Blame SOURCES/pam-1.3.1-coverity.patch

5c721c
diff --git a/libpam/pam_handlers.c b/libpam/pam_handlers.c
5c721c
index 106ef7c..b2e94c7 100644
5c721c
--- a/libpam/pam_handlers.c
5c721c
+++ b/libpam/pam_handlers.c
5c721c
@@ -282,7 +282,6 @@ _pam_open_config_file(pam_handle_t *pamh
5c721c
 {
5c721c
     char *p;
5c721c
     FILE *f;
5c721c
-    int err = 0;
5c721c
 
5c721c
     /* Absolute path */
5c721c
     if (service[0] == '/') {
5c721c
diff --git a/libpam_misc/misc_conv.c b/libpam_misc/misc_conv.c
5c721c
index be53f34..07dce36 100644
5c721c
--- a/libpam_misc/misc_conv.c
5c721c
+++ b/libpam_misc/misc_conv.c
5c721c
@@ -211,7 +211,7 @@ static int read_string(int echo, const char *prompt, char **retstr)
5c721c
 		    line[nc] = '\0';
5c721c
 		}
5c721c
 		*retstr = strdup(line);
5c721c
-		_pam_overwrite(line);
5c721c
+		_pam_overwrite_n(line, sizeof(line));
5c721c
 		if (!*retstr) {
5c721c
 		    D(("no memory for response string"));
5c721c
 		    nc = -1;
5c721c
@@ -244,7 +244,7 @@ static int read_string(int echo, const char *prompt, char **retstr)
5c721c
     D(("the timer appears to have expired"));
5c721c
 
5c721c
     *retstr = NULL;
5c721c
-    _pam_overwrite(line);
5c721c
+    _pam_overwrite_n(line, sizeof(line));
5c721c
 
5c721c
  cleanexit:
5c721c
 
5c721c
diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c
5c721c
index 80d885d..3801862 100644
5c721c
--- a/modules/pam_access/pam_access.c
5c721c
+++ b/modules/pam_access/pam_access.c
5c721c
@@ -806,7 +806,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
5c721c
     const char *user=NULL;
5c721c
     const void *void_from=NULL;
5c721c
     const char *from;
5c721c
-    const char const *default_config = PAM_ACCESS_CONFIG;
5c721c
+    const char * const default_config = PAM_ACCESS_CONFIG;
5c721c
     struct passwd *user_pw;
5c721c
     char hostname[MAXHOSTNAMELEN + 1];
5c721c
     int rv;
5c721c
diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c
5c721c
index 4bc4ae7..f8476b4 100644
5c721c
--- a/modules/pam_limits/pam_limits.c
5c721c
+++ b/modules/pam_limits/pam_limits.c
5c721c
@@ -342,7 +342,7 @@ static const char *lnames[RLIM_NLIMITS] = {
5c721c
 #endif
5c721c
 };
5c721c
 
5c721c
-static int str2rlimit(char *name) {
5c721c
+static int str2rlimit(const char *name) {
5c721c
     int i;
5c721c
     if (!name || *name == '\0')
5c721c
         return -1;
5c721c
@@ -352,7 +352,7 @@ static int str2rlimit(char *name) {
5c721c
     return -1;
5c721c
 }
5c721c
 
5c721c
-static rlim_t str2rlim_t(char *value) {
5c721c
+static rlim_t str2rlim_t(const char *value) {
5c721c
     unsigned long long rlimit = 0;
5c721c
 
5c721c
     if (!value) return (rlim_t)rlimit;
5c721c
@@ -384,7 +384,7 @@ static void parse_kernel_limits(pam_handle_t *pamh, struct pam_limit_s *pl, int
5c721c
     FILE *limitsfile;
5c721c
     const char *proclimits = "/proc/1/limits";
5c721c
     char line[256];
5c721c
-    char *units, *hard, *soft, *name;
5c721c
+    const char *units, *hard, *soft, *name;
5c721c
 
5c721c
     if (!(limitsfile = fopen(proclimits, "r"))) {
5c721c
         pam_syslog(pamh, LOG_WARNING, "Could not read %s (%s), using PAM defaults", proclimits, strerror(errno));
5c721c
diff --git a/modules/pam_loginuid/pam_loginuid.c b/modules/pam_loginuid/pam_loginuid.c
5c721c
index 96bfd98..66d202c 100644
5c721c
--- a/modules/pam_loginuid/pam_loginuid.c
5c721c
+++ b/modules/pam_loginuid/pam_loginuid.c
5c721c
@@ -64,7 +64,7 @@ static int set_loginuid(pam_handle_t *pamh, uid_t uid)
5c721c
 	fd = open("/proc/self/uid_map", O_RDONLY);
5c721c
 	if (fd >= 0) {
5c721c
 		count = pam_modutil_read(fd, uid_map, sizeof(uid_map));
5c721c
-		if (strncmp(uid_map, host_uid_map, count) != 0)
5c721c
+		if (count <= 0 || strncmp(uid_map, host_uid_map, count) != 0)
5c721c
 			rc = PAM_IGNORE;
5c721c
 		close(fd);
5c721c
 	}
5c721c
diff --git a/modules/pam_mkhomedir/mkhomedir_helper.c b/modules/pam_mkhomedir/mkhomedir_helper.c
5c721c
index 9e204c1..4b8d6b7 100644
5c721c
--- a/modules/pam_mkhomedir/mkhomedir_helper.c
5c721c
+++ b/modules/pam_mkhomedir/mkhomedir_helper.c
5c721c
@@ -232,6 +232,8 @@ create_homedir(const struct passwd *pwd,
5c721c
       {
5c721c
          pam_syslog(NULL, LOG_DEBUG,
5c721c
 		    "unable to open or stat src file %s: %m", newsource);
5c721c
+         if (srcfd >= 0)
5c721c
+            close(srcfd);
5c721c
          closedir(d);
5c721c
 
