diff --git a/dist/capability-fd.cc b/dist/capability-fd.cc index 043ca236e3e1..6c470cff3418 100644 --- a/dist/capability-fd.cc +++ b/dist/capability-fd.cc @@ -25,7 +25,7 @@ typedef struct { uint64_t right; const char* name; } right_info; -right_info known_rights[] = { +static right_info known_rights[] = { /* Rights that are common to all versions of Capsicum */ RIGHTS_INFO(CAP_READ), RIGHTS_INFO(CAP_WRITE), @@ -713,22 +713,34 @@ static void TryDirOps(int dirfd, cap_rights_t rights) { EXPECT_OK(close(rc)); rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_RDONLY); CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_WRONLY | O_APPEND); CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_WRITE, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_RDWR | O_APPEND); CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDONLY); CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_WRONLY | O_APPEND); CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_WRITE, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDWR | O_APPEND); CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } EXPECT_OK(unlinkat(dirfd, "cap_fsync", 0)); rc = openat(dirfd, "cap_ftruncate", O_CREAT, 0600); @@ -736,13 +748,19 @@ static void TryDirOps(int dirfd, cap_rights_t rights) { EXPECT_OK(close(rc)); rc = openat(dfd_cap, "cap_ftruncate", O_TRUNC | O_RDONLY); CHECK_RIGHT_RESULT(rc, rights, CAP_FTRUNCATE, CAP_READ, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } rc = openat(dfd_cap, "cap_ftruncate", O_TRUNC | O_WRONLY); CHECK_RIGHT_RESULT(rc, rights, CAP_FTRUNCATE, CAP_WRITE, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } rc = openat(dfd_cap, "cap_ftruncate", O_TRUNC | O_RDWR); CHECK_RIGHT_RESULT(rc, rights, CAP_FTRUNCATE, CAP_READ, CAP_WRITE, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } EXPECT_OK(unlinkat(dirfd, "cap_ftruncate", 0)); rc = openat(dfd_cap, "cap_create", O_CREAT | O_WRONLY, 0600); @@ -764,19 +782,27 @@ static void TryDirOps(int dirfd, cap_rights_t rights) { rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_WRONLY); CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_WRITE, CAP_SEEK, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_RDWR); CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_SEEK, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_WRONLY); CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_WRITE, CAP_SEEK, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDWR); CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_SEEK, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(close(rc)); + if (rc >= 0) { + EXPECT_OK(close(rc)); + } EXPECT_OK(unlinkat(dirfd, "cap_fsync", 0)); #ifdef HAVE_CHFLAGSAT @@ -826,28 +852,38 @@ static void TryDirOps(int dirfd, cap_rights_t rights) { rc = linkat(dirfd, "cap_linkat_src", dfd_cap, "cap_linkat_dst", 0); CHECK_RIGHT_RESULT(rc, rights, CAP_LINKAT_TARGET); - if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_linkat_dst", 0)); + if (rc >= 0) { + EXPECT_OK(unlinkat(dirfd, "cap_linkat_dst", 0)); + } rc = linkat(dfd_cap, "cap_linkat_src", dirfd, "cap_linkat_dst", 0); CHECK_RIGHT_RESULT(rc, rights, CAP_LINKAT_SOURCE); - if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_linkat_dst", 0)); + if (rc >= 0) { + EXPECT_OK(unlinkat(dirfd, "cap_linkat_dst", 0)); + } EXPECT_OK(unlinkat(dirfd, "cap_linkat_src", 0)); rc = mkdirat(dfd_cap, "cap_mkdirat", 0700); CHECK_RIGHT_RESULT(rc, rights, CAP_MKDIRAT, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_mkdirat", AT_REMOVEDIR)); + if (rc >= 0) { + EXPECT_OK(unlinkat(dirfd, "cap_mkdirat", AT_REMOVEDIR)); + } #ifdef HAVE_MKFIFOAT rc = mkfifoat(dfd_cap, "cap_mkfifoat", 0600); CHECK_RIGHT_RESULT(rc, rights, CAP_MKFIFOAT, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_mkfifoat", 0)); + if (rc >= 0) { + EXPECT_OK(unlinkat(dirfd, "cap_mkfifoat", 0)); + } #endif if (getuid() == 0) { rc = mknodat(dfd_cap, "cap_mknodat", S_IFCHR | 0600, 0); CHECK_RIGHT_RESULT(rc, rights, CAP_MKNODAT, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_mknodat", 0)); + if (rc >= 0) { + EXPECT_OK(unlinkat(dirfd, "cap_mknodat", 0)); + } } // For renameat(2), need: @@ -880,7 +916,9 @@ static void TryDirOps(int dirfd, cap_rights_t rights) { rc = symlinkat("test", dfd_cap, "cap_symlinkat"); CHECK_RIGHT_RESULT(rc, rights, CAP_SYMLINKAT, CAP_LOOKUP); - if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_symlinkat", 