { "%{LIBEXEC}", 0}, - { "%{SBINDIR}", 0}, + { "%{APPDATA}", 0, NULL }, + { "%{COMMON_APPDATA}", 0, NULL}, + { "%{LOCAL_APPDATA}", 0, NULL}, + { "%{SYSTEM}", 0, NULL}, + { "%{WINDOWS}", 0, NULL}, + { "%{TEMP}", 0, NULL}, + { "%{USERID}", 0, NULL}, + { "%{uid}", 0, NULL}, + { "%{USERCONFIG}", 0, NULL}, + { "%{COMMONCONFIG}", 0, NULL}, + { "%{LIBDIR}", 0, NULL}, + { "%{BINDIR}", 0, NULL}, + { "%{LIBEXEC}", 0, NULL}, + { "%{SBINDIR}", 0, NULL}, #endif }; diff --git a/lib/krb5/verify_krb5_conf.c b/lib/krb5/verify_krb5_conf.c index 647a311a2..897cc2da7 100644 --- a/lib/krb5/verify_krb5_conf.c +++ b/lib/krb5/verify_krb5_conf.c @@ -353,227 +353,227 @@ struct entry { }; struct entry all_strings[] = { - { "", krb5_config_string, NULL }, - { NULL } + { "", krb5_config_string, NULL, 0 }, + { NULL, 0, NULL, 0 } }; struct entry all_boolean[] = { - { "", krb5_config_string, check_boolean }, - { NULL } + { "", krb5_config_string, check_boolean, 0 }, + { NULL, 0, NULL, 0 } }; struct entry v4_name_convert_entries[] = { - { "host", krb5_config_list, all_strings }, - { "plain", krb5_config_list, all_strings }, - { NULL } + { "host", krb5_config_list, all_strings, 0 }, + { "plain", krb5_config_list, all_strings, 0 }, + { NULL, 0, NULL, 0 } }; struct entry libdefaults_entries[] = { - { "accept_null_addresses", krb5_config_string, check_boolean }, - { "allow_weak_crypto", krb5_config_string, check_boolean }, + { "accept_null_addresses", krb5_config_string, check_boolean, 0 }, + { "allow_weak_crypto", krb5_config_string, check_boolean, 0 }, { "capath", krb5_config_list, all_strings, 1 }, - { "check_pac", krb5_config_string, check_boolean }, - { "clockskew", krb5_config_string, check_time }, - { "date_format", krb5_config_string, NULL }, - { "default_cc_name", krb5_config_string, NULL }, - { "default_etypes", krb5_config_string, NULL }, - { "default_etypes_des", krb5_config_string, NULL }, - { "default_keytab_modify_name", krb5_config_string, NULL }, - { "default_keytab_name", krb5_config_string, NULL }, - { "default_realm", krb5_config_string, NULL }, - { "dns_canonize_hostname", krb5_config_string, check_boolean }, - { "dns_proxy", krb5_config_string, NULL }, - { "dns_lookup_kdc", krb5_config_string, check_boolean }, - { "dns_lookup_realm", krb5_config_string, check_boolean }, - { "dns_lookup_realm_labels", krb5_config_string, NULL }, - { "egd_socket", krb5_config_string, NULL }, - { "encrypt", krb5_config_string, check_boolean }, - { "extra_addresses", krb5_config_string, NULL }, - { "fcache_version", krb5_config_string, check_numeric }, - { "fcc-mit-ticketflags", krb5_config_string, check_boolean }, - { "forward", krb5_config_string, check_boolean }, - { "forwardable", krb5_config_string, check_boolean }, - { "http_proxy", krb5_config_string, check_host /* XXX */ }, - { "ignore_addresses", krb5_config_string, NULL }, - { "kdc_timeout", krb5_config_string, check_time }, - { "kdc_timesync", krb5_config_string, check_boolean }, - { "log_utc", krb5_config_string, check_boolean }, - { "maxretries", krb5_config_string, check_numeric }, - { "scan_interfaces", krb5_config_string, check_boolean }, - { "srv_lookup", krb5_config_string, check_boolean }, - { "srv_try_txt", krb5_config_string, check_boolean }, - { "ticket_lifetime", krb5_config_string, check_time }, - { "time_format", krb5_config_string, NULL }, - { "transited_realms_reject", krb5_config_string, NULL }, - { "no-addresses", krb5_config_string, check_boolean }, - { "v4_instance_resolve", krb5_config_string, check_boolean }, - { "v4_name_convert", krb5_config_list, v4_name_convert_entries }, - { "verify_ap_req_nofail", krb5_config_string, check_boolean }, - { "max_retries", krb5_config_string, check_time }, - { "renew_lifetime", krb5_config_string, check_time }, - { "proxiable", krb5_config_string, check_boolean }, - { "warn_pwexpire", krb5_config_string, check_time }, + { "check_pac", krb5_config_string, check_boolean, 0 }, + { "clockskew", krb5_config_string, check_time, 0 }, + { "date_format", krb5_config_string, NULL, 0 }, + { "default_cc_name", krb5_config_string, NULL, 0 }, + { "default_etypes", krb5_config_string, NULL, 0 }, + { "default_etypes_des", krb5_config_string, NULL, 0 }, + { "default_keytab_modify_name", krb5_config_string, NULL, 0 }, + { "default_keytab_name", krb5_config_string, NULL, 0 }, + { "default_realm", krb5_config_string, NULL, 0 }, + { "dns_canonize_hostname", krb5_config_string, check_boolean, 0 }, + { "dns_proxy", krb5_config_string, NULL, 0 }, + { "dns_lookup_kdc", krb5_config_string, check_boolean, 0 }, + { "dns_lookup_realm", krb5_config_string, check_boolean, 0 }, + { "dns_lookup_realm_labels", krb5_config_string, NULL, 0 }, + { "egd_socket", krb5_config_string, NULL, 0 }, + { "encrypt", krb5_config_string, check_boolean, 0 }, + { "extra_addresses", krb5_config_string, NULL, 0 }, + { "fcache_version", krb5_config_string, check_numeric, 0 }, + { "fcc-mit-ticketflags", krb5_config_string, check_boolean, 0 }, + { "forward", krb5_config_string, check_boolean, 0 }, + { "forwardable", krb5_config_string, check_boolean, 0 }, + { "http_proxy", krb5_config_string, check_host /* XXX */, 0 }, + { "ignore_addresses", krb5_config_string, NULL, 0 }, + { "kdc_timeout", krb5_config_string, check_time, 0 }, + { "kdc_timesync", krb5_config_string, check_boolean, 0 }, + { "log_utc", krb5_config_string, check_boolean, 0 }, + { "maxretries", krb5_config_string, check_numeric, 0 }, + { "scan_interfaces", krb5_config_string, check_boolean, 0 }, + { "srv_lookup", krb5_config_string, check_boolean, 0 }, + { "srv_try_txt", krb5_config_string, check_boolean, 0 }, + { "ticket_lifetime", krb5_config_string, check_time, 0 }, + { "time_format", krb5_config_string, NULL, 0 }, + { "transited_realms_reject", krb5_config_string, NULL, 0 }, + { "no-addresses", krb5_config_string, check_boolean, 0 }, + { "v4_instance_resolve", krb5_config_string, check_boolean, 0 }, + { "v4_name_convert", krb5_config_list, v4_name_convert_entries, 0 }, + { "verify_ap_req_nofail", krb5_config_string, check_boolean, 0 }, + { "max_retries", krb5_config_string, check_time, 0 }, + { "renew_lifetime", krb5_config_string, check_time, 0 }, + { "proxiable", krb5_config_string, check_boolean, 0 }, + { "warn_pwexpire", krb5_config_string, check_time, 0 }, /* MIT stuff */ - { "permitted_enctypes", krb5_config_string, mit_entry }, - { "default_tgs_enctypes", krb5_config_string, mit_entry }, - { "default_tkt_enctypes", krb5_config_string, mit_entry }, - { NULL } + { "permitted_enctypes", krb5_config_string, mit_entry, 0 }, + { "default_tgs_enctypes", krb5_config_string, mit_entry, 0 }, + { "default_tkt_enctypes", krb5_config_string, mit_entry, 0 }, + { NULL, 0, NULL, 0 } }; struct entry appdefaults_entries[] = { - { "afslog", krb5_config_string, check_boolean }, - { "afs-use-524", krb5_config_string, check_524 }, - { "encrypt", krb5_config_string, check_boolean }, - { "forward", krb5_config_string, check_boolean }, - { "forwardable", krb5_config_string, check_boolean }, - { "proxiable", krb5_config_string, check_boolean }, - { "ticket_lifetime", krb5_config_string, check_time }, - { "renew_lifetime", krb5_config_string, check_time }, - { "no-addresses", krb5_config_string, check_boolean }, - { "krb4_get_tickets", krb5_config_string, check_boolean }, - { "pkinit_anchors", krb5_config_string, NULL }, - { "pkinit_win2k", krb5_config_string, NULL }, - { "pkinit_win2k_require_binding", krb5_config_string, NULL }, - { "pkinit_require_eku", krb5_config_string, NULL }, - { "pkinit_require_krbtgt_otherName", krb5_config_string, NULL }, - { "pkinit_require_hostname_match", krb5_config_string, NULL }, + { "afslog", krb5_config_string, check_boolean, 0 }, + { "afs-use-524", krb5_config_string, check_524, 0 }, + { "encrypt", krb5_config_string, check_boolean, 0 }, + { "forward", krb5_config_string, check_boolean, 0 }, + { "forwardable", krb5_config_string, check_boolean, 0 }, + { "proxiable", krb5_config_string, check_boolean, 0 }, + { "ticket_lifetime", krb5_config_string, check_time, 0 }, + { "renew_lifetime", krb5_config_string, check_time, 0 }, + { "no-addresses", krb5_config_string, check_boolean, 0 }, + { "krb4_get_tickets", krb5_config_string, check_boolean, 0 }, + { "pkinit_anchors", krb5_config_string, NULL, 0 }, + { "pkinit_win2k", krb5_config_string, NULL, 0 }, + { "pkinit_win2k_require_binding", krb5_config_string, NULL, 0 }, + { "pkinit_require_eku", krb5_config_string, NULL, 0 }, + { "pkinit_require_krbtgt_otherName", krb5_config_string, NULL, 0 }, + { "pkinit_require_hostname_match", krb5_config_string, NULL, 0 }, #if 0 - { "anonymous", krb5_config_string, check_boolean }, + { "anonymous", krb5_config_string, check_boolean, 0 }, #endif - { "", krb5_config_list, appdefaults_entries }, - { NULL } + { "", krb5_config_list, appdefaults_entries, 0 }, + { NULL, 0, NULL, 0 } }; struct entry realms_entries[] = { - { "forwardable", krb5_config_string, check_boolean }, - { "proxiable", krb5_config_string, check_boolean }, - { "ticket_lifetime", krb5_config_string, check_time }, - { "renew_lifetime", krb5_config_string, check_time }, - { "warn_pwexpire", krb5_config_string, check_time }, - { "kdc", krb5_config_string, check_host }, - { "admin_server", krb5_config_string, check_host }, - { "kpasswd_server", krb5_config_string, check_host }, - { "krb524_server", krb5_config_string, check_host }, - { "v4_name_convert", krb5_config_list, v4_name_convert_entries }, - { "v4_instance_convert", krb5_config_list, all_strings }, - { "v4_domains", krb5_config_string, NULL }, - { "default_domain", krb5_config_string, NULL }, - { "win2k_pkinit", krb5_config_string, NULL }, + { "forwardable", krb5_config_string, check_boolean, 0 }, + { "proxiable", krb5_config_string, check_boolean, 0 }, + { "ticket_lifetime", krb5_config_string, check_time, 0 }, + { "renew_lifetime", krb5_config_string, check_time, 0 }, + { "warn_pwexpire", krb5_config_string, check_time, 0 }, + { "kdc", krb5_config_string, check_host, 0 }, + { "admin_server", krb5_config_string, check_host, 0 }, + { "kpasswd_server", krb5_config_string, check_host, 0 }, + { "krb524_server", krb5_config_string, check_host, 0 }, + { "v4_name_convert", krb5_config_list, v4_name_convert_entries, 0 }, + { "v4_instance_convert", krb5_config_list, all_strings, 0 }, + { "v4_domains", krb5_config_string, NULL, 0 }, + { "default_domain", krb5_config_string, NULL, 0 }, + { "win2k_pkinit", krb5_config_string, NULL, 0 }, /* MIT stuff */ - { "admin_keytab", krb5_config_string, mit_entry }, - { "acl_file", krb5_config_string, mit_entry }, - { "dict_file", krb5_config_string, mit_entry }, - { "kadmind_port", krb5_config_string, mit_entry }, - { "kpasswd_port", krb5_config_string, mit_entry }, - { "master_key_name", krb5_config_string, mit_entry }, - { "master_key_type", krb5_config_string, mit_entry }, - { "key_stash_file", krb5_config_string, mit_entry }, - { "max_life", krb5_config_string, mit_entry }, - { "max_renewable_life", krb5_config_string, mit_entry }, - { "default_principal_expiration", krb5_config_string, mit_entry }, - { "default_principal_flags", krb5_config_string, mit_entry }, - { "supported_enctypes", krb5_config_string, mit_entry }, - { "database_name", krb5_config_string, mit_entry }, - { NULL } + { "admin_keytab", krb5_config_string, mit_entry, 0 }, + { "acl_file", krb5_config_string, mit_entry, 0 }, + { "dict_file", krb5_config_string, mit_entry, 0 }, + { "kadmind_port", krb5_config_string, mit_entry, 0 }, + { "kpasswd_port", krb5_config_string, mit_entry, 0 }, + { "master_key_name", krb5_config_string, mit_entry, 0 }, + { "master_key_type", krb5_config_string, mit_entry, 0 }, + { "key_stash_file", krb5_config_string, mit_entry, 0 }, + { "max_life", krb5_config_string, mit_entry, 0 }, + { "max_renewable_life", krb5_config_string, mit_entry, 0 }, + { "default_principal_expiration", krb5_config_string, mit_entry, 0 }, + { "default_principal_flags", krb5_config_string, mit_entry, 0 }, + { "supported_enctypes", krb5_config_string, mit_entry, 0 }, + { "database_name", krb5_config_string, mit_entry, 0 }, + { NULL, 0, NULL, 0 } }; struct entry realms_foobar[] = { - { "", krb5_config_list, realms_entries }, - { NULL } + { "", krb5_config_list, realms_entries, 0 }, + { NULL, 0, NULL, 0 } }; struct entry kdc_database_entries[] = { - { "realm", krb5_config_string, NULL }, - { "dbname", krb5_config_string, NULL }, - { "mkey_file", krb5_config_string, NULL }, - { "acl_file", krb5_config_string, NULL }, - { "log_file", krb5_config_string, NULL }, - { NULL } + { "realm", krb5_config_string, NULL, 0 }, + { "dbname", krb5_config_string, NULL, 0 }, + { "mkey_file", krb5_config_string, NULL, 0 }, + { "acl_file", krb5_config_string, NULL, 0 }, + { "log_file", krb5_config_string, NULL, 0 }, + { NULL, 0, NULL, 0 } }; struct entry kdc_entries[] = { - { "database", krb5_config_list, kdc_database_entries }, - { "key-file", krb5_config_string, NULL }, - { "logging", krb5_config_string, check_log }, - { "max-request", krb5_config_string, check_bytes }, - { "require-preauth", krb5_config_string, check_boolean }, - { "ports", krb5_config_string, NULL }, - { "addresses", krb5_config_string, NULL }, - { "enable-kerberos4", krb5_config_string, check_boolean }, - { "enable-524", krb5_config_string, check_boolean }, - { "enable-http", krb5_config_string, check_boolean }, - { "check-ticket-addresses", krb5_config_string, check_boolean }, - { "allow-null-ticket-addresses", krb5_config_string, check_boolean }, - { "allow-anonymous", krb5_config_string, check_boolean }, - { "v4_realm", krb5_config_string, NULL }, + { "database", krb5_config_list, kdc_database_entries, 0 }, + { "key-file", krb5_config_string, NULL, 0 }, + { "logging", krb5_config_string, check_log, 0 }, + { "max-request", krb5_config_string, check_bytes, 0 }, + { "require-preauth", krb5_config_string, check_boolean, 0 }, + { "ports", krb5_config_string, NULL, 0 }, + { "addresses", krb5_config_string, NULL, 0 }, + { "enable-kerberos4", krb5_config_string, check_boolean, 0 }, + { "enable-524", krb5_config_string, check_boolean, 0 }, + { "enable-http", krb5_config_string, check_boolean, 0 }, + { "check-ticket-addresses", krb5_config_string, check_boolean, 0 }, + { "allow-null-ticket-addresses", krb5_config_string, check_boolean, 0 }, + { "allow-anonymous", krb5_config_string, check_boolean, 0 }, + { "v4_realm", krb5_config_string, NULL, 0 }, { "enable-kaserver", krb5_config_string, check_boolean, 1 }, - { "encode_as_rep_as_tgs_rep", krb5_config_string, check_boolean }, - { "kdc_warn_pwexpire", krb5_config_string, check_time }, - { "use_2b", krb5_config_list, NULL }, - { "enable-pkinit", krb5_config_string, check_boolean }, - { "pkinit_identity", krb5_config_string, NULL }, - { "pkinit_anchors", krb5_config_string, NULL }, - { "pkinit_pool", krb5_config_string, NULL }, - { "pkinit_revoke", krb5_config_string, NULL }, - { "pkinit_kdc_ocsp", krb5_config_string, NULL }, - { "pkinit_principal_in_certificate", krb5_config_string, NULL }, - { "pkinit_dh_min_bits", krb5_config_string, NULL }, - { "pkinit_allow_proxy_certificate", krb5_config_string, NULL }, - { "hdb-ldap-create-base", krb5_config_string, NULL }, - { "v4-realm", krb5_config_string, NULL }, - { NULL } + { "encode_as_rep_as_tgs_rep", krb5_config_string, check_boolean, 0 }, + { "kdc_warn_pwexpire", krb5_config_string, check_time, 0 }, + { "use_2b", krb5_config_list, NULL, 0 }, + { "enable-pkinit", krb5_config_string, check_boolean, 0 }, + { "pkinit_identity", krb5_config_string, NULL, 0 }, + { "pkinit_anchors", krb5_config_string, NULL, 0 }, + { "pkinit_pool", krb5_config_string, NULL, 0 }, + { "pkinit_revoke", krb5_config_string, NULL, 0 }, + { "pkinit_kdc_ocsp", krb5_config_string, NULL, 0 }, + { "pkinit_principal_in_certificate", krb5_config_string, NULL, 0 }, + { "pkinit_dh_min_bits", krb5_config_string, NULL, 0 }, + { "pkinit_allow_proxy_certificate", krb5_config_string, NULL, 0 }, + { "hdb-ldap-create-base", krb5_config_string, NULL, 0 }, + { "v4-realm", krb5_config_string, NULL, 0 }, + { NULL, 0, NULL, 0 } }; struct entry kadmin_entries[] = { - { "password_lifetime", krb5_config_string, check_time }, - { "default_keys", krb5_config_string, NULL }, - { "use_v4_salt", krb5_config_string, NULL }, - { "require-preauth", krb5_config_string, check_boolean }, - { NULL } + { "password_lifetime", krb5_config_string, check_time, 0 }, + { "default_keys", krb5_config_string, NULL, 0 }, + { "use_v4_salt", krb5_config_string, NULL, 0 }, + { "require-preauth", krb5_config_string, check_boolean, 0 }, + { NULL, 0, NULL, 0 } }; struct entry log_strings[] = { - { "", krb5_config_string, check_log }, - { NULL } + { "", krb5_config_string, check_log, 0 }, + { NULL, 0, NULL, 0 } }; /* MIT stuff */ struct entry kdcdefaults_entries[] = { - { "kdc_ports", krb5_config_string, mit_entry }, - { "v4_mode", krb5_config_string, mit_entry }, - { NULL } + { "kdc_ports", krb5_config_string, mit_entry, 0 }, + { "v4_mode", krb5_config_string, mit_entry, 0 }, + { NULL, 0, NULL, 0 } }; struct entry capaths_entries[] = { - { "", krb5_config_list, all_strings }, - { NULL } + { "", krb5_config_list, all_strings, 0 }, + { NULL, 0, NULL, 0 } }; struct entry password_quality_entries[] = { - { "policies", krb5_config_string, NULL }, - { "external_program", krb5_config_string, NULL }, - { "min_classes", krb5_config_string, check_numeric }, - { "min_length", krb5_config_string, check_numeric }, - { "", krb5_config_list, all_strings }, - { NULL } + { "policies", krb5_config_string, NULL, 0 }, + { "external_program", krb5_config_string, NULL, 0 }, + { "min_classes", krb5_config_string, check_numeric, 0 }, + { "min_length", krb5_config_string, check_numeric, 0 }, + { "", krb5_config_list, all_strings, 0 }, + { NULL, 0, NULL, 0 } }; struct entry toplevel_sections[] = { - { "libdefaults" , krb5_config_list, libdefaults_entries }, - { "realms", krb5_config_list, realms_foobar }, - { "domain_realm", krb5_config_list, all_strings }, - { "logging", krb5_config_list, log_strings }, - { "kdc", krb5_config_list, kdc_entries }, - { "kadmin", krb5_config_list, kadmin_entries }, - { "appdefaults", krb5_config_list, appdefaults_entries }, - { "gssapi", krb5_config_list, NULL }, - { "capaths", krb5_config_list, capaths_entries }, - { "password_quality", krb5_config_list, password_quality_entries }, + { "libdefaults" , krb5_config_list, libdefaults_entries, 0 }, + { "realms", krb5_config_list, realms_foobar, 0 }, + { "domain_realm", krb5_config_list, all_strings, 0 }, + { "logging", krb5_config_list, log_strings, 0 }, + { "kdc", krb5_config_list, kdc_entries, 0 }, + { "kadmin", krb5_config_list, kadmin_entries, 0 }, + { "appdefaults", krb5_config_list, appdefaults_entries, 0 }, + { "gssapi", krb5_config_list, NULL, 0 }, + { "capaths", krb5_config_list, capaths_entries, 0 }, + { "password_quality", krb5_config_list, password_quality_entries, 0 }, /* MIT stuff */ - { "kdcdefaults", krb5_config_list, kdcdefaults_entries }, - { NULL } + { "kdcdefaults", krb5_config_list, kdcdefaults_entries, 0 }, + { NULL, 0, NULL, 0 } }; diff --git a/lib/otp/otptest.c b/lib/otp/otptest.c index 869f87421..dbf213168 100644 --- a/lib/otp/otptest.c +++ b/lib/otp/otptest.c @@ -107,7 +107,7 @@ test (void) {"sha", "OTP's are good", "correct", 0, "d51f3e99bf8e6f0b", "RUST WELT KICK FELL TAIL FRAU"}, {"sha", "OTP's are good", "correct", 1, "82aeb52d943774e4", "FLIT DOSE ALSO MEW DRUM DEFY"}, {"sha", "OTP's are good", "correct", 99, "4f296a74fe1567ec", "AURA ALOE HURL WING BERG WAIT"}, - {NULL} + {NULL, NULL, NULL, 0, NULL, NULL} }; struct test *t; diff --git a/lib/roken/base64-test.c b/lib/roken/base64-test.c index e9a2835e8..146e97e24 100644 --- a/lib/roken/base64-test.c +++ b/lib/roken/base64-test.c @@ -53,7 +53,7 @@ main(int argc, char **argv) { "4444", 4, "NDQ0NA==" }, { "55555", 5, "NTU1NTU=" }, { "abc:def", 7, "YWJjOmRlZg==" }, - { NULL } + { NULL, 0, NULL } }; for(t = tests; t->data; t++) { char *str; diff --git a/lib/roken/hex-test.c b/lib/roken/hex-test.c index 9a3d10f28..a81422e1f 100644 --- a/lib/roken/hex-test.c +++ b/lib/roken/hex-test.c @@ -55,7 +55,7 @@ main(int argc, char **argv) { "abcdef", 6, "616263646566" }, { "abcdefg", 7, "61626364656667" }, { "=", 1, "3D" }, - { NULL } + { NULL, 0, NULL } }; for(t = tests; t->data; t++) { char *str; diff --git a/lib/roken/rkpty.c b/lib/roken/rkpty.c index f2c62f23f..bd955e71f 100644 --- a/lib/roken/rkpty.c +++ b/lib/roken/rkpty.c @@ -305,9 +305,9 @@ eval_parent(pid_t pid) static struct getargs args[] = { { "timeout", 't', arg_integer, &timeout, "timout", "seconds" }, - { "verbose", 'v', arg_counter, &verbose, "verbose debugging" }, - { "version", 0, arg_flag, &version_flag, "print version" }, - { "help", 0, arg_flag, &help_flag, NULL } + { "verbose", 'v', arg_counter, &verbose, "verbose debugging", NULL }, + { "version", 0, arg_flag, &version_flag, "print version", NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static void diff --git a/lib/roken/roken_gethostby.c b/lib/roken/roken_gethostby.c index 1bb560d3b..a2dda7e05 100644 --- a/lib/roken/roken_gethostby.c +++ b/lib/roken/roken_gethostby.c @@ -77,7 +77,8 @@ setup_int(const char *proxy_host, short proxy_port, if(make_address(dns_host, &dns_addr.sin_addr) != 0) return -1; dns_addr.sin_port = htons(dns_port); - asprintf(&dns_req, "%s", dns_path); + if (asprintf(&dns_req, "%s", dns_path) < 0) + return -1; } dns_addr.sin_family = AF_INET; return 0; diff --git