forked from rpms/openssh
470 lines
14 KiB
Diff
470 lines
14 KiB
Diff
diff -up openssh-6.8p1/auth-pam.c.coverity openssh-6.8p1/auth-pam.c
|
|
--- openssh-6.8p1/auth-pam.c.coverity 2015-03-18 17:21:51.792265051 +0100
|
|
+++ openssh-6.8p1/auth-pam.c 2015-03-18 17:21:51.895264835 +0100
|
|
@@ -216,7 +216,12 @@ pthread_join(sp_pthread_t thread, void *
|
|
if (sshpam_thread_status != -1)
|
|
return (sshpam_thread_status);
|
|
signal(SIGCHLD, sshpam_oldsig);
|
|
- waitpid(thread, &status, 0);
|
|
+ while (waitpid(thread, &status, 0) < 0) {
|
|
+ if (errno == EINTR)
|
|
+ continue;
|
|
+ fatal("%s: waitpid: %s", __func__,
|
|
+ strerror(errno));
|
|
+ }
|
|
return (status);
|
|
}
|
|
#endif
|
|
diff -up openssh-6.8p1/channels.c.coverity openssh-6.8p1/channels.c
|
|
--- openssh-6.8p1/channels.c.coverity 2015-03-18 17:21:51.815265002 +0100
|
|
+++ openssh-6.8p1/channels.c 2015-03-18 17:21:51.896264833 +0100
|
|
@@ -243,11 +243,11 @@ channel_register_fds(Channel *c, int rfd
|
|
channel_max_fd = MAX(channel_max_fd, wfd);
|
|
channel_max_fd = MAX(channel_max_fd, efd);
|
|
|
|
- if (rfd != -1)
|
|
+ if (rfd >= 0)
|
|
fcntl(rfd, F_SETFD, FD_CLOEXEC);
|
|
- if (wfd != -1 && wfd != rfd)
|
|
+ if (wfd >= 0 && wfd != rfd)
|
|
fcntl(wfd, F_SETFD, FD_CLOEXEC);
|
|
- if (efd != -1 && efd != rfd && efd != wfd)
|
|
+ if (efd >= 0 && efd != rfd && efd != wfd)
|
|
fcntl(efd, F_SETFD, FD_CLOEXEC);
|
|
|
|
c->rfd = rfd;
|
|
@@ -265,11 +265,11 @@ channel_register_fds(Channel *c, int rfd
|
|
|
|
/* enable nonblocking mode */
|
|
if (nonblock) {
|
|
- if (rfd != -1)
|
|
+ if (rfd >= 0)
|
|
set_nonblock(rfd);
|
|
- if (wfd != -1)
|
|
+ if (wfd >= 0)
|
|
set_nonblock(wfd);
|
|
- if (efd != -1)
|
|
+ if (efd >= 0)
|
|
set_nonblock(efd);
|
|
}
|
|
}
|
|
@@ -3972,13 +3972,13 @@ connect_local_xsocket_path(const char *p
|
|
int sock;
|
|
struct sockaddr_un addr;
|
|
|
|
+ if (len <= 0)
|
|
+ return -1;
|
|
sock = socket(AF_UNIX, SOCK_STREAM, 0);
|
|
if (sock < 0)
|
|
error("socket: %.100s", strerror(errno));
|
|
memset(&addr, 0, sizeof(addr));
|
|
addr.sun_family = AF_UNIX;
|
|
- if (len <= 0)
|
|
- return -1;
|
|
if (len > sizeof addr.sun_path)
|
|
len = sizeof addr.sun_path;
|
|
memcpy(addr.sun_path, pathname, len);
|
|
diff -up openssh-6.8p1/entropy.c.coverity openssh-6.8p1/entropy.c
|
|
--- openssh-6.8p1/entropy.c.coverity 2015-03-18 17:21:51.891264843 +0100
|
|
+++ openssh-6.8p1/entropy.c 2015-03-18 17:21:51.897264831 +0100
|
|
@@ -46,6 +46,7 @@
|
|
#include <openssl/err.h>
|
|
|
|
#include "openbsd-compat/openssl-compat.h"
|
|