0)); + if (rc >= 0) { + EXPECT_OK(unlinkat(dirfd, "cap_symlinkat", 0)); + } rc = openat(dirfd, "cap_unlinkat", O_CREAT, 0600); EXPECT_OK(rc); diff --git a/dist/capmode.cc b/dist/capmode.cc index eb4e5c9ff929..567773f319d9 100644 --- a/dist/capmode.cc +++ b/dist/capmode.cc @@ -132,7 +132,9 @@ FORK_TEST_F(WithFiles, AllowedFileSyscalls) { #ifdef HAVE_CHFLAGS rc = fchflags(fd_file_, UF_NODUMP); - if (rc < 0) EXPECT_NE(ECAPMODE, errno); + if (rc < 0) { + EXPECT_NE(ECAPMODE, errno); + } #endif char buf[1024]; @@ -173,7 +175,9 @@ FORK_TEST_F(WithFiles, AllowedSocketSyscalls) { // recvfrom() either returns -1 with EAGAIN, or 0. int rc = recvfrom(fd_socket_, NULL, 0, MSG_DONTWAIT, NULL, NULL); - if (rc < 0) EXPECT_EQ(EAGAIN, errno); + if (rc < 0) { + EXPECT_EQ(EAGAIN, errno); + } char ch; EXPECT_OK(write(fd_file_, &ch, sizeof(ch))); @@ -558,8 +562,7 @@ FORK_TEST_F(WithFiles, AllowedMiscSyscalls) { long sysarch_arg = 0; EXPECT_CAPMODE(sysarch(I386_SET_IOPERM, &sysarch_arg)); #else - // TOOD(jra): write a test for arm - FAIL("capmode:no sysarch() test for current architecture"); + // TOOD(jra): write a test for other architectures, like arm #endif #endif } @@ -627,7 +630,7 @@ FORK_TEST(Capmode, NewThread) { } static int had_signal = 0; -static void handle_signal(int x) { had_signal = 1; } +static void handle_signal(int) { had_signal = 1; } FORK_TEST(Capmode, SelfKill) { pid_t me = getpid(); diff --git a/dist/capsicum-test.h b/dist/capsicum-test.h index 61d95711eec0..4251302e8681 100644 --- a/dist/capsicum-test.h +++ b/dist/capsicum-test.h @@ -20,7 +20,7 @@ extern bool force_mt; extern bool force_nofork; extern uid_t other_uid; -static inline void *WaitingThreadFn(void *p) { +static inline void *WaitingThreadFn(void *) { // Loop until cancelled while (true) { usleep(10000); diff --git a/dist/mqueue.cc b/dist/mqueue.cc index b98523121fe0..42478c760020 100644 --- a/dist/mqueue.cc +++ b/dist/mqueue.cc @@ -24,7 +24,7 @@ static void test_case_name##_##test_name##_ForkTest() static bool invoked; -void seen_it_done_it(int v) { +void seen_it_done_it(int) { invoked = true; } diff --git a/dist/openat.cc b/dist/openat.cc index c35630bd60aa..ca7e39772f9a 100644 --- a/dist/openat.cc +++ b/dist/openat.cc @@ -11,9 +11,9 @@ // Check an open call works and close the resulting fd. #define EXPECT_OPEN_OK(f) do { \ - int fd = f; \ - EXPECT_OK(fd); \ - close(fd); \ + int _fd = f; \ + EXPECT_OK(_fd); \ + close(_fd); \ } while (0) static void CreateFile(const char *filename, const char *contents) { @@ -176,10 +176,14 @@ class OpenatTest : public ::testing::Test { // Create a couple of nested directories int rc = mkdir(TmpFile(TOPDIR), 0755); EXPECT_OK(rc); - if (rc < 0) EXPECT_EQ(EEXIST, errno); + if (rc < 0) { + EXPECT_EQ(EEXIST, errno); + } rc = mkdir(TmpFile(SUBDIR_ABS), 0755); EXPECT_OK(rc); - if (rc < 0) EXPECT_EQ(EEXIST, errno); + if (rc < 0) { + EXPECT_EQ(EEXIST, errno); + } // Figure out a path prefix (like "../..") that gets us to the root // directory from TmpFile(TOPDIR). diff --git a/dist/procdesc.cc b/dist/procdesc.cc index 476dfe01ab71..94c0dc5d774d 100644 --- a/dist/procdesc.cc +++ b/dist/procdesc.cc @@ -223,7 +223,7 @@ TEST(Pdfork, NonProcessDescriptor) { close(fd); } -static void *SubThreadMain(void *data) { +static void *SubThreadMain(void *) { while (true) { if (verbose) fprintf(stderr, " subthread: \"I aten't dead\"\n"); usleep(100000); @@ -231,7 +231,7 @@ static void *SubThreadMain(void *data) { return NULL; } -static void *ThreadMain(void *data) { +static void *ThreadMain(void *) { int pd; pid_t child = pdfork(&pd, 0); if (child == 0) { diff --git a/dist/syscalls.h b/dist/syscalls.h index c78576074ef2..592a1677e1f1 100644 --- a/dist/syscalls.h +++ b/dist/syscalls.h @@ -53,7 +53,7 @@ inline ssize_t flistxattr_(int fd, char *list, size_t size) { inline ssize_t fgetxattr_(int fd, const char *name, void *value, size_t size) { return extattr_get_fd(fd, EXTATTR_NAMESPACE_USER, name, value, size); } -inline int fsetxattr_(int fd, const char *name, const void *value, size_t size, int flags) { +inline int fsetxattr_(int fd, const char *name, const void *value, size_t size, int) { return extattr_set_fd(fd, EXTATTR_NAMESPACE_USER, name, value, size); } inline int fremovexattr_(int fd, const char *name) {