* [PATCH 01/20] libsepol: fix potential free of uninitialized pointer
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 02/20] libsemanage: Fix use of unitialized variable Nicolas Iooss
` (19 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
When using "gcc -O2 -Wall -Werror" to compile libsepol, the following
error happens:
services.c: In function 'constraint_expr_eval_reason':
services.c:820:2: error: 'answer_list' may be used uninitialized in this
function [-Werror=maybe-uninitialized]
free(answer_list);
^
Indeed, because of a goto statement in constraint_expr_eval_reason
function, "free(answer_list)" can be called before answer_list has been
initialized.
Fix this error by moving the definition of answer_list to the beginning
of constraint_expr_eval_reason.
---
libsepol/src/services.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/libsepol/src/services.c b/libsepol/src/services.c
index 44aa4972a5e3..a1a0b98c73da 100644
--- a/libsepol/src/services.c
+++ b/libsepol/src/services.c
@@ -417,6 +417,12 @@ static int constraint_expr_eval_reason(context_struct_t *scontext,
int rc = 0, x;
char *class_buf = NULL;
+ /*
+ * The array of expression answer buffer pointers and counter.
+ */
+ char **answer_list = NULL;
+ int answer_counter = 0;
+
class_buf = get_class_info(tclass, constraint, xcontext);
if (!class_buf) {
ERR(NULL, "failed to allocate class buffer");
@@ -686,13 +692,9 @@ mls_ops:
expr_counter = 0;
/*
- * The array of expression answer buffer pointers and counter.
* Generate the same number of answer buffer entries as expression
* buffers (as there will never be more).
*/
- char **answer_list;
- int answer_counter = 0;
-
answer_list = malloc(expr_count * sizeof(*answer_list));
if (!answer_list) {
ERR(NULL, "failed to allocate answer stack");
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 02/20] libsemanage: Fix use of unitialized variable
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
2014-09-14 21:41 ` [PATCH 01/20] libsepol: fix potential free of uninitialized pointer Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 03/20] policycoreutils/hll/pp: fix potential use of uninitialized variable Nicolas Iooss
` (18 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
"gcc -O2 -Wall -Werror" fails to compile seusers_local.c:
seusers_local.c: In function 'semanage_seuser_modify_local':
seusers_local.c:122:6: error: 'rc' may be used uninitialized in this
function [-Werror=maybe-uninitialized]
It seems rc is not initialized when the call to semanage_seuser_clone
fails in semanage_seuser_modify_local.
---
libsemanage/src/seusers_local.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libsemanage/src/seusers_local.c b/libsemanage/src/seusers_local.c
index 63ab40ced88c..42c3a8b662c2 100644
--- a/libsemanage/src/seusers_local.c
+++ b/libsemanage/src/seusers_local.c
@@ -131,7 +131,8 @@ int semanage_seuser_modify_local(semanage_handle_t * handle,
errno=EINVAL;
return -1;
}
- if (semanage_seuser_clone(handle, data, &new) < 0) {
+ rc = semanage_seuser_clone(handle, data, &new);
+ if (rc < 0) {
goto err;
}
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 03/20] policycoreutils/hll/pp: fix potential use of uninitialized variable
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
2014-09-14 21:41 ` [PATCH 01/20] libsepol: fix potential free of uninitialized pointer Nicolas Iooss
2014-09-14 21:41 ` [PATCH 02/20] libsemanage: Fix use of unitialized variable Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 04/20] policycoreutils/sandbox: fix debug build Nicolas Iooss
` (17 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
"gcc -O2 -Wall -Werror" failed with two errors when building pp due to
the use of unitialized variables.
---
policycoreutils/hll/pp/pp.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/policycoreutils/hll/pp/pp.c b/policycoreutils/hll/pp/pp.c
index 1c476b73c39b..fd80657321bc 100644
--- a/policycoreutils/hll/pp/pp.c
+++ b/policycoreutils/hll/pp/pp.c
@@ -2604,6 +2604,10 @@ static int file_contexts_to_cil(struct sepol_module_package *mod_pkg)
cilmode = "pipe";
} else if (!strcmp(mode, "-l")) {
cilmode = "symlink";
+ } else {
+ rc = -1;
+ log_err("Invalid mode in file context line: %s", line);
+ goto exit;
}
cil_printf("(filecon \"%s\" %s ", regex, cilmode);
@@ -2930,7 +2934,7 @@ static int get_decl_roles(struct policydb *pdb, struct role_datum ***decl_roles,
{
int rc = -1;
uint32_t num;
- struct role_datum **roles;
+ struct role_datum **roles = NULL;
struct decl_roles_args args;
args.pdb = pdb;
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 04/20] policycoreutils/sandbox: fix debug build
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (2 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 03/20] policycoreutils/hll/pp: fix potential use of uninitialized variable Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 05/20] policycoreutils/semodule_package: " Nicolas Iooss
` (16 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
Building from the root directory with "make DEBUG=1" enables -Wshadow
option. This makes the compilation fails with the following error:
cc -g3 -O0 -gdwarf-2 -fno-strict-aliasing -Wall -Wshadow -Werror -g
-I/usr/include -DPACKAGE="\"policycoreutils\"" -Wall -Werror -Wextra
-W -c -o seunshare.o seunshare.c
seunshare.c: In function 'spawn_command':
seunshare.c:141:6: error: declaration of 'child' shadows a global declaration [-Werror=shadow]
int child;
^
seunshare.c:58:12: error: shadowed declaration is here [-Werror=shadow]
static int child = 0;
^
Fix this error by renaming the "child" variable in spawn_command.
---
policycoreutils/sandbox/seunshare.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c
index c92e3948219a..6ca6d329dbb4 100644
--- a/policycoreutils/sandbox/seunshare.c
+++ b/policycoreutils/sandbox/seunshare.c
@@ -138,19 +138,19 @@ static int set_signal_handles(void)
* TODO: avoid system() and use exec*() instead
*/
static int spawn_command(const char *cmd, uid_t uid){
- int child;
+ int childpid;
int status = -1;
if (verbose > 1)
printf("spawn_command: %s\n", cmd);
- child = fork();
- if (child == -1) {
+ childpid = fork();
+ if (childpid == -1) {
perror(_("Unable to fork"));
return status;
}
- if (child == 0) {
+ if (childpid == 0) {
if (drop_privs(uid) != 0) exit(-1);
status = system(cmd);
@@ -158,7 +158,7 @@ static int spawn_command(const char *cmd, uid_t uid){
exit(status);
}
- waitpid(child, &status, 0);
+ waitpid(childpid, &status, 0);
status_to_retval(status, status);
return status;
}
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 05/20] policycoreutils/semodule_package: fix debug build
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (3 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 04/20] policycoreutils/sandbox: fix debug build Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 06/20] policycoreutils/hll/pp: add printf format attribute to relevant functions Nicolas Iooss
` (15 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
Building from the root directory with "make DEBUG=1" enables -Wshadow
option. This makes the compilation fail with the following error:
semodule_unpackage.c: In function 'usage':
semodule_unpackage.c:17:25: error: declaration of 'progname' shadows a global declaration [-Werror=shadow]
static void usage(char *progname)
^
semodule_unpackage.c:14:7: error: shadowed declaration is here [-Werror=shadow]
char *progname = NULL;
^
Fix this error by no longer passing a global variable as a parameter to
usage function.
---
policycoreutils/semodule_package/semodule_unpackage.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/policycoreutils/semodule_package/semodule_unpackage.c b/policycoreutils/semodule_package/semodule_unpackage.c
index 0120ee433339..07893f146258 100644
--- a/policycoreutils/semodule_package/semodule_unpackage.c
+++ b/policycoreutils/semodule_package/semodule_unpackage.c
@@ -14,7 +14,7 @@
char *progname = NULL;
extern char *optarg;
-static void usage(char *progname)
+static void usage(void)
{
printf("usage: %s ppfile modfile [fcfile]\n", progname);
exit(1);
@@ -49,7 +49,7 @@ int main(int argc, char **argv)
progname = argv[0];
if (argc < 3) {
- usage(progname);
+ usage();
exit(1);
}
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 06/20] policycoreutils/hll/pp: add printf format attribute to relevant functions
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (4 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 05/20] policycoreutils/semodule_package: " Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 07/20] checkpolicy: " Nicolas Iooss
` (14 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
log_err, cil_printf and cil_println use printf formats to process their
arguments. Use __attribute__((format(printf,...))) to make "gcc
-Wformat -Wformat-security" detect issues.
This detected this issue several times on a x86_64 system:
format '%lx' expects argument of type 'long unsigned int', but
argument has type 'uint32_t'
Fix this by introducing an explicit cast to unsigned long.
While at it, constify the format string argument of each function.
---
policycoreutils/hll/pp/pp.c | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/policycoreutils/hll/pp/pp.c b/policycoreutils/hll/pp/pp.c
index fd80657321bc..93e2889b78f6 100644
--- a/policycoreutils/hll/pp/pp.c
+++ b/policycoreutils/hll/pp/pp.c
@@ -54,7 +54,8 @@ FILE *out_file;
#define DEFAULT_LEVEL "systemlow"
#define DEFAULT_OBJECT "object_r"
-static void log_err(char *fmt, ...)
+__attribute__ ((format(printf, 1, 2)))
+static void log_err(const char *fmt, ...)
{
va_list argptr;
va_start(argptr, fmt);
@@ -75,7 +76,8 @@ static void cil_indent(int indent)
}
}
-static void cil_printf(char *fmt, ...) {
+__attribute__ ((format(printf, 1, 2)))
+static void cil_printf(const char *fmt, ...) {
va_list argptr;
va_start(argptr, fmt);
if (vfprintf(out_file, fmt, argptr) < 0) {
@@ -85,7 +87,8 @@ static void cil_printf(char *fmt, ...) {
va_end(argptr);
}
-static void cil_println(int indent, char *fmt, ...)
+__attribute__ ((format(printf, 2, 3)))
+static void cil_println(int indent, const char *fmt, ...)
