[Pkg-shadow-commits] r2188 - in upstream/trunk: . lib libmisc

nekral-guest at alioth.debian.org nekral-guest at alioth.debian.org
Sun Jun 15 21:59:44 UTC 2008


Author: nekral-guest
Date: 2008-06-15 21:59:41 +0000 (Sun, 15 Jun 2008)
New Revision: 2188

Modified:
   upstream/trunk/ChangeLog
   upstream/trunk/lib/prototypes.h
   upstream/trunk/libmisc/limits.c
   upstream/trunk/libmisc/ulimit.c
Log:
	* libmisc/limits.c: Add brackets and parenthesis.
	* libmisc/limits.c: Avoid implicit conversion of pointers /
	integers to booleans.
	* libmisc/limits.c: Ignore the return value of umask(). We will
	never return to the original umask.
	* libmisc/limits.c: Avoid multi-statements lines.
	* libmisc/limits.c: Added default to a switch(). Report invalid
	limit strings to syslog.
	* libmisc/limits.c: Ignore the return value of fclose().
	/etc/limits is open read-only.
	* libmisc/limits.c: Ignore the return value of fputs() and
	sleep().
	* libmisc/limits.c: Check the return value of nice() and
	set_filesize_limit(), and report errors to syslog.

	* libmisc/ulimit.c, lib/prototypes.h: Return failures of
	set_filesize_limit(). Change the prototype to return an int
	instead of void.


Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog	2008-06-15 19:16:34 UTC (rev 2187)
+++ upstream/trunk/ChangeLog	2008-06-15 21:59:41 UTC (rev 2188)
@@ -1,5 +1,28 @@
 2008-06-15  Nicolas François  <nicolas.francois at centraliens.net>
 
+	* libmisc/limits.c: Add brackets and parenthesis.
+	* libmisc/limits.c: Avoid implicit conversion of pointers /
+	integers to booleans.
+	* libmisc/limits.c: Ignore the return value of umask(). We will
+	never return to the original umask.
+	* libmisc/limits.c: Avoid multi-statements lines.
+	* libmisc/limits.c: Added default to a switch(). Report invalid
+	limit strings to syslog.
+	* libmisc/limits.c: Ignore the return value of fclose().
+	/etc/limits is open read-only.
+	* libmisc/limits.c: Ignore the return value of fputs() and
+	sleep().
+	* libmisc/limits.c: Check the return value of nice() and
+	set_filesize_limit(), and report errors to syslog.
+
+2008-06-15  Nicolas François  <nicolas.francois at centraliens.net>
+
+	* libmisc/ulimit.c, lib/prototypes.h: Return failures of
+	set_filesize_limit(). Change the prototype to return an int
+	instead of void.
+
+2008-06-15  Nicolas François  <nicolas.francois at centraliens.net>
+
 	* libmisc/failure.c: Try to close the open file if a failure
 	occured during lseek(), read() or write().
 

Modified: upstream/trunk/lib/prototypes.h
===================================================================
--- upstream/trunk/lib/prototypes.h	2008-06-15 19:16:34 UTC (rev 2187)
+++ upstream/trunk/lib/prototypes.h	2008-06-15 21:59:41 UTC (rev 2188)
@@ -258,7 +258,7 @@
 extern char *tz (const char *);
 
 /* ulimit.c */
-extern void set_filesize_limit (int);
+extern int set_filesize_limit (int blocks);
 
 /* utmp.c */
 extern void checkutmp (bool picky);

Modified: upstream/trunk/libmisc/limits.c
===================================================================
--- upstream/trunk/libmisc/limits.c	2008-06-15 19:16:34 UTC (rev 2187)
+++ upstream/trunk/libmisc/limits.c	2008-06-15 21:59:41 UTC (rev 2188)
@@ -74,13 +74,15 @@
 	const char *value_orig = value;
 
 	limit = strtol (value, endptr, 10);
-	if (limit == 0 && value_orig == *endptr)	/* no chars read */
+	if ((0 == limit) && (value_orig == *endptr)) {	/* no chars read */
 		return 0;
+	}
 	limit *= multiplier;
 	rlim.rlim_cur = limit;
 	rlim.rlim_max = limit;
-	if (setrlimit (rlimit, &rlim))
+	if (setrlimit (rlimit, &rlim) != 0) {
 		return LOGIN_ERROR_RLIMIT;
+	}
 	return 0;
 }
 
