From d781daa027b2ad6c78f4258734142c97eb40b777 Mon Sep 17 00:00:00 2001 From: Josh Stone Date: Tue, 5 May 2009 11:21:51 -0700 Subject: Add Vim modelines for new C/C++ sources --- modsign.cxx | 2 ++ 1 file changed, 2 insertions(+) (limited to 'modsign.cxx') diff --git a/modsign.cxx b/modsign.cxx index b66497fd..fafbf1e4 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -552,3 +552,5 @@ sign_module (systemtap_session& s) /* Shutdown NSS and exit NSPR gracefully. */ nssCleanup (); } + +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ -- cgit From 307fbce1d6243d9a347491454a79646d97c53782 Mon Sep 17 00:00:00 2001 From: Dave Brolley Date: Tue, 5 May 2009 14:29:22 -0400 Subject: Make sure pw struct is initialized. --- modsign.cxx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modsign.cxx') diff --git a/modsign.cxx b/modsign.cxx index b66497fd..d8b9901e 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -218,10 +218,10 @@ check_cert_db_permissions (const string &cert_db_path) { rc = 1; // ok // We must be the owner of the database. + pw = getpwuid (euid); euid = geteuid (); if (info.st_uid != euid) { - pw = getpwuid (euid); if (pw) { cerr << "Certificate database " << cert_db_path << " must be owned by " -- cgit From b91191117b9a55e80cfc212fec99206ac4ffd54f Mon Sep 17 00:00:00 2001 From: Josh Stone Date: Tue, 5 May 2009 11:30:07 -0700 Subject: Use stap_system() in mod-signing code --- modsign.cxx | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'modsign.cxx') diff --git a/modsign.cxx b/modsign.cxx index fafbf1e4..43ddd01a 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -21,6 +21,7 @@ */ #include "session.h" +#include "util.h" #include #include @@ -285,14 +286,14 @@ init_cert_db_path (const string &cert_db_path) { // Generate the certificate and database. string cmd = BINDIR "/stap-gen-cert " + cert_db_path; - rc = system (cmd.c_str()) == 0; + rc = stap_system (cmd.c_str()) == 0; // If we are root, authorize the new certificate as a trusted // signer. It is not an error if this fails. if (geteuid () == 0) { cmd = BINDIR "/stap-authorize-signing-cert " + cert_db_path + "/stap.cert"; - system (cmd.c_str()); + stap_system (cmd.c_str()); } return rc; -- cgit From 04cba3b870c1fed6ce8f62e3eb0288a7f1abd071 Mon Sep 17 00:00:00 2001 From: Dave Brolley Date: Tue, 5 May 2009 14:35:52 -0400 Subject: Initialize euid before using it. --- modsign.cxx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modsign.cxx') diff --git a/modsign.cxx b/modsign.cxx index 435fec12..e7d02fba 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -219,8 +219,8 @@ check_cert_db_permissions (const string &cert_db_path) { rc = 1; // ok // We must be the owner of the database. - pw = getpwuid (euid); euid = geteuid (); + pw = getpwuid (euid); if (info.st_uid != euid) { if (pw) -- cgit From 2a5b3e3fe4e87a9b25286358f280b67791816e0a Mon Sep 17 00:00:00 2001 From: Dave Brolley Date: Tue, 5 May 2009 14:49:06 -0400 Subject: Ensure that pw is not used if it is NULL. --- modsign.cxx | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) (limited to 'modsign.cxx') diff --git a/modsign.cxx b/modsign.cxx index e7d02fba..8f29dab1 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -221,19 +221,17 @@ check_cert_db_permissions (const string &cert_db_path) { // We must be the owner of the database. euid = geteuid (); pw = getpwuid (euid); + if (! pw) + { + cerr << "Unable to obtain current user information which checking certificate database " + << cert_db_path << endl; + perror (""); + return 0; + } if (info.st_uid != euid) { - if (pw) - { - cerr << "Certificate database " << cert_db_path << " must be owned by " - << pw->pw_name << endl; - } - else - { - cerr << "Unable to obtain current user information which checking certificate database " - << cert_db_path << endl; - perror (""); - } + cerr << "Certificate database " << cert_db_path << " must be owned by " + << pw->pw_name << endl; rc = 0; } -- cgit