{
cil_indent(indent);
va_list argptr;
@@ -2200,9 +2203,9 @@ static int ocontext_xen_iomem_to_cil(struct policydb *pdb, struct ocontext *iome
high = iomem->u.iomem.high_iomem;
if (low == high) {
- cil_printf("(iomemcon %#lX ", low);
+ cil_printf("(iomemcon %#lX ", (unsigned long)low);
} else {
- cil_printf("(iomemcon (%#lX %#lX) ", low, high);
+ cil_printf("(iomemcon (%#lX %#lX) ", (unsigned long)low, (unsigned long)high);
}
context_to_cil(pdb, &iomem->context[0]);
@@ -2218,7 +2221,7 @@ static int ocontext_xen_pcidevice_to_cil(struct policydb *pdb, struct ocontext *
struct ocontext *pcid;
for (pcid = pcids; pcid != NULL; pcid = pcid->next) {
- cil_printf("(pcidevicecon %#lx ", pcid->u.device);
+ cil_printf("(pcidevicecon %#lx ", (unsigned long)pcid->u.device);
context_to_cil(pdb, &pcid->context[0]);
cil_printf(")\n");
}
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 07/20] checkpolicy: add printf format attribute to relevant functions
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (5 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 06/20] policycoreutils/hll/pp: add printf format attribute to relevant functions Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 08/20] checkpolicy: constify the message written by yyerror and yywarn Nicolas Iooss
` (13 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
Once __attribute__ ((format(printf, 1, 2))) is added to yyerror2,
"gcc -Wformat -Wformat-security" shows some issues. Fix them.
---
checkpolicy/module_compiler.c | 1 +
checkpolicy/policy_define.c | 15 ++++++++-------
2 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/checkpolicy/module_compiler.c b/checkpolicy/module_compiler.c
index ffffaf1c07f0..cdb361e04766 100644
--- a/checkpolicy/module_compiler.c
+++ b/checkpolicy/module_compiler.c
@@ -40,6 +40,7 @@ typedef struct scope_stack {
extern policydb_t *policydbp;
extern queue_t id_queue;
extern int yyerror(char *msg);
+__attribute__ ((format(printf, 1, 2)))
extern void yyerror2(char *fmt, ...);
static int push_stack(int stack_type, ...);
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index c292eae85d93..cf3245a17d60 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -81,6 +81,7 @@ void init_parser(int pass_number)
pass = pass_number;
}
+__attribute__ ((format(printf, 1, 2)))
void yyerror2(char *fmt, ...)
{
va_list ap;
@@ -3959,7 +3960,7 @@ int define_iomem_context(unsigned long low, unsigned long high)
newc->u.iomem.high_iomem = high;
if (low > high) {
- yyerror2("low memory 0x%x exceeds high memory 0x%x", low, high);
+ yyerror2("low memory 0x%lx exceeds high memory 0x%lx", low, high);
free(newc);
return -1;
}
@@ -3971,12 +3972,12 @@ int define_iomem_context(unsigned long low, unsigned long high)
head = policydbp->ocontexts[OCON_XEN_IOMEM];
for (l = NULL, c = head; c; l = c, c = c->next) {
- unsigned int low2, high2;
+ uint32_t low2, high2;
low2 = c->u.iomem.low_iomem;
high2 = c->u.iomem.high_iomem;
if (low <= high2 && low2 <= high) {
- yyerror2("iomemcon entry for 0x%x-0x%x overlaps with "
+ yyerror2("iomemcon entry for 0x%lx-0x%lx overlaps with "
"earlier entry 0x%x-0x%x", low, high,
low2, high2);
goto bad;
@@ -4023,7 +4024,7 @@ int define_ioport_context(unsigned long low, unsigned long high)
newc->u.ioport.high_ioport = high;
if (low > high) {
- yyerror2("low ioport 0x%x exceeds high ioport 0x%x", low, high);
+ yyerror2("low ioport 0x%lx exceeds high ioport 0x%lx", low, high);
free(newc);
return -1;
}
@@ -4035,12 +4036,12 @@ int define_ioport_context(unsigned long low, unsigned long high)
head = policydbp->ocontexts[OCON_XEN_IOPORT];
for (l = NULL, c = head; c; l = c, c = c->next) {
- unsigned int low2, high2;
+ uint32_t low2, high2;
low2 = c->u.ioport.low_ioport;
high2 = c->u.ioport.high_ioport;
if (low <= high2 && low2 <= high) {
- yyerror2("ioportcon entry for 0x%x-0x%x overlaps with"
+ yyerror2("ioportcon entry for 0x%lx-0x%lx overlaps with"
"earlier entry 0x%x-0x%x", low, high,
low2, high2);
goto bad;
@@ -4096,7 +4097,7 @@ int define_pcidevice_context(unsigned long device)
device2 = c->u.device;
if (device == device2) {
- yyerror2("duplicate pcidevicecon entry for 0x%x ",
+ yyerror2("duplicate pcidevicecon entry for 0x%lx",
device);
goto bad;
}
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 08/20] checkpolicy: constify the message written by yyerror and yywarn
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (6 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 07/20] checkpolicy: " Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 09/20] libselinux: fix gcc -Wsign-compare warnings Nicolas Iooss
` (12 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
---
checkpolicy/module_compiler.c | 4 ++--
checkpolicy/policy_define.c | 6 +++---
checkpolicy/policy_parse.y | 4 ++--
checkpolicy/policy_scan.l | 6 +++---
4 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/checkpolicy/module_compiler.c b/checkpolicy/module_compiler.c
index cdb361e04766..8ac81f78f4e2 100644
--- a/checkpolicy/module_compiler.c
+++ b/checkpolicy/module_compiler.c
@@ -39,9 +39,9 @@ typedef struct scope_stack {
extern policydb_t *policydbp;
extern queue_t id_queue;
-extern int yyerror(char *msg);
+extern int yyerror(const char *msg);
__attribute__ ((format(printf, 1, 2)))
-extern void yyerror2(char *fmt, ...);
+extern void yyerror2(const char *fmt, ...);
static int push_stack(int stack_type, ...);
static void pop_stack(void);
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index cf3245a17d60..7e6091e41179 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -63,8 +63,8 @@ extern unsigned long source_lineno;
extern unsigned int policydb_errors;
extern char source_file[PATH_MAX];
-extern int yywarn(char *msg);
-extern int yyerror(char *msg);
+extern int yywarn(const char *msg);
+extern int yyerror(const char *msg);
#define ERRORMSG_LEN 255
static char errormsg[ERRORMSG_LEN + 1] = {0};
@@ -82,7 +82,7 @@ void init_parser(int pass_number)
}
__attribute__ ((format(printf, 1, 2)))
-void yyerror2(char *fmt, ...)
+void yyerror2(const char *fmt, ...)
{
va_list ap;
va_start(ap, fmt);
diff --git a/checkpolicy/policy_parse.y b/checkpolicy/policy_parse.y
index b40f4137378a..d31773a412e7 100644
--- a/checkpolicy/policy_parse.y
+++ b/checkpolicy/policy_parse.y
@@ -58,8 +58,8 @@ extern unsigned int pass;
extern char yytext[];
extern int yylex(void);
-extern int yywarn(char *msg);
-extern int yyerror(char *msg);
+extern int yywarn(const char *msg);
+extern int yyerror(const char *msg);
typedef int (* require_func_t)();
diff --git a/checkpolicy/policy_scan.l b/checkpolicy/policy_scan.l
index 454bb84a8995..131613faa422 100644
--- a/checkpolicy/policy_scan.l
+++ b/checkpolicy/policy_scan.l
@@ -35,7 +35,7 @@ typedef int (* require_func_t)();
static char linebuf[2][255];
static unsigned int lno = 0;
-int yywarn(char *msg);
+int yywarn(const char *msg);
void set_source_file(const char *name);
@@ -272,7 +272,7 @@ LOW { return(LOW); }
"*" { return(yytext[0]); }
. { yywarn("unrecognized character");}
%%
-int yyerror(char *msg)
+int yyerror(const char *msg)
{
if (source_file[0])
fprintf(stderr, "%s:%ld:",
@@ -288,7 +288,7 @@ int yyerror(char *msg)
return -1;
}
-int yywarn(char *msg)
+int yywarn(const char *msg)
{
if (source_file[0])
fprintf(stderr, "%s:%ld:",
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 09/20] libselinux: fix gcc -Wsign-compare warnings
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (7 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 08/20] checkpolicy: constify the message written by yyerror and yywarn Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 10/20] checkpolicy: " Nicolas Iooss
` (11 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
---
libselinux/src/label_file.c | 9 +++++----
libselinux/src/label_file.h | 2 +-
libselinux/utils/sefcontext_compile.c | 4 ++--
3 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
index 7879e2f2aa1b..8e7b288997aa 100644
--- a/libselinux/src/label_file.c
+++ b/libselinux/src/label_file.c
@@ -213,7 +213,7 @@ static int process_line(struct selabel_handle *rec,
spec_arr[nspec].mode = 0;
if (type) {
mode_t mode = string_to_mode(type);
- if (mode == -1) {
+ if (mode == (mode_t)-1) {
COMPAT_LOG(SELINUX_WARNING, "%s: line %d has invalid file type %s\n",
path, lineno, type);
mode = 0;
@@ -240,19 +240,20 @@ static int load_mmap(struct selabel_handle *rec, const char *path, struct stat *
struct saved_data *data = (struct saved_data *)rec->data;
char mmap_path[PATH_MAX + 1];
int mmapfd;
- int rc, i;
+ int rc;
struct stat mmap_stat;
char *addr;
size_t len;
int stem_map_len, *stem_map;
struct mmap_area *mmap_area;
+ uint32_t i;
uint32_t *magic;
uint32_t *section_len;
uint32_t *plen;
rc = snprintf(mmap_path, sizeof(mmap_path), "%s.bin", path);
- if (rc >= sizeof(mmap_path))
+ if (rc >= (int)sizeof(mmap_path))
return -1;
mmapfd = open(mmap_path, O_RDONLY | O_CLOEXEC);
@@ -445,7 +446,7 @@ static int process_file(const char *path, const char *suffix, struct selabel_han
/* append the path suffix if we have one */
if (suffix) {
rc = snprintf(stack_path, sizeof(stack_path), "%s.%s", path, suffix);
- if (rc >= sizeof(stack_path)) {
+ if (rc >= (int)sizeof(stack_path)) {
errno = ENAMETOOLONG;
return -1;
}
diff --git a/libselinux/src/label_file.h b/libselinux/src/label_file.h
index 2c6b89711664..e3a0445da30a 100644