a/lib/roken/simple_exec.c b/lib/roken/simple_exec.c index 97679d7e4..552e121b0 100644 --- a/lib/roken/simple_exec.c +++ b/lib/roken/simple_exec.c @@ -144,17 +144,31 @@ ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL pipe_execv(FILE **stdin_fd, FILE **stdout_fd, FILE **stderr_fd, const char *file, ...) { - int in_fd[2], out_fd[2], err_fd[2]; + int in_fd[2] = {-1, -1}; + int out_fd[2] = {-1, -1}; + int err_fd[2] = {-1, -1}; pid_t pid; va_list ap; char **argv; + int ret = 0; if(stdin_fd != NULL) - pipe(in_fd); - if(stdout_fd != NULL) - pipe(out_fd); - if(stderr_fd != NULL) - pipe(err_fd); + ret = pipe(in_fd); + if(ret != -1 && stdout_fd != NULL) + ret = pipe(out_fd); + if(ret != -1 && stderr_fd != NULL) + ret = pipe(err_fd); + + if (ret == -1) { + close(in_fd[0]); + close(in_fd[1]); + close(out_fd[0]); + close(out_fd[1]); + close(err_fd[0]); + close(err_fd[1]); + return SE_E_UNSPECIFIED; + } + pid = fork(); switch(pid) { case 0: diff --git a/lib/roken/test-mem.c b/lib/roken/test-mem.c index 2ce961e06..5ae10172a 100644 --- a/lib/roken/test-mem.c +++ b/lib/roken/test-mem.c @@ -70,13 +70,16 @@ static RETSIGTYPE segv_handler(int sig) { int fd; + ssize_t ret; char msg[] = "SIGSEGV i current test: "; fd = open("/dev/stdout", O_WRONLY, 0600); if (fd >= 0) { - (void)write(fd, msg, sizeof(msg) - 1); - (void)write(fd, testname, strlen(testname)); - (void)write(fd, "\n", 1); + ret = write(fd, msg, sizeof(msg) - 1); + if (ret != -1) + ret = write(fd, testname, strlen(testname)); + if (ret != -1) + ret = write(fd, "\n", 1); close(fd); } _exit(1); diff --git a/lib/sl/slc-gram.y b/lib/sl/slc-gram.y index 530b1a344..93bb4056a 100644 --- a/lib/sl/slc-gram.y +++ b/lib/sl/slc-gram.y @@ -341,7 +341,7 @@ gen_command(struct assignment *as) fprintf(cfile, " },\n"); for(a = a->next; a != NULL; a = a->next) if(strcmp(a->name, "name") == 0) - cprint(1, " { \"%s\" },\n", a->u.value); + cprint(1, " { \"%s\", NULL, NULL, NULL },\n", a->u.value); cprint(0, "\n"); } @@ -360,6 +360,7 @@ make_name(struct assignment *as) struct assignment *lopt; struct assignment *type; char *s; + int ret; lopt = find(as, "long"); if(lopt == NULL) @@ -369,9 +370,11 @@ make_name(struct assignment *as) type = find(as, "type"); if(strcmp(type->u.value, "-flag") == 0) - asprintf(&s, "%s_flag", lopt->u.value); + ret = asprintf(&s, "%s_flag", lopt->u.value); else - asprintf(&s, "%s_%s", lopt->u.value, type->u.value); + ret = asprintf(&s, "%s_%s", lopt->u.value, type->u.value); + if (ret == -1) + return NULL; gen_name(s); return s; } @@ -446,7 +449,7 @@ struct type_handler { defval_neg_flag, NULL }, - { NULL } + { NULL, NULL, NULL, NULL, NULL } }; static struct type_handler *find_handler(struct assignment *type) @@ -710,7 +713,7 @@ gen(struct assignment *as) cprint(0, "SL_cmd commands[] = {\n"); for(a = as; a != NULL; a = a->next) gen_command(a->u.assignment); - cprint(1, "{ NULL }\n"); + cprint(1, "{ NULL, NULL, NULL, NULL }\n"); cprint(0, "};\n"); hprint(0, "extern SL_cmd commands[];\n"); @@ -719,8 +722,8 @@ gen(struct assignment *as) int version_flag; int help_flag; struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; int num_args = sizeof(args) / sizeof(args[0]); diff --git a/lib/wind/bidi.c b/lib/wind/bidi.c index 022a2a17c..7fdbc2acf 100644 --- a/lib/wind/bidi.c +++ b/lib/wind/bidi.c @@ -51,7 +51,7 @@ range_entry_cmp(const void *a, const void *b) static int is_ral(uint32_t cp) { - struct range_entry ee = {cp}; + struct range_entry ee = {cp, 0}; void *s = bsearch(&ee, _wind_ral_table, _wind_ral_table_size, sizeof(_wind_ral_table[0]), range_entry_cmp); @@ -61,7 +61,7 @@ is_ral(uint32_t cp) static int is_l(uint32_t cp) { - struct range_entry ee = {cp}; + struct range_entry ee = {cp, 0}; void *s = bsearch(&ee, _wind_l_table, _wind_l_table_size, sizeof(_wind_l_table[0]), range_entry_cmp); diff --git a/lib/wind/combining.c b/lib/wind/combining.c index 22fbf3835..764acc321 100644 --- a/lib/wind/combining.c +++ b/lib/wind/combining.c @@ -49,7 +49,7 @@ translation_cmp(const void *key, const void *data) int _wind_combining_class(uint32_t code_point) { - struct translation ts = {code_point}; + struct translation ts = {code_point, 0}; void *s = bsearch(&ts, _wind_combining_table, _wind_combining_table_size, sizeof(_wind_combining_table[0]), translation_cmp); diff --git a/lib/wind/errorlist.c b/lib/wind/errorlist.c index c2907832a..8a9d4a549 100644 --- a/lib/wind/errorlist.c +++ b/lib/wind/errorlist.c @@ -51,7 +51,7 @@ error_entry_cmp(const void *a, const void *b) int _wind_stringprep_error(const uint32_t cp, wind_profile_flags flags) { - struct error_entry ee = {cp}; + struct error_entry ee = {cp, 0, 0}; const struct error_entry *s; s = (const struct error_entry *) diff --git a/lib/wind/map.c b/lib/wind/map.c index 03f00de25..2485d396a 100644 --- a/lib/wind/map.c +++ b/lib/wind/map.c @@ -58,7 +58,7 @@ _wind_stringprep_map(const uint32_t *in, size_t in_len, unsigned o = 0; for (i = 0; i < in_len; ++i) { - struct translation ts = {in[i]}; + struct translation ts = {in[i], 0, 0, 0}; const struct translation *s; s = (const struct translation *) diff --git a/lib/wind/normalize.c b/lib/wind/normalize.c index 15274f685..20e8a4a04 100644 --- a/lib/wind/normalize.c +++ b/lib/wind/normalize.c @@ -127,7 +127,7 @@ compat_decomp(const uint32_t *in, size_t in_len, unsigned o = 0; for (i = 0; i < in_len; ++i) { - struct translation ts = {in[i]}; + struct translation ts = {in[i], 0, 0}; size_t sub_len = *out_len - o; int ret; diff --git a/lib/wind/test-normalize.c b/lib/wind/test-normalize.c index 16c808139..3e13aeec9 100644 --- a/lib/wind/test-normalize.c +++ b/lib/wind/test-normalize.c @@ -47,7 +47,7 @@ static size_t parse_vector(char *buf, uint32_t *v) { - char *last; + char *last = NULL; unsigned ret = 0; const char *n; unsigned u; diff --git a/lib/wind/test-utf8.c b/lib/wind/test-utf8.c index d85df286e..0b95032ff 100644 --- a/lib/wind/test-utf8.c +++ b/lib/wind/test-utf8.c @@ -78,24 +78,24 @@ struct testcase { }; static const struct testcase testcases[] = { - {"", 0, {0}}, - {"\x01", 1, {1}}, - {"\x7F", 1, {0x7F}}, - {"\x01\x7F", 2, {0x01, 0x7F}}, - {"\xC0\x80", 1, {0}}, - {"\xC0\x81", 1, {1}}, - {"\xC1\x80", 1, {0x40}}, - {"\xDF\xBF", 1, {0x7FF}}, - {"\xE0\x80\x80", 1, {0}}, - {"\xE0\x80\x81", 1, {1}}, - {"\xE0\x81\x80", 1, {0x40}}, - {"\xE1\x80\x80", 1, {0x1000}}, - {"\xEF\xBF\xBF", 1, {0xFFFF}}, - {"\xF0\x80\x80\x80", 1, {0}}, - {"\xF0\x80\x80\x81", 1, {1}}, - {"\xF0\x80\x81\x80", 1, {0x40}}, - {"\xF0\x81\x80\x80", 1, {0x1000}}, - {"\xF1\x80\x80\x80", 1, {0x40000}}, + {"", 0, {0}, 0}, + {"\x01", 1, {1}, 0}, + {"\x7F", 1, {0x7F}, 0}, + {"\x01\x7F", 2, {0x01, 0x7F}, 0}, + {"\xC0\x80", 1, {0}, 0}, + {"\xC0\x81", 1, {1}, 0}, + {"\xC1\x80", 1, {0x40}, 0}, + {"\xDF\xBF", 1, {0x7FF}, 0}, + {"\xE0\x80\x80", 1, {0}, 0}, + {"\xE0\x80\x81", 1, {1}, 0}, + {"\xE0\x81\x80", 1, {0x40}, 0}, + {"\xE1\x80\x80", 1, {0x1000}, 0}, + {"\xEF\xBF\xBF", 1, {0xFFFF}, 0}, + {"\xF0\x80\x80\x80", 1, {0}, 0}, + {"\xF0\x80\x80\x81", 1, {1}, 0}, + {"\xF0\x80\x81\x80", 1, {0x40}, 0}, + {"\xF0\x81\x80\x80", 1, {0x1000}, 0}, + {"\xF1\x80\x80\x80", 1, {0x40000}, 0}, {"\xF7\xBF\xBF\xBF", 1, {0X1FFFFF}, 1}, };