fixed compiler warnings issued by:
authorMartin Willi <martin@strongswan.org>
Tue, 11 Nov 2008 18:37:19 +0000 (18:37 -0000)
committerMartin Willi <martin@strongswan.org>
Tue, 11 Nov 2008 18:37:19 +0000 (18:37 -0000)
gcc 4.3
curl.h gcc type-checking
glibc with enabled FORTIFY_SOURCE checking

22 files changed:
src/charon/daemon.c
src/charon/plugins/sql/sql_attribute.c
src/charon/plugins/updown/updown_plugin.c
src/charon/sa/ike_sa.c
src/dumm/dumm.c
src/dumm/guest.c
src/libfreeswan/freeswan.h
src/libstrongswan/plugins/agent/agent_private_key.c
src/libstrongswan/plugins/curl/curl_fetcher.c
src/libstrongswan/utils.h
src/pluto/ac.c
src/pluto/ca.c
src/pluto/crl.c
src/pluto/defs.c
src/pluto/fetch.c
src/scepclient/scep.c
src/starter/invokepluto.c
src/starter/klips.c
src/starter/netkey.c
src/starter/parser.l
src/starter/starter.c
src/whack/whack.c

index c5c43e8..b9f1739 100644 (file)
@@ -719,7 +719,7 @@ int main(int argc, char *argv[])
        if (pid_file)
        {
                fprintf(pid_file, "%d\n", getpid());
-               fchown(fileno(pid_file), charon->uid, charon->gid);
+               ignore_result(fchown(fileno(pid_file), charon->uid, charon->gid));
                fclose(pid_file);
        }
        
index 1e5c289..f1e2062 100644 (file)
@@ -17,6 +17,8 @@
 
 #include "sql_attribute.h"
 
+#include <time.h>
+
 #include <daemon.h>
 
 typedef struct private_sql_attribute_t private_sql_attribute_t;
index a0c39e3..f358026 100644 (file)
@@ -72,7 +72,10 @@ static void updown(ike_sa_t *ike_sa, child_sa_t *child_sa, bool up)
                FILE *shell;
 
                /* get subnet/bits from string */
-               asprintf(&my_client, "%R", my_ts);
+               if (asprintf(&my_client, "%R", my_ts) < 0)
+               {
+                       my_client = NULL;
+               }
                pos = strchr(my_client, '/');
                *pos = '\0';
                my_client_mask = pos + 1;
@@ -81,7 +84,10 @@ static void updown(ike_sa_t *ike_sa, child_sa_t *child_sa, bool up)
                {
                        *pos = '\0';
                }
-               asprintf(&other_client, "%R", other_ts);
+               if (asprintf(&other_client, "%R", other_ts) < 0)
+               {
+                       other_client = NULL;
+               }
                pos = strchr(other_client, '/');
                *pos = '\0';
                other_client_mask = pos + 1;
@@ -93,11 +99,17 @@ static void updown(ike_sa_t *ike_sa, child_sa_t *child_sa, bool up)
 
                if (vip)
                {
-                       asprintf(&virtual_ip, "PLUTO_MY_SOURCEIP='%H' ", vip);
+                       if (asprintf(&virtual_ip, "PLUTO_MY_SOURCEIP='%H' ", vip) < 0)
+                       {
+                               virtual_ip = NULL;
+                       }
                }
                else
                {
-                       asprintf(&virtual_ip, "");
+                       if (asprintf(&virtual_ip, "") < 0)
+                       {
+                               virtual_ip = NULL;
+                       }
                }
                