--- a/libselinux/src/label_file.h
+++ b/libselinux/src/label_file.h
@@ -176,7 +176,7 @@ static inline int sort_specs(struct saved_data *data)
{
struct spec *spec_copy;
struct spec spec;
- int i;
+ unsigned int i;
int front, back;
size_t len = sizeof(*spec_copy);
diff --git a/libselinux/utils/sefcontext_compile.c b/libselinux/utils/sefcontext_compile.c
index 7b7818039dc2..504699d643fd 100644
--- a/libselinux/utils/sefcontext_compile.c
+++ b/libselinux/utils/sefcontext_compile.c
@@ -72,7 +72,7 @@ static int process_file(struct saved_data *data, const char *filename)
spec->lr.ctx_raw = context;
spec->mode = string_to_mode(mode);
- if (spec->mode == -1) {
+ if (spec->mode == (mode_t)-1) {
fprintf(stderr, "%s: line %d has invalid file type %s\n",
regex, line_num + 1, mode);
spec->mode = 0;
@@ -362,7 +362,7 @@ int main(int argc, char *argv[])
return rc;
rc = snprintf(stack_path, sizeof(stack_path), "%s.bin", path);
- if (rc < 0 || rc >= sizeof(stack_path))
+ if (rc < 0 || rc >= (int)sizeof(stack_path))
return rc;
if (asprintf(&tmp, "%sXXXXXX", stack_path) < 0)
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 10/20] checkpolicy: fix gcc -Wsign-compare warnings
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (8 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 09/20] libselinux: fix gcc -Wsign-compare warnings Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 11/20] libsepol: fix most gcc -Wwrite-strings warnings Nicolas Iooss
` (10 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
---
checkpolicy/checkpolicy.c | 2 +-
checkpolicy/module_compiler.c | 6 +++---
checkpolicy/policy_define.c | 2 +-
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c
index 9881dd7dc317..7fa37af2849b 100644
--- a/checkpolicy/checkpolicy.c
+++ b/checkpolicy/checkpolicy.c
@@ -291,7 +291,7 @@ extern char *av_to_string(uint32_t tclass, sepol_access_vector_t av);
int display_bools()
{
- int i;
+ uint32_t i;
for (i = 0; i < policydbp->p_bools.nprim; i++) {
printf("%s : %d\n", policydbp->p_bool_val_to_name[i],
diff --git a/checkpolicy/module_compiler.c b/checkpolicy/module_compiler.c
index 8ac81f78f4e2..463d042125ad 100644
--- a/checkpolicy/module_compiler.c
+++ b/checkpolicy/module_compiler.c
@@ -701,7 +701,7 @@ int add_perm_to_class(uint32_t perm_value, uint32_t class_value)
assert(class_value >= 1);
scope = &decl->required;
if (class_value > scope->class_perms_len) {
- int i;
+ uint32_t i;
ebitmap_t *new_map = realloc(scope->class_perms_map,
class_value * sizeof(*new_map));
if (new_map == NULL) {
@@ -1225,7 +1225,7 @@ int require_cat(int pass)
static int is_scope_in_stack(scope_datum_t * scope, scope_stack_t * stack)
{
- int i;
+ uint32_t i;
if (stack == NULL) {
return 0; /* no matching scope found */
}
@@ -1482,7 +1482,7 @@ int begin_optional_else(int pass)
static int copy_requirements(avrule_decl_t * dest, scope_stack_t * stack)
{
- int i;
+ uint32_t i;
if (stack == NULL) {
return 0;
}
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index 7e6091e41179..92cb8246fc4c 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -828,7 +828,7 @@ int define_sens(void)
int define_dominance(void)
{
level_datum_t *datum;
- int order;
+ uint32_t order;
char *id;
if (!mlspol) {
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 11/20] libsepol: fix most gcc -Wwrite-strings warnings
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (9 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 10/20] checkpolicy: " Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 12/20] libsemanage: constify name and ext_lang parameters of semanage_module_install_hll Nicolas Iooss
` (9 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
gcc puts literal strings lie in read-only memory. On x86_64, trying to
write to them triggers a segmentation fault.
To detect such issues at build time, variables holding a pointer to such
strings should be "const char*". "gcc -Wwrite-strings" warns when using
non-const pointers to literal strings.
Remove gcc warnings by adding const to local variables and argumens of
internal functions.
This does *not* fix this warning:
policydb_public.c:208:10: warning: passing argument 2 of 'hashtab_search' discards 'const' qualifier from pointer target type
return (hashtab_search(p->p.p_classes.table, PACKET_CLASS_NAME) ==
^
In file included from ../include/sepol/policydb/symtab.h:16:0,
from ../include/sepol/policydb/policydb.h:60,
from policydb_public.c:4:
../include/sepol/policydb/hashtab.h:98:24: note: expected 'hashtab_key_t' but argument is of type 'const char *'
extern hashtab_datum_t hashtab_search(hashtab_t h, const hashtab_key_t k);
^
Moreover the "const" word in hashtab_search prototype does not make the
second parameter "const char*" but "char* const".
---
libsepol/include/sepol/policydb/services.h | 2 +-
libsepol/src/link.c | 6 +++---
libsepol/src/policydb.c | 2 +-
libsepol/src/policydb_internal.h | 2 +-
libsepol/src/services.c | 12 ++++++------
libsepol/src/write.c | 2 +-
6 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/libsepol/include/sepol/policydb/services.h b/libsepol/include/sepol/policydb/services.h
index e4e8362cdfb3..bcde47b8d618 100644
--- a/libsepol/include/sepol/policydb/services.h
+++ b/libsepol/include/sepol/policydb/services.h
@@ -223,7 +223,7 @@ extern int sepol_fs_use(const char *fstype, /* IN */
* fixed labeling behavior like transition SIDs or task SIDs.
*/
extern int sepol_genfs_sid(const char *fstype, /* IN */
- char *name, /* IN */
+ const char *name, /* IN */
sepol_security_class_t sclass, /* IN */
sepol_security_id_t * sid); /* OUT */
diff --git a/libsepol/src/link.c b/libsepol/src/link.c
index c8c510a7da9e..e0bb1988d72d 100644
--- a/libsepol/src/link.c
+++ b/libsepol/src/link.c
@@ -2089,7 +2089,7 @@ static int debug_requirements(link_state_t * state, policydb_t * p)
if (ret < 0) {
return ret;
} else if (ret == 0) {
- char *mod_name = cur->branch_list->module_name ?
+ const char *mod_name = cur->branch_list->module_name ?
cur->branch_list->module_name : "BASE";
if (req.symbol_type == SYM_CLASSES) {
struct find_perm_arg fparg;
@@ -2148,7 +2148,7 @@ static void print_missing_requirements(link_state_t * state,
missing_requirement_t * req)
{
policydb_t *p = state->base;
- char *mod_name = cur->branch_list->module_name ?
+ const char *mod_name = cur->branch_list->module_name ?
cur->branch_list->module_name : "BASE";
if (req->symbol_type == SYM_CLASSES) {
@@ -2220,7 +2220,7 @@ static int enable_avrules(link_state_t * state, policydb_t * pol)
}
decl = block->branch_list;
if (state->verbose) {
- char *mod_name = decl->module_name ?
+ const char *mod_name = decl->module_name ?
decl->module_name : "BASE";
INFO(state->handle, "check module %s decl %d\n",
mod_name, decl->decl_id);
diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
index 19fbfea93c5a..f077b9312dd3 100644
--- a/libsepol/src/policydb.c
+++ b/libsepol/src/policydb.c
@@ -55,7 +55,7 @@
#include "mls.h"
#define POLICYDB_TARGET_SZ ARRAY_SIZE(policydb_target_strings)
-char *policydb_target_strings[] = { POLICYDB_STRING, POLICYDB_XEN_STRING };
+const char *policydb_target_strings[] = { POLICYDB_STRING, POLICYDB_XEN_STRING };
/* These need to be updated if SYM_NUM or OCON_NUM changes */
static struct policydb_compat_info policydb_compat[] = {
diff --git a/libsepol/src/policydb_internal.h b/libsepol/src/policydb_internal.h
index 8a31506e870d..f7bcdfa3df31 100644
--- a/libsepol/src/policydb_internal.h
+++ b/libsepol/src/policydb_internal.h
@@ -6,5 +6,5 @@
hidden_proto(sepol_policydb_create)
hidden_proto(sepol_policydb_free)
-extern char *policydb_target_strings[];
+extern const char *policydb_target_strings[];
#endif
diff --git a/libsepol/src/services.c b/libsepol/src/services.c
index a1a0b98c73da..d64a8e8d7bcf 100644
--- a/libsepol/src/services.c
+++ b/libsepol/src/services.c
@@ -174,7 +174,7 @@ static char **expr_list;
static int expr_buf_used;
static int expr_buf_len;
-static void cat_expr_buf(char *e_buf, char *string)
+static void cat_expr_buf(char *e_buf, const char *string)
{
int len, new_buf_len;
char *p, *new_buf = e_buf;
@@ -209,7 +209,7 @@ static void cat_expr_buf(char *e_buf, char *string)
* POLICYDB_VERSION_CONSTRAINT_NAMES) just read the e->names list.
*/
static void get_name_list(constraint_expr_t *e, int type,
- char *src, char *op, int failed)
+ const char *src, const char *op, int failed)
{
ebitmap_t *types;
int rc = 0;
@@ -273,7 +273,7 @@ static void get_name_list(constraint_expr_t *e, int type,
return;
}
-static void msgcat(char *src, char *tgt, char *op, int failed)
+static void msgcat(const char *src, const char *tgt, const char *op, int failed)
{
char tmp_buf[128];
if (failed)
@@ -303,7 +303,7 @@ static char *get_class_info(sepol_security_class_t tclass,
}
/* Determine statement type */
- char *statements[] = {
+ const char *statements[] = {
"constrain ", /* 0 */
"mlsconstrain ", /* 1 */
"validatetrans ", /* 2 */
@@ -771,7 +771,7 @@ mls_ops:
* These contain the constraint components that are added to the
* callers reason buffer.
*/
- char *buffers[] = { class_buf, a, "); ", tmp_buf, 0 };
+ const char *buffers[] = { class_buf, a, "); ", tmp_buf, 0 };
/*
* This will add the constraints to the callers reason buffer (who is
@@ -2085,7 +2085,7 @@ int hidden sepol_get_user_sids(sepol_security_id_t fromsid,
* fixed labeling behavior like transition SIDs or task SIDs.
