Blob Blame History Raw
diff -up ecryptfs-utils-104/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.FGZkyg ecryptfs-utils-104/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c
--- ecryptfs-utils-104/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.FGZkyg	2014-07-22 16:14:00.424530180 +0200
+++ ecryptfs-utils-104/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c	2014-07-22 16:37:53.863680991 +0200
@@ -98,7 +98,7 @@ static int ecryptfs_pkcs11h_deserialize(
 		pkcs11h_data->serialized_id = NULL;
 	}
 	else {
-		pkcs11h_data->serialized_id = blob + i;
+		pkcs11h_data->serialized_id = (char *)blob + i;
 		i += serialized_id_length;
 	}
 	pkcs11h_data->certificate_blob_size = blob[i++] % 256;
@@ -116,12 +116,11 @@ static int ecryptfs_pkcs11h_deserialize(
 		pkcs11h_data->passphrase = NULL;
 	}
 	else {
-		pkcs11h_data->passphrase = blob + i;
+		pkcs11h_data->passphrase = (char *)blob + i;
 		i += passphrase_length;
 	}
 
 	rc = 0;
-out:
 	return rc;
 }
 
@@ -358,14 +357,14 @@ static int ecryptfs_pkcs11h_get_key_sig(
 	data[i++] = '\02';
 	data[i++] = (char)(nbits >> 8);
 	data[i++] = (char)nbits;
-	BN_bn2bin(rsa->n, &(data[i]));
+	BN_bn2bin(rsa->n, (unsigned char *)&(data[i]));
 	i += nbytes;
 	data[i++] = (char)(ebits >> 8);
 	data[i++] = (char)ebits;
-	BN_bn2bin(rsa->e, &(data[i]));
+	BN_bn2bin(rsa->e, (unsigned char *)&(data[i]));
 	i += ebytes;
-	SHA1(data, len + 3, hash);
-	to_hex(sig, hash, ECRYPTFS_SIG_SIZE);
+	SHA1((unsigned char *)data, len + 3, (unsigned char *)hash);
+	to_hex((char *)sig, hash, ECRYPTFS_SIG_SIZE);
 	sig[ECRYPTFS_SIG_SIZE_HEX] = '\0';
 
 	rc = 0;
@@ -423,8 +422,8 @@ static int ecryptfs_pkcs11h_encrypt(char
 		if (
 			(rc = RSA_public_encrypt(
 				from_size,
-				from,
-				to,
+				(unsigned char *)from,
+				(unsigned char *)to,
 				rsa,
 				RSA_PKCS1_PADDING
 			)) == -1
@@ -518,9 +517,9 @@ static int ecryptfs_pkcs11h_decrypt(char
 		(rv = pkcs11h_certificate_decryptAny (
 			certificate,
 			CKM_RSA_PKCS,
-			from,
+			(unsigned char *)from,
 			from_size,
-			to,
+			(unsigned char *)to,
 			to_size
 		)) != CKR_OK
 	) {
@@ -546,9 +545,9 @@ static int ecryptfs_pkcs11h_decrypt(char
 		pkcs11h_certificate_decryptAny (
 			certificate,
 			CKM_RSA_PKCS,
-			from,
+			(unsigned char *)from,
 			from_size,
-			tmp,
+			(unsigned char *)tmp,
 			to_size
 		);
 
@@ -863,7 +862,7 @@ static int ecryptfs_pkcs11h_process_key(
 		rc = MOUNT_ERROR;
 		goto out;
 	}
-	if ((rc = ecryptfs_pkcs11h_serialize(subgraph_key_ctx->key_mod->blob,
+	if ((rc = ecryptfs_pkcs11h_serialize((unsigned char *)subgraph_key_ctx->key_mod->blob,
 					     &subgraph_key_ctx->key_mod->blob_size, 
 					     pkcs11h_data))) {
 		syslog(LOG_ERR, "PKCS#11: Error serializing pkcs11; rc=[%d]\n", rc);
@@ -942,7 +941,7 @@ static int tf_pkcs11h_global_loglevel(st
 
 	rc = DEFAULT_TOK;
 	node->val = NULL;
-out:
+// out:
 	return rc;
 }
 
@@ -955,7 +954,7 @@ static int tf_pkcs11h_global_pincache(st
 
 	rc = DEFAULT_TOK;
 	node->val = NULL;
-out:
+// out:
 	return rc;
 }
 
@@ -1025,7 +1024,7 @@ static int tf_pkcs11h_provider_prot_auth
 	sscanf (node->val, "%x", &subgraph_provider_ctx->allow_protected_authentication);
 	rc = DEFAULT_TOK;
 	node->val = NULL;
-out:
+
 	return rc;
 }
 
