Thanks for the patch!
On 5/4/24 10:09 PM, Amer Al Shanawany wrote:
> Fix the following warnings by adding return check and error handling.
>
> test_execve.c: In function ‘do_tests’:
> test_execve.c:100:17: warning: ignoring return value of
> ‘capng_get_caps_process’
> declared with attribute ‘warn_unused_result’ [-Wunused-result]
> 100 | capng_get_caps_process();
> | ^~~~~~~~~~~~~~~~~~~~~~~~
> validate_cap.c: In function ‘main’:
> validate_cap.c:47:9: warning: ignoring return value of
> ‘capng_get_caps_process’
> declared with attribute ‘warn_unused_result’ [-Wunused-result]
> 47 | capng_get_caps_process();
> | ^~~~~~~~~~~~~~~~~~~~~~~~
>
> Signed-off-by: Amer Al Shanawany <amer.shanawany@xxxxxxxxx>
LGTM
Reviewed-by: Muhammad Usama Anjum <usama.anjum@xxxxxxxxxxxxx>
> ---
> tools/testing/selftests/capabilities/test_execve.c | 12 +++++++++---
> tools/testing/selftests/capabilities/validate_cap.c | 7 ++++++-
> 2 files changed, 15 insertions(+), 4 deletions(-)
>
> diff --git a/tools/testing/selftests/capabilities/test_execve.c b/tools/testing/selftests/capabilities/test_execve.c
> index 7cde07a5df78..47bad7ddc5bc 100644
> --- a/tools/testing/selftests/capabilities/test_execve.c
> +++ b/tools/testing/selftests/capabilities/test_execve.c
> @@ -82,7 +82,7 @@ static bool create_and_enter_ns(uid_t inner_uid)
> {
> uid_t outer_uid;
> gid_t outer_gid;
> - int i;
> + int i, ret;
> bool have_outer_privilege;
>
> outer_uid = getuid();
> @@ -97,7 +97,10 @@ static bool create_and_enter_ns(uid_t inner_uid)
> ksft_exit_fail_msg("setresuid - %s\n", strerror(errno));
>
> // Re-enable effective caps
> - capng_get_caps_process();
> + ret = capng_get_caps_process();
> + if (ret == -1)
> + ksft_exit_fail_msg("capng_get_caps_process failed\n");
> +
> for (i = 0; i < CAP_LAST_CAP; i++)
> if (capng_have_capability(CAPNG_PERMITTED, i))
> capng_update(CAPNG_ADD, CAPNG_EFFECTIVE, i);
> @@ -207,6 +210,7 @@ static void exec_validate_cap(bool eff, bool perm, bool inh, bool ambient)
>
> static int do_tests(int uid, const char *our_path)
> {
> + int ret;
> bool have_outer_privilege = create_and_enter_ns(uid);
>
> int ourpath_fd = open(our_path, O_RDONLY | O_DIRECTORY);
> @@ -250,7 +254,9 @@ static int do_tests(int uid, const char *our_path)
> ksft_exit_fail_msg("chmod - %s\n", strerror(errno));
> }
>
> - capng_get_caps_process();
> + ret = capng_get_caps_process();
> + if (ret == -1)
> + ksft_exit_fail_msg("capng_get_caps_process failed\n");
>
> /* Make sure that i starts out clear */
> capng_update(CAPNG_DROP, CAPNG_INHERITABLE, CAP_NET_BIND_SERVICE);
> diff --git a/tools/testing/selftests/capabilities/validate_cap.c b/tools/testing/selftests/capabilities/validate_cap.c
> index 60b4e7b716a7..65f2a1c89239 100644
> --- a/tools/testing/selftests/capabilities/validate_cap.c
> +++ b/tools/testing/selftests/capabilities/validate_cap.c
> @@ -28,6 +28,7 @@ static bool bool_arg(char **argv, int i)
> int main(int argc, char **argv)
> {
> const char *atsec = "";
> + int ret;
>
> /*
> * Be careful just in case a setgid or setcapped copy of this
> @@ -44,7 +45,11 @@ int main(int argc, char **argv)
> atsec = " (AT_SECURE is not set)";
> #endif
>
> - capng_get_caps_process();
> + ret = capng_get_caps_process();
> + if (ret == -1) {
> + ksft_print_msg("capng_get_caps_process failed\n");
> + return 1;
> + }
>
> if (capng_have_capability(CAPNG_EFFECTIVE, CAP_NET_BIND_SERVICE) != bool_arg(argv, 1)) {
> ksft_print_msg("Wrong effective state%s\n", atsec);
--
BR,
Muhammad Usama Anjum
