uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid);
#ifdef S_IFLNK
-static char *readlink_malloc (const char *filename);
+static /*@null@*/char *readlink_malloc (const char *filename);
static int copy_symlink (const char *src, const char *dst,
unused bool reset_selinux,
const struct stat *statp, const struct timeval mt[],
{
static bool selinux_checked = false;
static bool selinux_enabled;
- security_context_t scontext = NULL;
+ /*@null@*/security_context_t scontext = NULL;
if (!selinux_checked) {
selinux_enabled = is_selinux_enabled () > 0;
lp->ln_count = sb->st_nlink;
len = name_len - src_len + dst_len + 1;
lp->ln_name = (char *) xmalloc (len);
- snprintf (lp->ln_name, len, "%s%s", dst_orig, name + src_len);
+ (void) snprintf (lp->ln_name, len, "%s%s", dst_orig, name + src_len);
lp->ln_next = links;
links = lp;
* Build the filename for both the source and
* the destination files.
*/
- snprintf (src_name, src_len, "%s/%s",
- src_root, ent->d_name);
- snprintf (dst_name, dst_len, "%s/%s",
- dst_root, ent->d_name);
+ (void) snprintf (src_name, src_len, "%s/%s",
+ src_root, ent->d_name);
+ (void) snprintf (dst_name, dst_len, "%s/%s",
+ dst_root, ent->d_name);
err = copy_entry (src_name, dst_name,
reset_selinux,
#ifdef WITH_SELINUX
/* Reset SELinux to create files with default contexts */
- setfscreatecon (NULL);
+ if (setfscreatecon (NULL) != 0) {
+ err = -1;
+ }
#endif /* WITH_SELINUX */
return err;
*/
#ifdef WITH_SELINUX
- selinux_file_context (dst);
+ if (selinux_file_context (dst) != 0) {
+ return -1;
+ }
#endif /* WITH_SELINUX */
if ( (mkdir (dst, statp->st_mode) != 0)
|| (chown_if_needed (dst, statp,
* return NULL on error.
* The return string shall be freed by the caller.
*/
-static char *readlink_malloc (const char *filename)
+static /*@null@*/char *readlink_malloc (const char *filename)
{
size_t size = 1024;
- while (1) {
+ while (true) {
ssize_t nchars;
char *buffer = (char *) malloc (size);
if (NULL == buffer) {
return NULL;
}
- if ( (size_t) nchars < size) { /* The buffer was large enough */
+ if ((size_t) nchars < size) { /* The buffer was large enough */
/* readlink does not nul-terminate */
buffer[nchars] = '\0';
return buffer;
*/
if (strncmp (oldlink, src_orig, strlen (src_orig)) == 0) {
size_t len = strlen (dst_orig) + strlen (oldlink) - strlen (src_orig) + 1;
- char *dummy = (char *) malloc (len);
- snprintf (dummy, len, "%s%s",
- dst_orig,
- oldlink + strlen (src_orig));
+ char *dummy = (char *) xmalloc (len);
+ (void) snprintf (dummy, len, "%s%s",
+ dst_orig,
+ oldlink + strlen (src_orig));
free (oldlink);
oldlink = dummy;
}
#ifdef WITH_SELINUX
- selinux_file_context (dst);
+ if (selinux_file_context (dst) != 0) {
+ free (oldlink);
+ return -1;
+ }
#endif /* WITH_SELINUX */
if ( (symlink (oldlink, dst) != 0)
|| (lchown_if_needed (dst, statp,
* it returns ENOSYS on many system
* - not implemented
*/
- lutimes (dst, mt);
+ (void) lutimes (dst, mt);
#endif /* HAVE_LUTIMES */
return 0;
int err = 0;
#ifdef WITH_SELINUX
- selinux_file_context (dst);
+ if (selinux_file_context (dst) != 0) {
+ return -1;
+ }
#endif /* WITH_SELINUX */
if ( (mknod (dst, statp->st_mode & ~07777, statp->st_rdev) != 0)
return -1;
}
#ifdef WITH_SELINUX
- selinux_file_context (dst);
+ if (selinux_file_context (dst) != 0) {
+ return -1;
+ }
#endif /* WITH_SELINUX */
ofd = open (dst, O_WRONLY | O_CREAT | O_TRUNC, statp->st_mode & 07777);
if ( (ofd < 0)
*/
/* local function prototypes */
-static void usage (int);
