From: Guus Sliepen Date: Mon, 30 Mar 2026 13:34:33 +0000 (+0200) Subject: Fix warnings from clang-tidy-23 X-Git-Url: https://www.tinc-vpn.org/git/?a=commitdiff_plain;h=407191893bf719b4a47ba5267f96aabf695cc73c;p=tinc Fix warnings from clang-tidy-23 But also disable clang-tidy-23 checks that produce false positives. --- diff --git a/.clang-tidy b/.clang-tidy index d204cff4..22740d9e 100644 --- a/.clang-tidy +++ b/.clang-tidy @@ -1,3 +1,29 @@ -Checks: "-*,performance-*,modernize-*,misc-*,-misc-no-recursion,bugprone-*,-bugprone-macro-parentheses,-bugprone-easily-swappable-parameters,-bugprone-reserved-identifier,-bugprone-suspicious-string-compare,-bugprone-implicit-widening-of-multiplication-result,-bugprone-not-null-terminated-result,-bugprone-branch-clone,-bugprone-sizeof-expression,clang-analyzer-*,-clang-analyzer-security.insecureAPI.*,-clang-analyzer-core.UndefinedBinaryOperatorResult" +Checks: " + -*, + bugprone-*, + -bugprone-branch-clone, + -bugprone-command-processor, + -bugprone-easily-swappable-parameters, + -bugprone-implicit-widening-of-multiplication-result, + -bugprone-macro-parentheses, + -bugprone-multi-level-implicit-pointer-conversion, + -bugprone-not-null-terminated-result, + -bugprone-reserved-identifier, + -bugprone-sizeof-expression, + -bugprone-suspicious-string-compare, + -bugprone-unchecked-string-to-number-conversion, + clang-analyzer-*, + -clang-analyzer-core.UndefinedBinaryOperatorResult, + -clang-analyzer-security.insecureAPI.*, + -clang-analyzer-unix.Stream, + misc-*, + -misc-header-include-cycle, + -misc-include-cleaner, + -misc-no-recursion, + modernize-*, + -modernize-avoid-c-style-cast, + -modernize-macro-to-enum, + performance-*, +" HeaderFilterRegex: ".*" WarningsAsErrors: "*" diff --git a/meson.build b/meson.build index 15542198..85a1b3ea 100644 --- a/meson.build +++ b/meson.build @@ -1,7 +1,7 @@ project('tinc', 'c', version: '1.1pre18', license: 'GPL-2.0-or-later', - meson_version: '>=0.51', + meson_version: '>=0.56', default_options: [ 'c_std=c11', 'warning_level=3', @@ -68,6 +68,7 @@ if cc_name != 'msvc' '-Wmissing-noreturn', '-Wmissing-prototypes', '-Wno-embedded-directive', + '-Wno-ignored-attributes', '-Wold-style-definition', '-Wredundant-decls', '-Wreturn-type', diff --git a/src/conf.c b/src/conf.c index d4c76ec8..f8d3c8e4 100644 --- a/src/conf.c +++ b/src/conf.c @@ -257,6 +257,7 @@ config_t *parse_config_line(char *line, const char *fname, int lineno) { value += len; value += strspn(value, "\t "); + // NOLINTNEXTLINE if(*value == '=') { value++; value += strspn(value, "\t "); @@ -386,48 +387,49 @@ void read_config_options(splay_tree_t *config_tree, const char *prefix) { bool read_server_config(splay_tree_t *config_tree) { char fname[PATH_MAX]; - bool x; read_config_options(config_tree, NULL); snprintf(fname, sizeof(fname), "%s" SLASH "tinc.conf", confbase); - errno = 0; - x = read_config_file(config_tree, fname, true); - - // We will try to read the conf files in the "conf.d" dir - if(x) { - char dname[PATH_MAX]; - snprintf(dname, sizeof(dname), "%s" SLASH "conf.d", confbase); - DIR *dir = opendir(dname); - - // If we can find this dir - if(dir) { - struct dirent *ep; - - // We list all the files in it - while(x && (ep = readdir(dir))) { - size_t l = strlen(ep->d_name); - - // And we try to read the ones that end with ".conf" - if(l > 5 && !strcmp(".conf", & ep->d_name[ l - 5 ])) { - if((size_t)snprintf(fname, sizeof(fname), "%s" SLASH "%s", dname, ep->d_name) >= sizeof(fname)) { - logger(DEBUG_ALWAYS, LOG_ERR, "Pathname too long: %s/%s", dname, ep->d_name); - return false; - } - - x = read_config_file(config_tree, fname, true); - } - } - closedir(dir); - } + if(!read_config_file(config_tree, fname, true)) { + logger(DEBUG_ALWAYS, LOG_ERR, "Failed