*/
int hidden sepol_genfs_sid(const char *fstype,
- char *path,
+ const char *path,
sepol_security_class_t sclass,
sepol_security_id_t * sid)
{
diff --git a/libsepol/src/write.c b/libsepol/src/write.c
index 6fe73e6e5a3a..2e6541da1e4d 100644
--- a/libsepol/src/write.c
+++ b/libsepol/src/write.c
@@ -1880,7 +1880,7 @@ int policydb_write(policydb_t * p, struct policy_file *fp)
size_t items, items2, len;
struct policydb_compat_info *info;
struct policy_data pd;
- char *policydb_str;
+ const char *policydb_str;
if (p->unsupported_format)
return POLICYDB_UNSUPPORTED;
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 12/20] libsemanage: constify name and ext_lang parameters of semanage_module_install_hll
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (10 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 11/20] libsepol: fix most gcc -Wwrite-strings warnings Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 13/20] libsepol/cil: fix gcc -Wwrite-strings warnings Nicolas Iooss
` (8 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
This fixes a warning from "gcc -Wwrite-strings", when
semanage_module_install_hll is called with "pp" as last parameter.
---
libsemanage/src/direct_api.c | 4 ++--
libsemanage/src/modules.c | 2 +-
libsemanage/src/modules.h | 2 +-
libsemanage/src/policy.h | 2 +-
4 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c
index 4d2047b90059..c2ac938d525d 100644
--- a/libsemanage/src/direct_api.c
+++ b/libsemanage/src/direct_api.c
@@ -64,7 +64,7 @@ static int semanage_direct_disconnect(semanage_handle_t * sh);
static int semanage_direct_begintrans(semanage_handle_t * sh);
static int semanage_direct_commit(semanage_handle_t * sh);
static int semanage_direct_install(semanage_handle_t * sh, char *data,
- size_t data_len, char *module_name, char *lang_ext);
+ size_t data_len, const char *module_name, const char *lang_ext);
static int semanage_direct_install_file(semanage_handle_t * sh, const char *module_name);
static int semanage_direct_remove(semanage_handle_t * sh, char *module_name);
static int semanage_direct_list(semanage_handle_t * sh,
@@ -1289,7 +1289,7 @@ cleanup:
* writing file. */
static int semanage_direct_install(semanage_handle_t * sh,
char *data, size_t data_len,
- char *module_name, char *lang_ext)
+ const char *module_name, const char *lang_ext)
{
int status = 0;
int ret = 0;
diff --git a/libsemanage/src/modules.c b/libsemanage/src/modules.c
index d0297fe78d41..d29c3469d5eb 100644
--- a/libsemanage/src/modules.c
+++ b/libsemanage/src/modules.c
@@ -105,7 +105,7 @@ cleanup:
}
int semanage_module_install_hll(semanage_handle_t * sh,
- char *module_data, size_t data_len, char *name, char *ext_lang)
+ char *module_data, size_t data_len, const char *name, const char *ext_lang)
{
if (sh->funcs->install == NULL) {
ERR(sh,
diff --git a/libsemanage/src/modules.h b/libsemanage/src/modules.h
index 68e36b67a0e2..8a5c01f47e94 100644
--- a/libsemanage/src/modules.h
+++ b/libsemanage/src/modules.h
@@ -29,7 +29,7 @@
int semanage_module_install_pp(semanage_handle_t * sh,
char *module_data, size_t data_len);
int semanage_module_install_hll(semanage_handle_t * sh,
- char *module_data, size_t data_len, char *name, char *ext_lang);
+ char *module_data, size_t data_len, const char *name, const char *ext_lang);
int semanage_module_upgrade(semanage_handle_t * sh,
char *module_data, size_t data_len);
int semanage_module_upgrade_file(semanage_handle_t * sh,
diff --git a/libsemanage/src/policy.h b/libsemanage/src/policy.h
index 91787ba8399c..c5aec386f6cd 100644
--- a/libsemanage/src/policy.h
+++ b/libsemanage/src/policy.h
@@ -47,7 +47,7 @@ struct semanage_policy_table {
int (*commit) (struct semanage_handle *);
/* Install a policy module */
- int (*install) (struct semanage_handle *, char *, size_t, char *, char *);
+ int (*install) (struct semanage_handle *, char *, size_t, const char *, const char *);
/* Install a policy module */
int (*install_file) (struct semanage_handle *, const char *);
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 13/20] libsepol/cil: fix gcc -Wwrite-strings warnings
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (11 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 12/20] libsemanage: constify name and ext_lang parameters of semanage_module_install_hll Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 14/20] libsemanage: " Nicolas Iooss
` (7 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
---
libsepol/cil/src/cil.c | 2 +-
libsepol/cil/src/cil_mem.c | 2 +-
libsepol/cil/src/cil_mem.h | 2 +-
libsepol/cil/src/cil_policy.c | 10 +++++-----
libsepol/cil/src/cil_strpool.c | 2 +-
libsepol/cil/src/cil_strpool.h | 2 +-
6 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/libsepol/cil/src/cil.c b/libsepol/cil/src/cil.c
index b8ba6dc5d0a7..9e88e45b83d9 100644
--- a/libsepol/cil/src/cil.c
+++ b/libsepol/cil/src/cil.c
@@ -1326,7 +1326,7 @@ int cil_filecons_to_string(struct cil_db *db, sepol_policydb_t *sepol_db, char *
for (i = 0; i < filecons->count; i++) {
struct cil_filecon *filecon = filecons->array[i];
struct cil_context *ctx = filecon->context;
- char *str_type = NULL;
+ const char *str_type = NULL;
buf_pos = sprintf(str_tmp, "%s", filecon->path_str);
str_tmp += buf_pos;
diff --git a/libsepol/cil/src/cil_mem.c b/libsepol/cil/src/cil_mem.c
index 06d9e1086fa6..e19bc358e365 100644
--- a/libsepol/cil/src/cil_mem.c
+++ b/libsepol/cil/src/cil_mem.c
@@ -83,7 +83,7 @@ void *cil_realloc(void *ptr, size_t size)
}
-char *cil_strdup(char *str)
+char *cil_strdup(const char *str)
{
char *mem = NULL;
diff --git a/libsepol/cil/src/cil_mem.h b/libsepol/cil/src/cil_mem.h
index bf4b1ab256c5..3e4263c133e3 100644
--- a/libsepol/cil/src/cil_mem.h
+++ b/libsepol/cil/src/cil_mem.h
@@ -34,7 +34,7 @@
void *cil_malloc(size_t size);
void *cil_calloc(size_t num_elements, size_t element_size);
void *cil_realloc(void *ptr, size_t size);
-char *cil_strdup(char *str);
+char *cil_strdup(const char *str);
void (*cil_mem_error_handler)(void);
#endif /* CIL_MEM_H_ */
diff --git a/libsepol/cil/src/cil_policy.c b/libsepol/cil/src/cil_policy.c
index 9b131ee57e55..d19accbf21c7 100644
--- a/libsepol/cil/src/cil_policy.c
+++ b/libsepol/cil/src/cil_policy.c
@@ -542,7 +542,7 @@ void cil_constrain_to_policy(FILE **file_arr, __attribute__((unused)) uint32_t f
cil_constrain_to_policy_helper(file_arr, kind, cons->classperms, cons->datum_expr);
}
-void cil_avrule_to_policy_helper(FILE **file_arr, uint32_t file_index, char *kind, char *src, char *tgt, struct cil_list *classperms)
+void cil_avrule_to_policy_helper(FILE **file_arr, uint32_t file_index, const char *kind, const char *src, const char *tgt, struct cil_list *classperms)
{
struct cil_list_item *i;
@@ -573,9 +573,9 @@ void cil_avrule_to_policy_helper(FILE **file_arr, uint32_t file_index, char *kin
int cil_avrule_to_policy(FILE **file_arr, uint32_t file_index, struct cil_avrule *rule)
{
- char *kind_str = NULL;
- char *src_str = DATUM(rule->src)->name;
- char *tgt_str = DATUM(rule->tgt)->name;
+ const char *kind_str = NULL;
+ const char *src_str = DATUM(rule->src)->name;
+ const char *tgt_str = DATUM(rule->tgt)->name;
switch (rule->rule_kind) {
@@ -974,7 +974,7 @@ int cil_name_to_policy(FILE **file_arr, struct cil_tree_node *current)
fprintf(file_arr[TYPEATTRTYPES], "role %s;\n", ((struct cil_symtab_datum*)current->data)->name);
break;
case CIL_BOOL: {
- char *boolean = ((struct cil_bool*)current->data)->value ? "true" : "false";
+ const char *boolean = ((struct cil_bool*)current->data)->value ? "true" : "false";
fprintf(file_arr[TYPEATTRTYPES], "bool %s %s;\n", ((struct cil_symtab_datum*)current->data)->name, boolean);
break;
}
diff --git a/libsepol/cil/src/cil_strpool.c b/libsepol/cil/src/cil_strpool.c
index 65af77d85865..ad2a334f8ebf 100644
--- a/libsepol/cil/src/cil_strpool.c
+++ b/libsepol/cil/src/cil_strpool.c
@@ -64,7 +64,7 @@ static int cil_strpool_compare(hashtab_t h __attribute__ ((unused)), hashtab_key
return strcmp(keyp1, keyp2);
}
-char *cil_strpool_add(char *str)
+char *cil_strpool_add(const char *str)
{
struct cil_strpool_entry *strpool_ref = NULL;
diff --git a/libsepol/cil/src/cil_strpool.h b/libsepol/cil/src/cil_strpool.h
index 0c3f1c547eb6..a61a2d954092 100644
--- a/libsepol/cil/src/cil_strpool.h
+++ b/libsepol/cil/src/cil_strpool.h
@@ -32,7 +32,7 @@
#include <sepol/policydb/hashtab.h>
-char *cil_strpool_add(char *str);
+char *cil_strpool_add(const char *str);
void cil_strpool_init(void);
void cil_strpool_destroy(void);
#endif /* CIL_STRPOOL_H_ */
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 14/20] libsemanage: fix gcc -Wwrite-strings warnings
