resolved: use _cleanup_(gcry_md_closep) in one more place

Documentation says gcry_md_close will ignore a NULL input so should be safe:

https://gnupg.org/documentation/manuals/gcrypt/Working-with-hash-algorithms.html

Makes Coverity happy, follow-up for 248b1e0aa4

CID #1451555

man/sd_bus_error.xml

@@ -147,55 +147,54 @@
   <refsect1>
     <title>Description</title>
 
-    <para>The <structname>sd_bus_error</structname> structure carries
+    <para>The <structname>sd_bus_error</structname> structure carries information about a D-Bus error
-    information about a D-Bus error condition. The functions described
+    condition, or lack thereof. The functions described below may be used to set and query fields in this
-    below may be used to set and query fields in this structure. The
+    structure.
-    <structfield>name</structfield> field contains a short identifier
+    <itemizedlist>
-    of an error. It should follow the rules for error names described
+      <listitem><para>The <structfield>name</structfield> field contains a short identifier of an error. It
-    in the D-Bus specification, subsection <ulink
+      should follow the rules for error names described in the D-Bus specification, subsection <ulink
-    url="http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names">Valid
+      url="http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names">Valid
-    Names</ulink>. A number of common, standardized error names are
+      Names</ulink>. A number of common, standardized error names are described in
-    described in
+      <citerefentry><refentrytitle>sd-bus-errors</refentrytitle><manvolnum>3</manvolnum></citerefentry>, but
-    <citerefentry><refentrytitle>sd-bus-errors</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+      additional domain-specific errors may be defined by applications.</para></listitem>
-    but additional domain-specific errors may be defined by
-    applications. The <structfield>message</structfield> field usually
-    contains a human-readable string describing the details, but might
-    be <constant>NULL</constant>. An unset <structname>sd_bus_error</structname> structure
-    should have both fields initialized to <constant>NULL</constant>. Set an error
-    structure to <constant>SD_BUS_ERROR_NULL</constant> in order to
-    reset both fields to <constant>NULL</constant>. When no longer necessary, resources
-    held by the <structname>sd_bus_error</structname> structure should
-    be destroyed with <function>sd_bus_error_free()</function>.</para>
 
-    <para><function>sd_bus_error_set()</function> sets an error
+      <listitem><para>The <structfield>message</structfield> field usually contains a human-readable string
-    structure to the specified name and message strings. The strings
+      describing the details, but might be <constant>NULL</constant>.</para></listitem>
-    will be copied into internal, newly allocated memory. It is
+    </itemizedlist>
-    essential to free the error structure again when it is not
+    An unset <structname>sd_bus_error</structname> structure should have both fields initialized to
-    required anymore (see above). The function will return an
+    <constant>NULL</constant>, and signifies lack of an error, i.e. success. Assign
-    <varname>errno</varname>-like negative value (see <citerefentry
+    <constant>SD_BUS_ERROR_NULL</constant> to the structure in order to initialize both fields to
+    <constant>NULL</constant>. When no longer necessary, resources held by the
+    <structname>sd_bus_error</structname> structure should be destroyed with
+    <function>sd_bus_error_free()</function>.</para>
+
+    <para><function>sd_bus_error_set()</function> sets an error structure to the specified name and message
+    strings. The strings will be copied into internal, newly allocated memory. It is essential to free the
+    contents again when they are not required anymore (see above). Do not use this call on error structures
+    that have already been set. If you intend to reuse an error structure, free the old data stored in it
+    with <function>sd_bus_error_free()</function> first.</para>
+
+    <para><function>sd_bus_error_set()</function> will return an <varname>errno</varname>-like value (see
+    <citerefentry
     project='man-pages'><refentrytitle>errno</refentrytitle><manvolnum>3</manvolnum></citerefentry>)
-    determined from the specified error name.  Various well-known
+    determined from the specified error name <parameter>name</parameter>. If <parameter>name</parameter> is
-    D-Bus errors are converted to well-known <varname>errno</varname>
+    <constant>NULL</constant>, it is assumed that no error occurred, and <constant>0</constant> is returned.
-    counterparts, and the other ones to <constant>-EIO</constant>. See
+    If <parameter>name</parameter> is nonnull, a negative value is always returned. If
-    <citerefentry><refentrytitle>sd-bus-errors</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+    <parameter>e</parameter> is <constant>NULL</constant>, no error structure is initialized, but
-    for a list of well-known error names. Additional error mappings
+    <parameter>name</parameter> is still converted into an <varname>errno</varname>-style value.</para>
-    may be defined with
+
-    <citerefentry><refentrytitle>sd_bus_error_add_map</refentrytitle><manvolnum>3</manvolnum></citerefentry>. If
+    <para>Various well-known D-Bus errors are converted to well-known <varname>errno</varname> counterparts,
-    <parameter>e</parameter> is <constant>NULL</constant>, no error structure is initialized,
+    and the other ones to <constant>-EIO</constant>. See
-    but the error is still converted into an
+    <citerefentry><refentrytitle>sd-bus-errors</refentrytitle><manvolnum>3</manvolnum></citerefentry> for a
-    <varname>errno</varname>-style error. If
+    list of well-known error names. Additional error mappings may be defined with
-    <parameter>name</parameter> is <constant>NULL</constant>, it is
+    <citerefentry><refentrytitle>sd_bus_error_add_map</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
-    assumed that no error occurred, and 0 is returned. This means that
+    </para>
-    this function may be conveniently used in a
+
-    <function>return</function> statement. If
+    <para><function>sd_bus_error_set()</function> is designed to be conveniently used in a
-    <parameter>message</parameter> is <constant>NULL</constant>, no message is set. This
+    <function>return</function> statement. If <parameter>message</parameter> is <constant>NULL</constant>, no
-    call can fail if no memory may be allocated for the name and
+    message is set. This call can fail if no memory may be allocated for the name and message strings, in
-    message strings, in which case an
+    which case an <constant>SD_BUS_ERROR_NO_MEMORY</constant> error will be set instead and
-    <constant>SD_BUS_ERROR_NO_MEMORY</constant> error might be set
+    <constant>-ENOMEM</constant> returned. </para>
-    instead and -ENOMEM be returned. Do not use this call on error
-    structures that are already initialized. If you intend to reuse an
-    error structure, free the old data stored in it with
-    <function>sd_bus_error_free()</function> first.</para>
 
