Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:GA
mokutil
mokutil-upstream-fixes.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File mokutil-upstream-fixes.patch of Package mokutil
From 9bbf4150add7de95bfeed8515aa9d9d63977ebd4 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin@suse.com> Date: Wed, 25 Sep 2013 18:04:29 +0800 Subject: [PATCH 01/10] Update the copyright declaration Allow the binary to be linked with openssl --- src/efi.h | 47 +++++++++++++++++++++++++++++------------------ src/efilib.c | 17 +++++++++++++++++ src/mokutil.c | 14 ++++++++++++++ src/password-crypt.c | 14 ++++++++++++++ src/password-crypt.h | 14 ++++++++++++++ src/signature.h | 30 ++++++++++++++++++++++++++++++ 6 files changed, 118 insertions(+), 18 deletions(-) diff --git a/src/efi.h b/src/efi.h index 7930a94..a622a2b 100644 --- a/src/efi.h +++ b/src/efi.h @@ -1,22 +1,33 @@ /* - efi.h - Extensible Firmware Interface definitions - - Copyright (C) 2001, 2003 Dell Computer Corporation <Matt_Domsch@dell.com> - Copyright (C) 2012 Gary Lin <glin@suse.com> - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * Copyright (C) 2001, 2003 Dell Computer Corporation <Matt_Domsch@dell.com> + * Copyright (C) 2012-2013 Gary Lin <glin@suse.com> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #ifndef EFI_H diff --git a/src/efilib.c b/src/efilib.c index c2336f9..6db914f 100644 --- a/src/efilib.c +++ b/src/efilib.c @@ -14,6 +14,23 @@ * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. + * * A part of the source code is copied from efibootmgr */ #include <sys/types.h> diff --git a/src/mokutil.c b/src/mokutil.c index e7ea08f..109a3eb 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -14,6 +14,20 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include <stdio.h> #include <stdlib.h> diff --git a/src/password-crypt.c b/src/password-crypt.c index a1d213b..7fbc3b6 100644 --- a/src/password-crypt.c +++ b/src/password-crypt.c @@ -13,6 +13,20 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include <string.h> #include <stdlib.h> diff --git a/src/password-crypt.h b/src/password-crypt.h index b694ac1..04451b4 100644 --- a/src/password-crypt.h +++ b/src/password-crypt.h @@ -13,6 +13,20 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #ifndef __PASSWORD_CRYPT_H__ #define __PASSWORD_CRYPT_H__ diff --git a/src/signature.h b/src/signature.h index f795f14..df88e98 100644 --- a/src/signature.h +++ b/src/signature.h @@ -1,3 +1,33 @@ +/** + * Copyright (C) 2012-2013 Gary Lin <glin@suse.com> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. + */ #define SHA256_DIGEST_SIZE 32 #define EfiHashSha1Guid EFI_GUID (0x826ca512, 0xcf10, 0x4ac9, 0xb1, 0x87, 0xbe, 0x1, 0x49, 0x66, 0x31, 0xbd) -- 1.8.1.4 From dcb76ee1e91c02a026bc0b0b8d02dac71d3c85e1 Mon Sep 17 00:00:00 2001 From: Josh Boyer <jwboyer@fedoraproject.org> Date: Wed, 2 Oct 2013 13:09:20 -0400 Subject: [PATCH 02/10] Add support for disabling/enabling the use of DB for verification This lets a user disable the use of DB for verification purposes. The new options "--ignore-db" and "--use-db" toggle the state of this. This sets a UEFI variable called MokDB that makes MokManager prompt the user to approve the setting after a reboot. We refactor MokSBVar to MokToggleVar and set_validation to set_toggle, as both MokDB and MokSB are really just toggle variables. --- src/mokutil.c | 54 +++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 41 insertions(+), 13 deletions(-) diff --git a/src/mokutil.c b/src/mokutil.c index 109a3eb..41bd8eb 