From f2227807c7878a14c6cb02fab363d9607d667ec4 Mon Sep 17 00:00:00 2001 From: Benny Baumann Date: Tue, 12 Dec 2023 13:13:27 +0100 Subject: pam_timestamp: indicate non-null arguments to the compiler As these functions assume their arguments to be valid pointers without checking this pre-condition, this should be marked to the compiler. Doing so allows to detect potential NULL dereferences when a caller may pass in an invalid NULL pointer. * modules/pam_timestamp/hmac_openssl_wrapper.c (generate_key, read_file, write_file, key_management): Add PAM_NONNULL attribute. --- modules/pam_timestamp/hmac_openssl_wrapper.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'modules/pam_timestamp') diff --git a/modules/pam_timestamp/hmac_openssl_wrapper.c b/modules/pam_timestamp/hmac_openssl_wrapper.c index 9926bbac..a633a2bf 100644 --- a/modules/pam_timestamp/hmac_openssl_wrapper.c +++ b/modules/pam_timestamp/hmac_openssl_wrapper.c @@ -81,6 +81,7 @@ get_crypto_algorithm(pam_handle_t *pamh, int debug){ } static int +PAM_NONNULL((1, 2)) generate_key(pam_handle_t *pamh, char **key, size_t key_size) { int fd = 0; @@ -117,6 +118,7 @@ generate_key(pam_handle_t *pamh, char **key, size_t key_size) } static int +PAM_NONNULL((1, 3, 4)) read_file(pam_handle_t *pamh, int fd, char **text, size_t *text_length) { struct stat st; @@ -165,6 +167,7 @@ read_file(pam_handle_t *pamh, int fd, char **text, size_t *text_length) } static int +PAM_NONNULL((1, 2, 3)) write_file(pam_handle_t *pamh, const char *file_name, char *text, size_t text_length, uid_t owner, gid_t group) { @@ -203,6 +206,7 @@ write_file(pam_handle_t *pamh, const char *file_name, char *text, } static int +PAM_NONNULL((1, 2, 3)) key_management(pam_handle_t *pamh, const char *file_name, char **text, size_t text_length, uid_t owner, gid_t group) { -- cgit v1.2.3