clang static analyzer reports

tools/pkcs15-tool.c:
	Dead assignment: Value stored to 'c' is never read
tools/pkcs11-tool.c:
	Dead assignment: Value stored to 'n' is never read
	Dead assignment: Value stored to 'rv' is never read
libopensc/card-cac.c:
	Dead assignemnt: Value stored to 'tl_head_len' is never read
	Dead increment: Value stored to 'outp' is never read
common/libpkcs11.c:
	Memory leak in case of C_UnloadModule() fails
libopensc/pkcs15-pubkey.c:
	Potential memory leaks
pkcs11/mechanism.c:
	Potential memory leak
pkcs11/framework-pkcs15.c:
	Potential memory leaks
	Dereference of null pointer
	Dead assignments
tools/sc-hsm-tool.c:
	Function call argument is an uninitialized value
	Dead assignment: Value stored to 'r' is never read
libopensc/card-openpgp.c:
	Dead assignment: ignoring the errors in case of sc_pkcs15_encode_pubkey() failed
libopensc/pkcs15-cac.c:
	Dead assignments: ignoring return values
libopensc/pkcs15-coolkey.c:
	Dead assignments: ignoring return values
libopensc/card-sc-hsm.c:
	Dereference of undefined pointer value: Properly check the file allocation
pkcs11/slot.c:
	Dead assignment
pkcs15init/pkcs15-cflex.c:
	Dereference of null pointer
	Uninitialized argument values

src/common/libpkcs11.c

@@ -75,8 +75,9 @@ C_LoadModule(const char *mspec, CK_FUNCTION_LIST_PTR_PTR funcs)
 		return (void *) mod;
 	else {
 		fprintf(stderr, "C_GetFunctionList failed %lx", rv);
-		C_UnloadModule((void *) mod);
-		return NULL;
+		rv = C_UnloadModule((void *) mod);
+		if (rv == CKR_OK)
+			mod = NULL; /* already freed */
 	}
 failed:
 	free(mod);

src/libopensc/card-cac.c

@@ -665,7 +665,6 @@ static int cac_read_binary(sc_card_t *card, unsigned int idx,
 		cert_len = 0;
 		cert_ptr = NULL;
 		cert_type = 0;
-		tl_head_len = 2;
 		for (tl_ptr = tl, val_ptr=val; tl_len >= 2;
 				val_len -= len, val_ptr += len, tl_len -= tl_head_len) {
 			tl_start = tl_ptr;
@@ -943,7 +942,7 @@ static int cac_rsa_op(sc_card_t *card,
 	if (rbuflen != 0) {
 		int n = MIN(rbuflen, outplen);
 		memcpy(outp,rbuf, n);
-		outp += n;
+		/*outp += n;     unused */ 
 		outplen -= n;
 	}
 	free(rbuf);

src/libopensc/card-openpgp.c

@@ -2020,6 +2020,7 @@ pgp_update_pubkey_blob(sc_card_t *card, u8* modulus, size_t modulus_len,
 	pubkey.u.rsa.exponent.len  = exponent_len >> 3;
 
 	r = sc_pkcs15_encode_pubkey(card->ctx, &pubkey, &data, &len);
+	LOG_TEST_RET(card->ctx, r, "Cannot encode pubkey.");
 
 	sc_log(card->ctx, "Update blob content.");
 	r = pgp_set_blob(pk_blob, data, len);

src/libopensc/card-sc-hsm.c

@@ -1489,7 +1489,7 @@ static int sc_hsm_init(struct sc_card *card)
 	size_t expanded_len = PATH_MAX;
 #endif
 	int flags,ext_flags;
-	sc_file_t *file;
+	sc_file_t *file = NULL;
 	sc_path_t path;
 	sc_hsm_private_data_t *priv = card->drv_data;
 
