From 6585927e66d9ab172754d95c4296dd4309a40512 Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Fri, 28 Jun 2019 13:35:02 +0000 Subject: When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. --- src/lib/libc/net/rcmdsh.c | 10 +++++----- src/lib/libc/net/rresvport.c | 6 +++--- src/lib/libc/net/ruserok.c | 4 ++-- src/lib/libc/stdlib/malloc.c | 4 ++-- src/usr.bin/nc/netcat.c | 32 ++++++++++++++++---------------- src/usr.bin/openssl/apps.c | 28 ++++++++++++++-------------- src/usr.bin/openssl/s_client.c | 6 +++--- src/usr.bin/openssl/s_server.c | 4 ++-- src/usr.bin/openssl/s_socket.c | 8 ++++---- src/usr.sbin/ocspcheck/http.c | 10 +++++----- 10 files changed, 56 insertions(+), 56 deletions(-) (limited to 'src') diff --git a/src/lib/libc/net/rcmdsh.c b/src/lib/libc/net/rcmdsh.c index b9cbd6d5d1..66caac3f3d 100644 --- a/src/lib/libc/net/rcmdsh.c +++ b/src/lib/libc/net/rcmdsh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rcmdsh.c,v 1.19 2016/05/28 15:46:00 millert Exp $ */ +/* $OpenBSD: rcmdsh.c,v 1.20 2019/06/28 13:32:42 deraadt Exp $ */ /* * Copyright (c) 2001, MagniComp @@ -89,13 +89,13 @@ rcmdsh(char **ahost, int rport, const char *locuser, const char *remuser, } /* Get a socketpair we'll use for stdin and stdout. */ - if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, sp) < 0) { + if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, sp) == -1) { perror("rcmdsh: socketpair"); return(-1); } cpid = fork(); - if (cpid < 0) { + if (cpid == -1) { perror("rcmdsh: fork failed"); return(-1); } else if (cpid == 0) { @@ -103,13 +103,13 @@ rcmdsh(char **ahost, int rport, const char *locuser, const char *remuser, * Child. We use sp[1] to be stdin/stdout, and close sp[0]. */ (void) close(sp[0]); - if (dup2(sp[1], 0) < 0 || dup2(0, 1) < 0) { + if (dup2(sp[1], 0) == -1 || dup2(0, 1) == -1) { perror("rcmdsh: dup2 failed"); _exit(255); } /* Fork again to lose parent. */ cpid = fork(); - if (cpid < 0) { + if (cpid == -1) { perror("rcmdsh: fork to lose parent failed"); _exit(255); } diff --git a/src/lib/libc/net/rresvport.c b/src/lib/libc/net/rresvport.c index 6b45000f7b..72c27c3a3f 100644 --- a/src/lib/libc/net/rresvport.c +++ b/src/lib/libc/net/rresvport.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rresvport.c,v 1.11 2015/09/12 14:56:50 guenther Exp $ */ +/* $OpenBSD: rresvport.c,v 1.12 2019/06/28 13:32:42 deraadt Exp $ */ /* * Copyright (c) 1995, 1996, 1998 Theo de Raadt. All rights reserved. * Copyright (c) 1983, 1993, 1994 @@ -82,12 +82,12 @@ rresvport_af(int *alport, int af) sa->sa_family = af; s = socket(af, SOCK_STREAM, 0); - if (s < 0) + if (s == -1) return (-1); *portp = htons(*alport); if (*alport < IPPORT_RESERVED - 1) { - if (bind(s, sa, sa->sa_len) >= 0) + if (bind(s, sa, sa->sa_len) != -1) return (s); if (errno != EADDRINUSE) { (void)close(s); diff --git a/src/lib/libc/net/ruserok.c b/src/lib/libc/net/ruserok.c index cab6f96449..a399c013e2 100644 --- a/src/lib/libc/net/ruserok.c +++ b/src/lib/libc/net/ruserok.c @@ -131,11 +131,11 @@ again: * user or root or if writeable by anyone but the owner, quit. */ cp = NULL; - if (lstat(pbuf, &sbuf) < 0) + if (lstat(pbuf, &sbuf) == -1) cp = ".rhosts lstat failed"; else if (!S_ISREG(sbuf.st_mode)) cp = ".rhosts not regular file"; - else if (fstat(fileno(hostf), &sbuf) < 0) + else if (fstat(fileno(hostf), &sbuf) == -1) cp = ".rhosts fstat failed"; else if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid) cp = "bad .rhosts owner"; diff --git a/src/lib/libc/stdlib/malloc.c b/src/lib/libc/stdlib/malloc.c index f2e82679e9..7d49438b7b 100644 --- a/src/lib/libc/stdlib/malloc.c +++ b/src/lib/libc/stdlib/malloc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: malloc.c,v 1.261 2019/05/23 06:43:18 otto Exp $ */ +/* $OpenBSD: malloc.c,v 1.262 2019/06/28 13:32:42 deraadt Exp $ */ /* * Copyright (c) 2008, 2010, 2011, 2016 Otto Moerbeek * Copyright (c) 2012 Matthew Dempsky @@ -897,7 +897,7 @@ omalloc_make_chunks(struct dir_info *d, int bits, int listnum) return NULL; /* memory protect the page allocated in the malloc(0) case */ - if (bits == 0 && mprotect(pp, MALLOC_PAGESIZE, PROT_NONE) < 0) + if (bits == 0 && mprotect(pp, MALLOC_PAGESIZE, PROT_NONE) == -1) goto err; bp = alloc_chunk_info(d, bits); diff --git a/src/usr.bin/nc/netcat.c b/src/usr.bin/nc/netcat.c index 26288560b0..c2e769c4c0 100644 --- a/src/usr.bin/nc/netcat.c +++ b/src/usr.bin/nc/netcat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: netcat.c,v 1.204 2019/06/27 18:03:37 deraadt Exp $ */ +/* $OpenBSD: netcat.c,v 1.205 2019/06/28 13:35:02 deraadt Exp $ */ /* * Copyright (c) 2001 Eric Jackson * Copyright (c) 2015 Bob Beck. All rights reserved. @@ -568,7 +568,7 @@ main(int argc, char *argv[]) close(s); s = local_listen(host, uport, hints); } - if (s < 0) + if (s == -1) err(1, NULL); if (uflag && kflag) { /* @@ -590,11 +590,11 @@ main(int argc, char *argv[]) len = sizeof(z); rv = recvfrom(s, buf, sizeof(buf), MSG_PEEK, (struct sockaddr *)&z, &len); - if (rv < 0) + if (rv == -1) err(1, "recvfrom"); rv = connect(s, (struct sockaddr *)&z, len); - if (rv < 0) + if (rv == -1) err(1, "connect"); if (vflag) @@ -628,7 +628,7 @@ main(int argc, char *argv[]) tls_free(tls_cctx); } if (family == AF_UNIX && uflag) { - if (connect(s, NULL, 0) < 0) + if (connect(s, NULL, 0) == -1) err(1, "connect"); } @@ -739,7 +739,7 @@ unix_bind(char *path, int flags) /* Create unix domain socket. */ if ((s = socket(AF_UNIX, flags | (uflag ? SOCK_DGRAM : SOCK_STREAM), - 0)) < 0) + 0)) == -1) return -1; memset(&s_un, 0, sizeof(struct sockaddr_un)); @@ -752,7 +752,7 @@ unix_bind(char *path, int flags) return -1; } - if (bind(s, (struct sockaddr *)&s_un, sizeof(s_un)) < 0) { + if (bind(s, (struct sockaddr *)&s_un, sizeof(s_un)) == -1) { save_errno = errno; close(s); errno = save_errno; @@ -862,10 +862,10 @@ unix_connect(char *path) int s, save_errno; if (uflag) { - if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) < 0) + if ((s = unix_bind(unix_dg_tmp_socket, SOCK_CLOEXEC)) == -1) return -1; } else { - if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) < 0) + if ((s = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) == -1) return -1; } @@ -878,7 +878,7 @@ unix_connect(char *path) errno = ENAMETOOLONG; return -1; } - if (connect(s, (struct sockaddr *)&s_un, sizeof(s_un)) < 0) { + if (connect(s, (struct sockaddr *)&s_un, sizeof(s_un)) == -1) { save_errno = errno; close(s); errno = save_errno; @@ -897,9 +897,9 @@ unix_listen(char *path) { int s; - if ((s = unix_bind(path, 0)) < 0) + if ((s = unix_bind(path, 0)) == -1) return -1; - if (listen(s, 5) < 0) { + if (listen(s, 5) == -1) { close(s); return -1; } @@ -926,7 +926,7 @@ remote_connect(const char *host, const char *port, struct addrinfo hints) for (res = res0; res; res = res->ai_next) { if ((s = socket(res->ai_family, res->ai_socktype | - SOCK_NONBLOCK, res->ai_protocol)) < 0) + SOCK_NONBLOCK, res->ai_protocol)) == -1) continue; /* Bind to a local port or source address if specified. */ @@ -944,7 +944,7 @@ remote_connect(const char *host, const char *port, struct addrinfo hints) errx(1, "getaddrinfo: %s", gai_strerror(error)); if (bind(s, (struct sockaddr *)ares->ai_addr, - ares->ai_addrlen) < 0) + ares->ai_addrlen) == -1) err(1, "bind failed"); freeaddrinfo(ares); } @@ -1023,7 +1023,7 @@ local_listen(const char *host, const char *port, struct addrinfo hints) for (res = res0; res; res = res->ai_next) { if ((s = socket(res->ai_family, res->ai_socktype, - res->ai_protocol)) < 0) + res->ai_protocol)) == -1) continue; ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x)); @@ -1043,7 +1043,7 @@ local_listen(const char *host, const char *port, struct addrinfo hints) } if (!uflag && s != -1) { - if (listen(s, 1) < 0) + if (listen(s, 1) == -1) err(1, "listen"); } if (vflag && s != -1) { diff --git a/src/usr.bin/openssl/apps.c b/src/usr.bin/openssl/apps.c index 2297b5bf2b..47e21265af 100644 --- a/src/usr.bin/openssl/apps.c +++ b/src/usr.bin/openssl/apps.c @@ -1,4 +1,4 @@ -/* $OpenBSD: apps.c,v 1.51 2019/02/09 15:49:21 inoguchi Exp $ */ +/* $OpenBSD: apps.c,v 1.52 2019/06/28 13:35:02 deraadt Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -1377,7 +1377,7 @@ rotate_serial(char *serialfile, char *new_suffix, char *old_suffix) goto err; } - if (rename(serialfile, opath) < 0 && + if (rename(serialfile, opath) == -1 && errno != ENOENT && errno != ENOTDIR) { BIO_printf(bio_err, "unable to rename %s to %s\n", serialfile, opath); @@ -1386,11 +1386,11 @@ rotate_serial(char *serialfile, char *new_suffix, char *old_suffix) } - if (rename(npath, serialfile) < 0) { + if (rename(npath, serialfile) == -1) { BIO_printf(bio_err, "unable to rename %s to %s\n", npath, serialfile); perror("reason"); - if (rename(opath, serialfile) < 0) { + if (rename(opath, serialfile) == -1) { BIO_printf(bio_err, "unable to rename %s to %s\n", opath, serialfile); perror("reason"); @@ -1599,18 +1599,18 @@ rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix) goto err; } - if (rename(dbfile, odbpath) < 0 && errno != ENOENT && errno != ENOTDIR) { + if (rename(dbfile, odbpath) == -1 && errno != ENOENT && errno != ENOTDIR) { BIO_printf(bio_err, "unable to rename %s to %s\n", dbfile, odbpath); perror("reason"); goto err; } - if (rename(dbpath, dbfile) < 0) { + if (rename(dbpath, dbfile) == -1) { BIO_printf(bio_err, "unable to rename %s to %s\n", dbpath, dbfile); perror("reason"); - if (rename(odbpath, dbfile) < 0) { + if (rename(odbpath, dbfile) == -1) { BIO_printf(bio_err, "unable to rename %s to %s\n", odbpath, dbfile); perror("reason"); @@ -1618,16 +1618,16 @@ rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix) goto err; } - if (rename(attrpath, oattrpath) < 0 && errno != ENOENT && errno != ENOTDIR) { + if (rename(attrpath, oattrpath) == -1 && errno != ENOENT && errno != ENOTDIR) { BIO_printf(bio_err, "unable to rename %s to %s\n", attrpath, oattrpath); perror("reason"); - if (rename(dbfile, dbpath) < 0) { + if (rename(dbfile, dbpath) == -1) { BIO_printf(bio_err, "unable to rename %s to %s\n", dbfile, dbpath); perror("reason"); } - if (rename(odbpath, dbfile) < 0) { + if (rename(odbpath, dbfile) == -1) { BIO_printf(bio_err, "unable to rename %s to %s\n", odbpath, dbfile); perror("reason"); @@ -1635,21 +1635,21 @@ rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix) goto err; } - if (rename(nattrpath, attrpath) < 0) { + if (rename(nattrpath, attrpath) == -1) { BIO_printf(bio_err, "unable to rename %s to %s\n", nattrpath, attrpath); perror("reason"); - if (rename(oattrpath, attrpath) < 0) { + if (rename(oattrpath, attrpath) == -1) { BIO_printf(bio_err, "unable to rename %s to %s\n", oattrpath, attrpath); perror("reason"); } - if (rename(dbfile, dbpath) < 0) { + if (rename(dbfile, dbpath) == -1) { BIO_printf(bio_err, "unable to rename %s to %s\n", dbfile, dbpath); perror("reason"); } - if (rename(odbpath, dbfile) < 0) { + if (rename(odbpath, dbfile) == -1) { BIO_printf(bio_err, "unable to rename %s to %s\n", odbpath, dbfile); perror("reason"); diff --git a/src/usr.bin/openssl/s_client.c b/src/usr.bin/openssl/s_client.c index e542f08481..23bf67e695 100644 --- a/src/usr.bin/openssl/s_client.c +++ b/src/usr.bin/openssl/s_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_client.c,v 1.37 2018/11/14 06:24:21 tb Exp $ */ +/* $OpenBSD: s_client.c,v 1.38 2019/06/28 13:35:02 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -759,7 +759,7 @@ re_start: if (SSL_version(con) == DTLS1_VERSION) { sbio = BIO_new_dgram(s, BIO_NOCLOSE); - if (getsockname(s, &peer, (void *) &peerlen) < 0) { + if (getsockname(s, &peer, (void *) &peerlen) == -1) { BIO_printf(bio_err, "getsockname:errno=%d\n", errno); shutdown(s, SHUT_RD); @@ -1013,7 +1013,7 @@ re_start: tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ i = poll(pfd, 3, ptimeout); - if (i < 0) { + if (i == -1) { BIO_printf(bio_err, "bad select %d\n", errno); goto shut; diff --git a/src/usr.bin/openssl/s_server.c b/src/usr.bin/openssl/s_server.c index 4bdafaf682..a15795151f 100644 --- a/src/usr.bin/openssl/s_server.c +++ b/src/usr.bin/openssl/s_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_server.c,v 1.30 2018/02/07 05:47:55 jsing Exp $ */ +/* $OpenBSD: s_server.c,v 1.31 2019/06/28 13:35:02 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1512,7 +1512,7 @@ sv_body(char *hostname, int s, unsigned char *context) n = write(fileno(stdout), buf + len, i - len); } while (n == -1 && errno == EINTR); - if (n < 0) { + if (n == -1) { BIO_printf(bio_s_out, "ERROR\n"); goto err; } diff --git a/src/usr.bin/openssl/s_socket.c b/src/usr.bin/openssl/s_socket.c index 62b32d3936..5d90fad8bb 100644 --- a/src/usr.bin/openssl/s_socket.c +++ b/src/usr.bin/openssl/s_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_socket.c,v 1.10 2018/08/19 20:07:06 tb Exp $ */ +/* $OpenBSD: s_socket.c,v 1.11 2019/06/28 13:35:02 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -107,7 +107,7 @@ init_client(int *sock, char *host, char *port, int type, int af) i = 0; i = setsockopt(s, SOL_SOCKET, SO_KEEPALIVE, (char *) &i, sizeof(i)); - if (i < 0) { + if (i == -1) { perror("keepalive"); goto out; } @@ -251,10 +251,10 @@ do_accept(int acc_sock, int *sock, char **host) ling.l_onoff=1; ling.l_linger=0; i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling)); - if (i < 0) { perror("linger"); return(0); } + if (i == -1) { perror("linger"); return(0); } i=0; i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); - if (i < 0) { perror("keepalive"); return(0); } + if (i == -1) { perror("keepalive"); return(0); } */ if (host == NULL) diff --git a/src/usr.sbin/ocspcheck/http.c b/src/usr.sbin/ocspcheck/http.c index 5c914a4857..e0df6cfa11 100644 --- a/src/usr.sbin/ocspcheck/http.c +++ b/src/usr.sbin/ocspcheck/http.c @@ -1,4 +1,4 @@ -/* $Id: http.c,v 1.11 2018/11/29 14:25:07 tedu Exp $ */ +/* $Id: http.c,v 1.12 2019/06/28 13:32:49 deraadt Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons * @@ -72,7 +72,7 @@ dosysread(char *buf, size_t sz, const struct http *http) ssize_t rc; rc = read(http->fd, buf, sz); - if (rc < 0) + if (rc == -1) warn("%s: read", http->src.ip); return rc; } @@ -83,7 +83,7 @@ dosyswrite(const void *buf, size_t sz, const struct http *http) ssize_t rc; rc = write(http->fd, buf, sz); - if (rc < 0) + if (rc == -1) warn("%s: write", http->src.ip); return rc; } @@ -97,7 +97,7 @@ dotlsread(char *buf, size_t sz, const struct http *http) rc = tls_read(http->ctx, buf, sz); } while (rc == TLS_WANT_POLLIN || rc == TLS_WANT_POLLOUT); - if (rc < 0) + if (rc == -1) warnx("%s: tls_read: %s", http->src.ip, tls_error(http->ctx)); return rc; @@ -112,7 +112,7 @@ dotlswrite(const void *buf, size_t sz, const struct http *http) rc = tls_write(http->ctx, buf, sz); } while (rc == TLS_WANT_POLLIN || rc == TLS_WANT_POLLOUT); - if (rc < 0) + if (rc == -1) warnx("%s: tls_write: %s", http->src.ip, tls_error(http->ctx)); return rc; -- cgit v1.2.3-55-g6feb