@@ -91,10 +93,12 @@
 	char **endptr = (char **) &value;
 
 	prio = strtol (value, endptr, 10);
-	if ((prio == 0) && (value == *endptr))
+	if ((0 == prio) && (value == *endptr)) {
 		return 0;
-	if (setpriority (PRIO_PROCESS, 0, prio))
+	}
+	if (setpriority (PRIO_PROCESS, 0, prio) != 0) {
 		return LOGIN_ERROR_RLIMIT;
+	}
 	return 0;
 }
 
@@ -105,9 +109,10 @@
 	char **endptr = (char **) &value;
 
 	mask = strtol (value, endptr, 8) & 0777;
-	if ((mask == 0) && (value == *endptr))
+	if ((0 == mask) && (value == *endptr)) {
 		return 0;
-	umask (mask);
+	}
+	(void) umask (mask);
 	return 0;
 }
 
@@ -125,10 +130,11 @@
 	const char *ml_orig = maxlogins;
 
 	limit = strtol (maxlogins, endptr, 10);
-	if (limit == 0 && ml_orig == *endptr)	/* no chars read */
+	if ((0 == limit) && (ml_orig == *endptr)) {	/* no chars read */
 		return 0;
+	}
 
-	if (limit == 0) {	/* maximum 0 logins ? */
+	if (0 == limit) {	/* maximum 0 logins ? */
 		SYSLOG ((LOG_WARN, "No logins allowed for `%s'\n", name));
 		return LOGIN_ERROR_LOGIN;
 	}
@@ -141,14 +147,19 @@
 	setutent ();
 	while ((ut = getutent ())) {
 #endif
-		if (ut->ut_type != USER_PROCESS)
+		if (USER_PROCESS != ut->ut_type) {
 			continue;
-		if (ut->ut_user[0] == '\0')
+		}
+		if ('\0' == ut->ut_user[0]) {
 			continue;
-		if (strncmp (name, ut->ut_user, sizeof (ut->ut_user)) != 0)
+		}
+		if (strncmp (name, ut->ut_user, sizeof (ut->ut_user)) != 0) {
 			continue;
-		if (++count > limit)
+		}
+		count++;
+		if (count > limit) {
 			break;
+		}
 	}
 #if HAVE_UTMPX_H
 	endutxent ();
@@ -203,10 +214,11 @@
 {
 	const char *pp;
 	int retval = 0;
+	bool reported = false;
 
 	pp = buf;
 
-	while (*pp != '\0')
+	while ('\0' != *pp) {
 		switch (*pp++) {
 #ifdef RLIMIT_AS
 		case 'a':
@@ -298,14 +310,24 @@
 			break;
 		case 'l':
 		case 'L':
-			/* LIMIT the number of concurent logins */
+			/* LIMIT the number of concurrent logins */
 			retval |= check_logins (name, pp);
 			break;
 		case 'p':
 		case 'P':
 			retval |= set_prio (pp);
 			break;
+		default:
+			/* Only report invalid strings once */
+			if (!reported) {
+				SYSLOG ((LOG_WARN,
+				         "Invalid limit string: '%s'",
+				         pp-1));
+				reported = true;
+				retval |= LOGIN_ERROR_RLIMIT;
+			}
 		}
+	}
 	return retval;
 }
 
@@ -336,8 +358,9 @@
 	 * - username must start on first column
 	 * A better (smarter) checking should be done --cristiang */
 	while (fgets (buf, 1024, fil) != NULL) {
-		if (buf[0] == '#' || buf[0] == '\n')
+		if (('#' == buf[0]) || ('\n' == buf[0])) {
 			continue;
+		}
 		memzero (tempbuf, sizeof (tempbuf));
 		/* a valid line should have a username, then spaces,
 		 * then limits
@@ -357,11 +380,12 @@
 			}
 		}
 	}
-	fclose (fil);
+	(void) fclose (fil);
 	if (limits[0] == '\0') {
 		/* no user specific limits */
-		if (deflimits[0] == '\0')	/* no default limits */
+		if (deflimits[0] == '\0') {	/* no default limits */
 			return 0;
+		}
 		strcpy (limits, deflimits);	/* use the default limits */
 	}
 	return do_user_limits (limits, uname);
@@ -379,12 +403,13 @@
  *	group name, set umask group bits to be the same as owner bits
  *	(examples: 022 -> 002, 077 -> 007).
  */
-	if (info->pw_uid != 0 && info->pw_uid == info->pw_gid) {
+	if ((0 != info->pw_uid) && (info->pw_uid == info->pw_gid)) {
 		/* local, no need for xgetgrgid */
 		grp = getgrgid (info->pw_gid);
-		if (grp && (strcmp (info->pw_name, grp->gr_name) == 0)) {
+		if (   (NULL != grp)
+		    && (strcmp (info->pw_name, grp->gr_name) == 0)) {
 			oldmask = umask (0777);
-			umask ((oldmask & ~070) | ((oldmask >> 3) & 070));
+			(void) umask ((oldmask & ~070) | ((oldmask >> 3) & 070));
 		}
 	}
 }
@@ -399,8 +424,9 @@
 	int i;
 	long l;
 