     <para><function>sd_bus_error_setf()</function> is similar to
     <function>sd_bus_error_set()</function>, but takes a <citerefentry
@@ -204,33 +203,25 @@
     <structfield>message</structfield> field.</para>
 
     <para><function>sd_bus_error_set_const()</function> is similar to
-    <function>sd_bus_error_set()</function>, but the string parameters
+    <function>sd_bus_error_set()</function>, but the string parameters are not copied internally, and must
-    are not copied internally, and must hence remain constant and
+    hence remain constant and valid for the lifetime of <parameter>e</parameter>. Use this call to avoid
-    valid for the lifetime of <parameter>e</parameter>. Use this call
+    memory allocations when setting error structures. Since this call does not allocate memory, it will not
-    to avoid memory allocations when setting error structures. Since
+    fail with an out-of-memory condition as <function>sd_bus_error_set()</function> may, as described
-    this call does not allocate memory, it will not fail with an
+    above. Alternatively, the <constant>SD_BUS_ERROR_MAKE_CONST()</constant> macro may be used to generate a
-    out-of-memory condition as
+    literal, constant bus error structure on-the-fly.</para>
-    <function>sd_bus_error_set()</function> can, as described
-    above. Alternatively, the
-    <constant>SD_BUS_ERROR_MAKE_CONST()</constant> macro may be used
-    to generate a literal, constant bus error structure
-    on-the-fly.</para>
 
-    <para><function>sd_bus_error_set_errno()</function> will set
+    <para><function>sd_bus_error_set_errno()</function> will immediately return <constant>0</constant> if the
-    <structfield>name</structfield> from an
+    specified error parameter <parameter>error</parameter> is <constant>0</constant>. Otherwise, it will set
-    <varname>errno</varname>-like value that is converted to a D-Bus
+    <structfield>name</structfield> from an <varname>errno</varname>-like value that is converted to a D-Bus
     error. <citerefentry
-    project='die-net'><refentrytitle>strerror_r</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+    project='die-net'><refentrytitle>strerror_r</refentrytitle><manvolnum>3</manvolnum></citerefentry> will
-    will be used to set <structfield>message</structfield>. Well-known
+    be used to set <structfield>message</structfield>. Well-known D-Bus error names will be used for
-    D-Bus error names will be used for <structfield>name</structfield>
+    <structfield>name</structfield> if applicable, otherwise a name in the <literal>System.Error.</literal>
-    if applicable, otherwise a name in the
+    namespace will be generated. The sign of the specified error number is ignored and the absolute value is
-    <literal>System.Error.</literal> namespace will be generated. The
+    used implicitly. If the specified error <parameter>error</parameter> is non-zero, the call always returns
-    sign of the specified error number is ignored. The absolute value
+    a negative value, for convenient usage in <function>return</function> statements. This call might fail
-    is used implicitly. The call always returns a negative value, for
+    due to lack of memory, in which case an <constant>SD_BUS_ERROR_NO_MEMORY</constant> error is set instead,
-    convenient usage in <function>return</function> statements. This
+    and <constant>-ENOMEM</constant> is returned.</para>
-    call might fail due to lack of memory, in which case an
-    <constant>SD_BUS_ERROR_NO_MEMORY</constant> error is set instead,
-    and -ENOMEM is returned.</para>
 
     <para><function>sd_bus_error_set_errnof()</function> is similar to
     <function>sd_bus_error_set_errno()</function>, but in addition to
@@ -246,28 +237,26 @@
     project='man-pages'><refentrytitle>va_arg</refentrytitle><manvolnum>3</manvolnum></citerefentry>
     parameter list.</para>
 
-    <para><function>sd_bus_error_get_errno()</function> converts the
+    <para><function>sd_bus_error_get_errno()</function> converts the <structfield>name</structfield> field of
-    <structfield>name</structfield> field of an error structure to an
+    an error structure to an <varname>errno</varname>-like (positive) value using the same rules as
-    <varname>errno</varname>-like (positive) value using the same
+    <function>sd_bus_error_set()</function>.  If <parameter>e</parameter> is <constant>NULL</constant>,
-    rules as <function>sd_bus_error_set()</function>.  If
+    <constant>0</constant> will be returned.</para>
-    <parameter>e</parameter> is <constant>NULL</constant>, 0 will be
-    returned.</para>
 
-    <para><function>sd_bus_error_copy()</function> will initialize
+    <para><function>sd_bus_error_copy()</function> will initialize <parameter>dst</parameter> using the
-    <parameter>dst</parameter> using the values in
+    values in <parameter>e</parameter>, if <parameter>e</parameter> has been set with an error value before.
-    <parameter>e</parameter>. If the strings in
+    Otherwise, it will return immediately. If the strings in <parameter>e</parameter> were set using
-    <parameter>e</parameter> were set using
+    <function>sd_bus_error_set_const()</function>, they will be shared. Otherwise, they will be
-    <function>sd_bus_error_set_const()</function>, they will be shared.
+    copied. Returns a converted <varname>errno</varname>-like, negative error code or <constant>0</constant>.
-    Otherwise, they will be copied. Returns a converted
+    Before this call, <parameter>dst</parameter> must be unset, i.e. either freshly initialized with
-    <varname>errno</varname>-like, negative error code.</para>
+    <constant>NULL</constant> or reset using <function>sd_bus_error_free()</function>.</para>
 