to read `%s': %s", fname, strerror(errno)); + return false; } - if(!x && errno) { - logger(DEBUG_ALWAYS, LOG_ERR, "Failed to read `%s': %s", fname, strerror(errno)); + // We will try to read the conf files in the "conf.d" dir, if it exists + char dname[PATH_MAX]; + snprintf(dname, sizeof(dname), "%s" SLASH "conf.d", confbase); + DIR *dir = opendir(dname); + + if(!dir && errno == ENOENT) { + return true; + } else { + logger(DEBUG_ALWAYS, LOG_ERR, "Failed to read `%s': %s", dname, strerror(errno)); + return false; } - return x; + // We list all the files in it + struct dirent *ep; + + while((ep = readdir(dir))) { + size_t l = strlen(ep->d_name); + + // And we try to read the ones that end with ".conf" + if(l > 5 && !strcmp(".conf", & ep->d_name[ l - 5 ])) { + if((size_t)snprintf(fname, sizeof(fname), "%s" SLASH "%s", dname, ep->d_name) >= sizeof(fname)) { + logger(DEBUG_ALWAYS, LOG_ERR, "Pathname too long: %s/%s", dname, ep->d_name); + return false; + } + + if(!read_config_file(config_tree, fname, true)) { + logger(DEBUG_ALWAYS, LOG_ERR, "Failed to read `%s': %s", fname, strerror(errno)); + return false; + } + } + } + + return true; } bool read_host_config(splay_tree_t *config_tree, const char *name, bool verbose) { diff --git a/src/fd_device.c b/src/fd_device.c index 381c7841..fab9a207 100644 --- a/src/fd_device.c +++ b/src/fd_device.c @@ -51,7 +51,9 @@ static int read_fd(int socket) { msg.msg_control = cmsgbuf; msg.msg_controllen = sizeof(cmsgbuf); - if((ret = recvmsg(socket, &msg, 0)) < 1) { + ret = recvmsg(socket, &msg, 0); + + if(ret <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Could not read from unix socket (error %ld)!", (long)ret); return -1; } @@ -95,12 +97,16 @@ static int receive_fd(struct unix_socket_addr socket_addr) { int ret; int result; - if((socketfd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) { + socketfd = socket(PF_UNIX, SOCK_STREAM, 0); + + if(socketfd < 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Could not open stream socket (error %d)!", socketfd); return -1; } - if((ret = connect(socketfd, (struct sockaddr *) &socket_addr.addr, socket_addr.size)) < 0) { + ret = connect(socketfd, (struct sockaddr *) &socket_addr.addr, socket_addr.size); + + if(ret < 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Could not connect to Unix socket (error %d)!", ret); result = -1; goto end; diff --git a/src/fs.c b/src/fs.c index 772fa576..be1440c6 100644 --- a/src/fs.c +++ b/src/fs.c @@ -20,7 +20,7 @@ static bool makedir(const char *path, mode_t mode) { return true; } -bool makedirs(tinc_dir_t dirs) { +bool makedirs(unsigned int dirs) { if(!dirs) { return false; } diff --git a/src/fs.h b/src/fs.h index a35b5297..24ac359e 100644 --- a/src/fs.h +++ b/src/fs.h @@ -3,16 +3,14 @@ #include "system.h" -typedef enum { - DIR_CACHE = 1 << 0, - DIR_CONFBASE = 1 << 1, - DIR_CONFDIR = 1 << 2, - DIR_HOSTS = 1 << 3, - DIR_INVITATIONS = 1 << 4, -} tinc_dir_t; +static const unsigned int DIR_CACHE = 1 << 0; +static const unsigned int DIR_CONFBASE = 1 << 1; +static const unsigned int DIR_CONFDIR = 1 << 2; +static const unsigned int DIR_HOSTS = 1 << 3; +static const unsigned int DIR_INVITATIONS = 1 << 4; // Create one or multiple directories inside tincd configuration directory -extern bool makedirs(tinc_dir_t dirs); +extern bool makedirs(unsigned int dirs); // Open file. If it does not exist, create a new file with the specified access mode. extern FILE *fopenmask(const char *filename, const char *mode, mode_t perms) ATTR_DEALLOCATOR(fclose); diff --git a/src/invitation.c b/src/invitation.c index 34f77f06..35647e89 100644 --- a/src/invitation.c +++ b/src/invitation.c @@ -157,6 +157,7 @@ static bool get_my_hostname(char **out_address, char **out_port) { ssize_t len = recv(s, line, sizeof(line) - 1, MSG_WAITALL); if(len > 0) { + // NOLINTNEXTLINE line[len] = 0; if(line[len - 1] == '\n') { @@ -399,12 +400,11 @@ int cmd_invite(int argc, char *argv[]) { return 1; } - errno = 0; int count = 0; struct dirent *ent; time_t deadline = time(NULL) - 604800; // 1 week in the past - while((ent = readdir(dir))) { + while((errno = 0, ent = readdir(dir))) { if(strlen(ent->d_name) != 24) { continue; } @@ -425,17 +425,16 @@ int cmd_invite(int argc, char *argv[]) { } } else { fprintf(stderr, "Could not stat %s: %s\n", invname, strerror(errno)); - errno = 0; } } - closedir(dir); - if(errno) { fprintf(stderr, "Error while reading directory %s: %s\n", filename, strerror(errno)); return 1; } + closedir(dir); + ecdsa_t *key; snprintf(filename, sizeof(filename), "%s" SLASH "invitations" SLASH "ed25519_key.priv", confbase); @@ -809,7 +808,11 @@ make_names: fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno)); fclose(fh); fclose(f); - fclose(finv); + + if(finv) { + fclose(finv); + } + return false; } @@ -831,7 +834,7 @@ make_names: // Generate a tinc-up script from Ifconfig and Route keywords. // Other chunks go unfiltered to their respective host config files const char *p = data; - char *l, *value; + char *l, *value = NULL; static char line[1024]; @@ -1015,10 +1018,11 @@ make_names: fprintf(stderr, "Could not write public RSA key\n"); } - fclose(f); + if(f) { + fclose(f); + } fclose(fh); - rsa_free(rsa); #endif diff --git a/src/multicast_device.c b/src/multicast_device.c index 3dba7f79..30390545 100644 --- a/src/multicast_device.c +++ b/src/multicast_device.c @@ -180,9 +180,9 @@ static void close_device(void) { } static bool read_packet(vpn_packet_t *packet) { - ssize_t lenin; + ssize_t lenin = recv(device_fd, (void *)DATA(packet), MTU, 0); - if((lenin = recv(device_fd, (void *)DATA(packet), MTU, 0)) <= 0) { + if(lenin <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, device, sockstrerror(sockerrno)); return false; diff --git a/src/net.c b/src/net.c index dd86cf27..63a82e92 100644 --- a/src/net.c +++ b/src/net.c @@ -402,10 +402,12 @@ int reload_configuration(void) { config_t *cfg = lookup_config(&config_tree, "Subnet"); while(cfg) { - subnet_t *subnet, *s2; + subnet_t *subnet; if(get_config_subnet(cfg, &subnet)) { - if((s2 = lookup_subnet(myself, subnet))) { + subnet_t *s2 = lookup_subnet(myself, subnet); + + if(s2) { if(s2->expires == 1) { s2->expires = 0; } diff --git a/src/net_packet.c b/src/net_packet.c index d05a869f..b9edd6c4 100644 --- a/src/net_packet.c +++ b/src/net_packet.c @@ -559,8 +559,9 @@ static bool receive_udppacket(node_t *n, vpn_packet_t *inpkt) { if(n->incompression != COMPRESS_NONE) { vpn_packet_t *outpkt = pkt[nextpkt++]; + outpkt->len = uncompress_packet(DATA(outpkt), MAXSIZE - outpkt->offset, DATA(inpkt), inpkt->len, n->incompression); - if(!(outpkt->len = uncompress_packet(DATA(outpkt), MAXSIZE - outpkt->offset, DATA(inpkt), inpkt->len, n->incompression))) { + if(!outpkt->len) { logger(DEBUG_TRAFFIC, LOG_ERR, "Error while uncompressing packet from %s (%s)", n->name, n->hostname); return false; @@ -860,8 +861,9 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { if(n->outcompression != COMPRESS_NONE) { outpkt = pkt[nextpkt++]; + outpkt->len = compress_packet(DATA(outpkt), MAXSIZE - outpkt->offset, DATA(inpkt), inpkt->len, n->outcompression); - if(!