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (12 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 13/20] libsepol/cil: fix gcc -Wwrite-strings warnings Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 15/20] checkpolicy: fix most " Nicolas Iooss
` (6 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
---
libsemanage/src/conf-parse.y | 4 ++--
libsemanage/src/utilities.c | 6 +++---
libsemanage/src/utilities.h | 6 +++---
3 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y
index 76eb645c3349..84bc48b4f7e0 100644
--- a/libsemanage/src/conf-parse.y
+++ b/libsemanage/src/conf-parse.y
@@ -32,7 +32,7 @@
#include <string.h>
extern int semanage_lex(); /* defined in conf-scan.c */
-int semanage_error(char *msg);
+int semanage_error(const char *msg);
extern FILE *semanage_in;
extern char *semanage_text;
@@ -442,7 +442,7 @@ void semanage_conf_destroy(semanage_conf_t * conf)
}
}
-int semanage_error(char *msg)
+int semanage_error(const char *msg)
{
fprintf(stderr, "error parsing semanage configuration file: %s\n", msg);
parse_errors++;
diff --git a/libsemanage/src/utilities.c b/libsemanage/src/utilities.c
index a340fc858c46..f48ffa489d14 100644
--- a/libsemanage/src/utilities.c
+++ b/libsemanage/src/utilities.c
@@ -31,7 +31,7 @@
#define TRUE 1
#define FALSE 0
-char *semanage_findval(char *file, char *var, char *delim)
+char *semanage_findval(const char *file, const char *var, const char *delim)
{
FILE *fd;
char *buff = NULL;
@@ -134,7 +134,7 @@ char *semanage_split(const char *str, const char *delim)
return retval;
}
-int semanage_list_push(semanage_list_t ** list, char *data)
+int semanage_list_push(semanage_list_t ** list, const char *data)
{
semanage_list_t *temp = NULL;
@@ -185,7 +185,7 @@ void semanage_list_destroy(semanage_list_t ** list)
}
}
-semanage_list_t *semanage_list_find(semanage_list_t * l, char *data)
+semanage_list_t *semanage_list_find(semanage_list_t * l, const char *data)
{
if (!data)
return NULL;
diff --git a/libsemanage/src/utilities.h b/libsemanage/src/utilities.h
index b81e54eb6cc7..5fa15efd08d0 100644
--- a/libsemanage/src/utilities.h
+++ b/libsemanage/src/utilities.h
@@ -52,7 +52,7 @@ typedef struct list {
*
* NULL for error (out of memory, etc)
*/
-char *semanage_findval(char *file, char *var, char *delim) WARN_UNUSED;
+char *semanage_findval(const char *file, const char *var, const char *delim) WARN_UNUSED;
/**
* @param str string to test
@@ -88,11 +88,11 @@ char *semanage_split(const char *str, const char *delim) WARN_UNUSED;
* Functions allocate memory. Must be free'd with
* either semanage_list_pop until list == NULL or semanage_list_destroy()
*/
-int semanage_list_push(semanage_list_t ** list, char *data) WARN_UNUSED;
+int semanage_list_push(semanage_list_t ** list, const char *data) WARN_UNUSED;
char *semanage_list_pop(semanage_list_t ** list);
void semanage_list_destroy(semanage_list_t ** list);
semanage_list_t *semanage_list_find(semanage_list_t * l,
- char *data) WARN_UNUSED;
+ const char *data) WARN_UNUSED;
int semanage_list_sort(semanage_list_t ** l) WARN_UNUSED;
/* function to compare 2 semanage_list_t nodes,
* returns strcmp(x->data, y->data)
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 15/20] checkpolicy: fix most gcc -Wwrite-strings warnings
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (13 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 14/20] libsemanage: " Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 16/20] policycoreutils/hll/pp: fix " Nicolas Iooss
` (5 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
---
checkpolicy/checkmodule.c | 10 +++++-----
checkpolicy/checkpolicy.c | 7 ++++---
checkpolicy/policy_define.c | 2 +-
checkpolicy/policy_define.h | 2 +-
checkpolicy/test/dismod.c | 4 ++--
checkpolicy/test/dispol.c | 6 +++---
6 files changed, 16 insertions(+), 15 deletions(-)
diff --git a/checkpolicy/checkmodule.c b/checkpolicy/checkmodule.c
index f25bc28530ee..0255928f98b6 100644
--- a/checkpolicy/checkmodule.c
+++ b/checkpolicy/checkmodule.c
@@ -41,13 +41,13 @@ static sidtab_t sidtab;
extern int mlspol;
static int handle_unknown = SEPOL_DENY_UNKNOWN;
-static char *txtfile = "policy.conf";
-static char *binfile = "policy";
+static const char *txtfile = "policy.conf";
+static const char *binfile = "policy";
unsigned int policy_type = POLICY_BASE;
unsigned int policyvers = MOD_POLICYDB_VERSION_MAX;
-static int read_binary_policy(policydb_t * p, char *file, char *progname)
+static int read_binary_policy(policydb_t * p, const char *file, const char *progname)
{
int fd;
struct stat sb;
@@ -108,7 +108,7 @@ static int read_binary_policy(policydb_t * p, char *file, char *progname)
return 0;
}
-static int write_binary_policy(policydb_t * p, char *file, char *progname)
+static int write_binary_policy(policydb_t * p, const char *file, char *progname)
{
FILE *outfp = NULL;
struct policy_file pf;
@@ -161,7 +161,7 @@ static void usage(char *progname)
int main(int argc, char **argv)
{
- char *file = txtfile, *outfile = NULL;
+ const char *file = txtfile, *outfile = NULL;
unsigned int binary = 0;
int ch;
int show_version = 0;
diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c
index 7fa37af2849b..8c199d7c8628 100644
--- a/checkpolicy/checkpolicy.c
+++ b/checkpolicy/checkpolicy.c
@@ -96,8 +96,8 @@ extern policydb_t *policydbp;
extern int mlspol;
static int handle_unknown = SEPOL_DENY_UNKNOWN;
-static char *txtfile = "policy.conf";
-static char *binfile = "policy";
+static const char *txtfile = "policy.conf";
+static const char *binfile = "policy";
unsigned int policyvers = POLICYDB_VERSION_MAX;
@@ -381,7 +381,8 @@ int main(int argc, char **argv)
sepol_security_context_t scontext;
struct sepol_av_decision avd;
class_datum_t *cladatum;
- char ans[80 + 1], *file = txtfile, *outfile = NULL, *path, *fstype;
+ const char *file = txtfile;
+ char ans[80 + 1], *outfile = NULL, *path, *fstype;
size_t scontext_len, pathlen;
unsigned int i;
unsigned int protocol, port;
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index 92cb8246fc4c..675ca8ce5a2f 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -107,7 +107,7 @@ int insert_separator(int push)
return 0;
}
-int insert_id(char *id, int push)
+int insert_id(const char *id, int push)
{
char *newid = 0;
int error;
diff --git a/checkpolicy/policy_define.h b/checkpolicy/policy_define.h
index 8bfd8f604bf4..4ef0f4f43f0a 100644
--- a/checkpolicy/policy_define.h
+++ b/checkpolicy/policy_define.h
@@ -64,7 +64,7 @@ int define_typebounds(void);
int define_type(int alias);
int define_user(void);
int define_validatetrans(constraint_expr_t *expr);
-int insert_id(char *id,int push);
+int insert_id(const char *id,int push);
int insert_separator(int push);
role_datum_t *define_role_dom(role_datum_t *r);
role_datum_t *merge_roles_dom(role_datum_t *r1,role_datum_t *r2);
diff --git a/checkpolicy/test/dismod.c b/checkpolicy/test/dismod.c
index 96ef047f7b36..7c754c02ba77 100644
--- a/checkpolicy/test/dismod.c
+++ b/checkpolicy/test/dismod.c
@@ -65,7 +65,7 @@ static const char *symbol_labels[9] = {
"levels ", "cats ", "attribs"
};
-void usage(char *progname)
+void usage(const char *progname)
{
printf("usage: %s binary_pol_file\n\n", progname);
exit(1);
@@ -99,7 +99,7 @@ static void render_access_bitmap(ebitmap_t * map, uint32_t class,
}
static void display_id(policydb_t * p, FILE * fp, uint32_t symbol_type,
- uint32_t symbol_value, char *prefix)
+ uint32_t symbol_value, const char *prefix)
{
char *id = p->sym_val_to_name[symbol_type][symbol_value];
scope_datum_t *scope =
diff --git a/checkpolicy/test/dispol.c b/checkpolicy/test/dispol.c
index f41acdc626c1..ba4a71fde639 100644
--- a/checkpolicy/test/dispol.c
+++ b/checkpolicy/test/dispol.c
@@ -37,7 +37,7 @@
static policydb_t policydb;
-void usage(char *progname)
+void usage(const char *progname)
{
printf("usage: %s binary_pol_file\n\n", progname);
exit(1);
@@ -320,9 +320,9 @@ static void display_policycaps(policydb_t * p, FILE * fp)
}
static void display_id(policydb_t *p, FILE *fp, uint32_t symbol_type,
- uint32_t symbol_value, char *prefix)
+ uint32_t symbol_value, const char *prefix)
{
- char *id = p->sym_val_to_name[symbol_type][symbol_value];
+ const char *id = p->sym_val_to_name[symbol_type][symbol_value];
fprintf(fp, " %s%s", prefix, id);
}
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 16/20] policycoreutils/hll/pp: fix gcc -Wwrite-strings warnings
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (14 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 15/20] checkpolicy: fix most " Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 17/20] policycoreutils: fix most " Nicolas Iooss
` (4 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
---
policycoreutils/hll/pp/pp.c | 40 ++++++++++++++++++++--------------------
1 file changed, 20 insertions(+), 20 deletions(-)
diff --git a/policycoreutils/hll/pp/pp.c b/policycoreutils/hll/pp/pp.c
index 93e2889b78f6..c79f4e3ad983 100644
--- a/policycoreutils/hll/pp/pp.c
+++ b/policycoreutils/hll/pp/pp.c
@@ -230,11 +230,11 @@ static int semantic_level_to_cil(struct policydb *pdb, int sens_offset, struct m
return 0;
}
-static int avrule_to_cil(int indent, struct policydb *pdb, uint32_t type, char *src, char *tgt, struct class_perm_node *classperms)
+static int avrule_to_cil(int indent, struct policydb *pdb, uint32_t type, const char *src, const char *tgt, const struct class_perm_node *classperms)
{
int rc = -1;
- char *rule;
- struct class_perm_node *classperm;
+ const char *rule;
+ const struct class_perm_node *classperm;
char *perms;
switch (type) {
@@ -318,8 +318,8 @@ static int set_to_cil_attr(int indent, struct policydb *pdb, int is_type, struct
int rc = -1;
struct ebitmap_node *node;
unsigned int i;
- char *attr_infix;
- char *statement;
+ const char *attr_infix;
+ const char *statement;
char *attr;
int len;
int rlen;
@@ -655,9 +655,9 @@ static int cond_expr_to_cil(int indent, struct policydb *pdb, struct cond_expr *
char *val1 = NULL;
char *val2 = NULL;
int num_params;
- char *op;
- char *fmt_str;
- char *type;
+ const char *op;
+ const char *fmt_str;
+ const char *type;
rc = stack_init(&stack);
if (rc != 0) {
@@ -1105,10 +1105,10 @@ static int constraint_expr_to_string(int indent, struct policydb *pdb, struct co
char *val1 = NULL;
char *val2 = NULL;
uint32_t num_params;
- char *op;
- char *fmt_str;
- char *attr1;
- char *attr2;
+ const char *op;
+ const char *fmt_str;
+ const char *attr1;
+ const char *attr2;
char *names;
char **name_list = NULL;
uint32_t num_names = 0;
@@ -1315,7 +1315,7 @@ static int constraints_to_cil(int indent, struct policydb *pdb, char *classkey,
int rc = -1;
struct constraint_node *node;
char *expr = NULL;
- char *mls;
+ const char *mls;
char *perms;
mls = pdb->mls ? "mls" : "";
@@ -1349,7 +1349,7 @@ static int class_to_cil(int indent, struct policydb *pdb, struct avrule_block *U
{
int rc = -1;
struct class_datum *class = datum;
- char *dflt;
+ const char *dflt;
struct class_perm_array arr;
uint32_t i;
@@ -1667,7 +1667,7 @@ static int user_to_cil(int indent, struct policydb *pdb, struct avrule_block *bl
static int boolean_to_cil(int indent, struct policydb *UNUSED(pdb), struct avrule_block *UNUSED(block), struct avrule_decl *UNUSED(decl), char *key, void *datum, int scope)
{
struct cond_bool_datum *boolean = datum;
- char *type;
+ const char *type;
if (scope == SCOPE_DECL) {
if (boolean->flags & COND_BOOL_FLAGS_TUNABLE) {
@@ -1976,7 +1976,7 @@ static int ocontext_selinux_port_to_cil(struct policydb *pdb, struct ocontext *p
{
int rc = -1;
struct ocontext *portcon;
- char *protocol;
+ const char *protocol;
uint16_t high;
uint16_t low;
@@ -2095,7 +2095,7 @@ static int ocontext_selinux_fsuse_to_cil(struct policydb *pdb, struct ocontext *
{
int rc = -1;
struct ocontext *fsuse;
- char *behavior;
+ const char *behavior;
for (fsuse = fsuses; fsuse != NULL; fsuse = fsuse->next) {
@@ -2562,7 +2562,7 @@ static int file_contexts_to_cil(struct sepol_module_package *mod_pkg)
char *regex = NULL;
char *mode = NULL;
char *context = NULL;
- char *cilmode;
+ const char *cilmode;
if (fc_len == 0) {
return 0;
@@ -3107,7 +3107,7 @@ exit:
static int handle_unknown_to_cil(struct policydb *pdb)
{
int rc = -1;
- char *hu;
+ const char *hu;
switch (pdb->handle_unknown) {
case SEPOL_DENY_UNKNOWN:
@@ -3135,7 +3135,7 @@ exit:
static int generate_mls(struct policydb *pdb)
{
- char *mls_str = pdb->mls ? "true" : "false";
+ const char *mls_str = pdb->mls ? "true" : "false";
cil_println(0, "(mls %s)", mls_str);
return 0;
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 17/20] policycoreutils: fix most gcc -Wwrite-strings warnings
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (15 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 16/20] policycoreutils/hll/pp: fix " Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 18/20] Fix gcc -Wstrict-prototypes warnings Nicolas Iooss
` (3 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
---
policycoreutils/newrole/newrole.c | 2 +-
policycoreutils/restorecond/restorecond.c | 6 +++---
policycoreutils/restorecond/utmpwatcher.c | 2 +-
policycoreutils/semodule_package/semodule_package.c | 6 +++---
policycoreutils/semodule_package/semodule_unpackage.c | 2 +-
policycoreutils/setfiles/setfiles.c | 4 ++--
6 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
index 495cf2e547d9..7eeb14fa6a47 100644
--- a/policycoreutils/newrole/newrole.c
+++ b/policycoreutils/newrole/newrole.c
@@ -166,7 +166,7 @@ static char *build_new_range(char *newlevel, const char *range)
#include <security/pam_appl.h> /* for PAM functions */
#include <security/pam_misc.h> /* for misc_conv PAM utility function */
-char *service_name = "newrole";
+const char *service_name = "newrole";
/* authenticate_via_pam()
*
diff --git a/policycoreutils/restorecond/restorecond.c b/policycoreutils/restorecond/restorecond.c
index 9bdd89d2778b..193cddb7f895 100644
--- a/policycoreutils/restorecond/restorecond.c
+++ b/policycoreutils/restorecond/restorecond.c
@@ -65,9 +65,9 @@
const char *homedir;
static int master_fd = -1;
-static char *server_watch_file = "/etc/selinux/restorecond.conf";
-static char *user_watch_file = "/etc/selinux/restorecond_user.conf";
-static char *watch_file;
+static const char *server_watch_file = "/etc/selinux/restorecond.conf";
+static const char *user_watch_file = "/etc/selinux/restorecond_user.conf";
+static const char *watch_file;
static struct restore_opts r_opts;
#include <selinux/selinux.h>
diff --git a/policycoreutils/restorecond/utmpwatcher.c b/policycoreutils/restorecond/utmpwatcher.c
index feddb5a2f5d4..62ad2e98aff3 100644
--- a/policycoreutils/restorecond/utmpwatcher.c
+++ b/policycoreutils/restorecond/utmpwatcher.c
@@ -49,7 +49,7 @@ unsigned int utmpwatcher_handle(int inotify_fd, int wd)
{
int changed = 0;
struct utmp u;
- char *utmp_path = "/var/run/utmp";
+ const char *utmp_path = "/var/run/utmp";
struct stringsList *prev_utmp_ptr = utmp_ptr;
if (wd != utmp_wd)
return -1;
diff --git a/policycoreutils/semodule_package/semodule_package.c b/policycoreutils/semodule_package/semodule_package.c
index 28ae557f695c..d2a5fd07bd71 100644
--- a/policycoreutils/semodule_package/semodule_package.c
+++ b/policycoreutils/semodule_package/semodule_package.c
@@ -22,7 +22,7 @@
char *progname = NULL;
extern char *optarg;
-static void usage(char *prog)
+static void usage(const char *prog)
{
printf("usage: %s -o <output file> -m <module> [-f <file contexts>]\n",
prog);
@@ -37,8 +37,8 @@ static void usage(char *prog)
exit(1);
}
-static int file_to_policy_file(char *filename, struct sepol_policy_file **pf,
- char *mode)
+static int file_to_policy_file(const char *filename, struct sepol_policy_file **pf,
+ const char *mode)
{
FILE *f;
diff --git a/policycoreutils/semodule_package/semodule_unpackage.c b/policycoreutils/semodule_package/semodule_unpackage.c
index 07893f146258..5117b39e9ffe 100644
--- a/policycoreutils/semodule_package/semodule_unpackage.c
+++ b/policycoreutils/semodule_package/semodule_unpackage.c
@@ -20,7 +20,7 @@ static void usage(void)
exit(1);
}
-static int file_to_policy_file(char *filename, struct sepol_policy_file **pf, char *mode)
+static int file_to_policy_file(const char *filename, struct sepol_policy_file **pf, const char *mode)
{
FILE *f;
diff --git a/policycoreutils/setfiles/setfiles.c b/policycoreutils/setfiles/setfiles.c
index ac1c39a068c8..2dc81dd55471 100644
--- a/policycoreutils/setfiles/setfiles.c
+++ b/policycoreutils/setfiles/setfiles.c
@@ -146,12 +146,12 @@ int main(int argc, char **argv)
{
struct stat sb;
int opt, i = 0;
- char *input_filename = NULL;
+ const char *input_filename = NULL;
int use_input_file = 0;
char *buf = NULL;
size_t buf_len;
int recurse; /* Recursive descent. */
- char *base;
+ const char *base;
int mass_relabel = 0, errors = 0;
memset(&r_opts, 0, sizeof(r_opts));
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 18/20] Fix gcc -Wstrict-prototypes warnings
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (16 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 17/20] policycoreutils: fix most " Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 19/20] checkpolicy: fix gcc -Wunused-variable warnings Nicolas Iooss
` (2 subsequent siblings)
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
In C, defining a function with () means "any number of parameters", not
"no parameter". Use (void) instead where applicable and add unused
parameters when needed.
---
checkpolicy/checkpolicy.c | 4 ++--
checkpolicy/policy_parse.y | 2 +-
checkpolicy/policy_scan.l | 2 +-
checkpolicy/test/dismod.c | 2 +-
checkpolicy/test/dispol.c | 2 +-
libsemanage/src/conf-parse.y | 2 +-
policycoreutils/newrole/newrole.c | 4 ++--
policycoreutils/restorecond/restorecond.c | 2 +-
policycoreutils/restorecond/restorecond.h | 2 +-
policycoreutils/restorecond/user.c | 2 +-
policycoreutils/restorecond/watch.c | 2 +-
policycoreutils/run_init/run_init.c | 2 +-
policycoreutils/sandbox/seunshare.c | 2 +-
policycoreutils/setfiles/restore.h | 4 ++--
policycoreutils/setfiles/setfiles.c | 2 +-
15 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c
index 8c199d7c8628..0d9c4ea16dbf 100644
--- a/checkpolicy/checkpolicy.c
+++ b/checkpolicy/checkpolicy.c
@@ -289,7 +289,7 @@ static int identify_equiv_types(void)
extern char *av_to_string(uint32_t tclass, sepol_access_vector_t av);
-int display_bools()
+int display_bools(void)
{
uint32_t i;
@@ -335,7 +335,7 @@ void display_expr(cond_expr_t * exp)
}
}
-int display_cond_expressions()
+int display_cond_expressions(void)
{
cond_node_t *cur;
diff --git a/checkpolicy/policy_parse.y b/checkpolicy/policy_parse.y
index d31773a412e7..587059135a1c 100644
--- a/checkpolicy/policy_parse.y
+++ b/checkpolicy/policy_parse.y
@@ -61,7 +61,7 @@ extern int yylex(void);
extern int yywarn(const char *msg);
extern int yyerror(const char *msg);
-typedef int (* require_func_t)();
+typedef int (* require_func_t)(int pass);
%}
diff --git a/checkpolicy/policy_scan.l b/checkpolicy/policy_scan.l
index 131613faa422..3a739626ff2f 100644
--- a/checkpolicy/policy_scan.l
+++ b/checkpolicy/policy_scan.l
@@ -25,7 +25,7 @@
#include <stdint.h>
#include <string.h>
-typedef int (* require_func_t)();
+typedef int (* require_func_t)(void);
#ifdef ANDROID
#include "policy_parse.h"
diff --git a/checkpolicy/test/dismod.c b/checkpolicy/test/dismod.c
index 7c754c02ba77..b305643d5f21 100644
--- a/checkpolicy/test/dismod.c
+++ b/checkpolicy/test/dismod.c
@@ -807,7 +807,7 @@ static void display_policycaps(policydb_t * p, FILE * fp)
}
}
-int menu()
+int menu(void)
{
printf("\nSelect a command:\n");
printf("1) display unconditional AVTAB\n");
diff --git a/checkpolicy/test/dispol.c b/checkpolicy/test/dispol.c
index ba4a71fde639..9d6635865efb 100644
--- a/checkpolicy/test/dispol.c
+++ b/checkpolicy/test/dispol.c
@@ -369,7 +369,7 @@ static void display_filename_trans(policydb_t *p, FILE *fp)
}
}
-int menu()
+int menu(void)
{
printf("\nSelect a command:\n");
printf("1) display unconditional AVTAB\n");
diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y
index 84bc48b4f7e0..df12530edd4a 100644
--- a/libsemanage/src/conf-parse.y
+++ b/libsemanage/src/conf-parse.y
@@ -31,7 +31,7 @@
#include <stdlib.h>
#include <string.h>
-extern int semanage_lex(); /* defined in conf-scan.c */
+extern int semanage_lex(void); /* defined in conf-scan.c */
int semanage_error(const char *msg);
extern FILE *semanage_in;
diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
index 7eeb14fa6a47..94794e9a9dd3 100644
--- a/policycoreutils/newrole/newrole.c
+++ b/policycoreutils/newrole/newrole.c
@@ -307,7 +307,7 @@ static int process_pam_config(FILE * cfg)
* Files specified one per line executable with a corresponding
* pam service name.
*/
-static int read_pam_config()
+static int read_pam_config(void)
{
const char *config_file_path = PAM_SERVICE_CONFIG;
FILE *cfg = NULL;
@@ -966,7 +966,7 @@ static int parse_command_line_arguments(int argc, char **argv, char *ttyn,
/**
* Take care of any signal setup
*/
-static int set_signal_handles()
+static int set_signal_handles(void)
{
sigset_t empty;
diff --git a/policycoreutils/restorecond/restorecond.c b/policycoreutils/restorecond/restorecond.c
index 193cddb7f895..8f847b669eeb 100644
--- a/policycoreutils/restorecond/restorecond.c
+++ b/policycoreutils/restorecond/restorecond.c
@@ -111,7 +111,7 @@ static int write_pid_file(void)
/*
* SIGTERM handler
*/
-static void term_handler()
+static void term_handler(int s __attribute__ ((unused)))
{
terminate = 1;
/* trigger a failure in the watch */
diff --git a/policycoreutils/restorecond/restorecond.h b/policycoreutils/restorecond/restorecond.h
index 8c85ef09d65d..6adc087313b0 100644
--- a/policycoreutils/restorecond/restorecond.h
+++ b/policycoreutils/restorecond/restorecond.h
@@ -40,6 +40,6 @@ extern int watch(int fd, const char *watch_file);
extern void watch_list_add(int inotify_fd, const char *path);
extern int watch_list_find(int wd, const char *file);
extern void watch_list_free(int fd);
-extern int watch_list_isempty();
+extern int watch_list_isempty(void);
#endif
diff --git a/policycoreutils/restorecond/user.c b/policycoreutils/restorecond/user.c
index 2c28676c78ee..714aae781f9a 100644
--- a/policycoreutils/restorecond/user.c
+++ b/policycoreutils/restorecond/user.c
@@ -194,7 +194,7 @@ int start() {
return 0;
}
-static int local_server() {
+static int local_server(void) {
// ! dbus, run as local service
char *ptr=NULL;
if (asprintf(&ptr, "%s/.restorecond", homedir) < 0) {
diff --git a/policycoreutils/restorecond/watch.c b/policycoreutils/restorecond/watch.c
index 9a45cba09729..10978cb3e3d4 100644
--- a/policycoreutils/restorecond/watch.c
+++ b/policycoreutils/restorecond/watch.c
@@ -34,7 +34,7 @@ struct watchList {
};
struct watchList *firstDir = NULL;
-int watch_list_isempty() {
+int watch_list_isempty(void) {
return firstDir == NULL;
}
diff --git a/policycoreutils/run_init/run_init.c b/policycoreutils/run_init/run_init.c
index 92034be9c7fe..129db730a9c2 100644
--- a/policycoreutils/run_init/run_init.c
+++ b/policycoreutils/run_init/run_init.c
@@ -230,7 +230,7 @@ int authenticate_via_shadow_passwd(const struct passwd *p_passwd_line)
* return: 0 When success
* -1 When failure
*/
-int authenticate_user()
+int authenticate_user(void)
{
#define INITLEN 255
diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c
index 6ca6d329dbb4..289fcf75b872 100644
--- a/policycoreutils/sandbox/seunshare.c
+++ b/policycoreutils/sandbox/seunshare.c
@@ -62,7 +62,7 @@ static capng_select_t cap_set = CAPNG_SELECT_CAPS;
/**
* This function will drop all capabilities.
*/
-static int drop_caps()
+static int drop_caps(void)
{
if (capng_have_capabilities(cap_set) == CAPNG_NONE)
return 0;
diff --git a/policycoreutils/setfiles/restore.h b/policycoreutils/setfiles/restore.h
index 406594b2bf09..b55de81f2480 100644
--- a/policycoreutils/setfiles/restore.h
+++ b/policycoreutils/setfiles/restore.h
@@ -45,12 +45,12 @@ struct restore_opts {
};
void restore_init(struct restore_opts *opts);
-void restore_finish();
+void restore_finish(void);
int add_exclude(const char *directory);
int exclude(const char *path);
void remove_exclude(const char *directory);
int process_one_realpath(char *name, int recurse);
int process_glob(char *name, int recurse);
-int exclude_non_seclabel_mounts();
+int exclude_non_seclabel_mounts(void);
#endif
diff --git a/policycoreutils/setfiles/setfiles.c b/policycoreutils/setfiles/setfiles.c
index 2dc81dd55471..86d3f2834ecd 100644
--- a/policycoreutils/setfiles/setfiles.c
+++ b/policycoreutils/setfiles/setfiles.c
@@ -61,7 +61,7 @@ void usage(const char *const name)
static int nerr = 0;
-void inc_err()
+void inc_err(void)
{
nerr++;
if (nerr > ABORT_ON_ERRORS - 1 && !r_opts.debug) {
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 19/20] checkpolicy: fix gcc -Wunused-variable warnings
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (17 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 18/20] Fix gcc -Wstrict-prototypes warnings Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-09-14 21:41 ` [PATCH 20/20] libsepol/tests: fix gcc -Warray-bounds warning Nicolas Iooss
2014-10-01 19:00 ` [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Steve Lawrence
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
Add __attribute__ ((unused)) to unused function parameters.