                iface = charon->kernel_interface->get_interface(
index 1c5953c..37691fb 100644 (file)
@@ -2176,7 +2176,7 @@ static void remove_dns_servers(private_ike_sa_t *this)
                if (!found)
                {       
                        /* write line untouched back to file */
-                       fwrite(orig_line.ptr, orig_line.len, 1, file);
+                       ignore_result(fwrite(orig_line.ptr, orig_line.len, 1, file));
                        fprintf(file, "\n");
                }
        }
@@ -2230,7 +2230,7 @@ static void add_dns_server(private_ike_sa_t *this, host_t *dns)
        {
                this->dns_servers->insert_last(this->dns_servers, dns->clone(dns));
        }
-       fwrite(contents.ptr, contents.len, 1, file);
+       ignore_result(fwrite(contents.ptr, contents.len, 1, file));
        
        fclose(file);   
 }
index eaefddb..cf8d971 100644 (file)
@@ -87,7 +87,7 @@ static void delete_guest(private_dumm_t *this, guest_t *guest)
                guest->destroy(guest);
                if (len > 8 && len < 512)
                {
-                       system(buf);
+                       ignore_result(system(buf));
                }
        }
 }
@@ -280,7 +280,10 @@ dumm_t *dumm_create(char *dir)
                }
                if (dir)
                {
-                       asprintf(&this->dir, "%s/%s", cwd, dir);
+                       if (asprintf(&this->dir, "%s/%s", cwd, dir) < 0)
+                       {
+                               this->dir = NULL;
+                       }
                }
                else
                {
@@ -288,17 +291,21 @@ dumm_t *dumm_create(char *dir)
                }
        }
        this->template = NULL;
-       asprintf(&this->guest_dir, "%s/%s", this->dir, GUEST_DIR);
+       if (asprintf(&this->guest_dir, "%s/%s", this->dir, GUEST_DIR) < 0)
+       {
+               this->guest_dir = NULL;
+       }
        this->guests = linked_list_create();
        this->bridges = linked_list_create();
        
-       if (mkdir(this->guest_dir, PERME) < 0 && errno != EEXIST)
+       if (this->dir == NULL || this->guest_dir == NULL ||
+               (mkdir(this->guest_dir, PERME) < 0 && errno != EEXIST))
        {
                DBG1("creating guest directory '%s' failed: %m", this->guest_dir);
                destroy(this);
                return NULL;
        }
-               
+       
        load_guests(this);
        return &this->public;
 }
index aed2a3e..014a911 100644 (file)
@@ -576,11 +576,22 @@ static private_guest_t *guest_create_generic(char *parent, char *name,
                
        if (*parent == '/' || getcwd(cwd, sizeof(cwd)) == NULL)
        {
-               asprintf(&this->dirname, "%s/%s", parent, name);
+               if (asprintf(&this->dirname, "%s/%s", parent, name) < 0)
+               {
+                       this->dirname = NULL;
+               }
        }
        else
        {
-               asprintf(&this->dirname, "%s/%s/%s", cwd, parent, name);
+               if (asprintf(&this->dirname, "%s/%s/%s", cwd, parent, name) < 0)
+               {
+                       this->dirname = NULL;
+               }
+       }
+       if (this->dirname == NULL)
+       {
+               free(this);
+               return NULL;
        }
        if (create)
        {
index 41b29bb..cf1f7b8 100644 (file)
@@ -446,6 +446,7 @@ bitstomask(
 /* option pickup from files (userland only because of use of FILE) */
 const char *optionsfrom(const char *filename, int *argcp, char ***argvp,
                                                int optind, FILE *errorreport);
+#define ignore_result(call) { if (call); }
 #endif
 
 /*
index a3b8eeb..5e7d083 100644 (file)
@@ -215,9 +215,13 @@ static bool read_key(private_agent_private_key_t *this, public_key_t *pubkey)
        chunk_t blob = chunk_from_buf(buf), key, type, tmp;
        
        len = htonl(1);
-       write(this->socket, &len, sizeof(len));
        buf[0] = SSH_AGENT_ID_REQUEST;
-       write(this->socket, &buf, 1);
+       if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
+               write(this->socket, &buf, 1) != 1)
+       {
+               DBG1("writing to ssh-agent failed");
+               return FALSE;
+       }
        
        blob.len = read(this->socket, blob.ptr, blob.len);
        