-	if (getdef_bool ("USERGROUPS_ENAB"))
+	if (getdef_bool ("USERGROUPS_ENAB")) {
 		setup_usergroups (info);
+	}
 
 	/*
 	 * See if the GECOS field contains values for NICE, UMASK or ULIMIT.
@@ -410,28 +436,41 @@
 
 	if (getdef_bool ("QUOTAS_ENAB")) {
 #ifdef LIMITS
-		if (info->pw_uid != 0)
+		if (info->pw_uid != 0) {
 			if (setup_user_limits (info->pw_name) &
 			    LOGIN_ERROR_LOGIN) {
-				fputs (_("Too many logins.\n"), stderr);
-				sleep (2);
+				(void) fputs (_("Too many logins.\n"), stderr);
+				(void) sleep (2); /* XXX: Should be FAIL_DELAY */
 				exit (1);
 			}
+		}
 #endif
 		for (cp = info->pw_gecos; cp != NULL; cp = strchr (cp, ',')) {
-			if (*cp == ',')
+			if (',' == *cp) {
 				cp++;
+			}
 
 			if (strncmp (cp, "pri=", 4) == 0) {
 				i = atoi (cp + 4);
-				if (i >= -20 && i <= 20)
-					(void) nice (i);
+				if ((i >= -20) && (i <= 20)) {
+					errno = 0;
+					if (   (nice (i) == -1)
+					    && (0 != errno)) {
+						SYSLOG ((LOG_WARN,
+						         "Can't set the nice value for user %s",
+						         info->pw_name));
+					}
+				}
 
 				continue;
 			}
 			if (strncmp (cp, "ulimit=", 7) == 0) {
 				l = strtol (cp + 7, (char **) 0, 10);
-				set_filesize_limit (l);
+				if (set_filesize_limit (l) != 0) {
+					SYSLOG ((LOG_WARN,
+					         "Can't set the ulimit for user %s",
+					         info->pw_name));
+				}
 				continue;
 			}
 			if (strncmp (cp, "umask=", 6) == 0) {

Modified: upstream/trunk/libmisc/ulimit.c
===================================================================
--- upstream/trunk/libmisc/ulimit.c	2008-06-15 19:16:34 UTC (rev 2187)
+++ upstream/trunk/libmisc/ulimit.c	2008-06-15 21:59:41 UTC (rev 2188)
@@ -50,14 +50,21 @@
 #endif
 #include "prototypes.h"
 
-void set_filesize_limit (int blocks)
+int set_filesize_limit (int blocks)
 {
+	int ret = -1;
 #if HAVE_ULIMIT_H
-	ulimit (UL_SETFSIZE, blocks);
+	if (ulimit (UL_SETFSIZE, blocks) != -1) {
+		ret = 0;
+	}
 #elif defined(RLIMIT_FSIZE)
 	struct rlimit rlimit_fsize;
 
-	rlimit_fsize.rlim_cur = rlimit_fsize.rlim_max = 512L * blocks;
-	setrlimit (RLIMIT_FSIZE, &rlimit_fsize);
+	rlimit_fsize.rlim_cur = 512L * blocks;
+	rlimit_fsize.rlim_max = rlimit_fsize.rlim_cur;
+	ret = setrlimit (RLIMIT_FSIZE, &rlimit_fsize);
 #endif
+
+	return ret;
 }
+




More information about the Pkg-shadow-commits mailing list