mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 09:57:41 +00:00
Code Issues Releases Wiki Activity

Suppress PVS Studio false positives.

Browse Source
This commit is contained in:
Todd C. Miller 2021-01-06 14:27:09 -07:00
parent 108e29446d
commit 4e11bc0e26
22 changed files with 473 additions and 517 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/eventlog/eventlog.c
View File

@ -348,7 +348,7 @@ exec_mailer(int pipein)
/* Set stdin to read side of the pipe. */
if (dup3(pipein, STDIN_FILENO, 0) == -1) {
syslog(LOG_ERR, _("unable to dup stdin: %m"));
syslog(LOG_ERR, _("unable to dup stdin: %m")); // -V618
sudo_debug_printf(SUDO_DEBUG_ERROR,
"unable to dup stdin: %s", strerror(errno));
sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
@ -357,7 +357,7 @@ exec_mailer(int pipein)
/* Build up an argv based on the mailer path and flags */
if ((mflags = strdup(evl_conf.mailerflags)) == NULL) {
syslog(LOG_ERR, _("unable to allocate memory"));
syslog(LOG_ERR, _("unable to allocate memory")); // -V618
sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
_exit(127);
}
@ -393,7 +393,7 @@ exec_mailer(int pipein)
execve(mpath, argv, root_envp);
else
execv(mpath, argv);
syslog(LOG_ERR, _("unable to execute %s: %m"), mpath);
syslog(LOG_ERR, _("unable to execute %s: %m"), mpath); // -V618
sudo_debug_printf(SUDO_DEBUG_ERROR, "unable to execute %s: %s",
mpath, strerror(errno));
_exit(127);
@ -441,7 +441,7 @@ send_mail(const struct eventlog *evlog, const char *fmt, ...)
switch (fork()) {
case -1:
/* Error. */
syslog(LOG_ERR, _("unable to fork: %m"));
syslog(LOG_ERR, _("unable to fork: %m")); // -V618
sudo_debug_printf(SUDO_DEBUG_ERROR, "unable to fork: %s",
strerror(errno));
sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
@ -485,7 +485,7 @@ send_mail(const struct eventlog *evlog, const char *fmt, ...)
closefrom_nodebug(STDERR_FILENO + 1);
if (pipe2(pfd, O_CLOEXEC) == -1) {
syslog(LOG_ERR, _("unable to open pipe: %m"));
syslog(LOG_ERR, _("unable to open pipe: %m")); // -V618
sudo_debug_printf(SUDO_DEBUG_ERROR, "unable to open pipe: %s",
strerror(errno));
sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
@ -495,7 +495,7 @@ send_mail(const struct eventlog *evlog, const char *fmt, ...)
switch (pid = sudo_debug_fork()) {
case -1:
/* Error. */
syslog(LOG_ERR, _("unable to fork: %m"));
syslog(LOG_ERR, _("unable to fork: %m")); // -V618
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"unable to fork");

2
lib/util/arc4random.c
View File

@ -142,7 +142,7 @@ _rs_rekey(unsigned char *dat, size_t datlen)
}
/* immediately reinit for backtracking resistance */
_rs_init(rs_buf, KEYSZ + IVSZ);
memset(rs_buf, 0, KEYSZ + IVSZ);
memset(rs_buf, 0, KEYSZ + IVSZ); // -V512
rs_have = sizeof(rs_buf) - KEYSZ - IVSZ;
}

1
lib/util/sudo_debug.c
View File

@ -239,6 +239,7 @@ sudo_debug_new_output(struct sudo_debug_instance *instance,
return output;
oom:
// -V:sudo_warn_nodebug:575, 618
sudo_warn_nodebug(NULL);
bad:
if (output != NULL)

2
plugins/audit_json/audit_json.c
View File

@ -456,7 +456,7 @@ audit_write_exit_record(int exit_status, int error)
goto oom;
} else {
json_value.type = JSON_STRING;
json_value.u.string = signame;
json_value.u.string = signame; // -V507
if (!sudo_json_add_value(&json, "signal", &json_value))
goto oom;
}

8
plugins/python/python_convmessage.c
View File

@ -50,11 +50,11 @@ _sudo_ConvMessage__Init(PyObject *py_self, PyObject *py_args, PyObject *py_kwarg
goto cleanup;
py_object_set_attr_number(py_self, "timeout", conv_message.timeout);
if (PyErr_Occurred())
if (PyErr_Occurred()) // -V547
goto cleanup;
py_object_set_attr_string(py_self, "msg", conv_message.msg);
if (PyErr_Occurred())
if (PyErr_Occurred()) // -V547
goto cleanup;
cleanup:
@ -113,11 +113,11 @@ sudo_module_ConvMessage_to_c(PyObject *py_conv_message, struct sudo_conv_message
debug_return_int(SUDO_RC_ERROR);
conv_message->timeout = (int)py_object_get_optional_attr_number(py_conv_message, "timeout");
if (PyErr_Occurred())
if (PyErr_Occurred()) // -V547
debug_return_int(SUDO_RC_ERROR);
conv_message->msg = py_object_get_optional_attr_string(py_conv_message, "msg");
if (PyErr_Occurred())
if (PyErr_Occurred()) // -V547
debug_return_int(SUDO_RC_ERROR);
debug_return_int(SUDO_RC_OK);

2
plugins/sudoers/auth/pam.c
View File

@ -252,7 +252,7 @@ sudo_pam_init2(struct passwd *pw, sudo_auth *auth, bool quiet)
if (ttypath == NULL)
ttypath = "";
#endif
if (ttypath != NULL) {
if (ttypath != NULL) { // -V547
rc = pam_set_item(pamh, PAM_TTY, ttypath);
if (rc != PAM_SUCCESS) {
errstr = sudo_pam_strerror(pamh, rc);