@@ -275,20 +279,36 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme,
        }
        
        len = htonl(1 + sizeof(u_int32_t) * 3 + this->key.len + data.len);
-       write(this->socket, &len, sizeof(len));
        buf[0] = SSH_AGENT_SIGN_REQUEST;
-       write(this->socket, &buf, 1);
+       if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
+               write(this->socket, &buf, 1) != 1)
+       {
+               DBG1("writing to ssh-agent failed");
+               return FALSE;
+       }
        
        len = htonl(this->key.len);
-       write(this->socket, &len, sizeof(len));
-       write(this->socket, this->key.ptr, this->key.len);
+       if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
+               write(this->socket, this->key.ptr, this->key.len) != this->key.len)
+       {
+               DBG1("writing to ssh-agent failed");
+               return FALSE;
+       }
        
        len = htonl(data.len);
-       write(this->socket, &len, sizeof(len));
-       write(this->socket, data.ptr, data.len);
+       if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
+               write(this->socket, data.ptr, data.len) != data.len)
+       {
+               DBG1("writing to ssh-agent failed");
+               return FALSE;
+       }
        
        flags = htonl(0);
-       write(this->socket, &flags, sizeof(flags));
+       if (write(this->socket, &flags, sizeof(flags)) != sizeof(flags))
+       {
+               DBG1("writing to ssh-agent failed");
+               return FALSE;
+       }
        
        blob.len = read(this->socket, blob.ptr, blob.len);
        if (blob.len < sizeof(u_int32_t) + sizeof(u_char) ||
index fe49717..eac3b07 100644 (file)
@@ -123,7 +123,7 @@ static bool set_option(private_curl_fetcher_t *this, fetcher_option_t option, ..
                case FETCH_REQUEST_DATA:
                {
                        chunk_t data = va_arg(args, chunk_t);
-                       curl_easy_setopt(this->curl, CURLOPT_POSTFIELDS, data.ptr);
+                       curl_easy_setopt(this->curl, CURLOPT_POSTFIELDS, (char*)data.ptr);
                        curl_easy_setopt(this->curl, CURLOPT_POSTFIELDSIZE, data.len);
                        return TRUE;
                }
index 4d05ce5..af619ea 100644 (file)
 #define countof(array) (sizeof(array)/sizeof(array[0]))
 
 /**
+ * Ignore result of functions tagged with warn_unused_result attributes
+ */
+#define ignore_result(call) { if(call); }
+
+/**
  * Assign a function as a class method
  */
 #define ASSIGN(method, function) (method = (typeof(method))function)
index 2914426..12f4f68 100644 (file)
@@ -860,7 +860,7 @@ load_acerts(void)
        }
     }
     /* restore directory path */
-    chdir(save_dir);
+    ignore_result(chdir(save_dir));
 }
 
 /*
index d2f9a47..701d15b 100644 (file)
@@ -295,7 +295,7 @@ load_authcerts(const char *type, const char *path, u_char auth_flags)
        }
     }
     /* restore directory path */
-    chdir(save_dir);
+    ignore_result(chdir(save_dir));
 }
 
 /*
index 7970bac..70d0752 100644 (file)
@@ -373,7 +373,7 @@ load_crls(void)
        }
     }
     /* restore directory path */
-    chdir(save_dir);
+    ignore_result(chdir(save_dir));
 }
 
