diff --git a/.packit.yaml b/.packit.yaml index 4b4db34e..e58f0cc2 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -13,6 +13,14 @@ files_to_sync: upstream_package_name: polkit # downstream (Fedora) RPM package name downstream_package_name: polkit +# arguments for OpenScanHub +# +# Note: GCC analyzer in some cases depends on information provided by LTO to +# generate accurate results, but the LTO support in GCC analyzer is still +# experimental, so it's not enabled by default. In Polkit, however, this +# seems to work pretty well, so let's tell OSH to build our code with LTO +# when running GCC analyzer. +csmock_args: --gcc-add-flag=-flto=auto jobs: - job: copr_build diff --git a/src/polkit/polkitpermission.c b/src/polkit/polkitpermission.c index 3dc44748..2325a9f5 100644 --- a/src/polkit/polkitpermission.c +++ b/src/polkit/polkitpermission.c @@ -482,6 +482,7 @@ changed_check_cb (GObject *source_object, /* this really should never fail (since we are not passing any * details) so log to stderr if it happens */ + g_assert (error != NULL); g_warning ("Error checking authorization for action id %s: %s", permission->action_id, error->message); diff --git a/src/polkitagent/polkitagenthelper-pam.c b/src/polkitagent/polkitagenthelper-pam.c index 2054bcd1..e415d2ec 100644 --- a/src/polkitagent/polkitagenthelper-pam.c +++ b/src/polkitagent/polkitagenthelper-pam.c @@ -43,6 +43,7 @@ send_to_helper (const gchar *str1, size_t len2; tmp2 = g_strdup(str2); + g_assert (tmp2 != NULL); len2 = strlen(tmp2); #ifdef PAH_DEBUG fprintf (stderr, "polkit-agent-helper-1: writing `%s ' to stdout\n", str1); diff --git a/src/polkitbackend/polkitbackendduktapeauthority.c b/src/polkitbackend/polkitbackendduktapeauthority.c index 87c1d15b..5d16343a 100644 --- a/src/polkitbackend/polkitbackendduktapeauthority.c +++ b/src/polkitbackend/polkitbackendduktapeauthority.c @@ -559,8 +559,7 @@ else static gboolean push_action_and_details (duk_context *cx, const gchar *action_id, - PolkitDetails *details, - GError **error) + PolkitDetails *details) { gchar **keys; guint n; @@ -926,13 +925,11 @@ polkit_backend_common_js_authority_get_admin_auth_identities (PolkitBackendInter duk_push_string (cx, "_runAdminRules"); - if (!push_action_and_details (cx, action_id, details, &error)) + if (!push_action_and_details (cx, action_id, details)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), LOG_LEVEL_ERROR, - "Error converting action and details to JS object: %s", - error->message); - g_clear_error (&error); + "Error converting action and details to JS object"); goto out; } @@ -1010,13 +1007,11 @@ polkit_backend_common_js_authority_check_authorization_sync (PolkitBackendIntera duk_push_string (cx, "_runRules"); - if (!push_action_and_details (cx, action_id, details, &error)) + if (!push_action_and_details (cx, action_id, details)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), LOG_LEVEL_ERROR, - "Error converting action and details to JS object: %s", - error->message); - g_clear_error (&error); + "Error converting action and details to JS object"); goto out; } diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c index d4b5644c..65c13090 100644 --- a/src/programs/pkexec.c +++ b/src/programs/pkexec.c @@ -814,6 +814,11 @@ main (int argc, char *argv[]) polkit_details_insert (details, "command_line", command_line); cmdline_short = g_strdup(command_line); + if (cmdline_short == NULL) + { + g_printerr ("Failed to allocate memory for shortened command line.\n"); + goto out; + } if (strlen(command_line) > 80) g_stpcpy(g_stpcpy( cmdline_short + 38, " ... " ), command_line + strlen(command_line) - 37 );