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -76,6 +76,8 @@ EFI_GUID (0x605dab50, 0xe046, 0x4300, 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, #define RESET (1 << 15) #define GENERATE_PW_HASH (1 << 16) #define SIMPLE_HASH (1 << 17) +#define IGNORE_DB (1 << 18) +#define USE_DB (1 << 19) #define DEFAULT_CRYPT_METHOD SHA512_BASED #define DEFAULT_SALT_SIZE SHA512_SALT_MAX @@ -90,10 +92,10 @@ typedef struct { } MokListNode; typedef struct { - uint32_t mok_sb_state; + uint32_t mok_toggle_state; uint32_t password_length; uint16_t password[SB_PASSWORD_MAX]; -} MokSBVar; +} MokToggleVar; static void print_help () @@ -119,6 +121,8 @@ print_help () printf (" --test-key <der file>\t\t\tTest if the key is enrolled or not\n"); printf (" --reset\t\t\t\tReset MOK list\n"); printf (" --generate-hash[=password]\t\tGenerate the password hash\n"); + printf (" --ignore-db\t\t\t\tIgnore DB for validation\n"); + printf (" --use-db\t\t\t\tUse DB for validation\n"); printf ("\n"); printf ("Supplimentary Options:\n"); printf (" --hash-file <hash file>\t\tUse the specific password hash\n"); @@ -1108,10 +1112,10 @@ error: } static int -set_validation (uint32_t state) +set_toggle (const char * VarName, uint32_t state) { efi_variable_t var; - MokSBVar sbvar; + MokToggleVar tvar; char *password = NULL; int pw_len; efi_char16_t efichar_pass[SB_PASSWORD_MAX]; @@ -1123,26 +1127,26 @@ set_validation (uint32_t state) goto error; } - sbvar.password_length = pw_len; + tvar.password_length = pw_len; efichar_from_char (efichar_pass, password, SB_PASSWORD_MAX * sizeof(efi_char16_t)); - memcpy(sbvar.password, efichar_pass, + memcpy(tvar.password, efichar_pass, SB_PASSWORD_MAX * sizeof(efi_char16_t)); - sbvar.mok_sb_state = state; + tvar.mok_toggle_state = state; - var.VariableName = "MokSB"; + var.VariableName = VarName; var.VendorGuid = SHIM_LOCK_GUID; - var.Data = (void *)&sbvar; - var.DataSize = sizeof(sbvar); + var.Data = (void *)&tvar; + var.DataSize = sizeof(tvar); var.Attributes = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS; if (edit_protected_variable (&var) != EFI_SUCCESS) { - fprintf (stderr, "Failed to request new SB state\n"); + fprintf (stderr, "Failed to request new %s state\n", VarName); goto error; } @@ -1156,13 +1160,13 @@ error: static int disable_validation() { - return set_validation(0); + return set_toggle("MokSB", 0); } static int enable_validation() { - return set_validation(1); + return set_toggle("MokSB", 1); } static int @@ -1195,6 +1199,18 @@ sb_state () } static int +disable_db() +{ + return set_toggle("MokDB", 0); +} + +static int +enable_db() +{ + return set_toggle("MokDB", 1); +} + +static int test_key (const char *key_file) { struct stat buf; @@ -1346,6 +1362,8 @@ main (int argc, char *argv[]) {"generate-hash", optional_argument, 0, 'g'}, {"root-pw", no_argument, 0, 'P'}, {"simple-hash", no_argument, 0, 's'}, + {"ignore-db", no_argument, 0, 0 }, + {"use-db", no_argument, 0, 0 }, {0, 0, 0, 0} }; @@ -1377,6 +1395,10 @@ main (int argc, char *argv[]) command |= SB_STATE; } else if (strcmp (option, "reset") == 0) { command |= RESET; + } else if (strcmp (option, "ignore-db") == 0) { + command |= IGNORE_DB; + } else if (strcmp (option, "use-db") == 0) { + command |= USE_DB; } break; case 'd': @@ -1523,6 +1545,12 @@ main (int argc, char *argv[]) case GENERATE_PW_HASH: ret = generate_pw_hash (input_pw); break; + case IGNORE_DB: + ret = disable_db (); + break; + case USE_DB: + ret = enable_db (); + break; default: print_help (); break; -- 1.8.1.4 From 2cc44c8e18c48a6985265fd3173e156280d1ec59 Mon Sep 17 00:00:00 2001 From: Peter Jones <pjones@redhat.com> Date: Fri, 15 Nov 2013 09:41:41 -0500 Subject: [PATCH 03/10] Free mok lists we've allocated in our error paths. Coverity says they're leaking, and it's right, though I suspect we just exit anyway. Signed-off-by: Peter Jones <pjones@redhat.com> --- src/mokutil.