diff options
author | Andrew G. Morgan <morgan@kernel.org> | 2021-08-26 20:24:47 -0700 |
---|---|---|
committer | Andrew G. Morgan <morgan@kernel.org> | 2021-08-26 20:24:47 -0700 |
commit | c90b5debdf28acc010d5ee50ff5ff0c97ab0e367 (patch) | |
tree | 997cab52eda411ad6d9785138c699feb259c3860 | |
parent | 07cdff9ac969c35f1b2e4c0ccb5e3cc5fdceb2b2 (diff) | |
download | libcap-c90b5debdf28acc010d5ee50ff5ff0c97ab0e367.tar.gz |
Fix some static analysis results.
This series of issues was found by Zoltan Fridrich.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
-rw-r--r-- | libcap/_makenames.c | 4 | ||||
-rw-r--r-- | libcap/cap_proc.c | 4 | ||||
-rw-r--r-- | libcap/cap_text.c | 10 | ||||
-rw-r--r-- | libcap/execable.c | 2 | ||||
-rw-r--r-- | pam_cap/pam_cap.c | 3 | ||||
-rw-r--r-- | progs/capsh.c | 17 | ||||
-rw-r--r-- | progs/getcap.c | 8 | ||||
-rw-r--r-- | progs/setcap.c | 6 | ||||
-rw-r--r-- | psx/psx.c | 4 | ||||
-rw-r--r-- | tests/libcap_launch_test.c | 10 | ||||
-rw-r--r-- | tests/libcap_psx_test.c | 9 |
11 files changed, 69 insertions, 8 deletions
diff --git a/libcap/_makenames.c b/libcap/_makenames.c index 46ab0c9..b09cf69 100644 --- a/libcap/_makenames.c +++ b/libcap/_makenames.c @@ -49,6 +49,10 @@ int main(void) int was = pointers_avail * sizeof(char *); pointers_avail = 2 * list[i].index + 1; pointers = recalloc(pointers, was, pointers_avail * sizeof(char *)); + if (pointers == NULL) { + perror("unable to continue"); + exit(1); + } } pointers[list[i].index] = list[i].name; int n = strlen(list[i].name); diff --git a/libcap/cap_proc.c b/libcap/cap_proc.c index fdb8cbe..1494f8d 100644 --- a/libcap/cap_proc.c +++ b/libcap/cap_proc.c @@ -723,6 +723,10 @@ static int _cap_iab_set_proc(struct syscaller_s *sc, cap_iab_t iab) cap_value_t c; int raising = 0; + if (temp == NULL) { + return -1; + } + for (i = 0; i < _LIBCAP_CAPABILITY_U32S; i++) { __u32 newI = iab->i[i]; __u32 oldIP = temp->u[i].flat[CAP_INHERITABLE] | diff --git a/libcap/cap_text.c b/libcap/cap_text.c index 17072f7..a0857bc 100644 --- a/libcap/cap_text.c +++ b/libcap/cap_text.c @@ -160,6 +160,7 @@ cap_t cap_from_text(const char *str) cap_blks = _LINUX_CAPABILITY_U32S_3; break; default: + cap_free(res); errno = EINVAL; return NULL; } @@ -403,6 +404,9 @@ char *cap_to_text(cap_t caps, ssize_t *length_p) for (n = 0; n < cmb; n++) { if (getstateflags(caps, n) == t) { char *this_cap_name = cap_to_name(n); + if (this_cap_name == NULL) { + return NULL; + } if ((strlen(this_cap_name) + (p - buf)) > CAP_TEXT_SIZE) { cap_free(this_cap_name); errno = ERANGE; @@ -455,6 +459,9 @@ char *cap_to_text(cap_t caps, ssize_t *length_p) for (n = cmb; n < __CAP_MAXBITS; n++) { if (getstateflags(caps, n) == t) { char *this_cap_name = cap_to_name(n); + if (this_cap_name == NULL) { + return NULL; + } if ((strlen(this_cap_name) + (p - buf)) > CAP_TEXT_SIZE) { cap_free(this_cap_name); errno = ERANGE; @@ -554,6 +561,9 @@ char *cap_iab_to_text(cap_iab_t iab) cap_iab_t cap_iab_from_text(const char *text) { cap_iab_t iab = cap_iab_init(); + if (iab == NULL) { + return iab; + } if (text != NULL) { unsigned flags; for (flags = 0; *text; text++) { diff --git a/libcap/execable.c b/libcap/execable.c index be18914..5e7a88f 100644 --- a/libcap/execable.c +++ b/libcap/execable.c @@ -4,7 +4,7 @@ SO_MAIN(int argc, char **argv) { const char *cmd = "This library"; - if (argv != NULL) { + if (argv != NULL && argv[0] != NULL) { cmd = argv[0]; } printf("%s is the shared library version: " LIBRARY_VERSION ".\n" diff --git a/pam_cap/pam_cap.c b/pam_cap/pam_cap.c index 162e1f5..17ad83e 100644 --- a/pam_cap/pam_cap.c +++ b/pam_cap/pam_cap.c @@ -67,6 +67,9 @@ static int load_groups(const char *user, char ***groups, int *groups_n) { } *groups = calloc(ngrps, sizeof(char *)); + if (*groups == NULL) { + return -1; + } int g_n = 0, i; for (i = 0; i < ngrps; i++) { const struct group *g = getgrgid(grps[i]); diff --git a/progs/capsh.c b/progs/capsh.c index 50c2c99..42d9064 100644 --- a/progs/capsh.c +++ b/progs/capsh.c @@ -101,7 +101,16 @@ static void display_current_iab(void) char *text; iab = cap_iab_get_proc(); + if (iab == NULL) { + perror("failed to get IAB for process"); + exit(1); + } text = cap_iab_to_text(iab); + if (text == NULL) { + perror("failed to obtain text for IAB"); + cap_free(iab); + exit(1); + } printf("Current IAB: %s\n", text); cap_free(text); cap_free(iab); @@ -436,6 +445,10 @@ int main(int argc, char *argv[], char *envp[]) child = 0; char *temp_name = cap_to_name(cap_max_bits() - 1); + if (temp_name == NULL) { + perror("obtaining highest capability name"); + exit(1); + } if (temp_name[0] != 'c') { printf("WARNING: libcap needs an update (cap=%d should have a name).