The clang analyzer says
crypt.c:202:9: warning: Function call argument is an uninitialized value
ret2 = para_munmap(map, map_size);
^ ~~~~~~~~
And right it is. This is not a bug though as map_size is only undefined
if map is NULL and in this case para_munmap does not look at its second
argument. However, this is rather subtle, so introduce a new label out_unmap
and jump there only if we really must unmap the file.
PARA_INFO_LOG("decoding public rsa-ssh key %s\n", key_file);
ret = -ERRNO_TO_PARA_ERROR(EOVERFLOW);
if (map_size > INT_MAX / 4)
PARA_INFO_LOG("decoding public rsa-ssh key %s\n", key_file);
ret = -ERRNO_TO_PARA_ERROR(EOVERFLOW);
if (map_size > INT_MAX / 4)
blob_size = 2 * map_size;
blob = para_malloc(blob_size);
ret = uudecode(cp, blob, blob_size);
if (ret < 0)
blob_size = 2 * map_size;
blob = para_malloc(blob_size);
ret = uudecode(cp, blob, blob_size);
if (ret < 0)
decoded_size = ret;
ret = check_ssh_key_header(blob, decoded_size);
if (ret < 0)
decoded_size = ret;
ret = check_ssh_key_header(blob, decoded_size);
if (ret < 0)
ret = read_rsa_bignums(blob + ret, decoded_size - ret, &key->rsa);
if (ret < 0)
ret = read_rsa_bignums(blob + ret, decoded_size - ret, &key->rsa);
if (ret < 0)
ret = RSA_size(key->rsa);
ret = RSA_size(key->rsa);
ret2 = para_munmap(map, map_size);
if (ret >= 0 && ret2 < 0)
ret = ret2;
ret2 = para_munmap(map, map_size);
if (ret >= 0 && ret2 < 0)
ret = ret2;
if (ret < 0) {
free(key);
*result = NULL;
if (ret < 0) {
free(key);
*result = NULL;