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/mokutil.c b/src/mokutil.c index 41bd8eb..566c14e 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -343,6 +343,7 @@ delete_key_from_list (void *mok, uint32_t mok_size, ret = 1; done: + free (list); free (var.Data); return ret; @@ -763,6 +764,7 @@ is_duplicate (const void *cert, const uint32_t cert_size, const char *db_name, } done: + free (list); free (var.Data); return ret; @@ -1037,6 +1039,7 @@ export_moks () ret = 0; error: + free (list); free (var.Data); return ret; -- 1.8.1.4 From 86007043adb5bbd2dd0e206998a16783779f9bd3 Mon Sep 17 00:00:00 2001 From: Peter Jones <pjones@redhat.com> Date: Fri, 15 Nov 2013 09:43:57 -0500 Subject: [PATCH 04/10] Don't close file descriptors < 0. Coverity complains, though you'll just get EBADFD. Signed-off-by: Peter Jones <pjones@redhat.com> --- src/mokutil.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/mokutil.c b/src/mokutil.c index 566c14e..4f9b288 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -1256,7 +1256,8 @@ error: if (key) free (key); - close (fd); + if (fd >= 0) + close (fd); return ret; } -- 1.8.1.4 From 11d68c32f35306dd475d429ba8fbc127a1c77f44 Mon Sep 17 00:00:00 2001 From: Peter Jones <pjones@redhat.com> Date: Fri, 15 Nov 2013 09:48:32 -0500 Subject: [PATCH 05/10] Error check reading hash from file. Coverity noticed that if read() returns error, we're doing string[-1]. We're also only reading some of the file in some cases. Replaced this with a proper read loop. Also we were overruning the string by one byte. Signed-off-by: Peter Jones <pjones@redhat.com> --- src/mokutil.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/src/mokutil.c b/src/mokutil.c index 4f9b288..2a5e72f 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -29,6 +29,7 @@ * version. If you delete this exception statement from all source * files in the program, then also delete it here. */ +#include <errno.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -567,7 +568,7 @@ static int get_hash_from_file (const char *file, pw_crypt_t *pw_crypt) { char string[300]; - ssize_t read_len; + ssize_t read_len = 0; int fd; fd = open (file, O_RDONLY); @@ -575,10 +576,23 @@ get_hash_from_file (const char *file, pw_crypt_t *pw_crypt) fprintf (stderr, "Failed to open %s\n", file); return -1; } - read_len = read (fd, string, 300); + + while (read_len < 300) { + int rc = read (fd, string + read_len, 300 - read_len); + if (rc == EAGAIN) + continue; + if (rc < 0) { + fprintf (stderr, "Failed to read %s: %m\n", file); + close (fd); + return -1; + } + if (rc == 0) + break; + read_len += rc; + } close (fd); - if (string[read_len] != '\0') { + if (string[read_len-1] != '\0') { fprintf (stderr, "corrupted string\n"); return -1; } -- 1.8.1.4 From 97b09b346640ea74e7d51c9b59247cd75836c453 Mon Sep 17 00:00:00 2001 From: Peter Jones <pjones@redhat.com> Date: Fri, 15 Nov 2013 10:01:35 -0500 Subject: [PATCH 06/10] Use a read/realloc loop to avoid a race condition on stat() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Coverity says: 4. shim-0.7/mokutil-0.2.0/src/mokutil.c:1228:toctou – Calling function "open(char const *, int, ...)" that uses "key_file" after a check function. This can cause a time-of-check, time-of-use race condition. So with the new code we'll probably get garbage if somebody tries racing that for some reason, but at least it'll be consistent garbage :) Signed-off-by: Peter Jones <pjones@redhat.com> --- src/mokutil.c | 35 ++++++++++++++++++++++++++--------- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/src/mokutil.c b/src/mokutil.c index 2a5e72f..f29b57d 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -1227,6 +1227,30 @@ enable_db() return set_toggle("MokDB", 1); } +static inline int +read_file(int fd, char **bufp, size_t *lenptr) { + int alloced = 0, size = 0, i = 0; + char * buf = NULL; + + do { + size += i; + if ((size + 1024) > alloced) { + alloced += 4096; + buf = realloc (buf, alloced + 1); + } + } while ((i = read (fd, buf + size, 1024)) > 0); + + if (i < 0) { + free (buf); + return -1; + } + + *bufp = buf; + *lenptr = size; + + return 0; +} + static int test_key (const char *key_file) { @@ -1235,21 +1259,14 @@ test_key (const char *key_file) ssize_t read_size; int fd, ret = -1; - if (stat (key_file, &buf) != 0) { - fprintf (stderr, "Failed to get file status, %s\n", key_file); - return -1; - } - - key = malloc (buf.st_size); - fd = open (key_file, O_RDONLY); if (fd < 0) { fprintf (stderr, "Failed to open %s\n", key_file); goto error; } - read_size = read (fd, key, buf.st_size); - if (read_size < 0 || read_size != buf.st_size) { + int rc = read_file (fd, &key, &read_size); + if (rc < 0) { fprintf (stderr, "Failed to read %s\n", key_file); goto error; } -- 1.8.1.4 From 5facb36c5320fe54d38ab081505259c962f8fadb Mon Sep 17 00:00:00 2001 From: Peter Jones <pjones@redhat.com> Date: Fri, 15 Nov 2013 10:04:06 -0500 Subject: [PATCH 07/10] Fix check for string termination that was actually a NULL ptr check... MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Coverity says: 2. shim-0.7/mokutil-0.2.0/src/password-crypt.c:267:check_after_deref – Null-checking "tmp" suggests that it may be null, but it has already been dereferenced on all paths leading to the check. And: 2. shim-0.7/mokutil-0.2.0/src/password-crypt.c:215:check_after_deref – Null-checking "tmp" suggests that it may be null, but it has already been dereferenced on all paths leading to the check. But to me it looks like these were supposed to be checking for end-of-string instead. Signed-off-by: Peter Jones <pjones@redhat.com> --- src/password-crypt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/password-crypt.c b/src/password-crypt.c index 7fbc3b6..17362f1 100644 --- a/src/password-crypt.c +++ b/src/password-crypt.c @@ -212,7 +212,7 @@ decode_sha256_pass (const char *string, pw_crypt_t *pw_crypt) tmp = ptr; if (strlen (ptr) > SHA256_B64_LENGTH) { while (*tmp != '$') { - if (tmp == '\0') + if (*tmp == '\0') return -1; count++; tmp++; @@ -264,7 +264,7 @@ decode_sha512_pass (const char *string, pw_crypt_t *pw_crypt) tmp = ptr; if (strlen (ptr) > SHA512_B64_LENGTH) { while (*tmp != '$') { - if (tmp == '\0') + if (*tmp == '\0') return -1; count++; tmp++; -- 1.8.1.4 From fcae982278ee1399d44c10a162a825589f735b54 Mon Sep 17 00:00:00 2001 From: Peter Jones <pjones@redhat.com> Date: Fri, 15 Nov 2013 10:23:03 -0500 Subject: [PATCH 08/10] Make generate_pw_hash() somewhat cleaner. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Coverity needlessly complains: 2. shim-0.7/mokutil-0.2.0/src/mokutil.c:1322:check_after_deref – Null-checking "password" suggests that it may be null, but it has already been dereferenced on all paths leading to the check. While this doesn't really make any difference, the whole ret and error-path was overkill here, so I got rid of it. Signed-off-by: Peter Jones <pjones@redhat.com> --- src/mokutil.