From a6a1b9f788a79b2a09827c72a755f471c2e05100 Mon Sep 17 00:00:00 2001 From: ikerexxe Date: Mon, 29 Jun 2020 11:34:35 +0200 Subject: pam_rootok: fix use of va_list CPPCHECK_WARNING (CWE-843): error[va_end_missing]: va_list 'ap' was opened but not closed by va_end(). [ldv: According to POSIX documentation, each invocation of va_start() must be matched by a corresponding invocation of va_end(). According to the GNU libc documentation, "with most C compilers, calling 'va_end' does nothing. This is always true in the GNU C compiler. But you might as well call 'va_end' just in case your program is someday compiled with a peculiar compiler." The main reason for applying this change is to pacify static analysis tools like cppcheck that insist on strict POSIX conformance in this respect.] --- modules/pam_rootok/pam_rootok.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'modules/pam_rootok/pam_rootok.c') diff --git a/modules/pam_rootok/pam_rootok.c b/modules/pam_rootok/pam_rootok.c index 3a00d545..e105f2b7 100644 --- a/modules/pam_rootok/pam_rootok.c +++ b/modules/pam_rootok/pam_rootok.c @@ -55,15 +55,17 @@ log_callback (int type UNUSED, const char *fmt, ...) int audit_fd; va_list ap; - va_start(ap, fmt); #ifdef HAVE_LIBAUDIT audit_fd = audit_open(); if (audit_fd >= 0) { char *buf; + int ret; - if (vasprintf (&buf, fmt, ap) < 0) { - va_end(ap); + va_start(ap, fmt); + ret = vasprintf (&buf, fmt, ap); + va_end(ap); + if (ret < 0) { return 0; } audit_log_user_avc_message(audit_fd, AUDIT_USER_AVC, buf, NULL, NULL, @@ -75,6 +77,7 @@ log_callback (int type UNUSED, const char *fmt, ...) } #endif + va_start(ap, fmt); vsyslog (LOG_USER | LOG_INFO, fmt, ap); va_end(ap); return 0; -- cgit v1.2.3