Merge pull request #5 from mattiabiondi/master

PostInstall check, removed unused retvalue warnings, config.h patch
2020-01-14 07:30:29 +01:00 · 2020-01-14 07:30:29 +01:00 · 5e294e0a8c
parent 488e35af50 576d72c6b3
commit 5e294e0a8c
5 changed files with 36 additions and 27 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -6,7 +6,7 @@ project(cado
    LANGUAGES C)

 include(GNUInstallDirs)
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -pedantic")
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_FORTIFY_SOURCE=2 -O2 -Wall -pedantic")

 set(LIBS_REQUIRED cap execs mhash pam pam_misc)

@ -24,8 +24,8 @@ else (WITHEDITOR)
 endif (WITHEDITOR)

 configure_file(
-        "${PROJECT_SOURCE_DIR}/include/config.h.in"
-        "${PROJECT_SOURCE_DIR}/include/config.h"
+        "include/config.h.in"
+        "include/config.h"
 )

 add_subdirectory(man)
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@ -5,27 +5,27 @@ add_executable(
        read_conf.c set_ambient_cap.c compute_digest.c file_utils.c
        scado_parse.c cado_scado_check.c
 )
-target_include_directories(cado PRIVATE ${PROJECT_SOURCE_DIR}/include)
+target_include_directories(cado PRIVATE ${PROJECT_SOURCE_DIR}/include ${CMAKE_BINARY_DIR}/include)
 target_link_libraries(
        cado ${pam_library} ${pam_misc_library} ${cap_library} ${mhash_library}
        ${execs_library})

 add_executable(cadrop cadrop.c capset_from_namelist.c set_ambient_cap.c)
-target_include_directories(cadrop PRIVATE ${PROJECT_SOURCE_DIR}/include)
+target_include_directories(cadrop PRIVATE ${PROJECT_SOURCE_DIR}/include ${CMAKE_BINARY_DIR}/include)
 target_link_libraries(cadrop ${cap_library})

 add_executable(
        scado scado.c pam_check.c file_utils.c compute_digest.c
        capset_from_namelist.c scado_parse.c
 )
-target_include_directories(scado PRIVATE ${PROJECT_SOURCE_DIR}/include)
+target_include_directories(scado PRIVATE ${PROJECT_SOURCE_DIR}/include ${CMAKE_BINARY_DIR}/include)
 target_link_libraries(
        scado ${pam_library} ${pam_misc_library} ${cap_library} ${mhash_library}
        ${execs_library}
 )

 add_executable(caprint caprint.c)
-target_include_directories(caprint PRIVATE ${PROJECT_SOURCE_DIR}/include)
+target_include_directories(caprint PRIVATE ${PROJECT_SOURCE_DIR}/include ${CMAKE_BINARY_DIR}/include)
 target_link_libraries(caprint ${cap_library})

 install(
@ -34,11 +34,13 @@ install(
        DESTINATION ${CMAKE_INSTALL_BINDIR}
 )

-install(
-        CODE "execute_process(
-                COMMAND ${CMAKE_COMMAND}
-                -DBINDIR=${CMAKE_INSTALL_FULL_BINDIR}
-                -DLIBDIR=${CMAKE_INSTALL_FULL_LIBDIR}
-                -P ${PROJECT_SOURCE_DIR}/PostInstall.cmake
-        )"
-)
+if(NOT DEBUILD)
+        install(
+                CODE "execute_process(
+                        COMMAND ${CMAKE_COMMAND}
+                        -DBINDIR=${CMAKE_INSTALL_FULL_BINDIR}
+                        -DLIBDIR=${CMAKE_INSTALL_FULL_LIBDIR}
+                        -P ${PROJECT_SOURCE_DIR}/PostInstall.cmake
+                )"
+        )
+endif()
--- a/src/cado.c
+++ b/src/cado.c
@ -198,7 +198,10 @@ int main(int argc, char*argv[])
 	grantcap = reqcaps & okcaps;

 	/* revert setgid mode */
-	setuid(getuid());
+	if (setuid(getuid()) < 0) {
+		fprintf(stderr,"%s: setuid failure\n",progname);
+		exit(2);
+	}

 	/* ask for pam authorization (usually password) if required */
 	if (pam_check_required && pam_check(user_groups[0]) != PAM_SUCCESS) {
--- a/src/compute_digest.c
+++ b/src/compute_digest.c
@ -43,7 +43,12 @@ static ssize_t fcompute_digest(int infd, int outfd, char *ascii_digest) {

 	while ((n=read(infd,buf,BUFSIZE)) > 0) {
 		mhash(td, buf, n);
-		if (outfd >= 0) write(outfd, buf, n);
+		if (outfd >= 0) {
+			if (write(outfd, buf, n) < 0) {
+				n = -1;
+				break;
+			}
+		}
 		rv += n;
 	}

--- a/src/scado.c
+++ b/src/scado.c
@ -97,12 +97,12 @@ static int editor_garbage_collect(char *path) {
 	if(!(childpid = fork())) {
 		/* Child */
 		if(!fork()) {
-			char c = 0;
 			/* Grandchild */
-			if (close(checkpipe[1]) == 0 && setsid() > 0) 
-				read(checkpipe[0], &c, 1);
-			if (c == 0)
-				unlink(path);
+			if (close(checkpipe[1]) == 0 && setsid() > 0) {
+				char c;
+				if (read(checkpipe[0], &c, 1) == 0)
+					unlink(path);
+			}
 			exit(0);
 		} else
 			exit(0);
@ -115,7 +115,8 @@ static int editor_garbage_collect(char *path) {

 static void editor_garbage_collect_do_not_unlink(int fd) {
 	char c = 'K'; // keep it, any other non-null char would fit.
-	write(fd, &c, 1);
+	int n = write(fd, &c, 1);
+	(void) n;
 }

 /* command line selectable functions */
@ -188,7 +189,7 @@ int scado_edit(char *progname, char *username, char *program_path) {
 	char tmp_file[PATH_MAX];
 	char scado_file[PATH_MAX];
 	char *editor;
-	char *args = NULL;
+	char *args;
 	int status = 0;
 	pid_t pid, xpid;
 	char digest_before[DIGESTSTRLEN + 1];
@ -242,9 +243,7 @@ int scado_edit(char *progname, char *username, char *program_path) {
 				exit(ERROR_EXIT);
 			}

-			asprintf(&args, "%s %s", editor, tmp_file);
-
-			if (args == NULL) {
+			if (asprintf(&args, "%s %s", editor, tmp_file) < 0) {
 				exit(ERROR_EXIT);
 			}