[apparmor] [PATCH] clean up many warnings
Kees Cook
kees at ubuntu.com
Mon Jul 26 02:59:14 BST 2010
This cleans up warnings all over the code, removes dead code, switches out
uses of RPM for lsb-release, etc.
=== modified file 'libraries/libapparmor/src/change_hat.c'
--- libraries/libapparmor/src/change_hat.c 2010-02-11 23:38:24 +0000
+++ libraries/libapparmor/src/change_hat.c 2010-07-24 11:58:58 +0000
@@ -194,7 +194,7 @@
/* setup command string which is of the form
* changehat <token>^hat1\0hat2\0hat3\0..\0
*/
- sprintf(buf, "%s %016x^", cmd, token);
+ sprintf(buf, "%s %016lx^", cmd, token);
pos = buf + strlen(buf);
if (subprofiles) {
for (hats = subprofiles; *hats; hats++) {
=== modified file 'libraries/libapparmor/src/grammar.y'
--- libraries/libapparmor/src/grammar.y 2010-07-24 11:58:32 +0000
+++ libraries/libapparmor/src/grammar.y 2010-07-24 11:58:58 +0000
@@ -377,7 +377,8 @@
audit_id: TOK_AUDIT TOK_OPEN_PAREN TOK_AUDIT_DIGITS TOK_PERIOD TOK_AUDIT_DIGITS TOK_COLON TOK_AUDIT_DIGITS TOK_CLOSE_PAREN TOK_COLON
{
- asprintf(&ret_record->audit_id, "%s.%s:%s", $3, $5, $7);
+ if (!asprintf(&ret_record->audit_id, "%s.%s:%s", $3, $5, $7))
+ yyerror(scanner, YY_("Out of memory"));
ret_record->epoch = atol($3);
ret_record->audit_sub_id = atoi($7);
free($3);
=== modified file 'libraries/libapparmor/src/libaalogparse.c'
--- libraries/libapparmor/src/libaalogparse.c 2010-07-24 11:58:32 +0000
+++ libraries/libapparmor/src/libaalogparse.c 2010-07-24 11:58:58 +0000
@@ -153,7 +153,8 @@
if (current->protocol_name) {
ret = strdup(current->protocol_name);
} else {
- asprintf(&ret, "unknown(%u)", proto);
+ if (!asprintf(&ret, "unknown(%u)", proto))
+ ret = NULL;
}
return ret;
=== modified file 'common/Make.rules'
--- common/Make.rules 2010-03-11 07:07:29 +0000
+++ common/Make.rules 2010-07-24 12:36:09 +0000
@@ -48,7 +48,7 @@
echo "/tmp/${NAME}" ; \
fi ;)
endif
-RPMHOSTVENDOR=$(shell rpm --eval "%{_host_vendor}")
+RPMHOSTVENDOR=$(shell which rpm && rpm --eval "%{_host_vendor}")
ifndef DISTRO
DISTRO=$(shell if [ -f /etc/slackware-version ] ; then \
echo slackware ; \
@@ -92,22 +92,16 @@
ifndef SPECFILE
SPECFILE = $(NAME).spec
endif
-RELEASE = $(shell rpm -q --specfile --define "_sourcedir ." ${RPMARG} --qf "%{RELEASE}" ${SPECFILE})
+RELEASE = $(shell lsb_release -is) $(shell lsb_release -rs)
RELEASE_DIR = $(NAME)-$(VERSION)
TARBALL = $(NAME)-$(VERSION)-${REPO_VERSION}.tar.gz
TAR = /bin/tar czvp -h --exclude .svn --exclude CVS --exclude .cvsignore --exclude ${TARBALL} --exclude ${RELEASE_DIR}/${RELEASE_DIR} $(shell test -f ${NAME}.exclude && echo "-X ${NAME}.exclude")
LDCONFIG = /sbin/ldconfig
-CVSPKG_VERSION=$(shell rpm -q --specfile --define "_sourcedir ." ${RPMARG} ${SPECFILE} | head -1 | tr "." "_")
-
RPMSUBDIRS=SOURCES SPECS BUILD BUILDROOT SRPMS RPMS/i386 RPMS/i586 \
RPMS/i686 RPMS/athlon RPMS/noarch RPMS/x86_64
BUILDRPMSUBDIRS=$(foreach subdir, $(RPMSUBDIRS), $(BUILDDIR:/=)/$(subdir))
-.PHONY: cvs_tag
-cvs_tag:
- cvs tag IMMUNIX-${CVSPKG_VERSION}
-
.PHONY: checkin
checkin:
if cvs -q up -d | grep -q "^\?" ; then echo "Hey! You have" \
=== modified file 'libraries/libapparmor/src/scanner.l'
--- libraries/libapparmor/src/scanner.l 2010-07-24 10:43:53 +0000
+++ libraries/libapparmor/src/scanner.l 2010-07-24 12:36:09 +0000
@@ -31,6 +31,8 @@
#include <assert.h>
+#define YY_NO_INPUT
+
unsigned int string_buf_alloc = 0;
unsigned int string_buf_len = 0;
char *string_buf = NULL;
=== modified file 'parser/parser_interface.c'
--- parser/parser_interface.c 2010-06-26 20:13:52 +0000
+++ parser/parser_interface.c 2010-07-24 12:36:09 +0000
@@ -816,7 +816,7 @@
int cache_fd = -1;
int sd_serialize_codomain(int option, struct codomain *cod)
{
- int fd;
+ int fd = -1;
int error = -ENOMEM, size, wsize;
sd_serialize *work_area;