@@ -1530,7 +1530,7 @@ static int sc_hsm_init(struct sc_card *card)
 
 	sc_path_set(&path, SC_PATH_TYPE_DF_NAME, sc_hsm_aid.value, sc_hsm_aid.len, 0, 0);
 	if (sc_hsm_select_file_ex(card, &path, 0, &file) == SC_SUCCESS
-			&& file->prop_attr && file->prop_attr_len >= 5) {
+			&& file && file->prop_attr && file->prop_attr_len >= 5) {
 		static char card_name[SC_MAX_APDU_BUFFER_SIZE];
 		u8 type = file->prop_attr[2];
 		u8 major = file->prop_attr[3];

src/libopensc/pkcs15-cac.c

@@ -257,6 +257,8 @@ static int sc_pkcs15emu_cac_init(sc_pkcs15_card_t *p15card)
 
 	/* set other objects */
 	r = (card->ops->card_ctl)(card, SC_CARDCTL_CAC_INIT_GET_GENERIC_OBJECTS, &count);
+	LOG_TEST_RET(card->ctx, r, "Can not initiate generic objects.");
+
 	for (i = 0; i < count; i++) {
 		struct sc_pkcs15_data_info obj_info;
 		struct sc_pkcs15_object    obj_obj;
@@ -273,6 +275,7 @@ static int sc_pkcs15emu_cac_init(sc_pkcs15_card_t *p15card)
 			SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, r);
 	}
 	r = (card->ops->card_ctl)(card, SC_CARDCTL_CAC_FINAL_GET_GENERIC_OBJECTS, &count);
+	LOG_TEST_RET(card->ctx, r, "Can not finalize generic objects.");
 
 	/*
 	 * certs, pubkeys and priv keys are related and we assume
@@ -282,6 +285,8 @@ static int sc_pkcs15emu_cac_init(sc_pkcs15_card_t *p15card)
 	 */
 	sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "CAC adding certs, pub and priv keys...");
 	r = (card->ops->card_ctl)(card, SC_CARDCTL_CAC_INIT_GET_CERT_OBJECTS, &count);
+	LOG_TEST_RET(card->ctx, r, "Can not initiate cert objects.");
+
 	for (i = 0; i < count; i++) {
 		struct sc_pkcs15_data_info obj_info;
 		struct sc_pkcs15_cert_info cert_info;
@@ -294,6 +299,7 @@ static int sc_pkcs15emu_cac_init(sc_pkcs15_card_t *p15card)
 		sc_pkcs15_cert_t *cert_out = NULL;
 
 		r = (card->ops->card_ctl)(card, SC_CARDCTL_CAC_GET_NEXT_CERT_OBJECT, &obj_info);
+		LOG_TEST_RET(card->ctx, r, "Can not get next object");
 
 		memset(&cert_info, 0, sizeof(cert_info));
 		memset(&pubkey_info, 0, sizeof(pubkey_info));
@@ -421,6 +427,7 @@ fail:
 
 	}
 	r = (card->ops->card_ctl)(card, SC_CARDCTL_CAC_FINAL_GET_CERT_OBJECTS, &count);
+	LOG_TEST_RET(card->ctx, r, "Can not finalize cert objects.");
 
 	SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_SUCCESS);
 }

src/libopensc/pkcs15-coolkey.c

@@ -539,6 +539,8 @@ static int sc_pkcs15emu_coolkey_init(sc_pkcs15_card_t *p15card)
 
 	/* set other objects */
 	r = (card->ops->card_ctl)(card, SC_CARDCTL_COOLKEY_INIT_GET_OBJECTS, &count);
+	LOG_TEST_RET(card->ctx, r, "Can not initiate objects.");
+
 	for (i = 0; i < count; i++) {
 		struct sc_cardctl_coolkey_object     coolkey_obj;
 		struct sc_pkcs15_object    obj_obj;
@@ -678,6 +680,7 @@ fail:
 
 	}
 	r = (card->ops->card_ctl)(card, SC_CARDCTL_COOLKEY_FINAL_GET_OBJECTS, &count);
+	LOG_TEST_RET(card->ctx, r, "Can not finalize objects.");
 