+#include "openbsd-compat/port-linux.h"
|
|
|
|
#include "ssh.h"
|
|
#include "misc.h"
|
|
diff -up openssh-6.8p1/monitor.c.coverity openssh-6.8p1/monitor.c
|
|
--- openssh-6.8p1/monitor.c.coverity 2015-03-18 17:21:51.887264852 +0100
|
|
+++ openssh-6.8p1/monitor.c 2015-03-18 17:21:51.897264831 +0100
|
|
@@ -444,7 +444,7 @@ monitor_child_preauth(Authctxt *_authctx
|
|
mm_get_keystate(pmonitor);
|
|
|
|
/* Drain any buffered messages from the child */
|
|
- while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0)
|
|
+ while (pmonitor->m_log_recvfd >= 0 && monitor_read_log(pmonitor) == 0)
|
|
;
|
|
|
|
close(pmonitor->m_sendfd);
|
|
@@ -1303,6 +1303,10 @@ mm_answer_keyallowed(int sock, Buffer *m
|
|
break;
|
|
}
|
|
}
|
|
+
|
|
+ debug3("%s: key %p is %s",
|
|
+ __func__, key, allowed ? "allowed" : "not allowed");
|
|
+
|
|
if (key != NULL)
|
|
key_free(key);
|
|
|
|
@@ -1324,9 +1328,6 @@ mm_answer_keyallowed(int sock, Buffer *m
|
|
free(chost);
|
|
}
|
|
|
|
- debug3("%s: key %p is %s",
|
|
- __func__, key, allowed ? "allowed" : "not allowed");
|
|
-
|
|
buffer_clear(m);
|
|
buffer_put_int(m, allowed);
|
|
buffer_put_int(m, forced_command != NULL);
|
|
diff -up openssh-6.8p1/monitor_wrap.c.coverity openssh-6.8p1/monitor_wrap.c
|
|
--- openssh-6.8p1/monitor_wrap.c.coverity 2015-03-18 17:21:51.888264849 +0100
|
|
+++ openssh-6.8p1/monitor_wrap.c 2015-03-18 17:21:51.897264831 +0100
|
|
@@ -533,10 +533,10 @@ mm_pty_allocate(int *ptyfd, int *ttyfd,
|
|
if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 ||
|
|
(tmp2 = dup(pmonitor->m_recvfd)) == -1) {
|
|
error("%s: cannot allocate fds for pty", __func__);
|
|
- if (tmp1 > 0)
|
|
+ if (tmp1 >= 0)
|
|
close(tmp1);
|
|
- if (tmp2 > 0)
|
|
- close(tmp2);
|
|
+ /*DEAD CODE if (tmp2 >= 0)
|
|
+ close(tmp2);*/
|
|
return 0;
|
|
}
|
|
close(tmp1);
|
|
diff -up openssh-6.8p1/openbsd-compat/bindresvport.c.coverity openssh-6.8p1/openbsd-compat/bindresvport.c
|
|
--- openssh-6.8p1/openbsd-compat/bindresvport.c.coverity 2015-03-17 06:49:20.000000000 +0100
|
|
+++ openssh-6.8p1/openbsd-compat/bindresvport.c 2015-03-18 17:21:51.897264831 +0100
|
|
@@ -58,7 +58,7 @@ bindresvport_sa(int sd, struct sockaddr
|
|
struct sockaddr_in6 *in6;
|
|
u_int16_t *portp;
|
|
u_int16_t port;
|
|
- socklen_t salen;
|
|
+ socklen_t salen = sizeof(struct sockaddr_storage);
|
|
int i;
|
|
|
|
if (sa == NULL) {
|
|
diff -up openssh-6.8p1/openbsd-compat/port-linux.h.coverity openssh-6.8p1/openbsd-compat/port-linux.h
|
|
--- openssh-6.8p1/openbsd-compat/port-linux.h.coverity 2015-03-18 17:21:51.861264906 +0100
