Merge branch 't/clang_analyzer_fixes'

diff --combined command.c
index 3ba4310511c7683c66e7fb5a0f68af28e3ef14b0,74d82697dd241c8c435bf2f78d0052a1b5df9b10..b6861b88bbcb36621109f6d9ac7fe80546a42b35
--- 1/command.c
--- 2/command.c
+++ b/command.c
@@@ -108,8 -108,7 +108,8 @@@ static char *get_status(struct misc_met
  {
        char mtime[30] = "";
        char *status, *flags; /* vss status info */
 -      char *ut = uptime_str();
 +      /* nobody updates our version of "now" */
 +      char *ut = get_server_uptime_str(NULL);
        long offset = (nmmd->offset + 500) / 1000;
        struct timeval current_time;
        struct tm mtime_tm;
@@@ -259,7 -258,7 +259,7 @@@ int com_si(struct stream_cipher_contex
                sender_info = para_strcat(sender_info, info);
                free(info);
        }
 -      ut = uptime_str();
 +      ut = get_server_uptime_str(now);
        ret = sc_send_va_buffer(scc, "version: " GIT_VERSION "\n"
                "up: %s\nplayed: %u\n"
                "server_pid: %d\n"
@@@ -763,13 -762,11 +763,11 @@@ __noreturn void handle_connect(int fd, 
                ret = -E_AUTH_REQUEST;
                goto net_err;
        }
-       numbytes = ret;
        ret = -E_AUTH_REQUEST;
        if (strncmp(buf, AUTH_REQUEST_MSG, strlen(AUTH_REQUEST_MSG)))
                goto net_err;
        p = buf + strlen(AUTH_REQUEST_MSG);
        PARA_DEBUG_LOG("received auth request for user %s\n", p);
-       ret = -E_BAD_USER;
        u = lookup_user(p);
        if (u) {
                get_random_bytes_or_die(rand_buf, sizeof(rand_buf));

diff --combined crypt.c
index 7b7c16d348952dab0dccbbd2170af178a703adb3,207ad5db4e9f264091076d404adb06e12b95e8e4..431de6fe807f5a08acb8d4e62e0e6e3c160b6e1c
--- 1/crypt.c
--- 2/crypt.c
+++ b/crypt.c
@@@ -184,24 -184,25 +184,25 @@@ int get_asymmetric_key(const char *key_
        PARA_INFO_LOG("decoding public rsa-ssh key %s\n", key_file);
        ret = -ERRNO_TO_PARA_ERROR(EOVERFLOW);
        if (map_size > INT_MAX / 4)
-               goto out;
+               goto out_unmap;
        blob_size = 2 * map_size;
        blob = para_malloc(blob_size);
        ret = uudecode(cp, blob, blob_size);
        if (ret < 0)
-               goto out;
+               goto out_unmap;
        decoded_size = ret;
        ret = check_ssh_key_header(blob, decoded_size);
        if (ret < 0)
-               goto out;
+               goto out_unmap;
        ret = read_rsa_bignums(blob + ret, decoded_size - ret, &key->rsa);
        if (ret < 0)
-               goto out;
+               goto out_unmap;
        ret = RSA_size(key->rsa);
- out:
+ out_unmap:
        ret2 = para_munmap(map, map_size);
        if (ret >= 0 && ret2 < 0)
                ret = ret2;
+ out:
        if (ret < 0) {
                free(key);
                *result = NULL;
@@@ -306,7 -307,7 +307,7 @@@ int sc_send_bin_buffer(struct stream_ci
  int sc_recv_bin_buffer(struct stream_cipher_context *scc, char *buf,
                size_t size)
  {
 -      unsigned char *tmp = para_malloc(size);
 +      unsigned char *tmp = para_malloc(ROUND_UP(size, RC4_ALIGN));
        ssize_t ret = recv(scc->fd, tmp, size, 0);
  
        if (ret > 0)