@@ -1039,7 +1038,7 @@ static int tf_pkcs11h_provider_cert_priv
 	sscanf (node->val, "%x", &subgraph_provider_ctx->certificate_is_private);
 	rc = DEFAULT_TOK;
 	node->val = NULL;
-out:
+
 	return rc;
 }
 
@@ -1054,7 +1053,7 @@ static int tf_pkcs11h_provider_private_m
 
 	rc = DEFAULT_TOK;
 	node->val = NULL;
-out:
+
 	return rc;
 }
 
@@ -1085,7 +1084,7 @@ static int tf_pkcs11h_provider_end(struc
 	free(subgraph_provider_ctx);
 	*foo = NULL;
 	rc = DEFAULT_TOK;
-out:
+
 	return rc;
 }
 
@@ -1132,7 +1131,7 @@ static int tf_pkcs11h_key_x509file(struc
 	X509 *x509 = NULL;
 	unsigned char *p = NULL;
 	FILE *fp = NULL;
-	int rc;
+	int rc = 0;
 
 	subgraph_key_ctx = (struct pkcs11h_subgraph_key_ctx *)(*foo);
 
diff -up ecryptfs-utils-104/src/libecryptfs/ecryptfs-stat.c.FGZkyg ecryptfs-utils-104/src/libecryptfs/ecryptfs-stat.c
diff -up ecryptfs-utils-104/src/libecryptfs/key_management.c.FGZkyg ecryptfs-utils-104/src/libecryptfs/key_management.c
diff -up ecryptfs-utils-104/src/pam_ecryptfs/pam_ecryptfs.c.FGZkyg ecryptfs-utils-104/src/pam_ecryptfs/pam_ecryptfs.c
--- ecryptfs-utils-104/src/pam_ecryptfs/pam_ecryptfs.c.FGZkyg	2014-01-23 19:09:48.000000000 +0100
+++ ecryptfs-utils-104/src/pam_ecryptfs/pam_ecryptfs.c	2014-07-22 16:40:13.429006708 +0200
@@ -84,9 +84,7 @@ static int wrap_passphrase_if_necessary(
 	    stat(wrapped_pw_filename, &s) != 0  &&
 	    passphrase != NULL && *passphrase != '\0' &&
 	    username != NULL && *username != '\0') {
-		setuid(uid);
-		rc = ecryptfs_wrap_passphrase_file(wrapped_pw_filename, passphrase, salt, unwrapped_pw_filename);
-		if (rc != 0) {
+		if ((rc = setuid(uid))<0 || ((rc = ecryptfs_wrap_passphrase_file(wrapped_pw_filename, passphrase, salt, unwrapped_pw_filename)) != 0)) {
 			syslog(LOG_ERR, "pam_ecryptfs: Error wrapping cleartext password; " "rc = [%d]\n", rc);
 		}
 		return rc;
@@ -324,7 +322,7 @@ static int private_dir(pam_handle_t *pam
 			if (stat(recorded, &s) != 0 && stat("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", &s) == 0) {
 				/* User has not recorded their passphrase */
 				unlink("/var/lib/update-notifier/user.d/ecryptfs-record-passphrase");
-				symlink("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", "/var/lib/update-notifier/user.d/ecryptfs-record-passphrase");
+				rc=symlink("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", "/var/lib/update-notifier/user.d/ecryptfs-record-passphrase");
 				fd = open("/var/lib/update-notifier/dpkg-run-stamp", O_WRONLY|O_CREAT|O_NONBLOCK, 0666);
 				if (fd != -1)
 					close(fd);
@@ -485,7 +483,10 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
 		char passphrase[ECRYPTFS_MAX_PASSWORD_LENGTH + 1];
 
 		/* temp regain uid 0 to drop privs */
-		seteuid(oeuid);
+		if (seteuid(oeuid) < 0) {
+			syslog(LOG_ERR, "pam_ecryptfs: seteuid error");
+			goto out_child;
+		}
 		/* setgroups() already called */
 		if (setgid(gid) < 0 || setuid(uid) < 0)
 			goto out_child;
@@ -510,9 +511,9 @@ out_child:
 	free(wrapped_pw_filename);
 out:
 