|
|
+++ openssh-6.8p1/openbsd-compat/port-linux.h 2015-03-18 17:21:51.897264831 +0100
|
|
@@ -37,4 +37,6 @@ void oom_adjust_restore(void);
|
|
void oom_adjust_setup(void);
|
|
#endif
|
|
|
|
+void linux_seed(void);
|
|
+
|
|
#endif /* ! _PORT_LINUX_H */
|
|
diff -up openssh-6.8p1/pam_ssh_agent_auth-0.9.3/pam_user_key_allowed2.c.coverity openssh-6.8p1/pam_ssh_agent_auth-0.9.3/pam_user_key_allowed2.c
|
|
--- openssh-6.8p1/pam_ssh_agent_auth-0.9.3/pam_user_key_allowed2.c.coverity 2015-03-18 17:21:51.788265059 +0100
|
|
+++ openssh-6.8p1/pam_ssh_agent_auth-0.9.3/pam_user_key_allowed2.c 2015-03-18 17:21:51.898264829 +0100
|
|
@@ -87,7 +87,7 @@ pam_user_key_allowed2(struct passwd *pw,
|
|
found = key_new(key->type);
|
|
|
|
while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
|
|
- char *cp, *key_options = NULL;
|
|
+ char *cp = NULL;
|
|
|
|
/* Skip leading whitespace, empty and comment lines. */
|
|
for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
|
|
@@ -99,7 +99,6 @@ pam_user_key_allowed2(struct passwd *pw,
|
|
/* no key? check if there are options for this key */
|
|
int quoted = 0;
|
|
verbose("user_key_allowed: check options: '%s'", cp);
|
|
- key_options = cp;
|
|
for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
|
|
if (*cp == '\\' && cp[1] == '"')
|
|
cp++; /* Skip both */
|
|
diff -up openssh-6.8p1/scp.c.coverity openssh-6.8p1/scp.c
|
|
--- openssh-6.8p1/scp.c.coverity 2015-03-18 17:21:51.868264891 +0100
|
|
+++ openssh-6.8p1/scp.c 2015-03-18 17:21:58.281251460 +0100
|
|
@@ -156,7 +156,7 @@ killchild(int signo)
|
|
{
|
|
if (do_cmd_pid > 1) {
|
|
kill(do_cmd_pid, signo ? signo : SIGTERM);
|
|
- waitpid(do_cmd_pid, NULL, 0);
|
|
+ (void) waitpid(do_cmd_pid, NULL, 0);
|
|
}
|
|
|
|
if (signo)
|
|
diff -up openssh-6.8p1/servconf.c.coverity openssh-6.8p1/servconf.c
|
|
--- openssh-6.8p1/servconf.c.coverity 2015-03-18 17:21:51.893264839 +0100
|
|
+++ openssh-6.8p1/servconf.c 2015-03-18 17:21:58.281251460 +0100
|
|
@@ -1475,7 +1475,7 @@ process_server_config_line(ServerOptions
|
|
fatal("%s line %d: Missing subsystem name.",
|
|
filename, linenum);
|
|
if (!*activep) {
|
|
- arg = strdelim(&cp);
|
|
+ /*arg =*/ (void) strdelim(&cp);
|
|
break;
|
|
}
|
|
for (i = 0; i < options->num_subsystems; i++)
|
|
@@ -1566,8 +1566,9 @@ process_server_config_line(ServerOptions
|
|
if (*activep && *charptr == NULL) {
|
|
*charptr = tilde_expand_filename(arg, getuid());
|
|
/* increase optional counter */
|
|
- if (intptr != NULL)
|
|
- *intptr = *intptr + 1;
|
|