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/mokutil.c b/src/mokutil.c index f29b57d..c6cfb29 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -1312,7 +1312,7 @@ generate_pw_hash (const char *input_pw) char *crypt_string; const char *prefix; int prefix_len; - int pw_len, salt_size, ret = -1; + int pw_len, salt_size; if (input_pw) { pw_len = strlen (input_pw); @@ -1345,19 +1345,15 @@ generate_pw_hash (const char *input_pw) settings[DEFAULT_SALT_SIZE + prefix_len] = '\0'; crypt_string = crypt (password, settings); + free (password); if (!crypt_string) { fprintf (stderr, "Failed to generate hash\n"); - goto error; + return -1; } printf ("%s\n", crypt_string); - ret = 0; -error: - if (password) - free (password); - - return ret; + return 0; } int @@ -1489,6 +1485,10 @@ main (int argc, char *argv[]) break; case 't': key_file = strdup (optarg); + if (key_file == NULL) { + fprintf (stderr, "Could not allocate space: %m\n"); + exit(1); + } command |= TEST_KEY; break; -- 1.8.1.4 From ab16ba45293896bc9e649d23e20ae4e39946f219 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin@suse.com> Date: Mon, 25 Nov 2013 16:55:23 +0800 Subject: [PATCH 09/10] Fix warnings from gcc --- src/mokutil.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/mokutil.c b/src/mokutil.c index c6cfb29..9aa4376 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -1228,9 +1228,9 @@ enable_db() } static inline int -read_file(int fd, char **bufp, size_t *lenptr) { +read_file(int fd, void **bufp, size_t *lenptr) { int alloced = 0, size = 0, i = 0; - char * buf = NULL; + void * buf = NULL; do { size += i; @@ -1254,10 +1254,9 @@ read_file(int fd, char **bufp, size_t *lenptr) { static int test_key (const char *key_file) { - struct stat buf; void *key = NULL; - ssize_t read_size; - int fd, ret = -1; + size_t read_size; + int fd, rc, ret = -1; fd = open (key_file, O_RDONLY); if (fd < 0) { @@ -1265,7 +1264,7 @@ test_key (const char *key_file) goto error; } - int rc = read_file (fd, &key, &read_size); + rc = read_file (fd, &key, &read_size); if (rc < 0) { fprintf (stderr, "Failed to read %s\n", key_file); goto error; -- 1.8.1.4 From a1a7385419b45834a728464f36100fa1098b9741 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin@suse.com> Date: Mon, 25 Nov 2013 16:57:33 +0800 Subject: [PATCH 10/10] Fix the indentation --- src/mokutil.c | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/src/mokutil.c b/src/mokutil.c index 9aa4376..e4e247c 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -1229,26 +1229,26 @@ enable_db() static inline int read_file(int fd, void **bufp, size_t *lenptr) { - int alloced = 0, size = 0, i = 0; - void * buf = NULL; - - do { - size += i; - if ((size + 1024) > alloced) { - alloced += 4096; - buf = realloc (buf, alloced + 1); - } - } while ((i = read (fd, buf + size, 1024)) > 0); + int alloced = 0, size = 0, i = 0; + void * buf = NULL; - if (i < 0) { - free (buf); - return -1; - } + do { + size += i; + if ((size + 1024) > alloced) { + alloced += 4096; + buf = realloc (buf, alloced + 1); + } + } while ((i = read (fd, buf + size, 1024)) > 0); - *bufp = buf; - *lenptr = size; + if (i < 0) { + free (buf); + return -1; + } + + *bufp = buf; + *lenptr = size; - return 0; + return 0; } static int -- 1.8.1.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor