Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix nil error issue #243

Merged
merged 1 commit into from
Aug 9, 2020
Merged

Fix nil error issue #243

merged 1 commit into from
Aug 9, 2020

Conversation

bitcodr
Copy link
Contributor

@bitcodr bitcodr commented Jul 31, 2020

Hi,
I've fixed a bug related issue #242,

@google-cla
Copy link

google-cla bot commented Jul 31, 2020

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project (if not, look below for help). Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed (or fixed any issues), please reply here with @googlebot I signed it! and we'll verify it.

What to do if you already signed the CLA

Individual signers
Corporate signers

ℹ️ Googlers: Go here for more info.

@bitcodr
Copy link
Contributor Author

bitcodr commented Jul 31, 2020

@googlebot I signed it!

@googlebot I signed it!

@google-cla
Copy link

google-cla bot commented Jul 31, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

@bitcodr
Copy link
Contributor Author

bitcodr commented Jul 31, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

information_source Googlers: Go here for more info.

@googlebot I fixed it.

@google-cla
Copy link

google-cla bot commented Jul 31, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

@bitcodr bitcodr marked this pull request as draft July 31, 2020 15:12
@bitcodr bitcodr marked this pull request as ready for review July 31, 2020 15:13
@bitcodr
Copy link
Contributor Author

bitcodr commented Aug 1, 2020

@josephlr Could you please review my first pull request in the google open source community?

ebiggers
ebiggers requested changes Aug 1, 2020
View reviewed changes
Copy link
Collaborator

@ebiggers ebiggers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure this is a good idea. newExitError() should only be called if there was actually an error. Making it silently ignore nil errors could cause the program report success when actually something failed.

Can you fix the caller instead?

#242 says the problem is:

    // Sanity check before unlocking everything
    if err := policy.AddProtector(protector); errors.Cause(err) != actions.ErrLocked {
            return newExitError(c, err)
    }

It can be changed to:

    if err := policy.AddProtector(protector); errors.Cause(err) != actions.ErrLocked {
            if err == nil {
                    // should never happen
                    err = errors.New("policy and protector are not locked!")
            }
            return newExitError(c, err)
    }

I don't see how the err == nil case can actually happen, though. It should be impossible. Do you have a reproducer?

@google-cla
Copy link

google-cla bot commented Aug 1, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

@bitcodr
Copy link
Contributor Author

bitcodr commented Aug 1, 2020

I'm not sure this is a good idea. newExitError() should only be called if there was actually an error. Making it silently ignore nil errors could cause the program report success when actually something failed.

Can you fix the caller instead?

#242 says the problem is:

    // Sanity check before unlocking everything
    if err := policy.AddProtector(protector); errors.Cause(err) != actions.ErrLocked {
            return newExitError(c, err)
    }

It can be changed to:

    if err := policy.AddProtector(protector); errors.Cause(err) != actions.ErrLocked {
            if err == nil {
                    // should never happen
                    err = errors.New("policy and protector are not locked!")
            }
            return newExitError(c, err)
    }

I don't see how the err == nil case can actually happen, though. It should be impossible. Do you have a reproducer?

Thank you for review @ebiggers
What if adding a nil error statement before the errors.Cause(err) as below

 if err := policy.AddProtector(protector); err != nil && errors.Cause(err) != actions.ErrLocked {
            return newExitError(c, err)
    }

@ebiggers
Copy link
Collaborator

ebiggers commented Aug 1, 2020

What if adding a nil error statement before the errors.Cause(err) as below

 if err := policy.AddProtector(protector); err != nil && errors.Cause(err) != actions.ErrLocked {
            return newExitError(c, err)
    }

No, that's not right. We expect AddProtector() to return actions.ErrLocked. If it doesn't, we want to return with an error (thus causing fscrypt add-protector-to-policy to fail rather than continue on).