185
plugins/sudoers/getdate.c
View File

@ -29,6 +29,9 @@
/* SUPPRESS 287 on yaccpar_sccsid *//* Unused static variable */
/* SUPPRESS 288 on yyerrlab *//* Label unused */
/* PVS Studio suppression*/
/* -V::1037, 1042*/
#include <config.h>
#include <stdio.h>
@ -106,7 +109,7 @@ static int yyerror(const char *s);
static int yylex(void);
int yyparse(void);
#line 94 "getdate.y"
#line 97 "getdate.y"
#ifndef YYSTYPE_DEFINED
#define YYSTYPE_DEFINED
typedef union {
@ -114,7 +117,7 @@ typedef union {
enum _MERIDIAN Meridian;
} YYSTYPE;
#endif /* YYSTYPE_DEFINED */
#line 112 "getdate.c"
#line 115 "getdate.c"
#define tAGO 257
#define tDAY 258
#define tDAYZONE 259
@ -129,11 +132,7 @@ typedef union {
#define tZONE 268
#define tDST 269
#define YYERRCODE 256
#if defined(__cplusplus) || defined(__STDC__)
const short yylhs[] =
#else
short yylhs[] =
#endif
{ -1,
0, 0, 2, 2, 2, 2, 2, 2, 3, 3,
3, 3, 3, 4, 4, 4, 6, 6, 6, 5,
@ -141,11 +140,7 @@ short yylhs[] =
9, 9, 9, 9, 9, 9, 9, 9, 8, 1,
1,
};
#if defined(__cplusplus) || defined(__STDC__)
const short yylen[] =
#else
short yylen[] =
#endif
{ 2,
0, 2, 1, 1, 1, 1, 1, 1, 2, 4,
4, 6, 6, 1, 1, 2, 1, 2, 2, 3,
@ -153,11 +148,7 @@ short yylen[] =
2, 1, 2, 2, 1, 2, 2, 1, 1, 0,
1,
};
#if defined(__cplusplus) || defined(__STDC__)
const short yydefred[] =
#else
short yydefred[] =
#endif
{ 1,
0, 0, 15, 32, 0, 38, 35, 0, 0, 0,
2, 3, 4, 5, 6, 7, 8, 0, 18, 0,
@ -165,50 +156,30 @@ short yydefred[] =
0, 0, 16, 28, 0, 23, 27, 22, 0, 0,
25, 41, 11, 0, 10, 0, 0, 21, 13, 12,
};
#if defined(__cplusplus) || defined(__STDC__)
const short yydgoto[] =
#else
short yydgoto[] =
#endif
{ 1,
45, 11, 12, 13, 14, 15, 16, 17, 18,
};
#if defined(__cplusplus) || defined(__STDC__)
const short yysindex[] =
#else
short yysindex[] =
#endif
{ 0,
-249, -38, 0, 0, -260, 0, 0, -240, -47, -248,
0, 0, 0, 0, 0, 0, 0, -237, 0, -18,
0, 0, 0, 0, 0, 0, -262, 0, 0, -239,
-238, -236, 0, 0, -235, 0, 0, 0, -56, -19,
0, 0, 0, -234, 0, -232, -258, 0, 0, 0,};
#if defined(__cplusplus) || defined(__STDC__)
const short yyrindex[] =
#else
short yyrindex[] =
#endif
{ 0,
0, 1, 0, 0, 0, 0, 0, 0, 69, 12,
0, 0, 0, 0, 0, 0, 0, 23, 0, 34,
0, 0, 0, 0, 0, 0, 67, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 56, 45,
0, 0, 0, 0, 0, 0, 56, 0, 0, 0,};
#if defined(__cplusplus) || defined(__STDC__)
const short yygindex[] =
#else
short yygindex[] =
#endif
{ 0,
-17, 0, 0, 0, 0, 0, 0, 0, 0,
};
#define YYTABLESIZE 337
#if defined(__cplusplus) || defined(__STDC__)
const short yytable[] =
#else
short yytable[] =
#endif
{ 32,
17, 44, 42, 36, 37, 19, 20, 49, 2, 3,
31, 14, 4, 5, 6, 7, 8, 9, 10, 34,
@ -245,11 +216,7 @@ short yytable[] =
40, 0, 40, 40, 26, 26, 0, 39, 26, 26,
26, 26, 0, 0, 26, 39, 39,
};
#if defined(__cplusplus) || defined(__STDC__)
const short yycheck[] =
#else
short yycheck[] =
#endif
{ 47,
0, 58, 261, 266, 267, 44, 267, 266, 258, 259,
58, 0, 262, 263, 264, 265, 266, 267, 268, 257,
@ -292,11 +259,7 @@ short yycheck[] =
#endif
#define YYMAXTOKEN 269
#if YYDEBUG
#if defined(__cplusplus) || defined(__STDC__)
const char * const yyname[] =
#else
char *yyname[] =
#endif
{
"end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,"','",0,0,"'/'",0,0,0,0,0,0,0,0,0,0,"':'",0,0,0,0,0,0,0,0,0,
@ -308,11 +271,7 @@ char *yyname[] =
"tDAYZONE","tID","tMERIDIAN","tMINUTE_UNIT","tMONTH","tMONTH_UNIT","tSEC_UNIT",
"tSNUMBER","tUNUMBER","tZONE","tDST",
};
#if defined(__cplusplus) || defined(__STDC__)
const char * const yyrule[] =
#else
char *yyrule[] =
#endif
{"$accept : spec",
"spec :",
"spec : spec item",
@ -383,7 +342,7 @@ short *yysslim;
YYSTYPE *yyvs;
unsigned int yystacksize;
int yyparse(void);
#line 313 "getdate.y"
#line 316 "getdate.y"
/* Month and day table. */
static TABLE const MonthDayTable[] = {
@ -1005,13 +964,9 @@ main(int argc, char *argv[])
/* NOTREACHED */
}
#endif /* TEST */
#line 951 "getdate.c"
#line 954 "getdate.c"
/* allocate initial stack or double stack size, up to YYMAXDEPTH */
#if defined(__cplusplus) || defined(__STDC__)
static int yygrowstack(void)
#else
static int yygrowstack()
#endif
{
unsigned int newsize;
long sslen;
@ -1027,23 +982,19 @@ static int yygrowstack()
#ifdef SIZE_MAX
#define YY_SIZE_MAX SIZE_MAX
#else
#ifdef __STDC__
#define YY_SIZE_MAX 0xffffffffU
#else
#define YY_SIZE_MAX (unsigned int)0xffffffff
#endif
#endif
if (YY_SIZE_MAX / newsize < sizeof *newss)
goto bail;
sslen = yyssp - yyss;
newss = yyss ? (short *)realloc(yyss, newsize * sizeof *newss) :
(short *)malloc(newsize * sizeof *newss); /* overflow check above */
newss = yyss ? realloc(yyss, newsize * sizeof *newss) :
malloc(newsize * sizeof *newss); /* overflow check above */
if (newss == NULL)
goto bail;
yyss = newss;
yyssp = newss + sslen;
newvs = yyvs ? (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs) :
(YYSTYPE *)malloc(newsize * sizeof *newvs); /* overflow check above */
newvs = yyvs ? realloc(yyvs, newsize * sizeof *newvs) :
malloc(newsize * sizeof *newvs); /* overflow check above */
if (newvs == NULL)
goto bail;
yyvs = newvs;
@ -1052,9 +1003,7 @@ static int yygrowstack()
yysslim = yyss + newsize - 1;
return 0;
bail:
if (yyss)
free(yyss);
if (yyvs)
free(yyvs);
yyss = yyssp = NULL;
yyvs = yyvsp = NULL;
@ -1067,19 +1016,11 @@ bail:
#define YYACCEPT goto yyaccept
#define YYERROR goto yyerrlab