-    <para><function>sd_bus_error_move()</function> is similar to <function>sd_bus_error_copy()</function>, but will
+    <para><function>sd_bus_error_move()</function> is similar to <function>sd_bus_error_copy()</function>,
-    move any error information from <parameter>e</parameter> into <parameter>dst</parameter>, resetting the
+    but will move any error information from <parameter>e</parameter> into <parameter>dst</parameter>,
-    former. This function cannot fail, as no new memory is allocated. Note that if <parameter>e</parameter> is not set
+    resetting the former. This function cannot fail, as no new memory is allocated. Note that if
-    (or <constant>NULL</constant>) <parameter>dst</parameter> is initializated to
+    <parameter>e</parameter> is not set, <parameter>dst</parameter> is initializated to
-    <constant>SD_BUS_ERROR_NULL</constant>. Moreover, if <parameter>dst</parameter> is <constant>NULL</constant> no
+    <constant>SD_BUS_ERROR_NULL</constant>. Moreover, if <parameter>dst</parameter> is
-    operation is executed on it and resources held by <parameter>e</parameter> are freed and reset. Returns a
+    <constant>NULL</constant> no operation is executed on it and resources held by <parameter>e</parameter>
-    converted <varname>errno</varname>-like, negative error code.</para>
+    are freed and reset. Returns a converted <varname>errno</varname>-like, non-positive error value.</para>
 
     <para><function>sd_bus_error_is_set()</function> will return a
     non-zero value if <parameter>e</parameter> is
@@ -300,25 +289,23 @@
   <refsect1>
     <title>Return Value</title>
 
-    <para>The functions <function>sd_bus_error_set()</function>,
+    <para>The functions <function>sd_bus_error_set()</function>, <function>sd_bus_error_setf()</function>,
-    <function>sd_bus_error_setf()</function>, and
+    and <function>sd_bus_error_set_const()</function> always return <constant>0</constant> when the specified
-    <function>sd_bus_error_set_const()</function>, when successful,
+    error value is <constant>NULL</constant>, and a negative errno-like value corresponding to the
-    return the negative errno value corresponding to the
+    <parameter>name</parameter> parameter otherwise. The functions
-    <parameter>name</parameter> parameter. The functions
+    <function>sd_bus_error_set_errno()</function>, <function>sd_bus_error_set_errnof()</function> and
-    <function>sd_bus_error_set_errno()</function>,
+    <function>sd_bus_error_set_errnofv()</function>, return <constant>0</constant> when the specified error
-    <function>sd_bus_error_set_errnof()</function> and
+    value is <constant>0</constant>, and a a negative errno-like value corresponding to the
-    <function>sd_bus_error_set_errnofv()</function>, when successful,
+    <parameter>error</parameter> parameter otherwise. If an error occurs internally, one of the negative
-    return the negative value of the <parameter>error</parameter>
+    error values listed below will be returned.</para>
-    parameter. If an error occurs, one of the negative error values
-    listed below will be returned.</para>
 
     <para><function>sd_bus_error_get_errno()</function> returns
     <constant>false</constant> when <parameter>e</parameter> is
     <constant>NULL</constant>, and a positive errno value mapped from
     <parameter>e-&gt;name</parameter> otherwise.</para>
 
-    <para><function>sd_bus_error_copy()</function> and <function>sd_bus_error_move()</function> return 0 or a positive
+    <para><function>sd_bus_error_copy()</function> and <function>sd_bus_error_move()</function> return a
-    integer on success, and a negative error value converted from the error name otherwise.</para>
+    negative error value converted from the source error, and zero if the error has not been set.</para>
 
     <para><function>sd_bus_error_is_set()</function> returns a
     non-zero value when <parameter>e</parameter> and the

src/basic/cgroup-util.c

@@ -660,7 +660,7 @@ int cg_remove_xattr(const char *controller, const char *path, const char *name)
 
 int cg_pid_get_path(const char *controller, pid_t pid, char **ret_path) {
         _cleanup_fclose_ FILE *f = NULL;
-        const char *fs, *controller_str;
+        const char *fs, *controller_str = NULL; /* silence gcc warning about unitialized variable */
         int unified, r;
 
         assert(pid >= 0);
@@ -720,6 +720,7 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **ret_path) {
                                 continue;
                         *e = 0;
 
+                        assert(controller_str);
                         r = string_contains_word(l, ",", controller_str);
                         if (r < 0)
                                 return r;

src/basic/env-util.c

@@ -515,10 +515,10 @@ char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) {
                 ALTERNATE_VALUE,
         } state = WORD;
 
-        const char *e, *word = format, *test_value;
+        const char *e, *word = format, *test_value = NULL; /* test_value is initialized to appease gcc */
         char *k;
         _cleanup_free_ char *r = NULL;
-        size_t i, len;
+        size_t i, len = 0; /* len is initialized to appease gcc */
         int nest = 0;
 
         assert(format);
@@ -581,13 +581,12 @@ char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) {
                                 word = e+1;
                                 state = WORD;
                         } else if (*e == ':') {
-                                if (!(flags & REPLACE_ENV_ALLOW_EXTENDED))
+                                if (flags & REPLACE_ENV_ALLOW_EXTENDED) {
+                                        len = e - word - 2;
+                                        state = TEST;
+                                } else
                                         /* Treat this as unsupported syntax, i.e. do no replacement */
                                         state = WORD;
-                                else {
-                                        len = e-word-2;
-                                        state = TEST;
-                                }
                         }
                         break;
 

src/basic/fileio.c

@@ -121,7 +121,7 @@ int write_string_stream_ts(
                 const struct timespec *ts) {
 
         bool needs_nl;
-        int r, fd;
+        int r, fd = -1;
 
         assert(f);
         assert(line);
@@ -140,8 +140,8 @@ int write_string_stream_ts(
         needs_nl = !(flags & WRITE_STRING_FILE_AVOID_NEWLINE) && !endswith(line, "\n");
 
         if (needs_nl && (flags & WRITE_STRING_FILE_DISABLE_BUFFER)) {
-                /* If STDIO buffering was disabled, then let's append the newline character to the string itself, so
+                /* If STDIO buffering was disabled, then let's append the newline character to the string
-                 * that the write goes out in one go, instead of two */
+                 * itself, so that the write goes out in one go, instead of two */
 
                 line = strjoina(line, "\n");
                 needs_nl = false;
@@ -164,6 +164,7 @@ int write_string_stream_ts(
         if (ts) {
                 const struct timespec twice[2] = {*ts, *ts};
 
