fix clang static analyzer warnings/errors - see #217

demos/hashsum.c

@@ -104,7 +104,7 @@ static void check_file(int argn, int argc, char **argv)
          space++;
 
          for (n = 0; n < (buf + sizeof(buf)) - space; ++n) {
-            if(iscntrl(space[n])) {
+            if(iscntrl((int)space[n])) {
                space[n] = '\0';
                break;
             }

demos/tv_gen.c

@@ -723,6 +723,10 @@ void gcm_gen(void)
             printf("Error GCM'ing: %s\n", error_to_string(err));
             exit(EXIT_FAILURE);
          }
+         if (len == 0) {
+            printf("Error GCM'ing: zero length\n");
+            exit(EXIT_FAILURE);
+         }
          fprintf(out, "%3d: ", y1);
          for (z = 0; z < y1; z++) {
             fprintf(out, "%02X", plaintext[z]);

src/ciphers/anubis.c

@@ -899,7 +899,7 @@ int  anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetri
 {
    int N, R, i, pos, r;
    ulong32 kappa[MAX_N];
-   ulong32 inter[MAX_N];
+   ulong32 inter[MAX_N] = { 0 }; /* initialize as all zeroes */
    ulong32 v, K0, K1, K2, K3;
 
    LTC_ARGCHK(key  != NULL);

src/encauth/ccm/ccm_memory.c

@@ -144,7 +144,7 @@ int ccm_memory(int cipher,
    }
 
    /* initialize buffer for pt */
-   if (direction == CCM_DECRYPT) {
+   if (direction == CCM_DECRYPT && ptlen > 0) {
       pt_work = XMALLOC(ptlen);
       if (pt_work == NULL) {
          goto error;

src/pk/asn1/der/utctime/der_decode_utctime.c

@@ -49,7 +49,7 @@ static int char_to_int(unsigned char x)
 int der_decode_utctime(const unsigned char *in, unsigned long *inlen,
                              ltc_utctime   *out)
 {
-   unsigned char buf[32];
+   unsigned char buf[32] = { 0 }; /* initialize as all zeroes */
    unsigned long x;
    int           y;
 

testprof/rsa_test.c

@@ -530,7 +530,6 @@ for (cnt = 0; cnt < len; ) {
    for (i = 0; i < 9; ++i) {
      len = sizeof(in);
      len2 = sizeof(out);
-     cnt = rsa_get_size(&key);
      /* (1) */
      DO(rsa_sign_hash_ex(p, 20, p2, &len2, LTC_PKCS_1_V1_5, &yarrow_prng, prng_idx, hash_idx, 8, &privKey));
      /* (2) */
@@ -540,7 +539,8 @@ for (cnt = 0; cnt < len; ) {
      /* (3) */
      DO(ltc_mp.rsa_me(p2, len2, p3, &len3, PK_PUBLIC, &key));
      /* (4) */
-#if 0
+#ifdef LTC_TEST_DBG
+     cnt = rsa_get_size(&key);
      printf("\nBefore:");
      for (cnt = 0; cnt < len3; ++cnt) {
        if (cnt%32 == 0)
@@ -563,7 +563,7 @@ for (cnt = 0; cnt < len; ) {
      for (cnt = cnt + len3-cnt2+i; cnt < len; ++cnt) {
         p3[cnt] = 0;
      }
-#if 0
+#ifdef LTC_TEST_DBG
      printf("\nAfter:");
      for (cnt = 0; cnt < len3; ++cnt) {
        if (cnt%32 == 0)

testprof/x86_prof.c

@@ -1487,7 +1487,7 @@ void time_macs_(unsigned long MAC_SIZE)
 
    if (cipher_idx == -1 || hash_idx == -1) {
       fprintf(stderr, "Warning the MAC tests requires AES and SHA1 to operate... so sorry\n");
-      return;
+      exit(EXIT_FAILURE);
    }
 
    yarrow_read(buf, MAC_SIZE*1024, &yarrow_prng);