(outpkt->len = compress_packet(DATA(outpkt), MAXSIZE - outpkt->offset, DATA(inpkt), inpkt->len, n->outcompression))) { + if(!outpkt->len) { logger(DEBUG_TRAFFIC, LOG_ERR, "Error while compressing packet to %s (%s)", n->name, n->hostname); return; diff --git a/src/net_setup.c b/src/net_setup.c index dd6c58f1..fd05b5c2 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -196,7 +196,9 @@ void load_all_nodes(void) { continue; } - if((s2 = lookup_subnet(n, s))) { + s2 = lookup_subnet(n, s); + + if(s2) { s2->expires = -1; free(s); } else { @@ -261,9 +263,9 @@ bool setup_myself_reloadable(void) { get_config_string(lookup_config(&config_tree, "Proxy"), &proxy); if(proxy) { - char *space; + char *space = strchr(proxy, ' '); - if((space = strchr(proxy, ' '))) { + if(space) { *space++ = 0; } @@ -327,8 +329,12 @@ bool setup_myself_reloadable(void) { case PROXY_HTTP: proxyhost = space; - if(space && (space = strchr(space, ' '))) { - *space++ = 0, proxyport = space; + if(space) { + space = strchr(space, ' '); + + if(space) { + *space++ = 0, proxyport = space; + } } if(!proxyhost || !*proxyhost || !proxyport || !*proxyport) { @@ -339,12 +345,20 @@ bool setup_myself_reloadable(void) { return false; } - if(space && (space = strchr(space, ' '))) { - *space++ = 0, proxyuser = space; + if(space) { + space = strchr(space, ' '); + + if(space) { + *space++ = 0, proxyuser = space; + } } - if(space && (space = strchr(space, ' '))) { - *space++ = 0, proxypass = space; + if(space) { + space = strchr(space, ' '); + + if(space) { + *space++ = 0, proxypass = space; + } } proxyhost = xstrdup(proxyhost); @@ -758,7 +772,9 @@ static bool setup_myself(void) { char *address = NULL; bool port_specified = false; - if(!(name = get_name())) { + name = get_name(); + + if(!name) { logger(DEBUG_ALWAYS, LOG_ERR, "Name for tinc daemon required!"); return false; } diff --git a/src/net_socket.c b/src/net_socket.c index 37de8739..3a751c29 100644 --- a/src/net_socket.c +++ b/src/net_socket.c @@ -491,11 +491,11 @@ static void handle_meta_write(connection_t *c) { ssize_t outlen = send(c->socket, c->outbuf.data + c->outbuf.offset, c->outbuf.len - c->outbuf.offset, 0); if(outlen <= 0) { - if(!sockerrno || sockerrno == EPIPE) { - logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Connection closed by %s (%s)", c->name, c->hostname); - } else if(sockwouldblock(sockerrno)) { + if(outlen == 0 || sockwouldblock(sockerrno)) { logger(DEBUG_META, LOG_DEBUG, "Sending %d bytes to %s (%s) would block", c->outbuf.len - c->outbuf.offset, c->name, c->hostname); return; + } else if(sockerrno == EPIPE) { + logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Connection closed by %s (%s)", c->name, c->hostname); } else { logger(DEBUG_CONNECTIONS, LOG_ERR, "Could not send %d bytes of data to %s (%s): %s", c->outbuf.len - c->outbuf.offset, c->name, c->hostname, sockstrerror(sockerrno)); } diff --git a/src/process.c b/src/process.c index 5e7b1db5..94424781 100644 --- a/src/process.c +++ b/src/process.c @@ -32,8 +32,6 @@ /* If zero, don't detach from the terminal. */ bool do_detach = true; -extern char **g_argv; - /* If nonzero, use syslog instead of stderr in no-detach mode. */ bool use_syslog = false; diff --git a/src/process.h b/src/process.h index 70f1c5ca..e42cdeca 100644 --- a/src/process.h +++ b/src/process.h @@ -26,6 +26,7 @@ extern bool do_detach; extern bool use_logfile; extern bool use_syslog; +extern char **g_argv; extern bool detach(void); diff --git a/src/protocol_auth.c b/src/protocol_auth.c index 263a1317..2a191a2b 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -96,10 +96,15 @@ bool send_id(connection_t *c) { int minor = 0; if(experimental) { - if(c->outgoing && !ecdsa_active(c->ecdsa) && !