annotations.
* src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
Ignore return value of spw_rewind, pw_rewind, sgr_rewind, and
gr_rewind.
* lib/commonio.h: Both head and tail cannot be owned. Set tail as
dependent.
* src/expiry.c: Ignore return value of expire ().
* src/expiry.c: The catch_signals function does not use its sig
parameter.
* src/userdel.c: Last audit_logger parameter is a
shadow_audit_result, use SHADOW_AUDIT_FAILURE instead of 0.
+2011-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/root_flag.c, src/gpasswd.c, src/chsh.c: Add splint
+ annotations.
+ * src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
+ Ignore return value of spw_rewind, pw_rewind, sgr_rewind, and
+ gr_rewind.
+ * lib/commonio.h: Both head and tail cannot be owned. Set tail as
+ dependent.
+ * src/expiry.c: Ignore return value of expire ().
+ * src/expiry.c: The catch_signals function does not use its sig
+ parameter.
+ * src/userdel.c: Last audit_logger parameter is a
+ shadow_audit_result, use SHADOW_AUDIT_FAILURE instead of 0.
+
2011-11-19 Nicolas François <nicolas.francois@centraliens.net>
* src/faillog.c: The fail_max field is a short, use a short also
/*
* Head, tail, current position in linked list.
*/
- /*@owned@*/ /*@null@*/struct commonio_entry *head, *tail;
+ /*@owned@*/ /*@null@*/struct commonio_entry *head;
+ /*@dependent@*/ /*@null@*/struct commonio_entry *tail;
/*@dependent@*/ /*@null@*/struct commonio_entry *cursor;
/*
#include <assert.h>
#include "defines.h"
#include "prototypes.h"
+/*@-exitarg@*/
#include "exitcodes.h"
static void change_root (const char* newroot);
/* external identifiers */
/* local function prototypes */
-static void fail_exit (int code);
-static void usage (int status);
+static /*@noreturn@*/void fail_exit (int code);
+static /*@noreturn@*/void usage (int status);
static void new_fields (void);
static bool shell_is_listed (const char *);
static bool is_restricted_shell (const char *);
/*
* fail_exit - do some cleanup and exit with the given error code
*/
-static void fail_exit (int code)
+static /*@noreturn@*/void fail_exit (int code)
{
if (pw_locked) {
if (pw_unlock () == 0) {
/*
* usage - print command line syntax and exit
*/
-static void usage (int status)
+static /*@noreturn@*/void usage (int status)
{
FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
(void) fprintf (usageout,
switch (c) {
case 'h':
usage (E_SUCCESS);
- break;
+ /*@notreached@*/break;
case 'R': /* no-op, handled in process_root_flag () */
break;
case 's':
static bool cflg = false;
/* local function prototypes */
-static RETSIGTYPE catch_signals (int);
+static RETSIGTYPE catch_signals (unused int sig);
static /*@noreturn@*/void usage (int status);
static void process_flags (int argc, char **argv);
* do.
* It won't return unless the account is unexpired.
*/
- expire (pwd, spwd);
+ (void) expire (pwd, spwd);
return E_SUCCESS;
}
static void change_passwd (struct group *gr);
#endif
static void log_gpasswd_failure (const char *suffix);
-static void log_gpasswd_failure_system (unused void *arg);
-static void log_gpasswd_failure_group (unused void *arg);
+static void log_gpasswd_failure_system (/*@null@*/unused void *arg);
+static void log_gpasswd_failure_group (/*@null@*/unused void *arg);
#ifdef SHADOWGRP
-static void log_gpasswd_failure_gshadow (unused void *arg);
+static void log_gpasswd_failure_gshadow (/*@null@*/unused void *arg);
#endif
static void log_gpasswd_success (const char *suffix);
-static void log_gpasswd_success_system (unused void *arg);
-static void log_gpasswd_success_group (unused void *arg);
+static void log_gpasswd_success_system (/*@null@*/unused void *arg);
+static void log_gpasswd_success_group (/*@null@*/unused void *arg);
/*
* usage - display usage message
*/
static bool is_valid_user_list (const char *users)
{
- char *username, *end;
+ const char *username;
+ char *end;
bool is_valid = true;
- char *tmpusers = xstrdup (users);
+ /*@owned@*/char *tmpusers = xstrdup (users);
for (username = tmpusers;
(NULL != username) && ('\0' != *username);
/*
* Remove /etc/gshadow entries for groups not in /etc/group.
*/
- sgr_rewind ();
+ (void) sgr_rewind ();
while ((sg = sgr_next ()) != NULL) {
if (gr_locate (sg->sg_name) != NULL) {
continue;
* Update shadow group passwords if non-shadow password is not "x".
* Add any missing shadow group entries.
*/
- gr_rewind ();
+ (void) gr_rewind ();
while ((gr = gr_next ()) != NULL) {
sg = sgr_locate (gr->gr_name);
if (NULL != sg) {
/*
* Update group passwords if non-shadow password is "x".
*/
- gr_rewind ();
+ (void) gr_rewind ();
while ((gr = gr_next ()) != NULL) {
sg = sgr_locate (gr->gr_name);
if ( (NULL != sg)
/*
* Remove /etc/shadow entries for users not in /etc/passwd.
*/
- spw_rewind ();
+ (void) spw_rewind ();
while ((sp = spw_next ()) != NULL) {
if (pw_locate (sp->sp_namp) != NULL) {
continue;
* Update shadow entries which don't have "x" as pw_passwd. Add any
* missing shadow entries.
*/
- pw_rewind ();
+ (void) pw_rewind ();
while ((pw = pw_next ()) != NULL) {
sp = spw_locate (pw->pw_name);
if (NULL != sp) {
fail_exit (1);
}
- pw_rewind ();
+ (void) pw_rewind ();
while ((pw = pw_next ()) != NULL) {
spwd = spw_locate (pw->pw_name);
if (NULL == spwd) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
"removing SELinux user mapping",
- user_name, (unsigned int) user_id, 0);
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_SE_UPDATE);
}
projects / shadow / commitdiff