+                assert(fd >= 0);
                 if (futimens(fd, twice) < 0)
                         return -errno;
         }

src/basic/socket-util.h

@@ -14,6 +14,7 @@
 #include <sys/types.h>
 #include <sys/un.h>
 
+#include "errno-util.h"
 #include "macro.h"
 #include "missing_network.h"
 #include "missing_socket.h"
@@ -264,7 +265,7 @@ static inline int getsockopt_int(int fd, int level, int optname, int *ret) {
         socklen_t sl = sizeof(v);
 
         if (getsockopt(fd, level, optname, &v, &sl) < 0)
-                return -errno;
+                return negative_errno();
         if (sl != sizeof(v))
                 return -EIO;
 

src/core/main.c

@@ -1367,7 +1367,7 @@ static int status_welcome(void) {
 
 static int write_container_id(void) {
         const char *c;
-        int r;
+        int r = 0; /* silence gcc warning about r being unitialized below */
 
         c = getenv("container");
         if (isempty(c))

src/cryptsetup/cryptsetup.c

@@ -1008,7 +1008,7 @@ static int attach_luks_or_plain_or_bitlk_by_tpm2(
         _cleanup_(sd_event_unrefp) sd_event *event = NULL;
         _cleanup_free_ char *friendly = NULL;
         int keyslot = arg_key_slot, r;
-        size_t decrypted_key_size;
+        size_t decrypted_key_size = 0; /* Silence gcc warning about unitialized variable */
 
         assert(cd);
         assert(name);
@@ -1058,15 +1058,12 @@ static int attach_luks_or_plain_or_bitlk_by_tpm2(
                                                 &policy_hash, &policy_hash_size,
                                                 &keyslot,
                                                 &token);
-                                if (r == -ENXIO) {
+                                if (r == -ENXIO)
                                         /* No further TPM2 tokens found in the LUKS2 header.*/
-                                        if (found_some)
+                                        return log_debug_errno(SYNTHETIC_ERRNO(EAGAIN),
-                                                return log_debug_errno(SYNTHETIC_ERRNO(EAGAIN),
+                                                               found_some
-                                                                       "No TPM2 metadata matching the current system state found in LUKS2 header, falling back to traditional unlocking.");
+                                                               ? "No TPM2 metadata matching the current system state found in LUKS2 header, falling back to traditional unlocking."
-                                        else
+                                                               : "No TPM2 metadata enrolled in LUKS2 header, falling back to traditional unlocking.");
-                                                return log_debug_errno(SYNTHETIC_ERRNO(EAGAIN),
-                                                                       "No TPM2 metadata enrolled in LUKS2 header, falling back to traditional unlocking.");
-                                }
                                 if (r < 0)
                                         return r;
 
@@ -1091,6 +1088,7 @@ static int attach_luks_or_plain_or_bitlk_by_tpm2(
                         if (r != -EAGAIN) /* EAGAIN means: no tpm2 chip found */
                                 return r;
                 }
+                assert(decrypted_key);
 
                 if (!monitor) {
                         /* We didn't find the TPM2 device. In this case, watch for it via udev. Let's create

src/libsystemd/sd-bus/bus-error.c

@@ -86,8 +86,10 @@ static int bus_error_name_to_errno(const char *name) {
                                 if (m->code == BUS_ERROR_MAP_END_MARKER)
                                         break;
 
-                                if (streq(m->name, name))
+                                if (streq(m->name, name)) {
+                                        assert(m->code > 0);
                                         return m->code;
+                                }
                         }
 
         m = ALIGN_TO_PTR(__start_SYSTEMD_BUS_ERROR_MAP, sizeof(void*));
@@ -103,8 +105,10 @@ static int bus_error_name_to_errno(const char *name) {
                         continue;
                 }
 
-                if (streq(m->name, name))
+                if (streq(m->name, name)) {
+                        assert(m->code > 0);
                         return m->code;
+                }
 
                 m++;
         }
@@ -232,6 +236,7 @@ finish:
 }
 
 int bus_error_setfv(sd_bus_error *e, const char *name, const char *format, va_list ap) {
+        int r;
 
         if (!name)
                 return 0;
@@ -253,23 +258,28 @@ int bus_error_setfv(sd_bus_error *e, const char *name, const char *format, va_li
                 e->_need_free = 1;
         }
 
-        return -bus_error_name_to_errno(name);
+        r = bus_error_name_to_errno(name);
+        assert(r > 0);
+        return -r;
 }
 
 _public_ int sd_bus_error_setf(sd_bus_error *e, const char *name, const char *format, ...) {
+        int r;
 
         if (format) {
-                int r;
                 va_list ap;
 
                 va_start(ap, format);
                 r = bus_error_setfv(e, name, format, ap);
+                assert(!name || r < 0);
                 va_end(ap);
 
                 return r;
         }
 
-        return sd_bus_error_set(e, name, NULL);
+        r = sd_bus_error_set(e, name, NULL);
+        assert(!name || r < 0);
+        return r;
 }
 
 _public_ int sd_bus_error_copy(sd_bus_error *dest, const sd_bus_error *e) {
@@ -455,7 +465,7 @@ _public_ int sd_bus_error_set_errno(sd_bus_error *e, int error) {
         if (!e)
                 return -error;
         if (error == 0)
-                return -error;
+                return 0;
 
         assert_return(!bus_error_is_dirty(e), -EINVAL);
 

src/libsystemd/sd-event/sd-event.c

@@ -3171,7 +3171,7 @@ static int process_child(sd_event *e, int64_t threshold, int64_t *ret_min_priori
                 zero(s->child.siginfo);
                 if (waitid(P_PID, s->child.pid, &s->child.siginfo,
                            WNOHANG | (s->child.options & WEXITED ? WNOWAIT : 0) | s->child.options) < 0)
-                        return -errno;
+                        return negative_errno();
 
                 if (s->child.siginfo.si_pid != 0) {
                         bool zombie = IN_SET(s->child.siginfo.si_code, CLD_EXITED, CLD_KILLED, CLD_DUMPED);

src/libudev/libudev-monitor.c

@@ -265,9 +265,12 @@ _public_ struct udev_device *udev_monitor_receive_device(struct udev_monitor *ud
  * Returns: 0 on success, otherwise a negative error value.
  */
 _public_ int udev_monitor_filter_add_match_subsystem_devtype(struct udev_monitor *udev_monitor, const char *subsystem, const char *devtype) {
+        int r;
+
         assert_return(udev_monitor, -EINVAL);
 
-        return sd_device_monitor_filter_add_match_subsystem_devtype(udev_monitor->monitor, subsystem, devtype);
+        r = sd_device_monitor_filter_add_match_subsystem_devtype(udev_monitor->monitor, subsystem, devtype);
+        return r < 0 ? r : 0;
 }
 
 /**
@@ -283,9 +286,12 @@ _public_ int udev_monitor_filter_add_match_subsystem_devtype(struct udev_monitor
  * Returns: 0 on success, otherwise a negative error value.
  */
 _public_ int udev_monitor_filter_add_match_tag(struct udev_monitor *udev_monitor, const char *tag) {
+        int r;
+
         assert_return(udev_monitor, -EINVAL);
 
-        return sd_device_monitor_filter_add_match_tag(udev_monitor->monitor, tag);
+        r = sd_device_monitor_filter_add_match_tag(udev_monitor->monitor, tag);
+        return r < 0 ? r : 0;
 }
 
 /**

src/nss-resolve/nss-resolve.c

@@ -207,14 +207,10 @@ enum nss_status _nss_resolve_gethostbyname4_r(
                 int *errnop, int *h_errnop,
                 int32_t *ttlp) {
 
-        _cleanup_(resolve_hostname_reply_destroy) ResolveHostnameReply p = {};
-        _cleanup_(json_variant_unrefp) JsonVariant *cparams = NULL;
-        struct gaih_addrtuple *r_tuple = NULL, *r_tuple_first = NULL;
         _cleanup_(varlink_unrefp) Varlink *link = NULL;
-        const char *canonical = NULL, *error_id = NULL;
+        _cleanup_(json_variant_unrefp) JsonVariant *cparams = NULL;
-        JsonVariant *entry, *rparams;
+        _cleanup_(resolve_hostname_reply_destroy) ResolveHostnameReply p = {};
-        size_t l, ms, idx, c = 0;
+        JsonVariant *rparams, *entry;
-        char *r_name;
         int r;
 
         PROTECT_ERRNO;
@@ -241,6 +237,7 @@ enum nss_status _nss_resolve_gethostbyname4_r(
          * DNSSEC errors and suchlike. (We don't use UNAVAIL in this case so that the nsswitch.conf
          * configuration can distinguish such executed but negative replies from complete failure to
          * talk to resolved). */
+        const char *error_id;
         r = varlink_call(link, "io.systemd.Resolve.ResolveHostname", cparams, &rparams, &error_id, NULL);
         if (r < 0)
                 goto fail;
@@ -256,6 +253,7 @@ enum nss_status _nss_resolve_gethostbyname4_r(
         if (json_variant_is_blank_object(p.addresses))
                 goto not_found;
 
+        size_t n_addresses = 0;
         JSON_VARIANT_ARRAY_FOREACH(entry, p.addresses) {
                 AddressParameters q = {};
 
@@ -271,13 +269,13 @@ enum nss_status _nss_resolve_gethostbyname4_r(
                         goto fail;
                 }
 
-                c++;
+                n_addresses++;
         }
 
-        canonical = p.name ?: name;
+        const char *canonical = p.name ?: name;
+        size_t l = strlen(canonical);
+        size_t idx, ms = ALIGN(l+1) + ALIGN(sizeof(struct gaih_addrtuple)) * n_addresses;
 
-        l = strlen(canonical);
-        ms = ALIGN(l+1) + ALIGN(sizeof(struct gaih_addrtuple)) * c;
         if (buflen < ms) {
                 UNPROTECT_ERRNO;
                 *errnop = ERANGE;
@@ -286,12 +284,13 @@ enum nss_status _nss_resolve_gethostbyname4_r(
         }
 
         /* First, append name */
-        r_name = buffer;
+        char *r_name = buffer;
-        memcpy(r_name, canonical, l+1);
+        memcpy(r_name, canonical, l + 1);
-        idx = ALIGN(l+1);
+        idx = ALIGN(l + 1);
 
         /* Second, append addresses */
-        r_tuple_first = (struct gaih_addrtuple*) (buffer + idx);
+        struct gaih_addrtuple *r_tuple = NULL,
+                *r_tuple_first = (struct gaih_addrtuple*) (buffer + idx);
 