char *filename = NULL;
@@ -984,7 +984,7 @@
int sd_load_buffer(int option, char *buffer, int size)
{
- int fd;
+ int fd = -1;
int error = -ENOMEM, wsize, bsize;
char *filename = NULL;
char *b;
=== modified file 'parser/parser_lex.l'
--- parser/parser_lex.l 2010-06-26 20:13:52 +0000
+++ parser/parser_lex.l 2010-07-24 12:36:09 +0000
@@ -51,6 +51,8 @@
#define DUMP_PREPROCESS do { if (preprocess_only) ECHO; } while (0)
+#define YY_NO_INPUT
+
int current_lineno = 1;
char *current_filename = NULL;
=== modified file 'parser/parser_main.c'
--- parser/parser_main.c 2010-07-23 11:29:35 +0000
+++ parser/parser_main.c 2010-07-24 12:36:09 +0000
@@ -38,6 +38,8 @@
#include <unistd.h>
#include <sys/sysctl.h>
+#include <sys/types.h>
+#include <sys/stat.h>
#include "parser.h"
#include "parser_version.h"
=== modified file 'parser/parser_misc.c'
--- parser/parser_misc.c 2010-03-09 04:38:54 +0000
+++ parser/parser_misc.c 2010-07-24 12:36:09 +0000
@@ -35,8 +35,10 @@
/* #define DEBUG */
#ifdef DEBUG
+#undef PDEBUG
#define PDEBUG(fmt, args...) printf("Lexer: " fmt, ## args)
#else
+#undef PDEBUG
#define PDEBUG(fmt, args...) /* Do nothing */
#endif
#define NPDEBUG(fmt, args...) /* Do nothing */
@@ -102,7 +104,7 @@
};
/* for alpha matches, check for keywords */
-static int get_table_token(const char *name, struct keyword_table *table,
+static int get_table_token(const char *name __unused, struct keyword_table *table,
const char *keyword)
{
int i;
@@ -142,42 +144,6 @@
return get_table_token("rlimit", rlimit_table, name);
}
-static struct keyword_table address_family[] = {
-/* {"unix", AF_UNIX},
- {"local", AF_LOCAL}, */
- {"inet", AF_INET},
-/* {"ax25", AF_AX25},
- {"ipx", AF_IPX},
- {"appletalk", AF_APPLETALK},
- {"netrom", AF_NETROM},
- {"bridge", AF_BRIDGE},
- {"atmpvc", AF_ATMPVC},
- {"x25", AF_X25}, */
- {"inet6", AF_INET6},
-/* {"rose", AF_ROSE},
- {"decnet", AF_DECnet},
- {"netbeui", AF_NETBEUI},
- {"security", AF_SECURITY},
- {"key", AF_KEY},
- {"netlink", AF_NETLINK},
- {"route", AF_ROUTE},
- {"packet", AF_PACKET},
- {"ash", AF_ASH},
- {"econet", AF_ECONET},
- {"atmsvc", AF_ATMSVC},
- {"sna", AF_SNA},
- {"irda", AF_IRDA},
- {"pppox", AF_PPPOX},
- {"wanpipe", AF_WANPIPE},
- {"llc", AF_LLC},
- {"tipc", AF_TIPC},
- {"bluetooth", AF_BLUETOOTH},
- {"iucv", AF_IUCV},
- {"rxrpc", AF_RXRPC}, */
- /* terminate */
- {NULL, 0}
-};
-
struct network_tuple {
char *family_name;
unsigned int family;
@@ -462,7 +428,7 @@
}
}
-static int parse_sub_mode(const char *str_mode, const char *mode_desc)
+static int parse_sub_mode(const char *str_mode, const char *mode_desc __unused)
{
#define IS_DIFF_QUAL(mode, q) (((mode) & AA_MAY_EXEC) && (((mode) & AA_EXEC_TYPE) != ((q) & AA_EXEC_TYPE)))
=== modified file 'parser/parser_symtab.c'
--- parser/parser_symtab.c 2010-03-12 22:41:58 +0000
+++ parser/parser_symtab.c 2010-07-24 12:36:09 +0000
@@ -425,10 +425,13 @@
for (ref_item = ref->expanded; ref_item; ref_item = ref_item->next) {
char *expanded_string;
- asprintf(&expanded_string, "%s%s%s",
+ if (!asprintf(&expanded_string, "%s%s%s",
split->prefix ? split->prefix : "",
ref_item->val,
- split->suffix ? split->suffix : "");
+ split->suffix ? split->suffix : "")) {
+ PERROR("Out of memory\n");
+ exit(1);
+ }
add_to_set(&work_list, expanded_string);
free(expanded_string);
}
=== modified file 'parser/parser_yacc.y'
--- parser/parser_yacc.y 2010-06-05 01:57:01 +0000
+++ parser/parser_yacc.y 2010-07-24 12:36:09 +0000
@@ -412,7 +412,7 @@
flagval: TOK_FLAG_ID
{
- struct flagval fv = {0, 0, 0};
+ struct flagval fv = { 0, 0, 0, 0 };
if (strcmp($1, "debug") == 0) {
yyerror(_("Profile flag 'debug' is no longer valid."));
} else if (strcmp($1, "complain") == 0) {
--
Kees Cook
Ubuntu Security Team
More information about the AppArmor
mailing list