forked from pool/pesign
f4ca0bfbd9
- Update to version 0.110 - Enable aarch64 OBS-URL: https://build.opensuse.org/request/show/258749 OBS-URL: https://build.opensuse.org/package/show/Base:System/pesign?expand=0&rev=29
120 lines
3.2 KiB
Diff
120 lines
3.2 KiB
Diff
diff --git a/src/daemon.c b/src/daemon.c
|
|
index c14b64b..5652ba1 100644
|
|
--- a/src/daemon.c
|
|
+++ b/src/daemon.c
|
|
@@ -544,7 +544,11 @@ malformed:
|
|
if (rc < 0) {
|
|
err_attached:
|
|
pe_end(outpe);
|
|
- ftruncate(outfd, 0);
|
|
+ if (ftruncate(outfd, 0) != 0) {
|
|
+ ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
|
|
+ "pesignd: could not truncate output "
|
|
+ "file: %m");
|
|
+ }
|
|
goto finish;
|
|
}
|
|
ssize_t sigspace = calculate_signature_space(ctx->cms, outpe);
|
|
@@ -562,21 +566,34 @@ err_attached:
|
|
ctx->cms->num_signatures, outpe);
|
|
pe_end(outpe);
|
|
} else {
|
|
- ftruncate(outfd, 0);
|
|
+ if (ftruncate(outfd, 0) != 0) {
|
|
+ ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
|
|
+ "pesignd: could not truncate output "
|
|
+ "file: %m");
|
|
+ }
|
|
rc = generate_digest(ctx->cms, inpe, 1);
|
|
if (rc < 0) {
|
|
err_detached:
|
|
- ftruncate(outfd, 0);
|
|
+ if (ftruncate(outfd, 0) != 0) {
|
|
+ ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
|
|
+ "pesignd: could not truncate output "
|
|
+ "file: %m");
|
|
+ }
|
|
goto finish;
|
|
}
|
|
rc = generate_signature(ctx->cms);
|
|
if (rc < 0)
|
|
goto err_detached;
|
|
rc = export_signature(ctx->cms, outfd, 0);
|
|
- if (rc >= 0)
|
|
- ftruncate(outfd, rc);
|
|
- else if (rc < 0)
|
|
+ if (rc >= 0) {
|
|
+ if (ftruncate(outfd, rc) != 0) {
|
|
+ ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
|
|
+ "pesignd: could not truncate output "
|
|
+ "file: %m");
|
|
+ }
|
|
+ } else if (rc < 0) {
|
|
goto err_detached;
|
|
+ }
|
|
}
|
|
|
|
finish:
|
|
@@ -1182,7 +1199,12 @@ daemonize(cms_context *cms_ctx, char *certdir, int do_fork)
|
|
exit(1);
|
|
}
|
|
|
|
- chdir(homedir ? homedir : "/");
|
|
+ if (chdir(homedir ? homedir : "/") != 0) {
|
|
+ ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
|
|
+ "pesignd: could not change working directory "
|
|
+ "for pesign: %m");
|
|
+ exit(1);
|
|
+ }
|
|
|
|
if (getuid() == 0) {
|
|
/* process is running as root, drop privileges */
|
|
diff --git a/src/password.c b/src/password.c
|
|
index 43186df..9a9c911 100644
|
|
--- a/src/password.c
|
|
+++ b/src/password.c
|
|
@@ -76,7 +76,8 @@ static char *SEC_GetPassword(FILE *input, FILE *output, char *prompt,
|
|
echoOff(infd);
|
|
}
|
|
|
|
- fgets ( phrase, sizeof(phrase), input);
|
|
+ if (fgets(phrase, sizeof(phrase), input) == NULL)
|
|
+ phrase[0] = '\0';
|
|
|
|
if (isTTY) {
|
|
fprintf(output, "\n");
|
|
diff --git a/src/pesign.c b/src/pesign.c
|
|
index ff4f2bf..40a1e43 100644
|
|
--- a/src/pesign.c
|
|
+++ b/src/pesign.c
|
|
@@ -164,9 +164,15 @@ open_output(pesign_context *ctx)
|
|
|
|
addr = pe_rawfile(ctx->inpe, &size);
|
|
|
|
- ftruncate(ctx->outfd, size);
|
|
+ if (ftruncate(ctx->outfd, size) != 0) {
|
|
+ fprintf(stderr, "pesign: could not truncate output file: %m\n");
|
|
+ exit(1);
|
|
+ }
|
|
lseek(ctx->outfd, 0, SEEK_SET);
|
|
- write(ctx->outfd, addr, size);
|
|
+ if (write(ctx->outfd, addr, size) != size) {
|
|
+ fprintf(stderr, "pesign: could not write output file: %m\n");
|
|
+ exit(1);
|
|
+ }
|
|
|
|
Pe_Cmd cmd = ctx->outfd == STDOUT_FILENO ? PE_C_RDWR : PE_C_RDWR_MMAP;
|
|
ctx->outpe = pe_begin(ctx->outfd, cmd, NULL);
|
|
diff --git a/src/signed_data.c b/src/signed_data.c
|
|
index 2fa1cdd..247ec57 100644
|
|
--- a/src/signed_data.c
|
|
+++ b/src/signed_data.c
|
|
@@ -133,6 +133,7 @@ generate_signerInfo_list(cms_context *cms, SpcSignerInfo ***signerInfo_list_p, S
|
|
SpcSignerInfo **signerInfo_list;
|
|
int err, rc;
|
|
|
|
+ err = 0;
|
|
if (!signerInfo_list_p)
|
|
return -1;
|
|
|