[apparmor] [PATCH] clean up many warnings

[Kees Cook]

This cleans up warnings all over the code, removes dead code, switches out
uses of RPM for lsb-release, etc.


=== modified file 'libraries/libapparmor/src/change_hat.c'
--- libraries/libapparmor/src/change_hat.c	2010-02-11 23:38:24 +0000
+++ libraries/libapparmor/src/change_hat.c	2010-07-24 11:58:58 +0000
@@ -194,7 +194,7 @@
 	/* setup command string which is of the form
 	 * changehat <token>^hat1\0hat2\0hat3\0..\0
 	 */
-	sprintf(buf, "%s %016x^", cmd, token);
+	sprintf(buf, "%s %016lx^", cmd, token);
 	pos = buf + strlen(buf);
 	if (subprofiles) {
 		for (hats = subprofiles; *hats; hats++) {

=== modified file 'libraries/libapparmor/src/grammar.y'
--- libraries/libapparmor/src/grammar.y	2010-07-24 11:58:32 +0000
+++ libraries/libapparmor/src/grammar.y	2010-07-24 11:58:58 +0000
@@ -377,7 +377,8 @@
 
 audit_id: TOK_AUDIT TOK_OPEN_PAREN TOK_AUDIT_DIGITS TOK_PERIOD TOK_AUDIT_DIGITS TOK_COLON TOK_AUDIT_DIGITS TOK_CLOSE_PAREN TOK_COLON
 	{
-		asprintf(&ret_record->audit_id, "%s.%s:%s", $3, $5, $7);
+		if (!asprintf(&ret_record->audit_id, "%s.%s:%s", $3, $5, $7))
+			yyerror(scanner, YY_("Out of memory"));
 		ret_record->epoch = atol($3);
 		ret_record->audit_sub_id = atoi($7);
 		free($3);

=== modified file 'libraries/libapparmor/src/libaalogparse.c'
--- libraries/libapparmor/src/libaalogparse.c	2010-07-24 11:58:32 +0000
+++ libraries/libapparmor/src/libaalogparse.c	2010-07-24 11:58:58 +0000
@@ -153,7 +153,8 @@
 	if (current->protocol_name) {
 		ret = strdup(current->protocol_name);
 	} else {
-		asprintf(&ret, "unknown(%u)", proto);
+		if (!asprintf(&ret, "unknown(%u)", proto))
+			ret = NULL;
 	}
 
 	return ret;

=== modified file 'common/Make.rules'
--- common/Make.rules	2010-03-11 07:07:29 +0000
+++ common/Make.rules	2010-07-24 12:36:09 +0000
@@ -48,7 +48,7 @@
 		    echo "/tmp/${NAME}"  ; \
 		  fi ;)
 endif
-RPMHOSTVENDOR=$(shell rpm --eval "%{_host_vendor}")
+RPMHOSTVENDOR=$(shell which rpm && rpm --eval "%{_host_vendor}")
 ifndef DISTRO
 DISTRO=$(shell if [ -f /etc/slackware-version ] ; then \
 		  echo slackware ; \
@@ -92,22 +92,16 @@
 ifndef SPECFILE
 SPECFILE        = $(NAME).spec
 endif
-RELEASE = $(shell rpm -q --specfile --define "_sourcedir ." ${RPMARG} --qf "%{RELEASE}" ${SPECFILE})
+RELEASE		= $(shell lsb_release -is) $(shell lsb_release -rs)
 RELEASE_DIR	= $(NAME)-$(VERSION)
 TARBALL		= $(NAME)-$(VERSION)-${REPO_VERSION}.tar.gz
 TAR		= /bin/tar czvp -h --exclude .svn --exclude CVS --exclude .cvsignore --exclude ${TARBALL} --exclude ${RELEASE_DIR}/${RELEASE_DIR}  $(shell test -f ${NAME}.exclude && echo "-X ${NAME}.exclude")
 LDCONFIG	= /sbin/ldconfig
 
-CVSPKG_VERSION=$(shell rpm -q --specfile --define "_sourcedir ." ${RPMARG} ${SPECFILE} | head -1 | tr "." "_")
-
 RPMSUBDIRS=SOURCES SPECS BUILD BUILDROOT SRPMS RPMS/i386 RPMS/i586 \
         RPMS/i686 RPMS/athlon RPMS/noarch RPMS/x86_64
 BUILDRPMSUBDIRS=$(foreach subdir, $(RPMSUBDIRS), $(BUILDDIR:/=)/$(subdir))
 
-.PHONY: cvs_tag
-cvs_tag:
-	cvs tag IMMUNIX-${CVSPKG_VERSION}
-
 .PHONY: checkin
 checkin:
 	if cvs -q up -d | grep -q "^\?" ; then echo "Hey! You have" \

=== modified file 'libraries/libapparmor/src/scanner.l'
--- libraries/libapparmor/src/scanner.l	2010-07-24 10:43:53 +0000
+++ libraries/libapparmor/src/scanner.l	2010-07-24 12:36:09 +0000
@@ -31,6 +31,8 @@
 
 #include <assert.h>
 
+#define YY_NO_INPUT
+
 unsigned int string_buf_alloc = 0;
 unsigned int string_buf_len = 0;
 char *string_buf = NULL;

=== modified file 'parser/parser_interface.c'
--- parser/parser_interface.c	2010-06-26 20:13:52 +0000
+++ parser/parser_interface.c	2010-07-24 12:36:09 +0000
@@ -816,7 +816,7 @@
 int cache_fd = -1;
 int sd_serialize_codomain(int option, struct codomain *cod)
 {
-	int fd;
+	int fd = -1;
 	int error = -ENOMEM, size, wsize;
 	sd_serialize *work_area;
 	char *filename = NULL;
@@ -984,7 +984,7 @@
 
 int sd_load_buffer(int option, char *buffer, int size)
 {
-	int fd;
+	int fd = -1;
 	int error = -ENOMEM, wsize, bsize;
 	char *filename = NULL;
 	char *b;