+static /*@noreturn@*/void usage (int);
#ifndef USE_PAM
-static int reuse (const char *, const struct passwd *);
+static bool reuse (const char *, const struct passwd *);
static int new_password (const struct passwd *);
static void check_password (const struct passwd *, const struct spwd *);
-static char *insert_crypt_passwd (const char *, const char *);
#endif /* !USE_PAM */
-static char *date_to_str (time_t);
-static const char *pw_status (const char *);
+static /*@observer@*/const char *date_to_str (time_t);
+static /*@observer@*/const char *pw_status (const char *);
static void print_status (const struct passwd *);
-static void fail_exit (int);
-static void oom (void);
+static /*@noreturn@*/void fail_exit (int);
+static /*@noreturn@*/void oom (void);
static char *update_crypt_pw (char *);
static void update_noshadow (void);
/*
* usage - print command usage and exit
*/
-static void usage (int status)
+static /*@noreturn@*/void usage (int status)
{
+ (void)
fputs (_("Usage: passwd [options] [LOGIN]\n"
"\n"
"Options:\n"
}
#ifndef USE_PAM
-static int reuse (const char *pass, const struct passwd *pw)
+static bool reuse (const char *pass, const struct passwd *pw)
{
#ifdef HAVE_LIBCRACK_HIST
const char *reason;
reason = FascistHistory (pass, pw->pw_uid);
#endif /* !HAVE_LIBCRACK_PW */
if (NULL != reason) {
- printf (_("Bad password: %s. "), reason);
- return 1;
+ (void) printf (_("Bad password: %s. "), reason);
+ return true;
}
#endif /* HAVE_LIBCRACK_HIST */
- return 0;
+ return false;
}
/*
char orig[200]; /* Original password */
char pass[200]; /* New password */
int i; /* Counter for retries */
- int warned;
+ bool warned;
int pass_max_len = -1;
const char *method;
* password.
*/
- if (!amroot && crypt_passwd[0]) {
+ if (!amroot && ('\0' != crypt_passwd[0])) {
clear = getpass (_("Old password: "));
if (NULL == clear) {
return -1;
cipher = pw_encrypt (clear, crypt_passwd);
if (strcmp (cipher, crypt_passwd) != 0) {
+ strzero (clear);
+ strzero (cipher);
SYSLOG ((LOG_WARN, "incorrect password for %s",
- pw->pw_name));
- sleep (1);
- fprintf (stderr,
- _("Incorrect password for %s.\n"),
- pw->pw_name);
+ pw->pw_name));
+ (void) sleep (1);
+ (void) fprintf (stderr,
+ _("Incorrect password for %s.\n"),
+ pw->pw_name);
return -1;
}
STRFCPY (orig, clear);
}
if (!qflg) {
if (pass_max_len == -1) {
- printf (_(
+ (void) printf (_(
"Enter the new password (minimum of %d characters)\n"
"Please use a combination of upper and lower case letters and numbers.\n"),
getdef_num ("PASS_MIN_LEN", 5));
} else {
- printf (_(
+ (void) printf (_(
"Enter the new password (minimum of %d, maximum of %d characters)\n"
"Please use a combination of upper and lower case letters and numbers.\n"),
getdef_num ("PASS_MIN_LEN", 5), pass_max_len);
}
}
- warned = 0;
+ warned = false;
for (i = getdef_num ("PASS_CHANGE_TRIES", 5); i > 0; i--) {
cp = getpass (_("New password: "));
if (NULL == cp) {
return -1;
}
if (warned && (strcmp (pass, cp) != 0)) {
- warned = 0;
+ warned = false;
}
STRFCPY (pass, cp);
strzero (cp);
if (!amroot && (!obscure (orig, pass, pw) || reuse (pass, pw))) {
- puts (_("Try again."));
+ (void) puts (_("Try again."));
continue;
}
*/
if (amroot && !warned && getdef_bool ("PASS_ALWAYS_WARN")
&& (!obscure (orig, pass, pw) || reuse (pass, pw))) {
- puts (_("\nWarning: weak password (enter it again to use it anyway)."));
- warned++;
+ (void) puts (_("\nWarning: weak password (enter it again to use it anyway)."));
+ warned = true;
continue;
}
