From d781daa027b2ad6c78f4258734142c97eb40b777 Mon Sep 17 00:00:00 2001 From: Josh Stone Date: Tue, 5 May 2009 11:21:51 -0700 Subject: Add Vim modelines for new C/C++ sources --- modsign.cxx | 2 ++ modsign.h | 2 ++ nsscommon.c | 2 ++ nsscommon.h | 2 ++ runtime/staprun/modverify.c | 2 ++ runtime/staprun/modverify.h | 1 + 6 files changed, 11 insertions(+) diff --git a/modsign.cxx b/modsign.cxx index b66497fd..fafbf1e4 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -552,3 +552,5 @@ sign_module (systemtap_session& s) /* Shutdown NSS and exit NSPR gracefully. */ nssCleanup (); } + +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ diff --git a/modsign.h b/modsign.h index 12b32765..2d39899a 100644 --- a/modsign.h +++ b/modsign.h @@ -1 +1,3 @@ void sign_module (systemtap_session& s); + +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ diff --git a/nsscommon.c b/nsscommon.c index 0a90b963..2e9c748b 100644 --- a/nsscommon.c +++ b/nsscommon.c @@ -81,3 +81,5 @@ nssCleanup (void) NSS_Shutdown (); PR_Cleanup (); } + +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ diff --git a/nsscommon.h b/nsscommon.h index 7f4097e1..c6ab8aa7 100644 --- a/nsscommon.h +++ b/nsscommon.h @@ -1,2 +1,4 @@ void nssError (void); void nssCleanup (void); + +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ diff --git a/runtime/staprun/modverify.c b/runtime/staprun/modverify.c index 2f3b96d5..b50a69f4 100644 --- a/runtime/staprun/modverify.c +++ b/runtime/staprun/modverify.c @@ -387,3 +387,5 @@ int verify_module (const char *module_name, const char *signature_name) return rc; } + +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ diff --git a/runtime/staprun/modverify.h b/runtime/staprun/modverify.h index 9abf62d4..49b90bfe 100644 --- a/runtime/staprun/modverify.h +++ b/runtime/staprun/modverify.h @@ -6,3 +6,4 @@ int verify_module (const char *module_name, const char *signature_name); #define MODULE_CHECK_ERROR -1 #define MODULE_ALTERED -2 +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ -- cgit From 307fbce1d6243d9a347491454a79646d97c53782 Mon Sep 17 00:00:00 2001 From: Dave Brolley Date: Tue, 5 May 2009 14:29:22 -0400 Subject: Make sure pw struct is initialized. --- modsign.cxx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modsign.cxx b/modsign.cxx index b66497fd..d8b9901e 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -218,10 +218,10 @@ check_cert_db_permissions (const string &cert_db_path) { rc = 1; // ok // We must be the owner of the database. + pw = getpwuid (euid); euid = geteuid (); if (info.st_uid != euid) { - pw = getpwuid (euid); if (pw) { cerr << "Certificate database " << cert_db_path << " must be owned by " -- cgit From b91191117b9a55e80cfc212fec99206ac4ffd54f Mon Sep 17 00:00:00 2001 From: Josh Stone Date: Tue, 5 May 2009 11:30:07 -0700 Subject: Use stap_system() in mod-signing code --- modsign.cxx | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/modsign.cxx b/modsign.cxx index fafbf1e4..43ddd01a 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -21,6 +21,7 @@ */ #include "session.h" +#include "util.h" #include #include @@ -285,14 +286,14 @@ init_cert_db_path (const string &cert_db_path) { // Generate the certificate and database. string cmd = BINDIR "/stap-gen-cert " + cert_db_path; - rc = system (cmd.c_str()) == 0; + rc = stap_system (cmd.c_str()) == 0; // If we are root, authorize the new certificate as a trusted // signer. It is not an error if this fails. if (geteuid () == 0) { cmd = BINDIR "/stap-authorize-signing-cert " + cert_db_path + "/stap.cert"; - system (cmd.c_str()); + stap_system (cmd.c_str()); } return rc; -- cgit From 04cba3b870c1fed6ce8f62e3eb0288a7f1abd071 Mon Sep 17 00:00:00 2001 From: Dave Brolley Date: Tue, 5 May 2009 14:35:52 -0400 Subject: Initialize euid before using it. --- modsign.cxx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modsign.cxx b/modsign.cxx index 435fec12..e7d02fba 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -219,8 +219,8 @@ check_cert_db_permissions (const string &cert_db_path) { rc = 1; // ok // We must be the owner of the database. - pw = getpwuid (euid); euid = geteuid (); + pw = getpwuid (euid); if (info.st_uid != euid) { if (pw) -- cgit From 2a5b3e3fe4e87a9b25286358f280b67791816e0a Mon Sep 17 00:00:00 2001 From: Dave Brolley Date: Tue, 5 May 2009 14:49:06 -0400 Subject: Ensure that pw is not used if it is NULL. --- modsign.cxx | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/modsign.cxx b/modsign.cxx index e7d02fba..8f29dab1 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -221,19 +221,17 @@ check_cert_db_permissions (const string &cert_db_path) { // We must be the owner of the database. euid = geteuid (); pw = getpwuid (euid); + if (! pw) + { + cerr << "Unable to obtain current user information which checking certificate database " + << cert_db_path << endl; + perror (""); + return 0; + } if (info.st_uid != euid) { - if (pw) - { - cerr << "Certificate database " << cert_db_path << " must be owned by " - << pw->pw_name << endl; - } - else - { - cerr << "Unable to obtain current user information which checking certificate database " - << cert_db_path << endl; - perror (""); - } + cerr << "Certificate database " << cert_db_path << " must be owned by " + << pw->pw_name << endl; rc = 0; } -- cgit