int
#if defined(__cplusplus) || defined(__STDC__)
yyparse(void)
#else
yyparse()
#endif
{
int yym, yyn, yystate;
#if YYDEBUG
#if defined(__cplusplus) || defined(__STDC__)
const char *yys;
#else /* !(defined(__cplusplus) || defined(__STDC__)) */
char *yys;
#endif /* !(defined(__cplusplus) || defined(__STDC__)) */
if ((yys = getenv("YYDEBUG")))
{
@ -1214,37 +1155,37 @@ yyreduce:
switch (yyn)
{
case 3:
#line 112 "getdate.y"
#line 115 "getdate.y"
{
yyHaveTime++;
}
break;
case 4:
#line 115 "getdate.y"
#line 118 "getdate.y"
{
yyHaveZone++;
}
break;
case 5:
#line 118 "getdate.y"
#line 121 "getdate.y"
{
yyHaveDate++;
}
break;
case 6:
#line 121 "getdate.y"
#line 124 "getdate.y"
{
yyHaveDay++;
}
break;
case 7:
#line 124 "getdate.y"
#line 127 "getdate.y"
{
yyHaveRel++;
}
break;
case 9:
#line 130 "getdate.y"
#line 133 "getdate.y"
{
yyHour = yyvsp[-1].Number;
yyMinutes = 0;
@ -1253,7 +1194,7 @@ case 9:
}
break;
case 10:
#line 136 "getdate.y"
#line 139 "getdate.y"
{
yyHour = yyvsp[-3].Number;
yyMinutes = yyvsp[-1].Number;
@ -1262,7 +1203,7 @@ case 10:
}
break;
case 11:
#line 142 "getdate.y"
#line 145 "getdate.y"
{
yyHour = yyvsp[-3].Number;
yyMinutes = yyvsp[-1].Number;
@ -1272,7 +1213,7 @@ case 11:
}
break;
case 12:
#line 149 "getdate.y"
#line 152 "getdate.y"
{
yyHour = yyvsp[-5].Number;
yyMinutes = yyvsp[-3].Number;
@ -1281,7 +1222,7 @@ case 12:
}
break;
case 13:
#line 155 "getdate.y"
#line 158 "getdate.y"
{
yyHour = yyvsp[-5].Number;
yyMinutes = yyvsp[-3].Number;
@ -1292,56 +1233,56 @@ case 13:
}
break;
case 14:
#line 165 "getdate.y"
#line 168 "getdate.y"
{
yyTimezone = yyvsp[0].Number;
yyDSTmode = DSToff;
}
break;
case 15:
#line 169 "getdate.y"
#line 172 "getdate.y"
{
yyTimezone = yyvsp[0].Number;
yyDSTmode = DSTon;
}
break;
case 16:
#line 174 "getdate.y"
#line 177 "getdate.y"
{
yyTimezone = yyvsp[-1].Number;
yyDSTmode = DSTon;
}
break;
case 17:
#line 180 "getdate.y"
#line 183 "getdate.y"
{
yyDayOrdinal = 1;
yyDayNumber = yyvsp[0].Number;
}
break;
case 18:
#line 184 "getdate.y"
#line 187 "getdate.y"
{
yyDayOrdinal = 1;
yyDayNumber = yyvsp[-1].Number;
}
break;
case 19:
#line 188 "getdate.y"
#line 191 "getdate.y"
{
yyDayOrdinal = yyvsp[-1].Number;
yyDayNumber = yyvsp[0].Number;
}
break;
case 20:
#line 194 "getdate.y"
#line 197 "getdate.y"
{
yyMonth = yyvsp[-2].Number;
yyDay = yyvsp[0].Number;
}
break;
case 21:
#line 198 "getdate.y"
#line 201 "getdate.y"
{
if (yyvsp[-4].Number >= 100) {
yyYear = yyvsp[-4].Number;
@ -1355,7 +1296,7 @@ case 21:
}
break;
case 22:
#line 209 "getdate.y"
#line 212 "getdate.y"
{
/* ISO 8601 format. yyyy-mm-dd. */
yyYear = yyvsp[-2].Number;
@ -1364,7 +1305,7 @@ case 22:
}
break;
case 23:
#line 215 "getdate.y"
#line 218 "getdate.y"
{
/* e.g. 17-JUN-1992. */
yyDay = yyvsp[-2].Number;
@ -1373,14 +1314,14 @@ case 23:
}
break;
case 24:
#line 221 "getdate.y"
#line 224 "getdate.y"
{
yyMonth = yyvsp[-1].Number;
yyDay = yyvsp[0].Number;
}
break;
case 25:
#line 225 "getdate.y"
#line 228 "getdate.y"
{
yyMonth = yyvsp[-3].Number;
yyDay = yyvsp[-2].Number;
@ -1388,14 +1329,14 @@ case 25:
}
break;
case 26:
#line 230 "getdate.y"
#line 233 "getdate.y"
{
yyMonth = yyvsp[0].Number;
yyDay = yyvsp[-1].Number;
}
break;
case 27:
#line 234 "getdate.y"
#line 237 "getdate.y"
{
yyMonth = yyvsp[-1].Number;
yyDay = yyvsp[-2].Number;
@ -1403,68 +1344,68 @@ case 27:
}
break;
case 28:
#line 241 "getdate.y"
#line 244 "getdate.y"
{
yyRelSeconds = -yyRelSeconds;
yyRelMonth = -yyRelMonth;
}
break;
case 30:
#line 248 "getdate.y"
{
yyRelSeconds += yyvsp[-1].Number * yyvsp[0].Number * 60L;
}
break;
case 31:
#line 251 "getdate.y"
{
yyRelSeconds += yyvsp[-1].Number * yyvsp[0].Number * 60L;
}
break;
case 32:
case 31:
#line 254 "getdate.y"
{
yyRelSeconds += yyvsp[-1].Number * yyvsp[0].Number * 60L;
}
break;
case 32:
#line 257 "getdate.y"
{
yyRelSeconds += yyvsp[0].Number * 60L;
}
break;
case 33:
#line 257 "getdate.y"
{
yyRelSeconds += yyvsp[-1].Number;
}
break;
case 34:
#line 260 "getdate.y"
{
yyRelSeconds += yyvsp[-1].Number;
}
break;
case 35:
case 34:
#line 263 "getdate.y"
{
yyRelSeconds += yyvsp[-1].Number;
}
break;
case 35:
#line 266 "getdate.y"
{
yyRelSeconds++;
}
break;
case 36:
#line 266 "getdate.y"
{
yyRelMonth += yyvsp[-1].Number * yyvsp[0].Number;
}
break;
case 37:
#line 269 "getdate.y"
{
yyRelMonth += yyvsp[-1].Number * yyvsp[0].Number;
}
break;
case 38:
case 37:
#line 272 "getdate.y"
{
yyRelMonth += yyvsp[-1].Number * yyvsp[0].Number;
}
break;
case 38:
#line 275 "getdate.y"
{
yyRelMonth += yyvsp[0].Number;
}
break;
case 39:
#line 277 "getdate.y"
#line 280 "getdate.y"
{
if (yyHaveTime && yyHaveDate && !yyHaveRel)
yyYear = yyvsp[0].Number;
@ -1492,18 +1433,18 @@ case 39:
}
break;
case 40:
#line 304 "getdate.y"
#line 307 "getdate.y"
{
yyval.Meridian = MER24;
}
break;
case 41:
#line 307 "getdate.y"
#line 310 "getdate.y"
{
yyval.Meridian = yyvsp[0].Meridian;
}
break;
#line 1449 "getdate.c"
#line 1434 "getdate.c"
}
yyssp -= yym;
yystate = *yyssp;
@ -1556,18 +1497,14 @@ to state %d\n", YYPREFIX, *yyssp, yystate);
yyoverflow:
yyerror("yacc stack overflow");
yyabort:
if (yyss)
free(yyss);
if (yyvs)
free(yyvs);
yyss = yyssp = NULL;
yyvs = yyvsp = NULL;
yystacksize = 0;
return (1);
yyaccept:
if (yyss)
free(yyss);
if (yyvs)
free(yyvs);
yyss = yyssp = NULL;
yyvs = yyvsp = NULL;