-	seteuid(oeuid);
-	setegid(oegid);
-	setgroups(ngids, groups);
+	rc = seteuid(oeuid);
+	rc = setegid(oegid);
+	rc = setgroups(ngids, groups);
 
 outnouid:
 	return rc;
diff -up ecryptfs-utils-104/src/utils/mount.ecryptfs.c.FGZkyg ecryptfs-utils-104/src/utils/mount.ecryptfs.c
diff -up ecryptfs-utils-104/src/utils/mount.ecryptfs_private.c.FGZkyg ecryptfs-utils-104/src/utils/mount.ecryptfs_private.c
--- ecryptfs-utils-104/src/utils/mount.ecryptfs_private.c.FGZkyg	2014-07-22 16:17:57.372415281 +0200
+++ ecryptfs-utils-104/src/utils/mount.ecryptfs_private.c	2014-07-22 16:44:17.969827960 +0200
@@ -710,8 +710,8 @@ int main(int argc, char *argv[]) {
  		 * update mtab for us, and replace the current process.
 		 * Do not use the umount.ecryptfs helper (-i).
  		 */
-		setresuid(0,0,0);
-		setresgid(0,0,0);
+		rc=setresuid(0,0,0);
+		rc=setresgid(0,0,0);
 		clearenv();
 
 		/* Since we're doing a lazy unmount anyway, just unmount the current
diff -up ecryptfs-utils-104/src/utils/test.c.FGZkyg ecryptfs-utils-104/src/utils/test.c
diff -up ecryptfs-utils-104/tests/kernel/directory-concurrent/test.c.FGZkyg ecryptfs-utils-104/tests/kernel/directory-concurrent/test.c
diff -up ecryptfs-utils-104/tests/kernel/enospc/test.c.FGZkyg ecryptfs-utils-104/tests/kernel/enospc/test.c
diff -up ecryptfs-utils-104/tests/kernel/extend-file-random/test.c.FGZkyg ecryptfs-utils-104/tests/kernel/extend-file-random/test.c
diff -up ecryptfs-utils-104/tests/kernel/file-concurrent/test.c.FGZkyg ecryptfs-utils-104/tests/kernel/file-concurrent/test.c
diff -up ecryptfs-utils-104/tests/kernel/inode-race-stat/test.c.FGZkyg ecryptfs-utils-104/tests/kernel/inode-race-stat/test.c
--- ecryptfs-utils-104/tests/kernel/inode-race-stat/test.c.FGZkyg	2014-07-22 16:37:53.872680948 +0200
+++ ecryptfs-utils-104/tests/kernel/inode-race-stat/test.c	2014-07-23 13:28:23.053997232 +0200
@@ -364,6 +364,7 @@ abort:
 
 		if (write(pipe_to[i][1], cmd, 1) != 1)
 			continue;
+		(void)ret;
 		(void)waitpid(pids[i], &status, 0);
 
 		(void)close(pipe_to[i][1]);
diff -up ecryptfs-utils-104/tests/kernel/lp-509180/test.c.FGZkyg ecryptfs-utils-104/tests/kernel/lp-509180/test.c
diff -up ecryptfs-utils-104/tests/kernel/trunc-file/test.c.FGZkyg ecryptfs-utils-104/tests/kernel/trunc-file/test.c
diff -up ecryptfs-utils-104/tests/userspace/wrap-unwrap/test.c.FGZkyg ecryptfs-utils-104/tests/userspace/wrap-unwrap/test.c
diff -up ecryptfs-utils-104/src/utils/ecryptfs_generate_tpm_key.c.werror ecryptfs-utils-104/src/utils/ecryptfs_generate_tpm_key.c
--- ecryptfs-utils-104/src/utils/ecryptfs_generate_tpm_key.c.werror	2014-07-23 15:30:36.790862415 +0200
+++ ecryptfs-utils-104/src/utils/ecryptfs_generate_tpm_key.c	2014-07-23 15:30:36.847862115 +0200
@@ -89,7 +89,7 @@ int main(int argc, char **argv)
 	int i, c, *pcrsSelected = NULL, numPcrsSelected = 0;
 	TSS_UUID *uuid;
 	BYTE wellknown[] = TSS_WELL_KNOWN_SECRET;
-	char *tmp_pcrs;
+	int *tmp_pcrs;
 
 	while (1) {
 		c = getopt(argc, argv, "p:");