From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Sat, 13 Aug 2011 16:29:52 +0000 (-0400)
Subject: Fix some potential problems found by the clang static analyzer, none
X-Git-Tag: SUDO_1_7_7~26
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=35ab5481290274efa70f403943766d0c46f904d3;p=sudo

Fix some potential problems found by the clang static analyzer, none
serious.

--HG--
branch : 1.7
---

diff --git a/check.c b/check.c
index df44bfca7..035d4b6bc 100644
--- a/check.c
+++ b/check.c
@@ -659,7 +659,8 @@ remove_timestamp(remove)
 		    path, strerror(errno));
 		remove = FALSE;
 	    }
-	} else {
+	}
+	if (!remove) {
 	    timevalclear(&tv);
 	    if (touch(-1, path, &tv) == -1 && errno != ENOENT)
 		error(1, "can't reset %s to Epoch", path);
diff --git a/ldap.c b/ldap.c
index 3097af7da..d26e45812 100644
--- a/ldap.c
+++ b/ldap.c
@@ -2141,7 +2141,7 @@ sudo_ldap_setdefs(nss)
 	}
 	result = NULL;
 	rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE,
-	    filt, NULL, 0, NULL, NULL, NULL, 0, &result);
+	    filt, NULL, 0, NULL, NULL, tvp, 0, &result);
 	if (rc == LDAP_SUCCESS && (entry = ldap_first_entry(ld, result))) {
 	    DPRINTF(("found:%s", ldap_get_dn(ld, entry)), 1);
 	    sudo_ldap_parse_options(ld, entry);
@@ -2168,7 +2168,7 @@ sudo_ldap_lookup(nss, ret, pwflag)
     struct sudo_ldap_handle *handle = nss->handle;
     LDAP *ld;
     LDAPMessage *entry;
-    int i, rc, setenv_implied, matched = UNSPEC;
+    int i, rc, setenv_implied;
     struct ldap_result *lres = NULL;
 
     if (handle == NULL || handle->ld == NULL)
@@ -2183,11 +2183,12 @@ sudo_ldap_lookup(nss, ret, pwflag)
      * password is required, so the order of the entries doesn't matter.
      */
     if (pwflag) {
-	DPRINTF(("perform search for pwflag %d", pwflag), 1);
 	int doauth = UNSPEC;
+	int matched = UNSPEC;
 	enum def_tupple pwcheck = 
 	    (pwflag == -1) ? never : sudo_defs_table[pwflag].sd_un.tuple;
 
+	DPRINTF(("perform search for pwflag %d", pwflag), 1);
 	for (i = 0; i < lres->nentries; i++) {
 	    entry = lres->entries[i].entry;
 	    if ((pwcheck == any && doauth != FALSE) ||
@@ -2237,7 +2238,6 @@ sudo_ldap_lookup(nss, ret, pwflag)
 	if (rc != UNSPEC) {
 	    /* We have a match. */
 	    DPRINTF(("Command %sallowed", rc == TRUE ? "" : "NOT "), 1);
-	    matched = TRUE;
 	    if (rc == TRUE) {
 		DPRINTF(("LDAP entry: %p", entry), 1);
 		/* Apply entry-specific options. */
@@ -2447,7 +2447,7 @@ sudo_ldap_result_get(nss, pw)
 	    }
 	    result = NULL;
 	    rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, filt,
-		NULL, 0, NULL, NULL, NULL, 0, &result);
+		NULL, 0, NULL, NULL, tvp, 0, &result);
 	    if (rc != LDAP_SUCCESS) {
 		DPRINTF(("nothing found for '%s'", filt), 1);
 		continue;
diff --git a/parse.c b/parse.c
index acf8e5fdc..1da7d0a02 100644
--- a/parse.c
+++ b/parse.c
@@ -526,34 +526,29 @@ display_bound_defaults(dtype, lbuf)
 {
     struct defaults *d;
     struct member *m, *binding = NULL;
-    char *dname, *dsep;
+    char *dsep;
     int atype, nfound = 0;
 
     switch (dtype) {
 	case DEFAULTS_HOST:
 	    atype = HOSTALIAS;
-	    dname = "host";
 	    dsep = "@";
 	    break;
 	case DEFAULTS_USER:
 	    atype = USERALIAS;
-	    dname = "user";
 	    dsep = ":";
 	    break;
 	case DEFAULTS_RUNAS:
 	    atype = RUNASALIAS;
-	    dname = "runas";
 	    dsep = ">";
 	    break;
 	case DEFAULTS_CMND:
 	    atype = CMNDALIAS;
-	    dname = "cmnd";
 	    dsep = "!";
 	    break;
 	default:
 	    return -1;
     }
-    /* printf("Per-%s Defaults entries:\n", dname); */
     tq_foreach_fwd(&defaults, d) {
 	if (d->type != dtype)
 	    continue;
diff --git a/toke.c b/toke.c
index 849695a46..344eb7c05 100644
--- a/toke.c
+++ b/toke.c
@@ -4,7 +4,7 @@
 /* A lexical scanner generated by flex */
 
 /* Scanner skeleton version:
- * $Header: /home/cvs/openbsd/src/usr.bin/lex/flex.skl,v 1.11 2010/08/04 18:24:50 millert Exp $
+ * $Header: /cvs/src/usr.bin/lex/flex.skl,v 1.11 2010/08/04 18:24:50 millert Exp $
  */
 
 #define FLEX_SCANNER
@@ -3615,8 +3615,10 @@ parse_include(base)
 
     /* Make a copy of path and return it. */
     len += (int)(ep - cp);
-    if ((path = malloc(len + 1)) == NULL)
+    if ((path = malloc(len + 1)) == NULL) {
 	yyerror("unable to allocate memory");
+	return NULL;
+    }
     if (subst) {
 	/* substitute for %h */
 	char *pp = path;
diff --git a/toke.l b/toke.l
index 7181d3117..b1569b4e9 100644
--- a/toke.l
+++ b/toke.l
@@ -906,8 +906,10 @@ parse_include(base)
 
     /* Make a copy of path and return it. */
     len += (int)(ep - cp);
-    if ((path = malloc(len + 1)) == NULL)
+    if ((path = malloc(len + 1)) == NULL) {
 	yyerror("unable to allocate memory");
+	return NULL;
+    }
     if (subst) {
 	/* substitute for %h */
 	char *pp = path;