@google-cla
Copy link

google-cla bot commented Aug 2, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

@bitcodr
Copy link
Contributor Author

bitcodr commented Aug 2, 2020

What if adding a nil error statement before the errors.Cause(err) as below

 if err := policy.AddProtector(protector); err != nil && errors.Cause(err) != actions.ErrLocked {
            return newExitError(c, err)
    }

No, that's not right. We expect AddProtector() to return actions.ErrLocked. If it doesn't, we want to return with an error (thus causing fscrypt add-protector-to-policy to fail rather than continue on).

You're right, I changed it

@ebiggers
Copy link
Collaborator

ebiggers commented Aug 5, 2020

Can you please run make format and squash your commits?

@google-cla
Copy link

google-cla bot commented Aug 5, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

3 similar comments
@google-cla
Copy link

google-cla bot commented Aug 5, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

@google-cla
Copy link

google-cla bot commented Aug 5, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

@google-cla
Copy link

google-cla bot commented Aug 5, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

@bitcodr
Copy link
Contributor Author

bitcodr commented Aug 5, 2020

Can you please run make format and squash your commits?

Yes, I've done

@bitcodr bitcodr requested a review from ebiggers August 5, 2020 07:04
@ebiggers
Copy link
Collaborator

ebiggers commented Aug 5, 2020

Can you fix the presubmit failures?

  • CLA not signed, or commit author is wrong
  • make lint fails

@bitcodr
Copy link
Contributor Author

bitcodr commented Aug 5, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

information_source Googlers: Go here for more info.

@googlebot I fixed it.

@google-cla
Copy link

google-cla bot commented Aug 5, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

1 similar comment
@google-cla
Copy link

google-cla bot commented Aug 6, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

@bitcodr
Copy link
Contributor Author

bitcodr commented Aug 6, 2020

@googlebot I fixed it.

@googlebot I fixed it.

@google-cla
Copy link

google-cla bot commented Aug 6, 2020

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

@bitcodr
Copy link
Contributor Author

bitcodr commented Aug 6, 2020

@googlebot I fixed it.

@googlebot I fixed it.

@bitcodr
Copy link
Contributor Author

bitcodr commented Aug 6, 2020

Can you fix the presubmit failures?

* CLA not signed, or commit author is wrong

* `make lint` fails

CLA signed, but the lint errors are:

go vet ./...
# github.com/google/fscrypt/pam
pam/constants.go:51:10: fatal error: security/pam_modules.h: No such file or directory
   51 | #include <security/pam_modules.h>
      |          ^~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
# github.com/google/fscrypt/pam
pam/constants.go:51:10: fatal error: security/pam_modules.h: No such file or directory
   51 | #include <security/pam_modules.h>
      |          ^~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
make: *** [Makefile:109: lint] Error 2

@ebiggers
Copy link
Collaborator

ebiggers commented Aug 6, 2020

You need to install the PAM development package for your Linux distro. See https://github.com/google/fscrypt#building-and-installing

@bitcodr
Copy link
Contributor Author

bitcodr commented Aug 7, 2020

You need to install the PAM development package for your Linux distro. See https://github.com/google/fscrypt#building-and-installing

Thank you @ebiggers,
Coverage failed but there is no test file for it.!!

@ebiggers
Copy link
Collaborator

ebiggers commented Aug 7, 2020

Great, we're almost there. (The coverage test doesn't need to pass.)

Can you please add the issue number to the commit message:

Resolves https://github.com/google/fscrypt/issues/242

@bitcodr
Copy link
Contributor Author

bitcodr commented Aug 8, 2020

Great, we're almost there. (The coverage test doesn't need to pass.)

Can you please add the issue number to the commit message:

Resolves https://github.com/google/fscrypt/issues/242

Done.

@ebiggers ebiggers merged commit 5e85ae0 into google:master Aug 9, 2020
@ebiggers
Copy link
Collaborator

ebiggers commented Aug 9, 2020

Merged, thanks.

For future reference, Resolves should go on a separate line.

@bitcodr bitcodr deleted the fix-nil-error-bug branch August 9, 2020 19:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ebiggers ebiggers Awaiting requested review from ebiggers

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@bitcodr @ebiggers