 /*
index 5864099..c513506 100644 (file)
@@ -249,6 +249,7 @@ write_chunk(const char *filename, const char *label, chunk_t ch
 {
     mode_t oldmask;
     FILE *fd;
+    size_t written;
 
     if (!force)
     {
@@ -268,8 +269,14 @@ write_chunk(const char *filename, const char *label, chunk_t ch
 
     if (fd)
     {
-       fwrite(ch.ptr, sizeof(u_char), ch.len, fd);
+       written = fwrite(ch.ptr, sizeof(u_char), ch.len, fd);
        fclose(fd);
+       if (written != ch.len)
+       {
+           plog("  writing to %s file '%s' failed", label, filename);
+           umask(oldmask);
+           return FALSE;
+       }
        plog("  written %s file '%s' (%d bytes)", label, filename, (int)ch.len);
        umask(oldmask);
        return TRUE;
index ac9ccc9..284ade0 100644 (file)
@@ -324,7 +324,7 @@ fetch_curl(char *url, chunk_t *blob)
        curl_easy_setopt(curl, CURLOPT_URL, url);
        curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_buffer);
        curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&response);
-       curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, &errorbuffer);
+       curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errorbuffer);
        curl_easy_setopt(curl, CURLOPT_FAILONERROR, TRUE);
        curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, FETCH_CMD_TIMEOUT);
 
@@ -705,9 +705,9 @@ fetch_ocsp_status(ocsp_location_t* location)
        curl_easy_setopt(curl, CURLOPT_URL, uri);
        curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_buffer);
        curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&response);
-       curl_easy_setopt(curl, CURLOPT_POSTFIELDS, request.ptr);
+       curl_easy_setopt(curl, CURLOPT_POSTFIELDS, (void*)request.ptr);
        curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, request.len);
-       curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, &errorbuffer);
+       curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errorbuffer);
        curl_easy_setopt(curl, CURLOPT_FAILONERROR, TRUE);
        curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, FETCH_CMD_TIMEOUT);
 
index 0c12659..1b01044 100644 (file)
@@ -522,7 +522,7 @@ scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op
            headers = curl_slist_append(headers, "Content-Type:");
            headers = curl_slist_append(headers, "Expect:");
            curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); 
-           curl_easy_setopt(curl, CURLOPT_POSTFIELDS, pkcs7.ptr);
+           curl_easy_setopt(curl, CURLOPT_POSTFIELDS, (char*)pkcs7.ptr);
            curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, pkcs7.len);
        }
     }
index 241bad7..99daf68 100644 (file)
@@ -215,7 +215,7 @@ starter_start_pluto (starter_config_t *cfg, bool no_fork)
        _stop_requested = 0;
 
        if (cfg->setup.prepluto)
-           system(cfg->setup.prepluto);
+           ignore_result(system(cfg->setup.prepluto));
 
        pid = fork();
        switch (pid)
@@ -258,7 +258,7 @@ starter_start_pluto (starter_config_t *cfg, bool no_fork)
                        DBG_log("pluto (%d) started", _pluto_pid)
                    )
                    if (cfg->setup.postpluto)
-                       system(cfg->setup.postpluto);
+                       ignore_result(system(cfg->setup.postpluto));
                    return 0;
                }
            }
index bed1674..7d89356 100644 (file)
@@ -36,7 +36,7 @@ starter_klips_init(void)
        /* ipsec module makes the pf_key proc interface visible */
        if (stat(PROC_MODULES, &stb) == 0)
        {
-           system("modprobe -qv ipsec");
+           ignore_result(system("modprobe -qv ipsec"));
        }
 
        /* now test again */
@@ -50,9 +50,9 @@ starter_klips_init(void)
     }
     
     /* load crypto algorithm modules */
-    system("modprobe -qv ipsec_aes");
-    system("modprobe -qv ipsec_blowfish");
-       system("modprobe -qv ipsec_sha2");
+    ignore_result(system("modprobe -qv ipsec_aes"));
+    ignore_result(system("modprobe -qv ipsec_blowfish"));
+    ignore_result(system("modprobe -qv ipsec_sha2"));
 