(c->ecdsa = read_ecdsa_public_key(&c->config_tree, c->name))) { - minor = 1; - } else { - minor = myself->connection->protocol_minor; + minor = myself->connection->protocol_minor; + + if(c->outgoing && !ecdsa_active(c->ecdsa)) { + c->ecdsa = read_ecdsa_public_key(&c->config_tree, c->name); + + // We don't know the ECDSA key of the peer, try to connect to RSA and then upgrade + if(!c->ecdsa) { + minor = 1; + } } } @@ -260,6 +265,7 @@ static bool receive_invitation_sptps(void *handle, uint8_t type, const void *dat char *name = buf + len; name += strspn(name, " \t"); + // NOLINTNEXTLINE if(*name == '=') { name++; name += strspn(name, " \t"); @@ -278,7 +284,11 @@ static bool receive_invitation_sptps(void *handle, uint8_t type, const void *dat c->name = xstrdup(name); // Send the node the contents of the invitation file - rewind(f); + if(fseek(f, 0, SEEK_SET) != 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not read invitation file %s\n", cookie); + fclose(f); + } + size_t result; while((result = fread(buf, 1, sizeof(buf), f))) { @@ -898,7 +908,11 @@ static bool upgrade_h(connection_t *c, const char *request) { return false; } - if(ecdsa_active(c->ecdsa) || (c->ecdsa = read_ecdsa_public_key(&c->config_tree, c->name))) { + if(!ecdsa_active(c->ecdsa)) { + c->ecdsa = read_ecdsa_public_key(&c->config_tree, c->name); + } + + if(c->ecdsa) { char *knownkey = ecdsa_get_base64_public_key(c->ecdsa); bool different = strcmp(knownkey, pubkey); free(knownkey); diff --git a/src/protocol_key.c b/src/protocol_key.c index 0890755e..cb41eac3 100644 --- a/src/protocol_key.c +++ b/src/protocol_key.c @@ -150,9 +150,13 @@ static bool req_key_ext_h(connection_t *c, const char *request, node_t *from, no /* This is a SPTPS data packet. */ char buf[MAX_STRING_SIZE]; - size_t len; + size_t len = 0; - if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, buf) != 1 || !(len = b64decode_tinc(buf, buf, strlen(buf)))) { + if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, buf) == 1) { + len = b64decode_tinc(buf, buf, strlen(buf)); + } + + if(!len) { logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s) to %s (%s): %s", "SPTPS_PACKET", from->name, from->hostname, to->name, to->hostname, "invalid SPTPS data"); return true; } @@ -213,7 +217,11 @@ static bool req_key_ext_h(connection_t *c, const char *request, node_t *from, no char pubkey[MAX_STRING_SIZE]; - if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, pubkey) != 1 || !(from->ecdsa = ecdsa_set_base64_public_key(pubkey))) { + if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, pubkey) == 1) { + from->ecdsa = ecdsa_set_base64_public_key(pubkey); + } + + if(!from->ecdsa) { logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s): %s", "ANS_PUBKEY", from->name, from->hostname, "invalid pubkey"); return true; } @@ -235,9 +243,13 @@ static bool req_key_ext_h(connection_t *c, const char *request, node_t *from, no } char buf[MAX_STRING_SIZE]; - size_t len; + size_t len = 0; + + if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, buf) == 1) { + len = b64decode_tinc(buf, buf, strlen(buf)); + } - if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, buf) != 1 || !(len = b64decode_tinc(buf, buf, strlen(buf)))) { + if(!len) { logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s): %s", "REQ_SPTPS_START", from->name, from->hostname, "invalid SPTPS data"); return true; } diff --git a/src/protocol_subnet.c b/src/protocol_subnet.c index 526cd969..f0e5cd4b 100644 --- a/src/protocol_subnet.c +++ b/src/protocol_subnet.c @@ -44,7 +44,7 @@ bool add_subnet_h(connection_t *c, const char *request) { char subnetstr[MAX_STRING_SIZE]; char name[MAX_STRING_SIZE]; node_t *owner; - subnet_t s = {0}, *new, *old; + subnet_t s = {0}, *new; if(sscanf(request, "%*d %*x " MAX_STRING " " MAX_STRING, name, subnetstr) != 2) { logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s)", "ADD_SUBNET", c->name, @@ -123,7 +123,8 @@ bool add_subnet_h(connection_t *c, const char *request) { /* If everything is correct, add the subnet to the list of the owner */ - *(new = new_subnet()) = s; + new = new_subnet(); + *new = s; subnet_add(owner, new); if(owner->status.reachable) { @@ -138,8 +139,12 @@ bool add_subnet_h(connection_t *c, const char *request) { /* Fast handoff of roaming MAC addresses */ - if(s.type == SUBNET_MAC && owner != myself && (old = lookup_subnet(myself, &s)) && old->expires) { - old->expires = 1; + if(s.type == SUBNET_MAC && owner != myself) { + subnet_t *old = lookup_subnet(myself, &s); + + if(old && old->expires) { + old->expires = 1; + } } return true; diff --git a/src/raw_socket_device.c b/src/raw_socket_device.c index 1c455e6a..45676a1e 100644 --- a/src/raw_socket_device.c +++ b/src/raw_socket_device.c @@ -45,7 +45,9 @@ static bool setup_device(void) { device = xstrdup(iface); } - if((device_fd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL))) < 0) { + device_fd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); + + if(device_fd < 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s: %s", device_info, strerror(errno)); return false; @@ -91,9 +93,9 @@ static void close_device(void) { } static bool read_packet(vpn_packet_t *packet) { - ssize_t inlen; + ssize_t inlen = read(device_fd, DATA(packet), MTU); - if((inlen = read(device_fd, DATA(packet), MTU)) <= 0) { + if(inlen <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, device, strerror(errno)); return false; diff --git a/src/splay_tree.c b/src/splay_tree.c index 50d701c9..edd37187 100644 --- a/src/splay_tree.c +++ b/src/splay_tree.c @@ -22,6 +22,8 @@ #include "splay_tree.h" #include "xalloc.h" +// NOLINTBEGIN(bugprone-assignment-in-if-condition) + /* Splay operation */ static splay_node_t *splay_top_down(splay_tree_t *tree, const void *data, int *result) { @@ -637,3 +639,5 @@ void splay_foreach_node(const splay_tree_t *tree, splay_action_t action) { action(node); } } + +// NOLINTEND(bugprone-assignment-in-if-condition) diff --git a/src/sptps.c b/src/sptps.c index 35c68bc9..4ae54e82 100644 --- a/src/sptps.c +++ b/src/sptps.c @@ -186,7 +186,9 @@ static bool send_kex(sptps_t *s) { randomize(s->mykex->nonce, ECDH_SIZE); // Create a new ECDH public key. - if(!(s->ecdh = ecdh_generate_public(s->mykex->pubkey))) { + s->ecdh = ecdh_generate_public(s->mykex->pubkey); + + if(!s) { return error(s, EINVAL, "Failed to generate ECDH public key"); } @@ -639,12 +641,14 @@ size_t sptps_receive_data(sptps_t *s, const void *vdata, size_t len) { s->reclen = ntohs(s->reclen); // If we have the length bytes, ensure our buffer can hold the whole request. - s->inbuf = realloc(s->inbuf, s->reclen + 19UL); + uint8_t *new_inbuf = realloc(s->inbuf, s->reclen + 19UL); - if(!s->inbuf) { + if(!new_inbuf) { return error(s, errno, "%s", strerror(errno)); } + s->inbuf = new_inbuf; + // Exit early if we have no more data to process. if(!len) { return total_read; diff --git a/src/sptps_speed.c b/src/sptps_speed.c index c7c6e546..a6746b74 100644 --- a/src/sptps_speed.c +++ b/src/sptps_speed.c @@ -27,6 +27,7 @@ #include "ecdsa.h" #include "ecdsagen.h" #include "meta.h" +#include "process.h" #include "protocol.h" #include "sptps.h" #include "random.h" @@ -46,6 +47,7 @@ bool send_meta(struct connection_t *c, const void *msg, size_t len) { (void)len; return false; } + bool do_detach = false; struct timeval now; @@ -81,11 +83,11 @@ static void receive_data(sptps_t *sptps) { } } -struct timespec start; -struct timespec end; -double elapsed; -double rate; -unsigned int count; +static struct timespec start; +static struct timespec end; +static double elapsed; +static double rate; +static unsigned int count; static void clock_start(void) { count = 0; diff --git a/src/sptps_test.c b/src/sptps_test.c index 38e8b50d..0ddb8bc2 100644 --- a/src/sptps_test.c +++ b/src/sptps_test.c @@ -26,6 +26,7 @@ #include "crypto.h" #include "ecdsa.h" #include "meta.h" +#include "process.h" #include "protocol.h" #include "sptps.h" #include "utils.h" @@ -552,9 +553,9 @@ static int run_test(int argc, char *argv[]) { return 1; } - ecdsa_t *mykey = NULL; + ecdsa_t *mykey = ecdsa_read_pem_private_key(fp); - if(!