3
plugins/sudoers/getdate.y
View File

@ -12,6 +12,9 @@
/* SUPPRESS 287 on yaccpar_sccsid *//* Unused static variable */
/* SUPPRESS 288 on yyerrlab *//* Label unused */
// PVS Studio suppression
// -V::1037, 1042
#include <config.h>
#include <stdio.h>

2
plugins/sudoers/goodpath.c
View File

@ -55,7 +55,7 @@ sudo_goodpath(const char *path, const char *runchroot, struct stat *sbp)
errno = ENAMETOOLONG;
goto done;
}
path = pathbuf;
path = pathbuf; // -V507
}
if (sbp == NULL)
sbp = &sb;

554
plugins/sudoers/gram.c
View File

File diff suppressed because it is too large Load Diff

2
plugins/sudoers/gram.h
View File

@ -167,7 +167,7 @@ extern int sudoersdebug;
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
union YYSTYPE
{
#line 80 "gram.y"
#line 83 "gram.y"
struct cmndspec *cmndspec;
struct defaults *defaults;

4
plugins/sudoers/gram.y
View File

@ -45,6 +45,9 @@
/* If we last saw a newline the entry is on the preceding line. */
#define this_lineno (sudoerschar == '\n' ? sudolineno - 1 : sudolineno)
// PVS Studio suppression
// -V::1037, 1042
/*
* Globals
*/
@ -1104,6 +1107,7 @@ sudoerserrorf(const char *fmt, ...)
void
sudoerserror(const char *s)
{
// -V:sudoerserror:575, 618
if (s == NULL)
sudoerserrorf(NULL);
else

2
plugins/sudoers/rcstr.c
View File

@ -66,7 +66,7 @@ rcstr_alloc(size_t len)
rcs->refcnt = 1;
rcs->str[0] = '\0';
/* cppcheck-suppress memleak */
debug_return_ptr(rcs->str);
debug_return_ptr(rcs->str); // -V773
}
char *

2
plugins/sudoers/redblack.c
View File

@ -109,7 +109,7 @@ rbcreate(int (*compar)(const void *, const void*))
* Similarly, the fake root node keeps us from having to worry
* about splitting the root.
*/
tree->root.left = tree->root.right = tree->root.parent = &tree->nil;
tree->root.left = tree->root.right = tree->root.parent = &tree->nil; // -V778
tree->root.color = black;
tree->root.data = NULL;