cp = getpass (_("Re-enter new password: "));
return -1;
}
if (strcmp (cp, pass) != 0) {
- fputs (_("They don't match; try again.\n"), stderr);
+ (void) fputs (_("They don't match; try again.\n"), stderr);
} else {
strzero (cp);
break;
|| (exp_status > 1)
|| ( (sp->sp_max >= 0)
&& (sp->sp_min > sp->sp_max))) {
- fprintf (stderr,
- _("The password for %s cannot be changed.\n"),
- sp->sp_namp);
+ (void) fprintf (stderr,
+ _("The password for %s cannot be changed.\n"),
+ sp->sp_namp);
SYSLOG ((LOG_WARN, "password locked for '%s'", sp->sp_namp));
closelog ();
exit (E_NOPERM);
ok = last + (sp->sp_min > 0 ? sp->sp_min * SCALE : 0);
if (now < ok) {
- fprintf (stderr,
- _("The password for %s cannot be changed yet.\n"),
- pw->pw_name);
+ (void) fprintf (stderr,
+ _("The password for %s cannot be changed yet.\n"),
+ pw->pw_name);
SYSLOG ((LOG_WARN, "now < minimum age for '%s'", pw->pw_name));
closelog ();
exit (E_NOPERM);
}
}
}
-
-/*
- * insert_crypt_passwd - add an "old-style" password to authentication
- * string result now malloced to avoid overflow, just in case. --marekm
- */
-static char *insert_crypt_passwd (const char *string, const char *passwd)
-{
- return xstrdup (passwd);
-}
#endif /* !USE_PAM */
-static char *date_to_str (time_t t)
+static /*@observer@*/const char *date_to_str (time_t t)
{
static char buf[80];
struct tm *tm;
tm = gmtime (&t);
#ifdef HAVE_STRFTIME
- strftime (buf, sizeof buf, "%m/%d/%Y", tm);
+ (void) strftime (buf, sizeof buf, "%m/%d/%Y", tm);
#else /* !HAVE_STRFTIME */
- snprintf (buf, sizeof buf, "%02d/%02d/%04d",
- tm->tm_mon + 1, tm->tm_mday, tm->tm_year + 1900);
+ (void) snprintf (buf, sizeof buf, "%02d/%02d/%04d",
+ tm->tm_mon + 1, tm->tm_mday, tm->tm_year + 1900);
#endif /* !HAVE_STRFTIME */
return buf;
}
-static const char *pw_status (const char *pass)
+static /*@observer@*/const char *pw_status (const char *pass)
{
if (*pass == '*' || *pass == '!') {
return "L";
sp = getspnam (pw->pw_name); /* local, no need for xgetspnam */
if (NULL != sp) {
- printf ("%s %s %s %ld %ld %ld %ld\n",
- pw->pw_name,
- pw_status (sp->sp_pwdp),
- date_to_str (sp->sp_lstchg * SCALE),
- (sp->sp_min * SCALE) / DAY,
- (sp->sp_max * SCALE) / DAY,
- (sp->sp_warn * SCALE) / DAY,
- (sp->sp_inact * SCALE) / DAY);
+ (void) printf ("%s %s %s %ld %ld %ld %ld\n",
+ pw->pw_name,
+ pw_status (sp->sp_pwdp),
+ date_to_str (sp->sp_lstchg * SCALE),
+ (sp->sp_min * SCALE) / DAY,
+ (sp->sp_max * SCALE) / DAY,
+ (sp->sp_warn * SCALE) / DAY,
+ (sp->sp_inact * SCALE) / DAY);
} else {
- printf ("%s %s\n", pw->pw_name, pw_status (pw->pw_passwd));
+ (void) printf ("%s %s\n",
+ pw->pw_name, pw_status (pw->pw_passwd));
}
}
-static void fail_exit (int status)
+static /*@noreturn@*/void fail_exit (int status)
{
if (pw_locked) {
if (pw_unlock () == 0) {
- fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ (void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
/* continue */
}
if (spw_locked) {
if (spw_unlock () == 0) {
- fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ (void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
/* continue */
}
exit (status);
}
-static void oom (void)
+static /*@noreturn@*/void oom (void)
{
- fprintf (stderr, _("%s: out of memory\n"), Prog);
+ (void) fprintf (stderr, _("%s: out of memory\n"), Prog);
fail_exit (E_FAILURE);
}
{
#ifndef USE_PAM
if (do_update_pwd) {
- cp = insert_crypt_passwd (cp, crypt_passwd);
+ cp = xstrdup (crypt_passwd);
}
#endif /* !USE_PAM */
if (uflg && *cp == '!') {
if (cp[1] == '\0') {