 	/* Iterate over all the created objects and fill missing labels */
 	for (obj = p15card->obj_list; obj != NULL; obj = obj->next) {

src/libopensc/pkcs15-pubkey.c

@@ -1098,8 +1098,10 @@ sc_pkcs15_dup_pubkey(struct sc_context *ctx, struct sc_pkcs15_pubkey *key, struc
 		rv = sc_asn1_encode_algorithm_id(ctx, &alg, &alglen,key->alg_id, 0);
 		if (rv == SC_SUCCESS) {
 			pubkey->alg_id = (struct sc_algorithm_id *)calloc(1, sizeof(struct sc_algorithm_id));
-			if (pubkey->alg_id == NULL)
+			if (pubkey->alg_id == NULL) {
+				free(pubkey);
 				LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
+			}
 			rv = sc_asn1_decode_algorithm_id(ctx, alg, alglen, pubkey->alg_id, 0);
 			free(alg);
 		}
@@ -1389,8 +1391,10 @@ sc_pkcs15_pubkey_from_spki_fields(struct sc_context *ctx, struct sc_pkcs15_pubke
 		}
 
 		pubkey->u.ec.ecpointQ.value = malloc(pk.len);
-		if (pubkey->u.ec.ecpointQ.value == NULL)
-			LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
+		if (pubkey->u.ec.ecpointQ.value == NULL) {
+			r = SC_ERROR_OUT_OF_MEMORY;
+			LOG_TEST_GOTO_ERR(ctx, r, "failed to malloc() memory");
+		}
 		memcpy(pubkey->u.ec.ecpointQ.value, pk.value, pk.len);
 		pubkey->u.ec.ecpointQ.len = pk.len;
 	}

src/pkcs11/framework-pkcs15.c

@@ -718,7 +718,7 @@ __pkcs15_create_pubkey_object(struct pkcs15_fw_data *fw_data,
 	} else if (!(pubkey->emulated && (fw_data->p15_card->flags & SC_PKCS15_CARD_FLAG_EMULATED))) {
 		sc_pkcs15_free_pubkey(p15_key);
 	}
-	if (object->pub_data) {
+	if (object && object->pub_data) {
 		if ((object->pub_data->alg_id)&&(object->pub_data->algorithm == SC_ALGORITHM_GOSTR3410))
 			object->pub_data->alg_id->params = &((object->pub_data->u).gostr3410.params);
 	}
@@ -734,7 +734,7 @@ static int
 __pkcs15_create_prkey_object(struct pkcs15_fw_data *fw_data,
 	struct sc_pkcs15_object *prkey, struct pkcs15_any_object **prkey_object)
 {
-	struct pkcs15_prkey_object *object;
+	struct pkcs15_prkey_object *object = NULL;
 	int rv;
 
 	rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &object,
@@ -1821,7 +1821,7 @@ pkcs15_initialize(struct sc_pkcs11_slot *slot, void *ptr,
 
 		if (p15card)   {
 			sc_log(context, "pkcs15init erase card");
-			rc = sc_pkcs15init_erase_card(p15card, profile, NULL);
+			sc_pkcs15init_erase_card(p15card, profile, NULL);
 
 			sc_log(context, "pkcs15init unbind");
 			sc_pkcs15init_unbind(profile);
@@ -2253,11 +2253,11 @@ pkcs15_create_secret_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile
 
 	    key_obj->flags = 2; /* TODO not sure what these mean */
 
-	    skey_info = calloc(1, sizeof(sc_pkcs15_skey_info_t));
+		skey_info = calloc(1, sizeof(sc_pkcs15_skey_info_t));
 		if (skey_info == NULL) {
 			rv = CKR_HOST_MEMORY;
 			goto out;
-	    }
+		}
 	    key_obj->data = skey_info;
 	    skey_info->usage = args.usage;
 	    skey_info->native = 0; /* card can not use this */
@@ -2266,7 +2266,7 @@ pkcs15_create_secret_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile
 	    skey_info->data.value = args.key.data;
 	    skey_info->data.len = args.key.data_len;
 	    skey_info->value_len = args.value_len; /* callers prefered length */
-
+	    args.key.data = NULL;
 	}
 	else {
 #if 1
@@ -2290,6 +2290,7 @@ pkcs15_create_secret_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile
 	rv = CKR_OK;
 
 out:
+	free(args.key.data); /* if allocated */
 	free(key_obj);
 	return rv;
 }
@@ -2335,7 +2336,6 @@ pkcs15_create_public_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile
 			return CKR_ATTRIBUTE_VALUE_INVALID;
 	}
 
