Date: Mon, 29 Sep 2014 23:56:59 +1000 (EST) From: Bruce Evans <brde@optusnet.com.au> To: "Bjoern A. Zeeb" <bz@freebsd.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, Dimitry Andric <dim@freebsd.org> Subject: Re: svn commit: r272281 - head/lib/libpam/modules/pam_login_access Message-ID: <20140929233019.C2907@besplex.bde.org> In-Reply-To: <4929EC39-0862-4547-B044-44C396529F74@FreeBSD.org> References: <201409291036.s8TAaFUs040310@svn.freebsd.org> <A31E0109-A986-451F-8472-D548868AD4AD@FreeBSD.org> <4929EC39-0862-4547-B044-44C396529F74@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 29 Sep 2014, Bjoern A. Zeeb wrote:
>
> On 29 Sep 2014, at 11:10 , Dimitry Andric <dim@FreeBSD.org> wrote:
>
>> On 29 Sep 2014, at 12:36, Bjoern A. Zeeb <bz@FreeBSD.org> wrote:
>>> ...
>>> Log:
>>> Hopefully fix build breakage with gcc passing void * instead of char *
>>> to "%s" format string after r272280.
>>>
>>> Modified: head/lib/libpam/modules/pam_login_access/pam_login_access.c
>>> ==============================================================================
>>> --- head/lib/libpam/modules/pam_login_access/pam_login_access.c Mon Sep 29 08:57:36 2014 (r272280)
>>> +++ head/lib/libpam/modules/pam_login_access/pam_login_access.c Mon Sep 29 10:36:14 2014 (r272281)
>>> @@ -94,7 +94,8 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int
>>> PAM_VERBOSE_ERROR("%s is not allowed to log in on %s",
>>> user, tty);
>>> } else {
>>> - PAM_LOG("Checking login.access for user %s", user);
>>> + PAM_LOG("Checking login.access for user %s",
>>> + (const char *)user);
>>> if (login_access(user, "***unknown***") != 0)
>>> return (PAM_SUCCESS);
>>> PAM_VERBOSE_ERROR("%s is not allowed to log in", user);
>>>
>>
>> Just a few lines after the one you fixed it accesses the same variable
>> again. Why doesn't it warn there? And why is 'user' not a char * to
>> begin with? :)
>
> For the latter ask des.
>
> the PAM_VERBOSE_ERROR goes into a function which (if remembering correctly) does the va_start and asprintf rather than just being a macro to printf. The arguments are not casted anywhere to that macro but I am, again, sure des will have an opinion on it;-)
Just another bug. PAM_LOG() expands to a call to a function that is
declared as __printflike() (but with a worse spelling).
PAM_VERBOSE_ERROR() expands to a call to a function that is missing
this declaration.
Other bugs in PAM_VERBOSE_ERROR()'s function include not checking if
asprintf() succeeded. malloc() failures can't happen, but it is bad
to do dynamic allocation in an error-reporting routine. All uses of
PAM_VERBOSE_ERROR() except 2 visible in the patch use a format with no
args, so there aren't many print format errors to fix. asprintf()
is a heavyweight method for constructing a format for printing these
args (and some others that are automatically added).
Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140929233019.C2907>