\n", cap_max_bits() - 1); @@ -1014,6 +1027,10 @@ int main(int argc, char *argv[], char *envp[]) const char **lines = explanations[cap]; int j; char *name = cap_to_name(cap); + if (name == NULL) { + perror("invalid named cap"); + exit(1); + } char *match = strcasestr(name, argv[i]+10); cap_free(name); if (match != NULL) { diff --git a/progs/getcap.c b/progs/getcap.c index eec733b..7df7f0e 100644 --- a/progs/getcap.c +++ b/progs/getcap.c @@ -110,11 +110,11 @@ int main(int argc, char **argv) for (i=optind; argv[i] != NULL; i++) { struct stat stbuf; - - if (lstat(argv[i], &stbuf) != 0) { - fprintf(stderr, "%s (%s)\n", argv[i], strerror(errno)); + char *arg = argv[i]; + if (lstat(arg, &stbuf) != 0) { + fprintf(stderr, "%s (%s)\n", arg, strerror(errno)); } else if (recursive) { - nftw(argv[i], do_getcap, 20, FTW_PHYS); + nftw(arg, do_getcap, 20, FTW_PHYS); } else { int tflag = S_ISREG(stbuf.st_mode) ? FTW_F : (S_ISLNK(stbuf.st_mode) ? FTW_SL : FTW_NS); diff --git a/progs/setcap.c b/progs/setcap.c index 54260be..066e47f 100644 --- a/progs/setcap.c +++ b/progs/setcap.c @@ -167,9 +167,12 @@ int main(int argc, char **argv) } cap_on_file = cap_get_file(*++argv); - if (cap_on_file == NULL) { cap_on_file = cap_from_text("="); + if (cap_on_file == NULL) { + perror("unable to use missing capability"); + exit(1); + } } cmp = cap_compare(cap_on_file, cap_d); @@ -252,6 +255,7 @@ int main(int argc, char **argv) argv[0]); exit(1); } + /* FALLTHROUGH */ default: fprintf(stderr, "Failed to set capabilities on file '%s': %s\n", @@ -107,6 +107,10 @@ pthread_key_t psx_action_key; */ static void *psx_do_registration(void) { registered_thread_t *node = calloc(1, sizeof(registered_thread_t)); + if (node == NULL) { + perror("unable to register psx handler"); + _exit(1); + } pthread_mutex_init(&node->mu, NULL); node->thread = pthread_self(); pthread_setspecific(psx_action_key, node); diff --git a/tests/libcap_launch_test.c b/tests/libcap_launch_test.c index f45b2b7..d1b3d40 100644 --- a/tests/libcap_launch_test.c +++ b/tests/libcap_launch_test.c @@ -40,7 +40,9 @@ struct test_case_s { static int clean_out(void *data) { cap_t empty; empty = cap_init(); - cap_set_proc(empty); + if (cap_set_proc(empty) != 0) { + _exit(1); + } cap_free(empty); return 0; } @@ -121,12 +123,16 @@ int main(int argc, char **argv) { int success = 1, i; for (i=0; vs[i].pass_on != NO_MORE; i++) { + cap_launch_t attr; const struct test_case_s *v = &vs[i]; printf("[%d] test should %s\n", i, v->result || v->launch_abort ? "generate error" : "work"); - cap_launch_t attr; if (v->args[0] != NULL) { attr = cap_new_launcher(v->args[0], v->args, v->envp); + if (attr == NULL) { + perror("failed to obtain launcher"); + exit(1); + } if (v->callback_fn != NULL) { cap_launcher_callback(attr, v->callback_fn); } diff --git a/tests/libcap_psx_test.c b/tests/libcap_psx_test.c index 9f53f06..e473126 100644 --- a/tests/libcap_psx_test.c +++ b/tests/libcap_psx_test.c @@ -16,6 +16,10 @@ static void *thread_fork_exit(void *data) { usleep(1234); pid_t pid = fork(); cap_t start = cap_get_proc(); + if (start == NULL) { + perror("FAILED: unable to start"); + exit(1); + } if (pid == 0) { cap_set_proc(start); exit(0); @@ -27,6 +31,7 @@ static void *thread_fork_exit(void *data) { exit(1); } cap_set_proc(start); + cap_free(start); return NULL; } @@ -35,6 +40,10 @@ int main(int argc, char **argv) { printf("hello libcap and libpsx "); fflush(stdout); cap_t start = cap_get_proc(); + if (start == NULL) { + perror("FAILED: to actually start"); + exit(1); + } pthread_t ignored[10]; for (i = 0; i < 10; i++) { pthread_create(&ignored[i], NULL, thread_fork_exit, NULL); |