177
plugins/sudoers/toke.c
View File

@ -2759,6 +2759,9 @@ char *sudoerstext;
# define NAMLEN(dirent) strlen((dirent)->d_name)
#endif
// PVS Studio suppression
// -V::519, 1004, 1037
int sudolineno; /* current sudoers line number. */
char *sudoers; /* sudoers file being parsed. */
struct sudolinebuf sudolinebuf; /* sudoers line being parsed. */
@ -2801,7 +2804,7 @@ int (*trace_print)(const char *msg) = sudoers_trace_print;
#line 2799 "toke.c"
#line 2802 "toke.c"
#define INITIAL 0
#define GOTDEFS 1
@ -3021,9 +3024,9 @@ YY_DECL
}
{
#line 114 "toke.l"
#line 117 "toke.l"
#line 3021 "toke.c"
#line 3024 "toke.c"
while ( 1 ) /* loops until end-of-file is reached */
{
@ -3083,7 +3086,7 @@ do_action: /* This label is used only to access EOF actions. */
case 1:
YY_RULE_SETUP
#line 115 "toke.l"
#line 118 "toke.l"
{
LEXTRACE(", ");
return ',';
@ -3091,12 +3094,12 @@ YY_RULE_SETUP
YY_BREAK
case 2:
YY_RULE_SETUP
#line 120 "toke.l"
#line 123 "toke.l"
BEGIN STARTDEFS;
YY_BREAK
case 3:
YY_RULE_SETUP
#line 122 "toke.l"
#line 125 "toke.l"
{
BEGIN INDEFS;
LEXTRACE("DEFVAR ");
@ -3108,7 +3111,7 @@ YY_RULE_SETUP
case 4:
YY_RULE_SETUP
#line 131 "toke.l"
#line 134 "toke.l"
{
BEGIN STARTDEFS;
LEXTRACE(", ");
@ -3117,7 +3120,7 @@ YY_RULE_SETUP
YY_BREAK
case 5:
YY_RULE_SETUP
#line 137 "toke.l"
#line 140 "toke.l"
{
LEXTRACE("= ");
return '=';
@ -3125,7 +3128,7 @@ YY_RULE_SETUP
YY_BREAK
case 6:
YY_RULE_SETUP
#line 142 "toke.l"
#line 145 "toke.l"
{
LEXTRACE("+= ");
return '+';
@ -3133,7 +3136,7 @@ YY_RULE_SETUP
YY_BREAK
case 7:
YY_RULE_SETUP
#line 147 "toke.l"
#line 150 "toke.l"
{
LEXTRACE("-= ");
return '-';
@ -3141,7 +3144,7 @@ YY_RULE_SETUP
YY_BREAK
case 8:
YY_RULE_SETUP
#line 152 "toke.l"
#line 155 "toke.l"
{
LEXTRACE("BEGINSTR ");
sudoerslval.string = NULL;
@ -3151,7 +3154,7 @@ YY_RULE_SETUP
YY_BREAK
case 9:
YY_RULE_SETUP
#line 159 "toke.l"
#line 162 "toke.l"
{
LEXTRACE("WORD(2) ");
if (!fill(sudoerstext, sudoersleng))
@ -3164,7 +3167,7 @@ YY_RULE_SETUP
case 10:
/* rule 10 can match eol */
YY_RULE_SETUP
#line 168 "toke.l"
#line 171 "toke.l"
{
/* Line continuation char followed by newline. */
sudolineno++;
@ -3173,7 +3176,7 @@ YY_RULE_SETUP
YY_BREAK
case 11:
YY_RULE_SETUP
#line 174 "toke.l"
#line 177 "toke.l"
{
LEXTRACE("ENDSTR ");
BEGIN prev_state;
@ -3211,7 +3214,7 @@ YY_RULE_SETUP
YY_BREAK
case 12:
YY_RULE_SETUP
#line 209 "toke.l"
#line 212 "toke.l"
{
LEXTRACE("BACKSLASH ");
if (!append(sudoerstext, sudoersleng))
@ -3220,7 +3223,7 @@ YY_RULE_SETUP
YY_BREAK
case 13:
YY_RULE_SETUP
#line 215 "toke.l"
#line 218 "toke.l"
{
LEXTRACE("STRBODY ");
if (!append(sudoerstext, sudoersleng))
@ -3231,7 +3234,7 @@ YY_RULE_SETUP
case 14:
YY_RULE_SETUP
#line 223 "toke.l"
#line 226 "toke.l"
{
/* quoted fnmatch glob char, pass verbatim */
LEXTRACE("QUOTEDCHAR ");
@ -3242,7 +3245,7 @@ YY_RULE_SETUP
YY_BREAK
case 15:
YY_RULE_SETUP
#line 231 "toke.l"
#line 234 "toke.l"
{
/* quoted sudoers special char, strip backslash */
LEXTRACE("QUOTEDCHAR ");
@ -3254,7 +3257,7 @@ YY_RULE_SETUP
case 16:
/* rule 16 can match eol */
YY_RULE_SETUP
#line 239 "toke.l"
#line 242 "toke.l"
{
BEGIN INITIAL;
sudoersless(0);
@ -3264,7 +3267,7 @@ YY_RULE_SETUP
YY_BREAK
case 17:
YY_RULE_SETUP
#line 246 "toke.l"
#line 249 "toke.l"
{
LEXTRACE("ARG ");
if (!fill_args(sudoerstext, sudoersleng, sawspace))
@ -3275,7 +3278,7 @@ YY_RULE_SETUP
case 18:
YY_RULE_SETUP
#line 254 "toke.l"
#line 257 "toke.l"
{
/* Only return DIGEST if the length is correct. */
yy_size_t digest_len =
@ -3293,7 +3296,7 @@ YY_RULE_SETUP
YY_BREAK
case 19:
YY_RULE_SETUP
#line 269 "toke.l"
#line 272 "toke.l"
{
/* Only return DIGEST if the length is correct. */
yy_size_t len, digest_len =
@ -3318,7 +3321,7 @@ YY_RULE_SETUP
YY_BREAK
case 20:
YY_RULE_SETUP
#line 291 "toke.l"
#line 294 "toke.l"
{
if (continued) {
sudoerserror(N_("invalid line continuation"));
@ -3333,7 +3336,7 @@ YY_RULE_SETUP
YY_BREAK
case 21:
YY_RULE_SETUP
#line 303 "toke.l"
#line 306 "toke.l"
{
if (continued) {
sudoerserror(N_("invalid line continuation"));
@ -3349,7 +3352,7 @@ YY_RULE_SETUP
case 22:
/* rule 22 can match eol */
YY_RULE_SETUP
#line 315 "toke.l"
#line 318 "toke.l"
{
if (continued) {
sudoerserror(N_("invalid line continuation"));
@ -3369,7 +3372,7 @@ YY_RULE_SETUP
case 23:
/* rule 23 can match eol */
YY_RULE_SETUP
#line 331 "toke.l"
#line 334 "toke.l"
{
if (continued) {
sudoerserror(N_("invalid line continuation"));
@ -3388,7 +3391,7 @@ YY_RULE_SETUP
YY_BREAK
case 24:
YY_RULE_SETUP
#line 347 "toke.l"
#line 350 "toke.l"
{
char deftype;
int n;
@ -3432,7 +3435,7 @@ YY_RULE_SETUP
YY_BREAK
case 25:
YY_RULE_SETUP
#line 388 "toke.l"