5c721c
 #ifndef PATH_MAX
5c721c
diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c
5c721c
index f541f89..85f5efa 100644
5c721c
--- a/modules/pam_namespace/pam_namespace.c
5c721c
+++ b/modules/pam_namespace/pam_namespace.c
5c721c
@@ -1418,6 +1418,7 @@ static int create_instance(struct polydir_s *polyptr, char *ipath, struct stat *
5c721c
     if (fstat(fd, &newstatbuf) < 0) {
5c721c
         pam_syslog(idata->pamh, LOG_ERR, "Error stating %s, %m",
5c721c
 		ipath);
5c721c
+	close(fd);
5c721c
 	rmdir(ipath);
5c721c
         return PAM_SESSION_ERR;
5c721c
     }
5c721c
diff --git a/modules/pam_pwhistory/opasswd.c b/modules/pam_pwhistory/opasswd.c
5c721c
index e6cf346..813f579 100644
5c721c
--- a/modules/pam_pwhistory/opasswd.c
5c721c
+++ b/modules/pam_pwhistory/opasswd.c
5c721c
@@ -326,6 +326,9 @@ save_old_pass (pam_handle_t *pamh, const char *user, uid_t uid,
5c721c
 	n = strlen (buf);
5c721c
 #endif /* HAVE_GETLINE / HAVE_GETDELIM */
5c721c
 
5c721c
+	if (n < 1)
5c721c
+	  break;
5c721c
+
5c721c
 	cp = buf;
5c721c
 	save = strdup (buf); /* Copy to write the original data back.  */
5c721c
 	if (save == NULL)
5c721c
@@ -336,9 +339,6 @@ save_old_pass (pam_handle_t *pamh, const char *user, uid_t uid,
5c721c
 	    goto error_opasswd;
5c721c
           }
5c721c
 
5c721c
-	if (n < 1)
5c721c
-	  break;
5c721c
-
5c721c
 	tmp = strchr (cp, '#');  /* remove comments */
5c721c
 	if (tmp)
5c721c
 	  *tmp = '\0';
5c721c
diff --git a/modules/pam_rootok/pam_rootok.c b/modules/pam_rootok/pam_rootok.c
5c721c
index 17baabe..a9d9140 100644
5c721c
--- a/modules/pam_rootok/pam_rootok.c
5c721c
+++ b/modules/pam_rootok/pam_rootok.c
5c721c
@@ -66,14 +66,17 @@ log_callback (int type, const char *fmt, ...)
5c721c
     int audit_fd;
5c721c
     va_list ap;
5c721c
 
5c721c
-    va_start(ap, fmt);
5c721c
 #ifdef HAVE_LIBAUDIT
5c721c
     audit_fd = audit_open();
5c721c
 
5c721c
     if (audit_fd >= 0) {
5c721c
 	char *buf;
5c721c
+	int ret;
5c721c
 
5c721c
-	if (vasprintf (&buf, fmt, ap) < 0)
5c721c
+	va_start(ap, fmt);
5c721c
+	ret = vasprintf (&buf, fmt, ap);
5c721c
+	va_end(ap);
5c721c
+	if (ret < 0)
5c721c
 		return 0;
5c721c
 	audit_log_user_avc_message(audit_fd, AUDIT_USER_AVC, buf, NULL, NULL,
5c721c
 				   NULL, 0);
5c721c
@@ -83,6 +86,7 @@ log_callback (int type, const char *fmt, ...)
5c721c
     }
5c721c
 
5c721c
 #endif
5c721c
+    va_start(ap, fmt);
5c721c
     vsyslog (LOG_USER | LOG_INFO, fmt, ap);
5c721c
     va_end(ap);
5c721c
     return 0;
5c721c
diff --git a/modules/pam_sepermit/pam_sepermit.c b/modules/pam_sepermit/pam_sepermit.c
5c721c
index c653290..f37af0f 100644
5c721c
--- a/modules/pam_sepermit/pam_sepermit.c
5c721c
+++ b/modules/pam_sepermit/pam_sepermit.c
5c721c
@@ -353,7 +353,7 @@ sepermit_match(pam_handle_t *pamh, const char *cfgfile, const char *user,
5c721c
 		if (*sense == PAM_SUCCESS) {
5c721c
 			if (ignore)
5c721c
 				*sense = PAM_IGNORE;
5c721c
-			if (geteuid() == 0 && exclusive && get_loginuid(pamh) == -1)
5c721c
+			if (geteuid() == 0 && exclusive && get_loginuid(pamh) == (uid_t)-1)
5c721c
 				if (sepermit_lock(pamh, user, debug) < 0)
5c721c
 					*sense = PAM_AUTH_ERR;
5c721c
 		}