- fprintf (stderr,
- _("%s: unlocking the password would result in a passwordless account.\n"
- "You should set a password with usermod -p to unlock the password of this account.\n"),
- Prog);
+ (void) fprintf (stderr,
+ _("%s: unlocking the password would result in a passwordless account.\n"
+ "You should set a password with usermod -p to unlock the password of this account.\n"),
+ Prog);
fail_exit (E_FAILURE);
} else {
cp++;
struct passwd *npw;
if (pw_lock () == 0) {
- fprintf (stderr,
- _("%s: cannot lock %s; try again later.\n"),
- Prog, pw_dbname ());
+ (void) fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
exit (E_PWDBUSY);
}
pw_locked = true;
if (pw_open (O_RDWR) == 0) {
- fprintf (stderr,
- _("%s: cannot open %s\n"),
- Prog, pw_dbname ());
+ (void) fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, pw_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
fail_exit (E_MISSING);
}
pw = pw_locate (name);
if (NULL == pw) {
- fprintf (stderr,
- _("%s: user '%s' does not exist in %s\n"),
- Prog, name, pw_dbname ());
+ (void) fprintf (stderr,
+ _("%s: user '%s' does not exist in %s\n"),
+ Prog, name, pw_dbname ());
fail_exit (E_NOPERM);
}
npw = __pw_dup (pw);
}
npw->pw_passwd = update_crypt_pw (npw->pw_passwd);
if (pw_update (npw) == 0) {
- fprintf (stderr,
- _("%s: failed to prepare the new %s entry '%s'\n"),
- Prog, pw_dbname (), npw->pw_name);
+ (void) fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, pw_dbname (), npw->pw_name);
fail_exit (E_FAILURE);
}
if (pw_close () == 0) {
- fprintf (stderr,
- _("%s: failure while writing changes to %s\n"),
- Prog, pw_dbname ());
+ (void) fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, pw_dbname ());
SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
fail_exit (E_FAILURE);
}
if (pw_unlock () == 0) {
- fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ (void) fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, pw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
/* continue */
}
struct spwd *nsp;
if (spw_lock () == 0) {
- fprintf (stderr,
- _("%s: cannot lock %s; try again later.\n"),
- Prog, spw_dbname ());
+ (void) fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, spw_dbname ());
exit (E_PWDBUSY);
}
spw_locked = true;
if (spw_open (O_RDWR) == 0) {
- fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ());
+ (void) fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, spw_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", spw_dbname ()));
fail_exit (E_FAILURE);
}
(void) spw_close ();
update_noshadow ();
if (spw_unlock () == 0) {
- fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ (void) fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, spw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
/* continue */
}
}
if (spw_update (nsp) == 0) {
- fprintf (stderr,
- _("%s: failed to prepare the new %s entry '%s'\n"),
- Prog, spw_dbname (), nsp->sp_namp);
+ (void) fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, spw_dbname (), nsp->sp_namp);
fail_exit (E_FAILURE);
}
if (spw_close () == 0) {
- fprintf (stderr,
- _("%s: failure while writing changes to %s\n"),
- Prog, spw_dbname ());
+ (void) fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, spw_dbname ());
SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
fail_exit (E_FAILURE);
}
if (spw_unlock () == 0) {
- fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ (void) fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, spw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