#line 391 "toke.l"
{
int n;
@ -3462,7 +3465,7 @@ YY_RULE_SETUP
YY_BREAK
case 26:
YY_RULE_SETUP
#line 415 "toke.l"
#line 418 "toke.l"
{
/* cmnd does not require passwd for this user */
LEXTRACE("NOPASSWD ");
@ -3471,7 +3474,7 @@ YY_RULE_SETUP
YY_BREAK
case 27:
YY_RULE_SETUP
#line 421 "toke.l"
#line 424 "toke.l"
{
/* cmnd requires passwd for this user */
LEXTRACE("PASSWD ");
@ -3480,7 +3483,7 @@ YY_RULE_SETUP
YY_BREAK
case 28:
YY_RULE_SETUP
#line 427 "toke.l"
#line 430 "toke.l"
{
LEXTRACE("NOEXEC ");
return NOEXEC;
@ -3488,7 +3491,7 @@ YY_RULE_SETUP
YY_BREAK
case 29:
YY_RULE_SETUP
#line 432 "toke.l"
#line 435 "toke.l"
{
LEXTRACE("EXEC ");
return EXEC;
@ -3496,7 +3499,7 @@ YY_RULE_SETUP
YY_BREAK
case 30:
YY_RULE_SETUP
#line 437 "toke.l"
#line 440 "toke.l"
{
LEXTRACE("SETENV ");
return SETENV;
@ -3504,7 +3507,7 @@ YY_RULE_SETUP
YY_BREAK
case 31:
YY_RULE_SETUP
#line 442 "toke.l"
#line 445 "toke.l"
{
LEXTRACE("NOSETENV ");
return NOSETENV;
@ -3512,7 +3515,7 @@ YY_RULE_SETUP
YY_BREAK
case 32:
YY_RULE_SETUP
#line 447 "toke.l"
#line 450 "toke.l"
{
LEXTRACE("LOG_OUTPUT ");
return LOG_OUTPUT;
@ -3520,7 +3523,7 @@ YY_RULE_SETUP
YY_BREAK
case 33:
YY_RULE_SETUP
#line 452 "toke.l"
#line 455 "toke.l"
{
LEXTRACE("NOLOG_OUTPUT ");
return NOLOG_OUTPUT;
@ -3528,7 +3531,7 @@ YY_RULE_SETUP
YY_BREAK
case 34:
YY_RULE_SETUP
#line 457 "toke.l"
#line 460 "toke.l"
{
LEXTRACE("LOG_INPUT ");
return LOG_INPUT;
@ -3536,7 +3539,7 @@ YY_RULE_SETUP
YY_BREAK
case 35:
YY_RULE_SETUP
#line 462 "toke.l"
#line 465 "toke.l"
{
LEXTRACE("NOLOG_INPUT ");
return NOLOG_INPUT;
@ -3544,7 +3547,7 @@ YY_RULE_SETUP
YY_BREAK
case 36:
YY_RULE_SETUP
#line 467 "toke.l"
#line 470 "toke.l"
{
LEXTRACE("MAIL ");
return MAIL;
@ -3552,7 +3555,7 @@ YY_RULE_SETUP
YY_BREAK
case 37:
YY_RULE_SETUP
#line 472 "toke.l"
#line 475 "toke.l"
{
LEXTRACE("NOMAIL ");
return NOMAIL;
@ -3560,7 +3563,7 @@ YY_RULE_SETUP
YY_BREAK
case 38:
YY_RULE_SETUP
#line 477 "toke.l"
#line 480 "toke.l"
{
LEXTRACE("FOLLOW ");
return FOLLOWLNK;
@ -3568,7 +3571,7 @@ YY_RULE_SETUP
YY_BREAK
case 39:
YY_RULE_SETUP
#line 482 "toke.l"
#line 485 "toke.l"
{
LEXTRACE("NOFOLLOW ");
return NOFOLLOWLNK;
@ -3576,7 +3579,7 @@ YY_RULE_SETUP
YY_BREAK
case 40:
YY_RULE_SETUP
#line 487 "toke.l"
#line 490 "toke.l"
{
if (sudoerstext[0] == '+')
sudoerserror(N_("empty netgroup"));
@ -3588,7 +3591,7 @@ YY_RULE_SETUP
YY_BREAK
case 41:
YY_RULE_SETUP
#line 496 "toke.l"
#line 499 "toke.l"
{
/* netgroup */
if (!fill(sudoerstext, sudoersleng))
@ -3599,7 +3602,7 @@ YY_RULE_SETUP
YY_BREAK
case 42:
YY_RULE_SETUP
#line 504 "toke.l"
#line 507 "toke.l"
{
/* group */
if (!fill(sudoerstext, sudoersleng))
@ -3610,7 +3613,7 @@ YY_RULE_SETUP
YY_BREAK
case 43:
YY_RULE_SETUP
#line 512 "toke.l"
#line 515 "toke.l"
{
if (!fill(sudoerstext, sudoersleng))
yyterminate();
@ -3620,7 +3623,7 @@ YY_RULE_SETUP
YY_BREAK
case 44:
YY_RULE_SETUP
#line 519 "toke.l"
#line 522 "toke.l"
{
if (!fill(sudoerstext, sudoersleng))
yyterminate();
@ -3630,7 +3633,7 @@ YY_RULE_SETUP
YY_BREAK
case 45:
YY_RULE_SETUP
#line 526 "toke.l"
#line 529 "toke.l"
{
if (!ipv6_valid(sudoerstext)) {
sudoerserror(N_("invalid IPv6 address"));
@ -3645,7 +3648,7 @@ YY_RULE_SETUP
YY_BREAK
case 46:
YY_RULE_SETUP
#line 538 "toke.l"
#line 541 "toke.l"
{
if (!ipv6_valid(sudoerstext)) {
sudoerserror(N_("invalid IPv6 address"));
@ -3660,7 +3663,7 @@ YY_RULE_SETUP
YY_BREAK
case 47:
YY_RULE_SETUP
#line 550 "toke.l"
#line 553 "toke.l"
{
LEXTRACE("ALL ");
return ALL;
@ -3669,7 +3672,7 @@ YY_RULE_SETUP
YY_BREAK
case 48:
YY_RULE_SETUP
#line 556 "toke.l"
#line 559 "toke.l"
{
LEXTRACE("CMND_TIMEOUT ");
return CMND_TIMEOUT;
@ -3677,7 +3680,7 @@ YY_RULE_SETUP
YY_BREAK
case 49:
YY_RULE_SETUP
#line 561 "toke.l"
#line 564 "toke.l"
{
LEXTRACE("NOTBEFORE ");
return NOTBEFORE;
@ -3685,7 +3688,7 @@ YY_RULE_SETUP
YY_BREAK
case 50:
YY_RULE_SETUP
#line 566 "toke.l"
#line 569 "toke.l"
{
LEXTRACE("NOTAFTER ");
return NOTAFTER;
@ -3693,7 +3696,7 @@ YY_RULE_SETUP
YY_BREAK
case 51:
YY_RULE_SETUP
#line 571 "toke.l"
#line 574 "toke.l"
{
LEXTRACE("CWD ");
prev_state = YY_START;
@ -3703,7 +3706,7 @@ YY_RULE_SETUP
YY_BREAK
case 52:
YY_RULE_SETUP
#line 578 "toke.l"
#line 581 "toke.l"
{
LEXTRACE("CHROOT ");
prev_state = YY_START;
@ -3713,7 +3716,7 @@ YY_RULE_SETUP
YY_BREAK
case 53:
YY_RULE_SETUP
#line 585 "toke.l"
#line 588 "toke.l"
{
#ifdef HAVE_SELINUX
LEXTRACE("ROLE ");
@ -3725,7 +3728,7 @@ YY_RULE_SETUP
YY_BREAK
case 54:
YY_RULE_SETUP
#line 594 "toke.l"
#line 597 "toke.l"
{
#ifdef HAVE_SELINUX
LEXTRACE("TYPE ");
@ -3737,7 +3740,7 @@ YY_RULE_SETUP
YY_BREAK
case 55:
YY_RULE_SETUP
#line 602 "toke.l"
#line 605 "toke.l"
{