-	rv = CKR_OK;
 	while (ulCount--) {
 		CK_ATTRIBUTE_PTR attr = pTemplate++;
 		sc_pkcs15_bignum_t *bn = NULL;
@@ -2429,7 +2429,6 @@ pkcs15_create_certificate(struct sc_pkcs11_slot *slot,
 	if (cert_type != CKC_X_509)
 		return CKR_ATTRIBUTE_VALUE_INVALID;
 
-	rv = CKR_OK;
 	while (ulCount--) {
 		CK_ATTRIBUTE_PTR attr = pTemplate++;
 
@@ -2438,7 +2437,7 @@ pkcs15_create_certificate(struct sc_pkcs11_slot *slot,
 		case CKA_CLASS:
 			break;
 		case CKA_PRIVATE:
-			rv = attr_extract(attr, &bValue, NULL);
+			attr_extract(attr, &bValue, NULL);
 			if (bValue) {
 				rv = CKR_TEMPLATE_INCONSISTENT;
 				goto out;
@@ -2505,7 +2504,6 @@ pkcs15_create_data(struct sc_pkcs11_slot *slot, struct sc_profile *profile,
 	if (!fw_data)
 		return sc_to_cryptoki_error(SC_ERROR_INTERNAL, "C_CreateObject");
 
-	rv = CKR_OK;
 	while (ulCount--) {
 		CK_ATTRIBUTE_PTR attr = pTemplate++;
 
@@ -2514,7 +2512,7 @@ pkcs15_create_data(struct sc_pkcs11_slot *slot, struct sc_profile *profile,
 		case CKA_CLASS:
 			break;
 		case CKA_PRIVATE:
-			rv = attr_extract(attr, &bValue, NULL);
+			attr_extract(attr, &bValue, NULL);
 			if (bValue) {
 				pin = slot_data_auth_info(slot->fw_data);
 				if (pin == NULL) {

src/pkcs11/mechanism.c

@@ -1059,8 +1059,10 @@ sc_pkcs11_register_sign_and_hash_mechanism(struct sc_pkcs11_card *p11card,
 	info->hash_mech = hash_mech;
 
 	new_type = sc_pkcs11_new_fw_mechanism(mech, &mech_info, sign_type->key_type, info, free_info);
-
-	if (!new_type)
+	if (!new_type) {
+		free(info);
 		return CKR_HOST_MEMORY;
+	}
+
 	return sc_pkcs11_register_mechanism(p11card, new_type);
 }

src/pkcs11/slot.c

@@ -230,8 +230,6 @@ CK_RV card_detect(sc_reader_t *reader)
 	unsigned int i;
 	int j;
 
-	rv = CKR_OK;
-
 	sc_log(context, "%s: Detecting smart card", reader->name);
 	/* Check if someone inserted a card */
 again:

src/pkcs15init/pkcs15-cflex.c

@@ -296,9 +296,9 @@ cflex_create_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_pkcs15_obj
 		goto out;
 	}
 
-	if (prkf->size < size)
+	if (prkf && prkf->size < size)
 		prkf->size = size;
-	if (pukf->size < size + 4)
+	if (pukf && pukf->size < size + 4)
 		pukf->size = size + 4;
 