/* continue */
}
case 'w':
if ( (getlong (optarg, &warn) == 0)
|| (warn < -1)) {
- fprintf (stderr,
- _("%s: invalid numeric argument '%s'\n"),
- Prog, optarg);
+ (void) fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
usage (E_BAD_ARG);
}
wflg = true;
case 'x':
if ( (getlong (optarg, &age_max) == 0)
|| (age_max < -1)) {
- fprintf (stderr,
- _("%s: invalid numeric argument '%s'\n"),
- Prog, optarg);
+ (void) fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
usage (E_BAD_ARG);
}
xflg = true;
break;
case 'h':
usage (E_SUCCESS);
- break;
+ /*@notreached@*/break;
default:
usage (E_BAD_ARG);
}
*/
pw = get_my_pwent ();
if (NULL == pw) {
- fprintf (stderr,
- _("%s: Cannot determine your user name.\n"), Prog);
+ (void) fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
(unsigned long) getuid ()));
exit (E_NOPERM);
usage (E_USAGE);
}
if (!amroot) {
- fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+ (void) fprintf (stderr,
+ _("%s: Permission denied.\n"),
+ Prog);
exit (E_NOPERM);
}
setpwent ();
}
if (anyflag && !amroot) {
- fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+ (void) fprintf (stderr, _("%s: Permission denied.\n"), Prog);
exit (E_NOPERM);
}
pw = xgetpwnam (name);
if (NULL == pw) {
- fprintf (stderr, _("%s: user '%s' does not exist\n"), Prog, name);
+ (void) fprintf (stderr,
+ _("%s: user '%s' does not exist\n"),
+ Prog, name);
exit (E_NOPERM);
}
#ifdef WITH_SELINUX
security_context_t user_context = NULL;
const char *user = "Unknown user context";
if (getprevcon (&user_context) == 0) {
- user = user_context;
+ user = user_context; /* FIXME: use context_user_get? */
}
SYSLOG ((LOG_ALERT,
"%s is not authorized to change the password of %s",
user, name));
- fprintf(stderr,
- _("%s: %s is not authorized to change the password of %s\n"),
- Prog, user, name);
+ (void) fprintf(stderr,
+ _("%s: %s is not authorized to change the password of %s\n"),
+ Prog, user, name);
if (NULL != user_context) {
freecon (user_context);
}
* check if I'm root.
*/
if (!amroot && (pw->pw_uid != getuid ())) {
- fprintf (stderr,
- _("%s: You may not view or modify password information for %s.\n"),
- Prog, name);
+ (void) fprintf (stderr,
+ _("%s: You may not view or modify password information for %s.\n"),
+ Prog, name);
SYSLOG ((LOG_WARN,
- "%s: can't view or modify password information for %s",
- Prog, name));
+ "%s: can't view or modify password information for %s",
+ Prog, name));
closelog ();
exit (E_NOPERM);
}
* Let the user know whose password is being changed.
*/
if (!qflg) {
- printf (_("Changing password for %s\n"), name);
+ (void) printf (_("Changing password for %s\n"), name);
}
- if (new_password (pw)) {
- fprintf (stderr,
- _("The password for %s is unchanged.\n"),
- name);
+ if (new_password (pw) != 0) {
+ (void) fprintf (stderr,
+ _("The password for %s is unchanged.\n"),
+ name);
closelog ();
exit (E_NOPERM);
}
}
#endif /* USE_PAM */
if (setuid (0) != 0) {
- fputs (_("Cannot change ID to root.\n"), stderr);
+ (void) fputs (_("Cannot change ID to root.\n"), stderr);
SYSLOG ((LOG_ERR, "can't setuid(0)"));
closelog ();
exit (E_NOPERM);
if (!qflg) {
if (!anyflag) {
#ifndef USE_PAM
- printf (_("%s: password changed.\n"), Prog);
+ (void) printf (_("%s: password changed.\n"), Prog);
#endif /* USE_PAM */
} else {
- printf (_("%s: password expiry information changed.\n"), Prog);
+ (void) printf (_("%s: password expiry information changed.\n"), Prog);
}
}
projects / shadow / commitdiff