         JSON_VARIANT_ARRAY_FOREACH(entry, p.addresses) {
                 AddressParameters q = {};
@@ -313,7 +312,7 @@ enum nss_status _nss_resolve_gethostbyname4_r(
                 idx += ALIGN(sizeof(struct gaih_addrtuple));
         }
 
-        assert(r_tuple);
+        assert(r_tuple);  /* We had at least one address, so r_tuple must be set */
         r_tuple->next = NULL;  /* Override last next pointer */
 
         assert(idx == ms);
@@ -353,13 +352,10 @@ enum nss_status _nss_resolve_gethostbyname3_r(
                 int32_t *ttlp,
                 char **canonp) {
 
-        _cleanup_(resolve_hostname_reply_destroy) ResolveHostnameReply p = {};
-        _cleanup_(json_variant_unrefp) JsonVariant *cparams = NULL;
-        char *r_name, *r_aliases, *r_addr, *r_addr_list;
         _cleanup_(varlink_unrefp) Varlink *link = NULL;
-        const char *canonical, *error_id = NULL;
+        _cleanup_(json_variant_unrefp) JsonVariant *cparams = NULL;
-        size_t l, idx, ms, alen, i = 0, c = 0;
+        _cleanup_(resolve_hostname_reply_destroy) ResolveHostnameReply p = {};
-        JsonVariant *entry, *rparams;
+        JsonVariant *rparams, *entry;
         int r;
 
         PROTECT_ERRNO;
@@ -389,6 +385,7 @@ enum nss_status _nss_resolve_gethostbyname3_r(
         if (r < 0)
                 goto fail;
 
+        const char *error_id;
         r = varlink_call(link, "io.systemd.Resolve.ResolveHostname", cparams, &rparams, &error_id, NULL);
         if (r < 0)
                 goto fail;
@@ -404,6 +401,7 @@ enum nss_status _nss_resolve_gethostbyname3_r(
         if (json_variant_is_blank_object(p.addresses))
                 goto not_found;
 
+        size_t n_addresses = 0;
         JSON_VARIANT_ARRAY_FOREACH(entry, p.addresses) {
                 AddressParameters q = {};
 
@@ -419,15 +417,15 @@ enum nss_status _nss_resolve_gethostbyname3_r(
                         goto fail;
                 }
 
-                c++;
+                n_addresses++;
         }
 
-        canonical = p.name ?: name;
+        const char *canonical = p.name ?: name;
 
-        alen = FAMILY_ADDRESS_SIZE(af);
+        size_t alen = FAMILY_ADDRESS_SIZE(af);
-        l = strlen(canonical);
+        size_t l = strlen(canonical);
 
-        ms = ALIGN(l+1) + c*ALIGN(alen) + (c+2) * sizeof(char*);
+        size_t idx, ms = ALIGN(l + 1) + n_addresses * ALIGN(alen) + (n_addresses + 2) * sizeof(char*);
 
         if (buflen < ms) {
                 UNPROTECT_ERRNO;
@@ -437,18 +435,19 @@ enum nss_status _nss_resolve_gethostbyname3_r(
         }
 
         /* First, append name */
-        r_name = buffer;
+        char *r_name = buffer;
         memcpy(r_name, canonical, l+1);
         idx = ALIGN(l+1);
 
         /* Second, create empty aliases array */
-        r_aliases = buffer + idx;
+        char *r_aliases = buffer + idx;
         ((char**) r_aliases)[0] = NULL;
         idx += sizeof(char*);
 
         /* Third, append addresses */
-        r_addr = buffer + idx;
+        char *r_addr = buffer + idx;
 
+        size_t i = 0;
         JSON_VARIANT_ARRAY_FOREACH(entry, p.addresses) {
                 AddressParameters q = {};
 
@@ -468,16 +467,16 @@ enum nss_status _nss_resolve_gethostbyname3_r(
                 i++;
         }
 
-        assert(i == c);
+        assert(i == n_addresses);
-        idx += c * ALIGN(alen);
+        idx += n_addresses * ALIGN(alen);
 
         /* Fourth, append address pointer array */
-        r_addr_list = buffer + idx;
+        char *r_addr_list = buffer + idx;
-        for (i = 0; i < c; i++)
+        for (i = 0; i < n_addresses; i++)
                 ((char**) r_addr_list)[i] = r_addr + i*ALIGN(alen);
 
         ((char**) r_addr_list)[i] = NULL;
-        idx += (c+1) * sizeof(char*);
+        idx += (n_addresses + 1) * sizeof(char*);
 
         assert(idx == ms);
 
@@ -540,8 +539,8 @@ static void name_parameters_destroy(NameParameters *p) {
 }
 
 static const JsonDispatch name_parameters_dispatch_table[] = {
-        { "ifindex", JSON_VARIANT_INTEGER,  json_dispatch_ifindex, offsetof(NameParameters, ifindex), 0              },
+        { "ifindex", JSON_VARIANT_INTEGER, json_dispatch_ifindex, offsetof(NameParameters, ifindex), 0              },
-        { "name",    JSON_VARIANT_UNSIGNED, json_dispatch_string,  offsetof(NameParameters, name),    JSON_MANDATORY },
+        { "name",    JSON_VARIANT_STRING,  json_dispatch_string,  offsetof(NameParameters, name),    JSON_MANDATORY },
         {}
 };
 
@@ -553,14 +552,10 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
                 int *errnop, int *h_errnop,
                 int32_t *ttlp) {
 
-        _cleanup_(resolve_address_reply_destroy) ResolveAddressReply p = {};
-        _cleanup_(json_variant_unrefp) JsonVariant *cparams = NULL;
-        char *r_name, *r_aliases, *r_addr, *r_addr_list;
         _cleanup_(varlink_unrefp) Varlink *link = NULL;
-        JsonVariant *entry, *rparams;
+        _cleanup_(json_variant_unrefp) JsonVariant *cparams = NULL;
-        const char *n, *error_id;
+        _cleanup_(resolve_address_reply_destroy) ResolveAddressReply p = {};
-        unsigned c = 0, i = 0;
+        JsonVariant *rparams, *entry;
-        size_t ms = 0, idx;
         int r;
 
         PROTECT_ERRNO;
@@ -594,6 +589,7 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
         if (r < 0)
                 goto fail;
 
+        const char* error_id;
         r = varlink_call(link, "io.systemd.Resolve.ResolveAddress", cparams, &rparams, &error_id, NULL);
         if (r < 0)
                 goto fail;
@@ -609,6 +605,8 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
         if (json_variant_is_blank_object(p.names))
                 goto not_found;
 
+        size_t ms = 0, idx;
+
         JSON_VARIANT_ARRAY_FOREACH(entry, p.names) {
                 _cleanup_(name_parameters_destroy) NameParameters q = {};
 
@@ -619,9 +617,10 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
                 ms += ALIGN(strlen(q.name) + 1);
         }
 
-        ms += ALIGN(len) +                                           /* the address */
+        size_t n_names = json_variant_elements(p.names);
-              2 * sizeof(char*) +                                    /* pointers to the address, plus trailing NULL */
+        ms += ALIGN(len) +                    /* the address */
-              json_variant_elements(p.names) * sizeof(char*);        /* pointers to aliases, plus trailing NULL */
+              2 * sizeof(char*) +             /* pointer to the address, plus trailing NULL */
+              n_names * sizeof(char*);        /* pointers to aliases, plus trailing NULL */
 
         if (buflen < ms) {
                 UNPROTECT_ERRNO;
@@ -631,44 +630,43 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
         }
 
         /* First, place address */
-        r_addr = buffer;
+        char *r_addr = buffer;
         memcpy(r_addr, addr, len);
         idx = ALIGN(len);
 
         /* Second, place address list */
-        r_addr_list = buffer + idx;
+        char *r_addr_list = buffer + idx;
         ((char**) r_addr_list)[0] = r_addr;
         ((char**) r_addr_list)[1] = NULL;
         idx += sizeof(char*) * 2;
 
-        /* Third, reserve space for the aliases array */
+        /* Third, reserve space for the aliases array, plus trailing NULL */
-        r_aliases = buffer + idx;
+        char *r_aliases = buffer + idx;
-        idx += sizeof(char*) * c;
+        idx += sizeof(char*) * n_names;
 
         /* Fourth, place aliases */
-        i = 0;
+        char *r_name = buffer + idx;
-        r_name = buffer + idx;
+
+        size_t i = 0;
         JSON_VARIANT_ARRAY_FOREACH(entry, p.names) {
                 _cleanup_(name_parameters_destroy) NameParameters q = {};
-                size_t l;
-                char *z;
 
                 r = json_dispatch(entry, name_parameters_dispatch_table, NULL, json_dispatch_flags, &q);
                 if (r < 0)
                         goto fail;
 
-                l = strlen(q.name);
+                size_t l = strlen(q.name);
-                z = buffer + idx;
+                char *z = buffer + idx;
-                memcpy(z, n, l+1);
+                memcpy(z, q.name, l + 1);
 
                 if (i > 0)
-                        ((char**) r_aliases)[i-1] = z;
+                        ((char**) r_aliases)[i - 1] = z;
                 i++;
 
-                idx += ALIGN(l+1);
+                idx += ALIGN(l + 1);
         }
+        ((char**) r_aliases)[n_names - 1] = NULL;
 
-        ((char**) r_aliases)[c-1] = NULL;
         assert(idx == ms);
 
         result->h_name = r_name;

src/resolve/resolved-dns-dnssec.c

@@ -1205,7 +1205,7 @@ static int nsec3_hash_to_gcrypt_md(uint8_t algorithm) {
 
 int dnssec_nsec3_hash(DnsResourceRecord *nsec3, const char *name, void *ret) {
         uint8_t wire_format[DNS_WIRE_FORMAT_HOSTNAME_MAX];
-        gcry_md_hd_t md = NULL;
+        _cleanup_(gcry_md_closep) gcry_md_hd_t md = NULL;
         gcry_error_t err;
         size_t hash_size;
         int algorithm;
@@ -1249,10 +1249,8 @@ int dnssec_nsec3_hash(DnsResourceRecord *nsec3, const char *name, void *ret) {
         gcry_md_write(md, nsec3->nsec3.salt, nsec3->nsec3.salt_size);
 
         result = gcry_md_read(md, 0);
-        if (!result) {
+        if (!result)
-                r = -EIO;
+                return -EIO;
-                goto finish;
-        }
 
         for (k = 0; k < nsec3->nsec3.iterations; k++) {
                 uint8_t tmp[hash_size];
@@ -1263,18 +1261,12 @@ int dnssec_nsec3_hash(DnsResourceRecord *nsec3, const char *name, void *ret) {
                 gcry_md_write(md, nsec3->nsec3.salt, nsec3->nsec3.salt_size);
 
                 result = gcry_md_read(md, 0);
-                if (!result) {
+                if (!result)
-                        r = -EIO;
+                        return -EIO;
-                        goto finish;
-                }
         }
 
         memcpy(ret, result, hash_size);
-        r = (int) hash_size;
+        return (int) hash_size;
-
-finish:
-        gcry_md_close(md);
-        return r;
 }
 
 static int nsec3_is_good(DnsResourceRecord *rr, DnsResourceRecord *nsec3) {

src/resolve/resolved-dns-query.c

@@ -183,7 +183,7 @@ static DnsTransactionState dns_query_candidate_state(DnsQueryCandidate *c) {
         if (c->error_code != 0)
                 return DNS_TRANSACTION_ERRNO;
 
