<table><tr><td style="">dakon requested changes to this revision.<br />dakon added inline comments.<br />This revision now requires changes to proceed.
</td><a style="text-decoration: none; padding: 4px 8px; margin: 0 8px 8px; float: right; color: #464C5C; font-weight: bold; border-radius: 3px; background-color: #F7F7F9; background-image: linear-gradient(to bottom,#fff,#f1f0f1); display: inline-block; border: 1px solid rgba(71,87,120,.2);" href="https://phabricator.kde.org/D12937">View Revision</a></tr></table><br /><div><strong>INLINE COMMENTS</strong><div><div style="margin: 6px 0 12px 0;"><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D12937#inline-67849">View Inline</a><span style="color: #4b4d51; font-weight: bold;">pam_kwallet.c:705</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"><span class="p">{</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">int</span> <span class="n">readSaltPipe</span><span class="p">[</span><span style="color: #601200">2</span><span class="p">]</span> <span style="color: #aa2211">=</span> <span class="p">{</span> <span style="color: #aa2211">-</span><span style="color: #601200">1</span><span class="p">,</span> <span style="color: #aa2211">-</span><span style="color: #601200">1</span><span class="p">};</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">if</span> <span class="p">(</span><span class="n">pipe</span><span class="p">(</span><span class="n">readSaltPipe</span><span class="p">)</span> <span style="color: #aa2211"><</span> <span style="color: #601200">0</span><span class="p">)</span> <span class="p">{</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">no init necessary, either pipe overwrites it or it returns error.</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D12937#inline-67847">View Inline</a><span style="color: #4b4d51; font-weight: bold;">pam_kwallet.c:711</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">const</span> <span style="color: #aa4000">int</span> <span class="n">pid</span> <span style="color: #aa2211">=</span> <span class="n">fork</span><span class="p">();</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">if</span> <span class="p">(</span><span class="n">pid</span> <span style="color: #aa2211">==</span> <span style="color: #aa2211">-</span><span style="color: #601200">1</span><span class="p">)</span> <span class="p">{</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">Use pid_t</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D12937#inline-67848">View Inline</a><span style="color: #4b4d51; font-weight: bold;">pam_kwallet.c:714</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">syslog</span><span class="p">(</span><span class="n">LOG_ERR</span><span class="p">,</span> <span style="color: #766510">"%s: Couldn't fork to read salt file"</span><span class="p">,</span> <span class="n">logPrefix</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">return</span> <span style="color: #304a96">NULL</span><span class="p">;</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="p">}</span> <span style="color: #aa4000">else</span> <span style="color: #aa4000">if</span> <span class="p">(</span><span class="n">pid</span> <span style="color: #aa2211">==</span> <span style="color: #601200">0</span><span class="p">)</span> <span class="p">{</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">leaks the pipe descriptors</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D12937#inline-67856">View Inline</a><span style="color: #4b4d51; font-weight: bold;">pam_kwallet.c:720</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">syslog</span><span class="p">(</span><span class="n">LOG_ERR</span><span class="p">,</span> <span style="color: #766510">"%s: could not set gid/uid/euid/egit for salt file reading"</span><span class="p">,</span> <span class="n">logPrefix</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">exit</span><span class="p">(</span><span style="color: #aa2211">-</span><span style="color: #601200">1</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="p">}</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">leaks path</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D12937#inline-67850">View Inline</a><span style="color: #4b4d51; font-weight: bold;">pam_kwallet.c:726</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">syslog</span><span class="p">(</span><span class="n">LOG_ERR</span><span class="p">,</span> <span style="color: #766510">"%s: Couldn't open file: %s because: %d-%s"</span><span class="p">,</span> <span class="n">logPrefix</span><span class="p">,</span> <span class="n">path</span><span class="p">,</span> <span class="n">errno</span><span class="p">,</span> <span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">));</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">exit</span><span class="p">(</span><span style="color: #aa2211">-</span><span style="color: #601200">1</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="p">}</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">leaks pipe 1 and path</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D12937#inline-67851">View Inline</a><span style="color: #4b4d51; font-weight: bold;">pam_kwallet.c:728</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="p">}</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">char</span> <span style="color: #aa2211">*</span><span class="n">salt</span> <span style="color: #aa2211">=</span> <span class="p">(</span><span style="color: #aa4000">char</span><span style="color: #aa2211">*</span><span class="p">)</span> <span class="n">malloc</span><span class="p">(</span><span class="n">KWALLET_PAM_SALTSIZE</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">memset</span><span class="p">(</span><span class="n">salt</span><span class="p">,</span> <span style="color: #766510">'\0'</span><span class="p">,</span> <span class="n">KWALLET_PAM_SALTSIZE</span><span class="p">);</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">Just use a buffer on the stack, which can even be statically initialized (i.e. no explicit memset() needed). free(path) here.