+ /* DEAD CODE intptr is still NULL ;)
|
|
+ if (intptr != NULL)
|
|
+ *intptr = *intptr + 1; */
|
|
}
|
|
break;
|
|
|
|
diff -up openssh-6.8p1/serverloop.c.coverity openssh-6.8p1/serverloop.c
|
|
--- openssh-6.8p1/serverloop.c.coverity 2015-03-17 06:49:20.000000000 +0100
|
|
+++ openssh-6.8p1/serverloop.c 2015-03-18 17:28:45.616436080 +0100
|
|
@@ -147,13 +147,13 @@ notify_setup(void)
|
|
static void
|
|
notify_parent(void)
|
|
{
|
|
- if (notify_pipe[1] != -1)
|
|
+ if (notify_pipe[1] >= 0)
|
|
(void)write(notify_pipe[1], "", 1);
|
|
}
|
|
static void
|
|
notify_prepare(fd_set *readset)
|
|
{
|
|
- if (notify_pipe[0] != -1)
|
|
+ if (notify_pipe[0] >= 0)
|
|
FD_SET(notify_pipe[0], readset);
|
|
}
|
|
static void
|
|
@@ -161,8 +161,8 @@ notify_done(fd_set *readset)
|
|
{
|
|
char c;
|
|
|
|
- if (notify_pipe[0] != -1 && FD_ISSET(notify_pipe[0], readset))
|
|
- while (read(notify_pipe[0], &c, 1) != -1)
|
|
+ if (notify_pipe[0] >= 0 && FD_ISSET(notify_pipe[0], readset))
|
|
+ while (read(notify_pipe[0], &c, 1) >= 0)
|
|
debug2("notify_done: reading");
|
|
}
|
|
|
|
@@ -337,7 +337,7 @@ wait_until_can_do_something(fd_set **rea
|
|
* If we have buffered data, try to write some of that data
|
|
* to the program.
|
|
*/
|
|
- if (fdin != -1 && buffer_len(&stdin_buffer) > 0)
|
|
+ if (fdin >= 0 && buffer_len(&stdin_buffer) > 0)
|
|
FD_SET(fdin, *writesetp);
|
|
}
|
|
notify_prepare(*readsetp);
|
|
@@ -477,7 +477,7 @@ process_output(fd_set *writeset)
|
|
int len;
|
|
|
|
/* Write buffered data to program stdin. */
|
|
- if (!compat20 && fdin != -1 && FD_ISSET(fdin, writeset)) {
|
|
+ if (!compat20 && fdin >= 0 && FD_ISSET(fdin, writeset)) {
|
|
data = buffer_ptr(&stdin_buffer);
|
|
dlen = buffer_len(&stdin_buffer);
|
|
len = write(fdin, data, dlen);
|
|
@@ -590,7 +590,7 @@ server_loop(pid_t pid, int fdin_arg, int
|
|
set_nonblock(fdin);
|
|
set_nonblock(fdout);
|
|
/* we don't have stderr for interactive terminal sessions, see below */
|
|
- if (fderr != -1)
|
|
+ if (fderr >= 0)
|
|
set_nonblock(fderr);
|
|
|
|
if (!(datafellows & SSH_BUG_IGNOREMSG) && isatty(fdin))
|
|
@@ -614,7 +614,7 @@ server_loop(pid_t pid, int fdin_arg, int
|
|
max_fd = MAX(connection_in, connection_out);
|
|
max_fd = MAX(max_fd, fdin);
|
|
max_fd = MAX(max_fd, fdout);
|
|
- if (fderr != -1)
|
|
+ if (fderr >= 0)
|
|
max_fd = MAX(max_fd, fderr);
|
|
#endif
|
|
|
|
@@ -644,7 +644,7 @@ server_loop(pid_t pid, int fdin_arg, int
|
|
* If we have received eof, and there is no more pending
|
|
* input data, cause a real eof by closing fdin.