=== modified file 'parser/parser_lex.l'
--- parser/parser_lex.l	2010-06-26 20:13:52 +0000
+++ parser/parser_lex.l	2010-07-24 12:36:09 +0000
@@ -51,6 +51,8 @@
 
 #define DUMP_PREPROCESS do { if (preprocess_only) ECHO; } while (0)
 
+#define YY_NO_INPUT
+
 int current_lineno     = 1;
 char *current_filename = NULL;
 

=== modified file 'parser/parser_main.c'
--- parser/parser_main.c	2010-07-23 11:29:35 +0000
+++ parser/parser_main.c	2010-07-24 12:36:09 +0000
@@ -38,6 +38,8 @@
 
 #include <unistd.h>
 #include <sys/sysctl.h>
+#include <sys/types.h>
+#include <sys/stat.h>
 
 #include "parser.h"
 #include "parser_version.h"

=== modified file 'parser/parser_misc.c'
--- parser/parser_misc.c	2010-03-09 04:38:54 +0000
+++ parser/parser_misc.c	2010-07-24 12:36:09 +0000
@@ -35,8 +35,10 @@
 
 /* #define DEBUG */
 #ifdef DEBUG
+#undef PDEBUG
 #define PDEBUG(fmt, args...) printf("Lexer: " fmt, ## args)
 #else
+#undef PDEBUG
 #define PDEBUG(fmt, args...)	/* Do nothing */
 #endif
 #define NPDEBUG(fmt, args...)	/* Do nothing */
@@ -102,7 +104,7 @@
 };
 
 /* for alpha matches, check for keywords */
-static int get_table_token(const char *name, struct keyword_table *table,
+static int get_table_token(const char *name __unused, struct keyword_table *table,
 			   const char *keyword)
 {
 	int i;
@@ -142,42 +144,6 @@
 	return get_table_token("rlimit", rlimit_table, name);
 }
 
-static struct keyword_table address_family[] = {
-/*	{"unix",	AF_UNIX},
-	{"local",	AF_LOCAL},	*/
-	{"inet",	AF_INET},
-/*	{"ax25",	AF_AX25},
-	{"ipx",		AF_IPX},
-	{"appletalk",	AF_APPLETALK},
-	{"netrom",	AF_NETROM},
-	{"bridge",	AF_BRIDGE},
-	{"atmpvc",	AF_ATMPVC},
-	{"x25",		AF_X25}, */
-	{"inet6",	AF_INET6},
-/*	{"rose",	AF_ROSE},
-	{"decnet",	AF_DECnet},
-	{"netbeui",	AF_NETBEUI},
-	{"security",	AF_SECURITY},
-	{"key",		AF_KEY},
-	{"netlink",	AF_NETLINK},
-	{"route",	AF_ROUTE},
-	{"packet",	AF_PACKET},
-	{"ash",		AF_ASH},
-	{"econet",	AF_ECONET},
-	{"atmsvc",	AF_ATMSVC},
-	{"sna",		AF_SNA},
-	{"irda",	AF_IRDA},
-	{"pppox",	AF_PPPOX},
-	{"wanpipe",	AF_WANPIPE},
-	{"llc",		AF_LLC},
-	{"tipc",	AF_TIPC},
-	{"bluetooth",	AF_BLUETOOTH},
-	{"iucv",	AF_IUCV},
-	{"rxrpc",	AF_RXRPC}, */
-	/* terminate */
-	{NULL, 0}
-};
-
 struct network_tuple {
 	char *family_name;
 	unsigned int family;
@@ -462,7 +428,7 @@
 	}
 }
 
-static int parse_sub_mode(const char *str_mode, const char *mode_desc)
+static int parse_sub_mode(const char *str_mode, const char *mode_desc __unused)
 {
 
 #define IS_DIFF_QUAL(mode, q) (((mode) & AA_MAY_EXEC) && (((mode) & AA_EXEC_TYPE) != ((q) & AA_EXEC_TYPE)))

=== modified file 'parser/parser_symtab.c'
--- parser/parser_symtab.c	2010-03-12 22:41:58 +0000
+++ parser/parser_symtab.c	2010-07-24 12:36:09 +0000
@@ -425,10 +425,13 @@
 
 			for (ref_item = ref->expanded; ref_item; ref_item = ref_item->next) {
 				char *expanded_string;
-				asprintf(&expanded_string, "%s%s%s",
+				if (!asprintf(&expanded_string, "%s%s%s",
 					 split->prefix ?  split->prefix : "",
 					 ref_item->val,
-					 split->suffix ?  split->suffix : "");
+					 split->suffix ?  split->suffix : "")) {
+					PERROR("Out of memory\n");
+					exit(1);
+				}
 				add_to_set(&work_list, expanded_string);
 				free(expanded_string);
 			}

=== modified file 'parser/parser_yacc.y'
--- parser/parser_yacc.y	2010-06-05 01:57:01 +0000
+++ parser/parser_yacc.y	2010-07-24 12:36:09 +0000
@@ -412,7 +412,7 @@
 
 flagval:	TOK_FLAG_ID
 	{
-		struct flagval fv = {0, 0, 0};
+		struct flagval fv = { 0, 0, 0, 0 };
 		if (strcmp($1, "debug") == 0) {
 			yyerror(_("Profile flag 'debug' is no longer valid."));
 		} else if (strcmp($1, "complain") == 0) {


-- 
Kees Cook
Ubuntu Security Team