#ifdef HAVE_PRIV_SET
LEXTRACE("PRIVS ");
@ -3749,7 +3752,7 @@ YY_RULE_SETUP
YY_BREAK
case 56:
YY_RULE_SETUP
#line 611 "toke.l"
#line 614 "toke.l"
{
#ifdef HAVE_PRIV_SET
LEXTRACE("LIMITPRIVS ");
@ -3761,7 +3764,7 @@ YY_RULE_SETUP
YY_BREAK
case 57:
YY_RULE_SETUP
#line 620 "toke.l"
#line 623 "toke.l"
{
got_alias:
if (!fill(sudoerstext, sudoersleng))
@ -3772,7 +3775,7 @@ YY_RULE_SETUP
YY_BREAK
case 58:
YY_RULE_SETUP
#line 628 "toke.l"
#line 631 "toke.l"
{
/* XXX - no way to specify digest for command */
/* no command args allowed for Defaults!/path */
@ -3784,7 +3787,7 @@ YY_RULE_SETUP
YY_BREAK
case 59:
YY_RULE_SETUP
#line 637 "toke.l"
#line 640 "toke.l"
{
digest_type = SUDO_DIGEST_SHA224;
BEGIN WANTDIGEST;
@ -3794,7 +3797,7 @@ YY_RULE_SETUP
YY_BREAK
case 60:
YY_RULE_SETUP
#line 644 "toke.l"
#line 647 "toke.l"
{
digest_type = SUDO_DIGEST_SHA256;
BEGIN WANTDIGEST;
@ -3804,7 +3807,7 @@ YY_RULE_SETUP
YY_BREAK
case 61:
YY_RULE_SETUP
#line 651 "toke.l"
#line 654 "toke.l"
{
digest_type = SUDO_DIGEST_SHA384;
BEGIN WANTDIGEST;
@ -3814,7 +3817,7 @@ YY_RULE_SETUP
YY_BREAK
case 62:
YY_RULE_SETUP
#line 658 "toke.l"
#line 661 "toke.l"
{
digest_type = SUDO_DIGEST_SHA512;
BEGIN WANTDIGEST;
@ -3824,7 +3827,7 @@ YY_RULE_SETUP
YY_BREAK
case 63:
YY_RULE_SETUP
#line 665 "toke.l"
#line 668 "toke.l"
{
BEGIN GOTCMND;
LEXTRACE("COMMAND ");
@ -3834,7 +3837,7 @@ YY_RULE_SETUP
YY_BREAK
case 64:
YY_RULE_SETUP
#line 672 "toke.l"
#line 675 "toke.l"
{
BEGIN prev_state;
if (!fill(sudoerstext, sudoersleng))
@ -3845,7 +3848,7 @@ YY_RULE_SETUP
YY_BREAK
case 65:
YY_RULE_SETUP
#line 680 "toke.l"
#line 683 "toke.l"
{
/* directories can't have args... */
if (sudoerstext[sudoersleng - 1] == '/') {
@ -3862,7 +3865,7 @@ YY_RULE_SETUP
YY_BREAK
case 66:
YY_RULE_SETUP
#line 694 "toke.l"
#line 697 "toke.l"
{
LEXTRACE("BEGINSTR ");
sudoerslval.string = NULL;
@ -3872,7 +3875,7 @@ YY_RULE_SETUP
YY_BREAK
case 67:
YY_RULE_SETUP
#line 701 "toke.l"
#line 704 "toke.l"
{
/* a word */
if (!fill(sudoerstext, sudoersleng))
@ -3884,7 +3887,7 @@ YY_RULE_SETUP
case 68:
YY_RULE_SETUP
#line 710 "toke.l"
#line 713 "toke.l"
{
/* include file/directory */
if (!fill(sudoerstext, sudoersleng))
@ -3896,7 +3899,7 @@ YY_RULE_SETUP
YY_BREAK
case 69:
YY_RULE_SETUP
#line 719 "toke.l"
#line 722 "toke.l"
{
LEXTRACE("BEGINSTR ");
sudoerslval.string = NULL;
@ -3907,7 +3910,7 @@ YY_RULE_SETUP
case 70:
YY_RULE_SETUP
#line 727 "toke.l"
#line 730 "toke.l"
{
LEXTRACE("( ");
return '(';
@ -3915,7 +3918,7 @@ YY_RULE_SETUP
YY_BREAK
case 71:
YY_RULE_SETUP
#line 732 "toke.l"
#line 735 "toke.l"
{
LEXTRACE(") ");
return ')';
@ -3923,7 +3926,7 @@ YY_RULE_SETUP
YY_BREAK
case 72:
YY_RULE_SETUP
#line 737 "toke.l"
#line 740 "toke.l"
{
LEXTRACE(", ");
return ',';
@ -3931,7 +3934,7 @@ YY_RULE_SETUP
YY_BREAK
case 73:
YY_RULE_SETUP
#line 742 "toke.l"
#line 745 "toke.l"
{
LEXTRACE("= ");
return '=';
@ -3939,7 +3942,7 @@ YY_RULE_SETUP
YY_BREAK
case 74:
YY_RULE_SETUP
#line 747 "toke.l"
#line 750 "toke.l"
{
LEXTRACE(": ");
return ':';
@ -3947,7 +3950,7 @@ YY_RULE_SETUP
YY_BREAK
case 75:
YY_RULE_SETUP
#line 752 "toke.l"
#line 755 "toke.l"
{
if (sudoersleng & 1) {
LEXTRACE("!");
@ -3958,7 +3961,7 @@ YY_RULE_SETUP
case 76:
/* rule 76 can match eol */
YY_RULE_SETUP
#line 759 "toke.l"
#line 762 "toke.l"
{
if (YY_START == INSTR) {
/* re-scan after changing state */
@ -3977,7 +3980,7 @@ YY_RULE_SETUP
YY_BREAK
case 77:
YY_RULE_SETUP
#line 775 "toke.l"
#line 778 "toke.l"
{ /* throw away space/tabs */
sawspace = true; /* but remember for fill_args */
}
@ -3985,7 +3988,7 @@ YY_RULE_SETUP
case 78:
/* rule 78 can match eol */
YY_RULE_SETUP
#line 779 "toke.l"
#line 782 "toke.l"
{
sawspace = true; /* remember for fill_args */
sudolineno++;
@ -3995,7 +3998,7 @@ YY_RULE_SETUP
case 79:
/* rule 79 can match eol */
YY_RULE_SETUP
#line 785 "toke.l"
#line 788 "toke.l"
{
if (sudoerstext[sudoersleng - 1] == '\n') {
/* comment ending in a newline */
@ -4013,7 +4016,7 @@ YY_RULE_SETUP
YY_BREAK
case 80:
YY_RULE_SETUP
#line 800 "toke.l"
#line 803 "toke.l"
{
LEXTRACE("NOMATCH ");
return NOMATCH;
@ -4028,7 +4031,7 @@ case YY_STATE_EOF(INSTR):
case YY_STATE_EOF(WANTDIGEST):
case YY_STATE_EOF(GOTINC):
case YY_STATE_EOF(EXPECTPATH):
#line 805 "toke.l"
#line 808 "toke.l"
{
if (!pop_include())
yyterminate();
@ -4036,10 +4039,10 @@ case YY_STATE_EOF(EXPECTPATH):
YY_BREAK
case 81:
YY_RULE_SETUP
#line 810 "toke.l"
#line 813 "toke.l"
ECHO;
YY_BREAK
#line 4037 "toke.c"
#line 4040 "toke.c"
case YY_END_OF_BUFFER:
{
@ -5000,7 +5003,7 @@ void sudoersfree (void * ptr )
#define YYTABLES_NAME "yytables"
#line 810 "toke.l"
#line 813 "toke.l"
struct path_list {