(mykey = ecdsa_read_pem_private_key(fp))) { + if(!mykey) { return 1; } @@ -568,9 +569,9 @@ static int run_test(int argc, char *argv[]) { return 1; } - ecdsa_t *hiskey = NULL; + ecdsa_t *hiskey = ecdsa_read_pem_public_key(fp); - if(!(hiskey = ecdsa_read_pem_public_key(fp))) { + if(!hiskey) { ecdsa_free(mykey); return 1; } diff --git a/src/subnet.c b/src/subnet.c index 94000cc0..0674b358 100644 --- a/src/subnet.c +++ b/src/subnet.c @@ -34,7 +34,7 @@ #include "sandbox.h" /* lists type of subnet */ -uint32_t hash_seed; +static uint32_t hash_seed; splay_tree_t subnet_tree = { .compare = (splay_compare_t) subnet_compare, .delete = (splay_action_t) free_subnet, @@ -220,11 +220,11 @@ subnet_t *lookup_subnet(node_t *owner, const subnet_t *subnet) { } subnet_t *lookup_subnet_mac(const node_t *owner, const mac_t *address) { - subnet_t *r = NULL; + subnet_t *r = hash_search(mac_t, &mac_cache, address); // Check if this address is cached - if((r = hash_search(mac_t, &mac_cache, address))) { + if(r) { return r; } @@ -254,11 +254,11 @@ subnet_t *lookup_subnet_mac(const node_t *owner, const mac_t *address) { } subnet_t *lookup_subnet_ipv4(const ipv4_t *address) { - subnet_t *r = NULL; + subnet_t *r = hash_search(ipv4_t, &ipv4_cache, address); // Check if this address is cached - if((r = hash_search(ipv4_t, &ipv4_cache, address))) { + if(r) { return r; } @@ -288,11 +288,11 @@ subnet_t *lookup_subnet_ipv4(const ipv4_t *address) { } subnet_t *lookup_subnet_ipv6(const ipv6_t *address) { - subnet_t *r = NULL; + subnet_t *r = hash_search(ipv6_t, &ipv6_cache, address); // Check if this address is cached - if((r = hash_search(ipv6_t, &ipv6_cache, address))) { + if(r) { return r; } diff --git a/src/tincctl.c b/src/tincctl.c index 3af0f1f8..914eae7b 100644 --- a/src/tincctl.c +++ b/src/tincctl.c @@ -28,6 +28,7 @@ #include "protocol.h" #include "control_common.h" #include "crypto.h" +#include "device.h" #include "ecdsagen.h" #include "fsck.h" #include "info.h" @@ -254,8 +255,12 @@ static bool parse_options(int argc, char **argv) { } } - if(!netname && (netname = getenv("NETNAME"))) { - netname = xstrdup(netname); + if(!netname) { + char *env_value = getenv("NETNAME"); + + if(env_value) { + netname = xstrdup(env_value); + } } /* netname "." is special: a "top-level name" */ @@ -355,7 +360,9 @@ static bool ed25519_keygen(bool ask) { fprintf(stderr, "Generating Ed25519 key pair:\n"); - if(!(key = ecdsa_generate())) { + key = ecdsa_generate(); + + if(!key) { fprintf(stderr, "Error during key generation!\n"); return false; } else { @@ -430,7 +437,9 @@ static bool rsa_keygen(int bits, bool ask) { fprintf(stderr, "Generating %d bits keys:\n", bits); - if(!(key = rsa_generate(bits, 0x10001))) { + key = rsa_generate(bits, 0x10001); + + if(!key) { fprintf(stderr, "Error during key generation!\n"); return false; } else { @@ -1603,6 +1612,7 @@ char *get_my_name(bool verbose) { value = buf + len; value += strspn(value, "\t "); + // NOLINTNEXTLINE if(*value == '=') { value++; value += strspn(value, "\t "); @@ -1643,6 +1653,7 @@ static ecdsa_t *get_pubkey(FILE *f) { value = buf + len; value += strspn(value, "\t "); + // NOLINTNEXTLINE if(*value == '=') { value++; value += strspn(value, "\t "); @@ -1998,6 +2009,7 @@ static int cmd_config(int argc, char *argv[]) { bvalue = buf2 + len; bvalue += strspn(bvalue, "\t "); + // NOLINTNEXTLINE if(*bvalue == '=') { bvalue++; bvalue += strspn(bvalue, "\t "); @@ -2144,7 +2156,7 @@ static bool try_bind(int port) { for(aip = ai; aip; aip = aip->ai_next) { int fd = socket(ai->ai_family, SOCK_STREAM, IPPROTO_TCP); - if(!fd) { + if(fd == -1) { success = false; break; } @@ -2936,6 +2948,7 @@ static int cmd_verify(int argc, char *argv[]) { xasprintf(&trailer, " %s %ld", signer, t); size_t trailer_len = strlen(trailer); + // NOLINTNEXTLINE data = xrealloc(data, len + trailer_len); memcpy(data + len, trailer, trailer_len); free(trailer); @@ -2955,8 +2968,9 @@ static int cmd_verify(int argc, char *argv[]) { ecdsa_t *key = get_pubkey(fp); if(!key) { - rewind(fp); - key = ecdsa_read_pem_public_key(fp); + if(fseek(fp, 0, SEEK_SET) == 0) { + key = ecdsa_read_pem_public_key(fp); + } } if(!key) { @@ -3234,6 +3248,7 @@ static int cmd_shell(int argc, char *argv[]) { char *p = line + strspn(line, " \t\n"); char *next = strtok(p, " \t\n"); + // NOLINTNEXTLINE while(p && *p) { if(nargc >= maxargs) { maxargs *= 2; diff --git a/src/tincd.c b/src/tincd.c index 4c33dc07..928737bd 100644 --- a/src/tincd.c +++ b/src/tincd.c @@ -300,8 +300,12 @@ static bool parse_options(int argc, char **argv) { goto exit_fail; } - if(!netname && (netname = getenv("NETNAME"))) { - netname = xstrdup(netname); + if(!netname) { + char *env_value = getenv("NETNAME"); + + if(env_value) { + netname = xstrdup(env_value); + } } /* netname "." is special: a "top-level name" */ diff --git a/src/xalloc.h b/src/xalloc.h index 2b217e8b..3dc9e183 100644 --- a/src/xalloc.h +++ b/src/xalloc.h @@ -48,13 +48,14 @@ static inline void *xzalloc(size_t n) { } static inline void *xrealloc(void *p, size_t n) { - p = realloc(p, n); + // NOLINTNEXTLINE + void *new_p = realloc(p, n); - if(!p) { + if(!new_p) { abort(); } - return p; + return new_p; } static inline char *xstrdup(const char *s) ATTR_MALLOC ATTR_NONNULL; diff --git a/test/unit/test_fs.c b/test/unit/test_fs.c index 5b652ed6..37a4a7e6 100644 --- a/test/unit/test_fs.c +++ b/test/unit/test_fs.c @@ -54,8 +54,8 @@ static int setup_path_unix(void **state) { return 0; } -const char tmp_template[] = "/tmp/tinc.test.fs.XXXXXX"; -char tmp[sizeof(tmp_template)]; +static const char tmp_template[] = "/tmp/tinc.test.fs.XXXXXX"; +static char tmp[sizeof(tmp_template)]; static int setup_temp_dir(void **state) { (void)state; @@ -73,34 +73,26 @@ static int teardown_temp_dir(void **state) { return 0; } -static void test_makedir(tinc_dir_t dir, bool exists) { +static void test_makedir(unsigned int dir, bool exists) { char path[PATH_MAX]; char container[PATH_MAX] = {0}; - switch(dir) { - case DIR_CONFDIR: + if (dir == DIR_CONFDIR) { strcpy(path, tmp); - break; - - case DIR_CONFBASE: + } else if (dir == DIR_CONFBASE) { sprintf(path, "%s/conf", tmp); strcpy(container, tmp); - break; - - case DIR_CACHE: + } else if (dir == DIR_CACHE) { sprintf(path, "%s/conf/cache", tmp); sprintf(container, "%s/conf", tmp); - break; - - case DIR_HOSTS: + } else if (dir == DIR_HOSTS) { sprintf(path, "%s/conf/hosts", tmp); sprintf(container, "%s/conf", tmp); - break; - - case DIR_INVITATIONS: + } else if (dir == DIR_INVITATIONS) { sprintf(path, "%s/conf/invitations", tmp); sprintf(container, "%s/conf", tmp); - break; + } else { + abort(); } struct stat st; diff --git a/test/unit/test_net.c b/test/unit/test_net.c index 5901fc71..36cfc1ee 100644 --- a/test/unit/test_net.c +++ b/test/unit/test_net.c @@ -4,11 +4,6 @@ static environment_t *device_env = NULL; -// silence -Wmissing-prototypes -void __wrap_environment_init(environment_t *env); -void __wrap_environment_exit(environment_t *env); -bool __wrap_execute_script(const char *name, environment_t *env); - void __wrap_environment_init(environment_t *env) { assert_non_null(env); assert_null(device_env);