|
|
*/
|
|
- if (stdin_eof && fdin != -1 && buffer_len(&stdin_buffer) == 0) {
|
|
+ if (stdin_eof && fdin >= 0 && buffer_len(&stdin_buffer) == 0) {
|
|
if (fdin != fdout)
|
|
close(fdin);
|
|
else
|
|
@@ -740,15 +740,15 @@ server_loop(pid_t pid, int fdin_arg, int
|
|
buffer_free(&stderr_buffer);
|
|
|
|
/* Close the file descriptors. */
|
|
- if (fdout != -1)
|
|
+ if (fdout >= 0)
|
|
close(fdout);
|
|
fdout = -1;
|
|
fdout_eof = 1;
|
|
- if (fderr != -1)
|
|
+ if (fderr >= 0)
|
|
close(fderr);
|
|
fderr = -1;
|
|
fderr_eof = 1;
|
|
- if (fdin != -1)
|
|
+ if (fdin >= 0)
|
|
close(fdin);
|
|
fdin = -1;
|
|
|
|
@@ -950,7 +950,7 @@ server_input_window_size(int type, u_int
|
|
|
|
debug("Window change received.");
|
|
packet_check_eom();
|
|
- if (fdin != -1)
|
|
+ if (fdin >= 0)
|
|
pty_change_window_size(fdin, row, col, xpixel, ypixel);
|
|
return 0;
|
|
}
|
|
@@ -1043,7 +1043,7 @@ server_request_tun(void)
|
|
}
|
|
|
|
tun = packet_get_int();
|
|
- if (forced_tun_device != -1) {
|
|
+ if (forced_tun_device >= 0) {
|
|
if (tun != SSH_TUNID_ANY && forced_tun_device != tun)
|
|
goto done;
|
|
tun = forced_tun_device;
|
|
diff -up openssh-6.8p1/sftp.c.coverity openssh-6.8p1/sftp.c
|
|
--- openssh-6.8p1/sftp.c.coverity 2015-03-17 06:49:20.000000000 +0100
|
|
+++ openssh-6.8p1/sftp.c 2015-03-18 17:21:58.283251456 +0100
|
|
@@ -223,7 +223,7 @@ killchild(int signo)
|
|
{
|
|
if (sshpid > 1) {
|
|
kill(sshpid, SIGTERM);
|
|
- waitpid(sshpid, NULL, 0);
|
|
+ (void) waitpid(sshpid, NULL, 0);
|
|
}
|
|
|
|
_exit(1);
|
|
@@ -335,7 +335,7 @@ local_do_ls(const char *args)
|
|
|
|
/* Strip one path (usually the pwd) from the start of another */
|
|
static char *
|
|
-path_strip(char *path, char *strip)
|
|
+path_strip(const char *path, const char *strip)
|
|
{
|
|
size_t len;
|
|
|
|
@@ -353,7 +353,7 @@ path_strip(char *path, char *strip)
|
|
}
|
|
|
|
static char *
|
|
-make_absolute(char *p, char *pwd)
|
|
+make_absolute(char *p, const char *pwd)
|
|
{
|
|
char *abs_str;
|
|
|
|
@@ -551,7 +551,7 @@ parse_no_flags(const char *cmd, char **a
|
|
}
|
|
|
|
static int
|
|
-is_dir(char *path)
|
|
+is_dir(const char *path)
|
|
{
|
|
struct stat sb;
|
|
|
|
@@ -563,7 +563,7 @@ is_dir(char *path)
|
|
}
|
|
|
|
static int
|
|
-remote_is_dir(struct sftp_conn *conn, char *path)
|
|
+remote_is_dir(struct sftp_conn *conn, const char *path)
|
|
{
|
|
Attrib *a;
|
|
|
|
@@ -577,7 +577,7 @@ remote_is_dir(struct sftp_conn *conn, ch
|
|
|
|
/* Check whether path returned from glob(..., GLOB_MARK, ...) is a directory */
|
|
static int
|
|
-pathname_is_dir(char *pathname)
|
|
+pathname_is_dir(const char *pathname)
|
|
{
|
|
size_t l = strlen(pathname);
|
|
|
|
@@ -585,7 +585,7 @@ pathname_is_dir(char *pathname)
|
|
}
|
|
|
|
static int
|
|
-process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd,
|
|
+process_get(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd,
|
|
int pflag, int rflag, int resume, int fflag)