3
plugins/sudoers/toke.l
View File

@ -50,6 +50,9 @@
# define NAMLEN(dirent) strlen((dirent)->d_name)
#endif
// PVS Studio suppression
// -V::519, 1004, 1037
int sudolineno; /* current sudoers line number. */
char *sudoers; /* sudoers file being parsed. */
struct sudolinebuf sudolinebuf; /* sudoers line being parsed. */

2
plugins/sudoers/toke_util.c
View File

@ -117,7 +117,7 @@ fill_cmnd(const char *src, size_t len)
*dst = '\0';
/* Check for sudoedit specified as a fully-qualified path. */
if ((dst = strrchr(sudoerslval.command.cmnd, '/')) != NULL) {
if ((dst = strrchr(sudoerslval.command.cmnd, '/')) != NULL) { // -V575
if (strcmp(dst, "/sudoedit") == 0) {
if (sudoers_strict) {
sudoerserror(

2
plugins/sudoers/visudo.c
View File

@ -477,7 +477,7 @@ edit_sudoers(struct sudoersfile *sp, char *editor, int editor_argc,
ac = editor_argc - 3;
if (lineno > 0) {
(void)snprintf(linestr, sizeof(linestr), "+%d", lineno);
editor_argv[ac++] = linestr;
editor_argv[ac++] = linestr; // -V507
}
editor_argv[ac++] = "--";
editor_argv[ac++] = sp->tpath;

2
src/exec_common.c
View File

@ -99,7 +99,7 @@ preload_dso(char *envp[], const char *dso_file)
* whether it was dynamically allocated. [TODO: plugin API]
*/
if (preload_idx == -1 || !enabled) {
const int env_size = env_len + 1 + (preload_idx == -1) + enabled;
const int env_size = env_len + 1 + (preload_idx == -1) + enabled; // -V547
char **nenvp = reallocarray(NULL, env_size, sizeof(*envp));
if (nenvp == NULL)

4
src/sesh.c
View File

@ -348,7 +348,7 @@ sesh_sudoedit(int argc, char *argv[])
if (argv[2] != NULL && strcmp(argv[2], "-h") == 0) {
argv++;
argc--;
CLR(edit_flags, CD_SUDOEDIT_FOLLOW);
CLR(edit_flags, CD_SUDOEDIT_FOLLOW); // -V753
}
/* Check for -w flag (disallow directories writable by the user). */
@ -399,7 +399,7 @@ sesh_sudoedit(int argc, char *argv[])
*/
run_cred.uid = run_cred.euid = geteuid();
run_cred.gid = run_cred.egid = getegid();
run_cred.ngroups = getgroups(0, NULL);
run_cred.ngroups = getgroups(0, NULL); // -V575
if (run_cred.ngroups > 0) {
run_cred.groups = reallocarray(NULL, run_cred.ngroups,
sizeof(GETGROUPS_T));

3
src/sudo.c
View File

@ -434,7 +434,8 @@ get_user_groups(const char *user, struct sudo_cred *cred)
maxgroups = NGROUPS_MAX;
/* Note that macOS may return ngroups > NGROUPS_MAX. */
if ((cred->ngroups = getgroups(0, NULL)) > 0) {
cred->ngroups = getgroups(0, NULL); // -V575
if (cred->ngroups > 0) {
/* Use groups from kernel if not at limit or source is static. */
if (cred->ngroups != maxgroups || group_source == GROUP_SOURCE_STATIC) {
cred->groups = reallocarray(NULL, cred->ngroups, sizeof(GETGROUPS_T));

4
src/sudo_edit.c
View File

@ -81,7 +81,7 @@ set_tmpdir(struct sudo_cred *user_cred)
saved_cred.euid = geteuid();
saved_cred.gid = getgid();
saved_cred.egid = getegid();
saved_cred.ngroups = getgroups(0, NULL);
saved_cred.ngroups = getgroups(0, NULL); // -V575
if (saved_cred.ngroups > 0) {
saved_cred.groups =
reallocarray(NULL, saved_cred.ngroups, sizeof(GETGROUPS_T));
@ -216,7 +216,7 @@ sudo_edit_create_tfiles(struct command_details *command_details,
continue;
}
tf[j].ofile = files[i];
tf[j].osize = sb.st_size;
tf[j].osize = sb.st_size; // -V614
mtim_get(&sb, tf[j].omtim);
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"seteuid(%u)", (unsigned int)user_details.cred.uid);