-        SET_FOREACH(t, c->transactions) {
+        SET_FOREACH(t, c->transactions)
 
                 switch (t->state) {
 
@@ -213,7 +213,6 @@ static DnsTransactionState dns_query_candidate_state(DnsQueryCandidate *c) {
 
                         break;
                 }
-        }
 
         return state;
 }

src/shared/bus-message-util.c

@@ -98,8 +98,11 @@ static int bus_message_read_dns_one(
         if (r < 0)
                 return r;
 
-        if (!dns_server_address_valid(family, &a))
+        if (!dns_server_address_valid(family, &a)) {
-                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid DNS server address");
+                r = sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid DNS server address");
+                assert(r < 0);
+                return r;
+        }
 
         if (extended) {
                 r = sd_bus_message_read(message, "q", &port);

src/shared/conf-parser.c

@@ -300,7 +300,8 @@ int config_parse(
 
                 (void) stat_warn_permissions(filename, &st);
                 mtime = timespec_load(&st.st_mtim);
-        }
+        } else
+                mtime = 0;
 
         for (;;) {
                 _cleanup_free_ char *buf = NULL;

src/shared/pretty-print.c

@@ -280,7 +280,7 @@ static int guess_type(const char **name, char ***prefixes, bool *is_collection,
 int conf_files_cat(const char *root, const char *name) {
         _cleanup_strv_free_ char **dirs = NULL, **files = NULL;
         _cleanup_free_ char *path = NULL;
-        char **prefixes, **prefix;
+        char **prefix, **prefixes = NULL; /* explicit initialization to appease gcc */
         bool is_collection;
         const char *extension;
         char **t;
@@ -289,6 +289,8 @@ int conf_files_cat(const char *root, const char *name) {
         r = guess_type(&name, &prefixes, &is_collection, &extension);
         if (r < 0)
                 return r;
+        assert(prefixes);
+        assert(extension);
 
         STRV_FOREACH(prefix, prefixes) {
                 assert(endswith(*prefix, "/"));

src/shared/varlink.c

@@ -448,13 +448,16 @@ static int varlink_write(Varlink *v) {
         assert(v->fd >= 0);
 
         /* We generally prefer recv()/send() (mostly because of MSG_NOSIGNAL) but also want to be compatible
-         * with non-socket IO, hence fall back automatically */
+         * with non-socket IO, hence fall back automatically.
-        if (!v->prefer_read_write) {
+         *
+         * Use a local variable to help gcc figure out that we set 'n' in all cases. */
+        bool prefer_write = v->prefer_read_write;
+        if (!prefer_write) {
                 n = send(v->fd, v->output_buffer + v->output_buffer_index, v->output_buffer_size, MSG_DONTWAIT|MSG_NOSIGNAL);
                 if (n < 0 && errno == ENOTSOCK)
-                        v->prefer_read_write = true;
+                        prefer_write = v->prefer_read_write = true;
         }
-        if (v->prefer_read_write)
+        if (prefer_write)
                 n = write(v->fd, v->output_buffer + v->output_buffer_index, v->output_buffer_size);
         if (n < 0) {
                 if (errno == EAGAIN)
@@ -531,12 +534,13 @@ static int varlink_read(Varlink *v) {
 
         rs = v->input_buffer_allocated - (v->input_buffer_index + v->input_buffer_size);
 
-        if (!v->prefer_read_write) {
+        bool prefer_read = v->prefer_read_write;
+        if (!prefer_read) {
                 n = recv(v->fd, v->input_buffer + v->input_buffer_index + v->input_buffer_size, rs, MSG_DONTWAIT);
                 if (n < 0 && errno == ENOTSOCK)
-                        v->prefer_read_write = true;
+                        prefer_read = v->prefer_read_write = true;
         }
-        if (v->prefer_read_write)
+        if (prefer_read)
                 n = read(v->fd, v->input_buffer + v->input_buffer_index + v->input_buffer_size, rs);
         if (n < 0) {
                 if (errno == EAGAIN)

src/systemctl/systemctl-start-unit.c

@@ -307,7 +307,9 @@ int start_unit(int argc, char *argv[], void *userdata) {
                                 method = verb_to_method(argv[0]);
                                 job_type = verb_to_job_type(argv[0]);
                                 mode = arg_job_mode;
-                        }
+                        } else
+                                method = job_type = mode = NULL;
+
                         one_name = NULL;
                 }
         } else {

src/test/test-capability.c

@@ -103,22 +103,15 @@ static int setup_tests(bool *run_ambient) {
 
         nobody = getpwnam(NOBODY_USER_NAME);
         if (!nobody)
-                return log_error_errno(SYNTHETIC_ERRNO(ENOENT), "Could not find nobody user: %m");
+                return log_warning_errno(SYNTHETIC_ERRNO(ENOENT), "Couldn't find 'nobody' user: %m");
 
         test_uid = nobody->pw_uid;
         test_gid = nobody->pw_gid;
 
-        *run_ambient = false;
-
         r = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_CLEAR_ALL, 0, 0, 0);
-
+        /* There's support for PR_CAP_AMBIENT if the prctl() call succeeded or error code was something else
-        /* There's support for PR_CAP_AMBIENT if the prctl() call
+         * than EINVAL. The EINVAL check should be good enough to rule out false positives. */
-         * succeeded or error code was something else than EINVAL. The
+        *run_ambient = r >= 0 || errno != EINVAL;
-         * EINVAL check should be good enough to rule out false
-         * positives. */
-
-        if (r >= 0 || errno != EINVAL)
-                *run_ambient = true;
 
         return 0;
 }
@@ -249,7 +242,7 @@ static void test_ensure_cap_64bit(void) {
 }
 
 int main(int argc, char *argv[]) {
-        bool run_ambient;
+        bool run_ambient = false; /* unnecessary initialization to silence gcc warning */
 
         test_setup_logging(LOG_INFO);