     DBG(DBG_CONTROL,
        DBG_log("Found KLIPS IPsec stack")
@@ -64,19 +64,19 @@ starter_klips_init(void)
 void
 starter_klips_cleanup(void)
 {
-       if (system("type eroute > /dev/null 2>&1") == 0)
-       {
-               system("spi --clear");
-        system("eroute --clear");
-       }
+    if (system("type eroute > /dev/null 2>&1") == 0)
+    {
+       ignore_result(system("spi --clear"));
+       ignore_result(system("eroute --clear"));
+    }
        else if (system("type setkey > /dev/null 2>&1") == 0)
     {
-       system("setkey -F");
-        system("setkey -FP");
+       ignore_result(system("setkey -F"));
+       ignore_result(system("setkey -FP"));
     }
     else
     {
-        plog("WARNING: cannot flush IPsec state/policy database");
+       plog("WARNING: cannot flush IPsec state/policy database");
     }
 }
 
index 115403b..7125c21 100644 (file)
@@ -36,7 +36,7 @@ starter_netkey_init(void)
        /* af_key module makes the netkey proc interface visible */
        if (stat(PROC_MODULES, &stb) == 0)
        {
-           system("modprobe -qv af_key");
+           ignore_result(system("modprobe -qv af_key"));
        }
 
        /* now test again */
@@ -52,11 +52,11 @@ starter_netkey_init(void)
     /* make sure that all required IPsec modules are loaded */
     if (stat(PROC_MODULES, &stb) == 0)
     {
-       system("modprobe -qv ah4");
-       system("modprobe -qv esp4");
-       system("modprobe -qv ipcomp");
-       system("modprobe -qv xfrm4_tunnel");
-       system("modprobe -qv xfrm_user");
+       ignore_result(system("modprobe -qv ah4"));
+       ignore_result(system("modprobe -qv esp4"));
+       ignore_result(system("modprobe -qv ipcomp"));
+       ignore_result(system("modprobe -qv xfrm4_tunnel"));
+       ignore_result(system("modprobe -qv xfrm_user"));
     }
 
     DBG(DBG_CONTROL,
@@ -70,13 +70,13 @@ starter_netkey_cleanup(void)
 {
     if (system("ip xfrm state > /dev/null 2>&1") == 0)
     {
-       system("ip xfrm state flush");
-       system("ip xfrm policy flush");
+       ignore_result(system("ip xfrm state flush"));
+       ignore_result(system("ip xfrm policy flush"));
     }
     else if (system("type setkey > /dev/null 2>&1") == 0)
     {
-       system("setkey -F");
-        system("setkey -FP");
+       ignore_result(system("setkey -F"));
+       ignore_result(system("setkey -FP"));
     }
     else
     {
index 33ea5ba..c83a31f 100644 (file)
@@ -23,6 +23,7 @@
 
 #define MAX_INCLUDE_DEPTH  20
 
+#define YY_NO_INPUT
 #define YY_NO_UNPUT
 extern void yyerror(const char *);
 extern int yylex (void);
index 0166f1b..de85675 100644 (file)
@@ -180,7 +180,7 @@ static void generate_selfcert()
 #endif
            setegid(gid);
            seteuid(uid);
-           system("ipsec scepclient --out pkcs1 --out cert-self --quiet");
+           ignore_result(system("ipsec scepclient --out pkcs1 --out cert-self --quiet"));
            seteuid(0);
            setegid(0);
 
@@ -195,7 +195,7 @@ static void generate_selfcert()
                fprintf(f, ": RSA myKey.der\n");
                fclose(f);
            }
-           chown(SECRETS_FILE, uid, gid);
+           ignore_result(chown(SECRETS_FILE, uid, gid));
            umask(oldmask);
        }
 }
index d0cf000..08ffcfb 100644 (file)
@@ -1868,7 +1868,7 @@ main(int argc, char **argv)
                    }
 
                    le++;       /* include NL in line */
-                   write(1, ls, le - ls);
+                   ignore_result(write(1, ls, le - ls));
 
                    /* figure out prefix number
                     * and how it should affect our exit status