/usr/src/libexec/login_reject/login

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.0 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name login_reject.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/libexec/login_reject/obj -resource-dir /usr/local/lib/clang/13.0.0 -internal-isystem /usr/local/lib/clang/13.0.0/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/libexec/login_reject/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/vmm/scan-build/2022-01-12-194120-40624-1 -x c /usr/src/libexec/login_reject/login_reject.c

File:	src/libexec/login_reject/login_reject.c
Warning:	line 109, column 3 Value stored to 'c' is never read

1	/* $OpenBSD: login_reject.c,v 1.18 2021/10/23 19:08:48 mestre Exp $ */
2
3	/*-
4	* Copyright (c) 1995 Berkeley Software Design, Inc. All rights reserved.
5	*
6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions
8	* are met:
9	* 1. Redistributions of source code must retain the above copyright
10	* notice, this list of conditions and the following disclaimer.
11	* 2. Redistributions in binary form must reproduce the above copyright
12	* notice, this list of conditions and the following disclaimer in the
13	* documentation and/or other materials provided with the distribution.
14	* 3. All advertising materials mentioning features or use of this software
15	* must display the following acknowledgement:
16	* This product includes software developed by Berkeley Software Design,
17	* Inc.
18	* 4. The name of Berkeley Software Design, Inc. may not be used to endorse
19	* or promote products derived from this software without specific prior
20	* written permission.
21	*
22	* THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN, INC. ``AS IS'' AND
23	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25	* ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN, INC. BE LIABLE
26	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32	* SUCH DAMAGE.
33	*
34	* BSDI $From: login_reject.c,v 1.5 1996/08/22 20:43:11 prb Exp $
35	*/
36
37	#include <sys/resource.h>
38
39	#include <login_cap.h>
40	#include <readpassphrase.h>
41	#include <stdio.h>
42	#include <stdlib.h>
43	#include <string.h>
44	#include <syslog.h>
45	#include <unistd.h>
46
47	int
48	main(int argc, char *argv[])
49	{
50	struct rlimit rl;
51	FILE *back;
52	char passbuf[1];
53	int mode = 0, c;
54
55	rl.rlim_cur = 0;
56	rl.rlim_max = 0;
57	(void)setrlimit(RLIMIT_CORE4, &rl);
58
59	(void)setpriority(PRIO_PROCESS0, 0, 0);
60
61	if (pledge("stdio rpath tty", NULL((void *)0)) == -1) {
62	syslog(LOG_AUTH(4<<3)\|LOG_ERR3, "pledge: %m");
63	exit(1);
64	}
65
66	openlog("login", LOG_ODELAY0x04, LOG_AUTH(4<<3));
67
68	while ((c = getopt(argc, argv, "v:s:")) != -1)
69	switch (c) {
70	case 'v':
71	break;
72	case 's': /* service */
73	if (strcmp(optarg, "login") == 0)
74	mode = 0;
75	else if (strcmp(optarg, "challenge") == 0)
76	mode = 1;
77	else if (strcmp(optarg, "response") == 0)
78	mode = 2;
79	else {
80	syslog(LOG_ERR3, "%s: invalid service", optarg);
81	exit(1);
82	}
83	break;
84	default:
85	syslog(LOG_ERR3, "usage error");
86	exit(1);
87	}
88
89	switch (argc - optind) {
90	case 2:
91	case 1:
92	break;
93	default:
94	syslog(LOG_ERR3, "usage error");
95	exit(1);
96	}
97
98	if (!(back = fdopen(3, "r+"))) {
99	syslog(LOG_ERR3, "reopening back channel: %m");
100	exit(1);
101	}
102	if (mode == 1) {
103	fprintf(back, BI_SILENT"reject silent" "\n");
104	exit(0);
105	}
106
107	if (mode == 2) {
108	mode = 0;
109	c = -1;
	Value stored to 'c' is never read
110	while (read(3, passbuf, 1) == 1) {
111	if (passbuf[0] == '\0' && ++mode == 2)
112	break;
113	}
114	if (mode < 2) {
115	syslog(LOG_ERR3, "protocol error on back channel");
116	exit(1);
117	}
118	} else
119	readpassphrase("Password:", passbuf, sizeof(passbuf), 0);
120
121	crypt_checkpass("password", NULL((void *)0));
122	explicit_bzero(passbuf, sizeof(passbuf));
123
124	fprintf(back, BI_REJECT"reject" "\n");
125	exit(1);
126	}

Bug Summary

Annotated Source Code