|
|
{
|
|
char *abs_src = NULL;
|
|
@@ -669,7 +669,7 @@ out:
|
|
}
|
|
|
|
static int
|
|
-process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd,
|
|
+process_put(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd,
|
|
int pflag, int rflag, int resume, int fflag)
|
|
{
|
|
char *tmp_dst = NULL;
|
|
@@ -779,7 +779,7 @@ sdirent_comp(const void *aa, const void
|
|
|
|
/* sftp ls.1 replacement for directories */
|
|
static int
|
|
-do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
|
|
+do_ls_dir(struct sftp_conn *conn, const char *path, const char *strip_path, int lflag)
|
|
{
|
|
int n;
|
|
u_int c = 1, colspace = 0, columns = 1;
|
|
@@ -864,7 +864,7 @@ do_ls_dir(struct sftp_conn *conn, char *
|
|
|
|
/* sftp ls.1 replacement which handles path globs */
|
|
static int
|
|
-do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path,
|
|
+do_globbed_ls(struct sftp_conn *conn, const char *path, const char *strip_path,
|
|
int lflag)
|
|
{
|
|
char *fname, *lname;
|
|
@@ -949,7 +949,7 @@ do_globbed_ls(struct sftp_conn *conn, ch
|
|
}
|
|
|
|
static int
|
|
-do_df(struct sftp_conn *conn, char *path, int hflag, int iflag)
|
|
+do_df(struct sftp_conn *conn, const char *path, int hflag, int iflag)
|
|
{
|
|
struct sftp_statvfs st;
|
|
char s_used[FMT_SCALED_STRSIZE];
|
|
diff -up openssh-6.8p1/ssh-agent.c.coverity openssh-6.8p1/ssh-agent.c
|
|
--- openssh-6.8p1/ssh-agent.c.coverity 2015-03-17 06:49:20.000000000 +0100
|
|
+++ openssh-6.8p1/ssh-agent.c 2015-03-18 17:21:58.284251454 +0100
|
|
@@ -1166,8 +1166,8 @@ main(int ac, char **av)
|
|
sanitise_stdfd();
|
|
|
|
/* drop */
|
|
- setegid(getgid());
|
|
- setgid(getgid());
|
|
+ (void) setegid(getgid());
|
|
+ (void) setgid(getgid());
|
|
|
|
#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
|
|
/* Disable ptrace on Linux without sgid bit */
|
|
diff -up openssh-6.8p1/sshd.c.coverity openssh-6.8p1/sshd.c
|
|
--- openssh-6.8p1/sshd.c.coverity 2015-03-18 17:21:51.893264839 +0100
|
|
+++ openssh-6.8p1/sshd.c 2015-03-18 17:21:58.284251454 +0100
|
|
@@ -778,8 +778,10 @@ privsep_preauth(Authctxt *authctxt)
|
|
if (getuid() == 0 || geteuid() == 0)
|
|
privsep_preauth_child();
|
|
setproctitle("%s", "[net]");
|
|
- if (box != NULL)
|
|
+ if (box != NULL) {
|
|
ssh_sandbox_child(box);
|
|
+ free(box);
|
|
+ }
|
|
|
|
return 0;
|
|
}
|
|
@@ -1518,6 +1520,9 @@ server_accept_loop(int *sock_in, int *so
|
|
if (num_listen_socks < 0)
|
|
break;
|
|
}
|
|
+
|
|
+ if (fdset != NULL)
|
|
+ free(fdset);
|
|
}
|
|
|
|
|
|
diff -up openssh-6.8p1/sshkey.c.coverity openssh-6.8p1/sshkey.c
|
|
--- openssh-6.8p1/sshkey.c.coverity 2015-03-18 17:21:58.285251452 +0100
|
|
+++ openssh-6.8p1/sshkey.c 2015-03-18 17:45:32.232705363 +0100
|
|
@@ -58,6 +58,7 @@
|
|
#include "digest.h"
|
|
#define SSHKEY_INTERNAL
|
|
#include "sshkey.h"
|
|
+#include "log.h"
|
|
#include "match.h"
|
|
|
|
/* openssh private key file format */
|