---
checkpolicy/checkpolicy.c | 2 +-
checkpolicy/module_compiler.c | 2 +-
checkpolicy/policy_define.c | 8 ++++----
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c
index 0d9c4ea16dbf..7699619f5327 100644
--- a/checkpolicy/checkpolicy.c
+++ b/checkpolicy/checkpolicy.c
@@ -361,7 +361,7 @@ int change_bool(char *name, int state)
return 0;
}
-static int check_level(hashtab_key_t key, hashtab_datum_t datum, void *arg)
+static int check_level(hashtab_key_t key, hashtab_datum_t datum, void *arg __attribute__ ((unused)))
{
level_datum_t *levdatum = (level_datum_t *) datum;
diff --git a/checkpolicy/module_compiler.c b/checkpolicy/module_compiler.c
index 463d042125ad..d7f27f5390b5 100644
--- a/checkpolicy/module_compiler.c
+++ b/checkpolicy/module_compiler.c
@@ -1446,7 +1446,7 @@ int begin_optional(int pass)
return -1;
}
-int end_optional(int pass)
+int end_optional(int pass __attribute__ ((unused)))
{
/* once nested conditionals are allowed, do the stack unfolding here */
pop_stack();
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index 675ca8ce5a2f..683eb0f62219 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -995,7 +995,7 @@ int define_category(void)
return -1;
}
-static int clone_level(hashtab_key_t key, hashtab_datum_t datum, void *arg)
+static int clone_level(hashtab_key_t key __attribute__ ((unused)), hashtab_datum_t datum, void *arg)
{
level_datum_t *levdatum = (level_datum_t *) datum;
mls_level_t *level = (mls_level_t *) arg, *newlevel;
@@ -2123,8 +2123,8 @@ role_datum_t *merge_roles_dom(role_datum_t * r1, role_datum_t * r2)
}
/* This function eliminates the ordering dependency of role dominance rule */
-static int dominate_role_recheck(hashtab_key_t key, hashtab_datum_t datum,
- void *arg)
+static int dominate_role_recheck(hashtab_key_t key __attribute__ ((unused)),
+ hashtab_datum_t datum, void *arg)
{
role_datum_t *rdp = (role_datum_t *) arg;
role_datum_t *rdatum = (role_datum_t *) datum;
@@ -3443,7 +3443,7 @@ static int parse_categories(char *id, level_datum_t * levdatum, ebitmap_t * cats
return 0;
}
-static int parse_semantic_categories(char *id, level_datum_t * levdatum,
+static int parse_semantic_categories(char *id, level_datum_t * levdatum __attribute__ ((unused)),
mls_semantic_cat_t ** cats)
{
cat_datum_t *cdatum;
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 20/20] libsepol/tests: fix gcc -Warray-bounds warning
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (18 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 19/20] checkpolicy: fix gcc -Wunused-variable warnings Nicolas Iooss
@ 2014-09-14 21:41 ` Nicolas Iooss
2014-10-01 19:00 ` [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Steve Lawrence
20 siblings, 0 replies; 22+ messages in thread
From: Nicolas Iooss @ 2014-09-14 21:41 UTC (permalink / raw)
To: selinux
test-linker-roles.c: In function 'module_role_tests':
test-linker-roles.c:147:7: error: array subscript is above array bounds
[-Werror=array-bounds]
decls[2] = (test_find_decl_by_sym(base, SYM_TYPES,"tag_g_m2"))->decl_id;
^
---
libsepol/tests/test-linker-roles.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libsepol/tests/test-linker-roles.c b/libsepol/tests/test-linker-roles.c
index 42f92d30f7f9..2c4a804704d6 100644
--- a/libsepol/tests/test-linker-roles.c
+++ b/libsepol/tests/test-linker-roles.c
@@ -101,7 +101,7 @@ void module_role_tests(policydb_t * base)
{
role_datum_t *role;
avrule_decl_t *decl;
- unsigned int decls[2];
+ unsigned int decls[3];
char *types[3];
/* These tests are run when the base is linked with 2 modules,
--
2.1.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* Re: [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags
2014-09-14 21:41 [PATCH 00/20] Compiling userland lib & tools with hardened gcc flags Nicolas Iooss
` (19 preceding siblings ...)
2014-09-14 21:41 ` [PATCH 20/20] libsepol/tests: fix gcc -Warray-bounds warning Nicolas Iooss
@ 2014-10-01 19:00 ` Steve Lawrence
20 siblings, 0 replies; 22+ messages in thread
From: Steve Lawrence @ 2014-10-01 19:00 UTC (permalink / raw)
To: Nicolas Iooss, selinux
On 09/14/2014 05:41 PM, Nicolas Iooss wrote:
> Hi,
>
> After I discovered libsepol/cil happened to use "%n" in printf format
> string, I decided to compile SELinux userland libraries and tools with
> more compilation flags. I used:
>
> CFLAGS = -O2 -pipe -Wall -Wextra -Werror \
> -D_FORTIFY_SOURCE=2 \
> -Wfloat-equal \
> -Wformat -Wformat-security \
> -Winit-self \
> -Wmissing-declarations \
> -Wpointer-arith \
> -Wshadow \
> -Wsign-compare \
> -Wstrict-prototypes \
> -Wwrite-strings \
> -Wno-unused-result \
> -fno-exceptions \
> -fstack-protector --param=ssp-buffer-size=4
> LDFLAGS = -Wl,-as-needed,-no-undefined,-z,relro,-z,now \
> -fstack-protector
>
> These warning flags are described in
> https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html.
>
> The build is broken when using all of these flags and this patchset is
> an attempt to fix some warnings/errors. Here is what I found:
>
> * Combining "-O2 -Wall -Werror" made the build fail because of use of
> unitialized variables. Patches 1, 2 and 3 fix this.
> * -Wshadow is already enabled when doing "make DEBUG=1" but this did not
> prevent some programs from shadowing global variables. Patches 4 and
> 5 fix this.
> * To make "-Wformat -Wformat-security" useful, a format attribute should
> be added to logging functions. When doing such a thing, gcc warns
> about some format string. Patches 6 and 7 add the attribute and fixes
> some new warnings.
> * While at it, checkpolicy logging function used "char *message" instead
> of "const char *message". Patch 8 modifies this.
> * -Wsign-compare makes gcc complains on some implicit casts. Patches 9,
> 10 and 11 fix the generated warnings.
> * -Wwrite-strings makes gcc complains when using code like:
>
> char *s = "text"
>
> Here, s is a pointer to a read-only location and should be made
> "const char*". Patches 12 to 17 fix most of these warnings. Some of
> them cannot be fixed without changing the API defined in
> /usr/include/sepol/policydb/hashtab.h (in short: replacing "const
> hashtab_key_t k" with "const char *k"). As this patchset focuses on
> fixing internal things, this API has not been changed.
> * -Wstrict-prototypes complained about some functions defined with an
> empty argument list instead of (void). Patch 18 adds the missing
> arguments and marks them with __attribute__ ((unused)) when
> applicable.
> * -Wunused-variable (from -Wall) made gcc complain about unused
> parameters in checkpolicy/. Patch 19 adds some __attribute__
> ((unused)).
> * -Wmissing-declarations helps finding missing "static" keyword when
> defining functions and missing headers when the function is willingly
> non-static. There are too many warnings caused by this flag to make
> it useful.
> * Last but not the least, when testing with "make test", gcc complained
> with -Warray-bounds warning because libsepol/tests/test-linker-roles.c
> had:
>
> unsigned int decls[2]
> /* ... */
> decls[2] = ...
>
> ... Patch 20 replaces the first "2" by "3" to fix this bug.
>
> With this patchset, the build succeeds when using the given CFLAGS
> configuration without -Wwrite-strings and -Wmissing-declarations.
>
> The linker_roles test from libsepol fails because CIL changed the way
> roles in base policy are managed:
>
> Suite: linker
> Test: linker_indexes ...passed
> Test: linker_types ...passed
> Test: linker_roles ...
> role o1_b_role_1 has 0 types, 1 expected
> [[SNIP]]
> FAILED
>
> This failure has not been introduced by this patchset and this patchset
> does not fix the test nor introduces new failures.
>
> Cheers
>
>
> Nicolas Iooss (20):
> libsepol: fix potential free of uninitialized pointer
> libsemanage: Fix use of unitialized variable
> policycoreutils/hll/pp: fix potential use of uninitialized variable
> policycoreutils/sandbox: fix debug build
> policycoreutils/semodule_package: fix debug build
> policycoreutils/hll/pp: add printf format attribute to relevant
> functions
> checkpolicy: add printf format attribute to relevant functions
> checkpolicy: constify the message written by yyerror and yywarn
> libselinux: fix gcc -Wsign-compare warnings
> checkpolicy: fix gcc -Wsign-compare warnings
> libsepol: fix most gcc -Wwrite-strings warnings
> libsemanage: constify name and ext_lang parameters of
> semanage_module_install_hll
> libsepol/cil: fix gcc -Wwrite-strings warnings
> libsemanage: fix gcc -Wwrite-strings warnings
> checkpolicy: fix most gcc -Wwrite-strings warnings
> policycoreutils/hll/pp: fix gcc -Wwrite-strings warnings
> policycoreutils: fix most gcc -Wwrite-strings warnings
> Fix gcc -Wstrict-prototypes warnings
> checkpolicy: fix gcc -Wunused-variable warnings
> libsepol/tests: fix gcc -Warray-bounds warning
>
> checkpolicy/checkmodule.c | 10 ++--
> checkpolicy/checkpolicy.c | 15 +++---
> checkpolicy/module_compiler.c | 13 ++---
> checkpolicy/policy_define.c | 33 ++++++------
> checkpolicy/policy_define.h | 2 +-
> checkpolicy/policy_parse.y | 6 +--
> checkpolicy/policy_scan.l | 8 +--
> checkpolicy/test/dismod.c | 6 +--
> checkpolicy/test/dispol.c | 8 +--
> libselinux/src/label_file.c | 9 ++--
> libselinux/src/label_file.h | 2 +-
> libselinux/utils/sefcontext_compile.c | 4 +-
> libsemanage/src/conf-parse.y | 6 +--
> libsemanage/src/direct_api.c | 4 +-
> libsemanage/src/modules.c | 2 +-
> libsemanage/src/modules.h | 2 +-
> libsemanage/src/policy.h | 2 +-
> libsemanage/src/seusers_local.c | 3 +-
> libsemanage/src/utilities.c | 6 +--
> libsemanage/src/utilities.h | 6 +--
> libsepol/cil/src/cil.c | 2 +-
> libsepol/cil/src/cil_mem.c | 2 +-
> libsepol/cil/src/cil_mem.h | 2 +-
> libsepol/cil/src/cil_policy.c | 10 ++--
> libsepol/cil/src/cil_strpool.c | 2 +-
> libsepol/cil/src/cil_strpool.h | 2 +-
> libsepol/include/sepol/policydb/services.h | 2 +-
> libsepol/src/link.c | 6 +--
> libsepol/src/policydb.c | 2 +-
> libsepol/src/policydb_internal.h | 2 +-
> libsepol/src/services.c | 22 ++++----
> libsepol/src/write.c | 2 +-
> libsepol/tests/test-linker-roles.c | 2 +-
> policycoreutils/hll/pp/pp.c | 61 ++++++++++++----------
> policycoreutils/newrole/newrole.c | 6 +--
> policycoreutils/restorecond/restorecond.c | 8 +--
> policycoreutils/restorecond/restorecond.h | 2 +-
> policycoreutils/restorecond/user.c | 2 +-
> policycoreutils/restorecond/utmpwatcher.c | 2 +-
> policycoreutils/restorecond/watch.c | 2 +-
> policycoreutils/run_init/run_init.c | 2 +-
> policycoreutils/sandbox/seunshare.c | 12 ++---
> .../semodule_package/semodule_package.c | 6 +--
> .../semodule_package/semodule_unpackage.c | 6 +--
> policycoreutils/setfiles/restore.h | 4 +-
> policycoreutils/setfiles/setfiles.c | 6 +--
> 46 files changed, 169 insertions(+), 155 deletions(-)
>
ACK'ed. All patches will be applied as part of rc3. Note that the CIL
patch will be applied separately to the CIL repo and merged in.
Thanks!
- Steve
^ permalink raw reply [flat|nested] 22+ messages in thread