 	/* Now create the files */
@@ -385,7 +385,7 @@ cflex_store_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card,
 {
 	sc_pkcs15_prkey_info_t *key_info = (sc_pkcs15_prkey_info_t *) obj->data;
 	sc_card_t *card = p15card->card;
-	sc_file_t	*prkf, *pukf;
+	sc_file_t	*prkf = NULL, *pukf = NULL;
 	unsigned char	keybuf[1024];
 	size_t		size;
 	int		r;

src/tools/pkcs11-tool.c

@@ -2193,7 +2193,6 @@ static void	parse_certificate(struct x509cert_info *cert,
 	cert->issuer_len = n;
 
 	/* check length first */
-	n = 0;
 	n = i2d_ASN1_INTEGER(X509_get_serialNumber(x), NULL);
 	if (n < 0)
 		util_fatal("OpenSSL error while encoding serial number");
@@ -3542,6 +3541,9 @@ get_mechanisms(CK_SLOT_ID slot, CK_MECHANISM_TYPE_PTR *pList, CK_FLAGS flags)
 	CK_RV		rv;
 
 	rv = p11->C_GetMechanismList(slot, *pList, &ulCount);
+	if (rv != CKR_OK)
+		p11_fatal("C_GetMechanismList", rv);
+
 	*pList = calloc(ulCount, sizeof(**pList));
 	if (*pList == NULL)
 		util_fatal("calloc failed: %m");
@@ -5193,6 +5195,7 @@ static CK_SESSION_HANDLE test_kpgen_certwrite(CK_SLOT_ID slot, CK_SESSION_HANDLE
 		p11_fatal("C_SignInit", rv);
 	if (getALWAYS_AUTHENTICATE(session, priv_key))
 		login(session,CKU_CONTEXT_SPECIFIC);
+
 	rv = p11->C_Sign(session, data, data_len, sig, &sig_len);
 	if (rv != CKR_OK)
 		p11_fatal("C_Sign", rv);

src/tools/pkcs15-tool.c

@@ -2061,8 +2061,6 @@ int main(int argc, char * const argv[])
 
 	assert(sizeof(option_help)/sizeof(char *)==sizeof(options)/sizeof(struct option));
 
-	c = OPT_PUK;
-
 	while (1) {
 		c = getopt_long(argc, argv, "r:cuko:sva:LR:CwDTU", options, &long_optind);
 		if (c == -1)

src/tools/sc-hsm-tool.c

@@ -45,6 +45,7 @@
 #include "libopensc/opensc.h"
 #include "libopensc/cardctl.h"
 #include "libopensc/asn1.h"
+#include "libopensc/log.h"
 #include "libopensc/card-sc-hsm.h"
 #include "util.h"
 
@@ -1387,8 +1388,9 @@ static int wrap_key(sc_card_t *card, int keyid, const char *outf, const char *pi
 
 	// Encode key in octet string object
 	key_len = 0;
-	wrap_with_tag(0x04, wrapped_key.wrapped_key, wrapped_key.wrapped_key_length,
+	r = wrap_with_tag(0x04, wrapped_key.wrapped_key, wrapped_key.wrapped_key_length,
 						&key, &key_len);
+	LOG_TEST_RET(ctx, r, "Out of memory");
 
 	memcpy(ptr, key, key_len);
 	ptr += key_len;
@@ -1410,7 +1412,8 @@ static int wrap_key(sc_card_t *card, int keyid, const char *outf, const char *pi
 	}
 
 	// Encode key, key decription and certificate object in sequence
-	wrap_with_tag(0x30, keyblob, ptr - keyblob, &key, &key_len);
+	r = wrap_with_tag(0x30, keyblob, ptr - keyblob, &key, &key_len);
+	LOG_TEST_RET(ctx, r, "Out of memory");
 
 	out = fopen(outf, "wb");
 
@@ -1449,7 +1452,7 @@ static int update_ef(sc_card_t *card, u8 prefix, u8 id, int erase, const u8 *buf
 	r = sc_select_file(card, &path, NULL);
 
 	if ((r == SC_SUCCESS) && erase) {
-		r = sc_delete_file(card, &path);
+		sc_delete_file(card, &path);
 		r = SC_ERROR_FILE_NOT_FOUND;
 	}