From 413b4847746f0d907fe6086ae470c998464d695c Mon Sep 17 00:00:00 2001
From: Milan Broz <gmazyland@gmail.com>
Date: Tue, 18 May 2021 16:19:08 +0200
Subject: [PATCH] Add some fixes and workarounds for gcc-11 static analyzer.

Not everything is a real bug (false positive rate is very high here),
but the code is actually more readable.
---
 lib/crypto_backend/argon2/argon2.c | 2 ++
 lib/libdevmapper.c                 | 7 ++++++-
 lib/setup.c                        | 3 +++
 lib/utils_device.c                 | 6 ++++++
 4 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/lib/crypto_backend/argon2/argon2.c b/lib/crypto_backend/argon2/argon2.c
index 37771abd..c784fcaa 100644
--- a/lib/crypto_backend/argon2/argon2.c
+++ b/lib/crypto_backend/argon2/argon2.c
@@ -450,6 +450,8 @@ const char *argon2_error_message(int error_code) {
 
 size_t argon2_encodedlen(uint32_t t_cost, uint32_t m_cost, uint32_t parallelism,
                          uint32_t saltlen, uint32_t hashlen, argon2_type type) {
+  if (!argon2_type2string(type, 0))
+      return 0;
   return strlen("$$v=$m=,t=,p=$$") + strlen(argon2_type2string(type, 0)) +
          numlen(t_cost) + numlen(m_cost) + numlen(parallelism) +
          b64len(saltlen) + b64len(hashlen) + numlen(ARGON2_VERSION_NUMBER) + 1;
diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c
index a2983cd3..f6c9131f 100644
--- a/lib/libdevmapper.c
+++ b/lib/libdevmapper.c
@@ -2296,8 +2296,13 @@ static int _dm_target_query_verity(struct crypt_device *cd,
 				str = strsep(&params, " ");
 				if (!str)
 					goto err;
-				if (!root_hash_sig_key_desc)
+				if (!root_hash_sig_key_desc) {
 					root_hash_sig_key_desc = strdup(str);
+					if (!root_hash_sig_key_desc) {
+						r = -ENOMEM;
+						goto err;
+					}
+				}
 				i++;
 				if (vp)
 					vp->flags |= CRYPT_VERITY_ROOT_HASH_SIGNATURE;
diff --git a/lib/setup.c b/lib/setup.c
index 6964ec16..ba45b705 100644
--- a/lib/setup.c
+++ b/lib/setup.c
@@ -5095,6 +5095,9 @@ const char *crypt_get_cipher_mode(struct crypt_device *cd)
 /* INTERNAL only */
 const char *crypt_get_integrity(struct crypt_device *cd)
 {
+	if (!cd)
+		return NULL;
+
 	if (isINTEGRITY(cd->type))
 		return cd->u.integrity.params.integrity;
 
diff --git a/lib/utils_device.c b/lib/utils_device.c
index a80cbd26..8bb85995 100644
--- a/lib/utils_device.c
+++ b/lib/utils_device.c
@@ -180,6 +180,9 @@ static int device_ready(struct crypt_device *cd, struct device *device)
 	struct stat st;
 	size_t tmp_size;
 
+	if (!device)
+		return -EINVAL;
+
 	if (device->o_direct) {
 		log_dbg(cd, "Trying to open and read device %s with direct-io.",
 			device_path(device));
@@ -235,6 +238,9 @@ static int _open_locked(struct crypt_device *cd, struct device *device, int flag
 {
 	int fd;
 
+	if (!device)
+		return -EINVAL;
+
 	log_dbg(cd, "Opening locked device %s", device_path(device));
 
 	if ((flags & O_ACCMODE) != O_RDONLY && device_locked_readonly(device->lh)) {