</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D12937#inline-67852">View Inline</a><span style="color: #4b4d51; font-weight: bold;">pam_kwallet.c:730</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">memset</span><span class="p">(</span><span class="n">salt</span><span class="p">,</span> <span style="color: #766510">'\0'</span><span class="p">,</span> <span class="n">KWALLET_PAM_SALTSIZE</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">fread</span><span class="p">(</span><span class="n">salt</span><span class="p">,</span> <span class="n">KWALLET_PAM_SALTSIZE</span><span class="p">,</span> <span style="color: #601200">1</span><span class="p">,</span> <span class="n">fd</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">fclose</span><span class="p">(</span><span class="n">fd</span><span class="p">);</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">Check return code. I would prefer to use open()/read()/close() directly, but that can be seen as a matter of personal preferences.</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D12937#inline-67853">View Inline</a><span style="color: #4b4d51; font-weight: bold;">pam_kwallet.c:735</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">if</span> <span class="p">(</span><span class="n">written</span> <span style="color: #aa2211">!=</span> <span class="n">KWALLET_PAM_SALTSIZE</span><span class="p">)</span> <span class="p">{</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">syslog</span><span class="p">(</span><span class="n">LOG_ERR</span><span class="p">,</span> <span style="color: #766510">"%s: Couldn't write the full salt file contents to pipe"</span><span class="p">);</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">close pipe 1 here.</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D12937#inline-67854">View Inline</a><span style="color: #4b4d51; font-weight: bold;">pam_kwallet.c:749</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">waitpid</span><span class="p">(</span><span class="n">pid</span><span class="p">,</span> <span style="color: #aa2211">&</span><span class="n">status</span><span class="p">,</span> <span style="color: #601200">0</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">if</span> <span class="p">(</span><span class="n">status</span> <span style="color: #aa2211">==</span> <span style="color: #601200">0</span><span class="p">)</span> <span class="p">{</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">salt</span> <span style="color: #aa2211">=</span> <span class="p">(</span><span style="color: #aa4000">char</span><span style="color: #aa2211">*</span><span class="p">)</span> <span class="n">malloc</span><span class="p">(</span><span class="n">KWALLET_PAM_SALTSIZE</span><span class="p">);</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">please use WIFEXITED and WEXITSTATUS here. The compiler is free to optimize that into a simple compare if that's what it is, but you are now relying on an implementation detail of that status code.</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D12937#inline-67855">View Inline</a><span style="color: #4b4d51; font-weight: bold;">pam_kwallet.c:750</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">if</span> <span class="p">(</span><span class="n">status</span> <span style="color: #aa2211">==</span> <span style="color: #601200">0</span><span class="p">)</span> <span class="p">{</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">salt</span> <span style="color: #aa2211">=</span> <span class="p">(</span><span style="color: #aa4000">char</span><span style="color: #aa2211">*</span><span class="p">)</span> <span class="n">malloc</span><span class="p">(</span><span class="n">KWALLET_PAM_SALTSIZE</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">const</span> <span style="color: #aa4000">ssize_t</span> <span class="n">readBytes</span> <span style="color: #aa2211">=</span> <span class="n">read</span><span class="p">(</span><span class="n">readSaltPipe</span><span class="p">[</span><span style="color: #601200">0</span><span class="p">],</span> <span class="n">salt</span><span class="p">,</span> <span class="n">KWALLET_PAM_SALTSIZE</span><span class="p">);</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">check for NULL</p></div></div></div></div></div><br /><div><strong>REPOSITORY</strong><div><div>R107 KWallet PAM Integration</div></div></div><br /><div><strong>REVISION DETAIL</strong><div><a href="https://phabricator.kde.org/D12937">https://phabricator.kde.org/D12937</a></div></div><br /><div><strong>To: </strong>aacid, dakon<br /><strong>Cc: </strong>dakon, mgerstner, fvogt, plasma-devel, ragreen, Pitel, ZrenBot, lesliezhai, ali-mohamed, jensreuterberg, abetts, sebas, apol, mart<br /></div>