Round #3 of scan-build warnings cleanup

lib/hdb/keys.c

@@ -162,15 +162,15 @@ parse_key_set(krb5_context context, const char *key,
 	    continue;
 	}
 
-	{
-	    /* if there is a final string, use it as the string to
-	       salt with, this is mostly useful with null salt for
-	       v4 compat, and a cell name for afs compat */
-	    salt->saltvalue.data = strdup(buf[i]);
-	    if (salt->saltvalue.data == NULL)
-                return krb5_enomem(context);
-	    salt->saltvalue.length = strlen(buf[i]);
-	}
+        if (salt->saltvalue.data != NULL)
+            free(salt->saltvalue.data);
+        /* if there is a final string, use it as the string to
+           salt with, this is mostly useful with null salt for
+           v4 compat, and a cell name for afs compat */
+        salt->saltvalue.data = strdup(buf[i]);
+        if (salt->saltvalue.data == NULL)
+            return krb5_enomem(context);
+        salt->saltvalue.length = strlen(buf[i]);
     }
 
     if(enctypes == NULL || salt->salttype == 0) {

lib/kadm5/common_glue.c

@@ -283,7 +283,8 @@ kadm5_setkey_principal_3(void *server_handle,
 	return ret;
 
     if (keepold) {
-	new_key_data = malloc((n_keys + princ_ent.n_key_data) * sizeof(*new_key_data));
+        new_key_data = calloc((n_keys + princ_ent.n_key_data),
+                              sizeof(*new_key_data));
 	if (new_key_data == NULL) {
 	    ret = ENOMEM;
 	    goto out;
@@ -292,7 +293,7 @@ kadm5_setkey_principal_3(void *server_handle,
 	memcpy(&new_key_data[n_keys], &princ_ent.key_data[0],
 		princ_ent.n_key_data * sizeof (princ_ent.key_data[0]));
     } else {
-	new_key_data = malloc(n_keys * sizeof(*new_key_data));
+	new_key_data = calloc(n_keys, sizeof(*new_key_data));
 	if (new_key_data == NULL) {
 	    ret = ENOMEM;
 	    goto out;
@@ -324,8 +325,10 @@ kadm5_setkey_principal_3(void *server_handle,
 	 */
 	new_key_data[i].key_data_type[1] = 0;
 	if (n_ks_tuple > 0) {
-	    if (ks_tuple[i].ks_enctype != keyblocks[i].keytype)
-		return KADM5_SETKEY3_ETYPE_MISMATCH;
+	    if (ks_tuple[i].ks_enctype != keyblocks[i].keytype) {
+		ret = KADM5_SETKEY3_ETYPE_MISMATCH;
+                goto out;
+            }
 	    new_key_data[i].key_data_type[1] = ks_tuple[i].ks_salttype;
 	}
 	new_key_data[i].key_data_length[1] = 0;

lib/kadm5/randkey_c.c

@@ -126,7 +126,8 @@ kadm5_c_randkey_principal(void *server_handle,
 	if (n_keys && new_keys) {
 	    *n_keys = tmp;
 	    *new_keys = k;
-	}
+	} else
+            free(k);
     }
 out:
     krb5_storage_free(sp);

lib/krb5/crypto.c

@@ -2347,8 +2347,10 @@ _get_derived_key(krb5_context context,
 	    return 0;
 	}
     d = _new_derived_key(crypto, usage);
-    if (d == NULL)
+    if (d == NULL) {
+        *key = NULL; /* quiet warning */
 	return krb5_enomem(context);
+    }
     krb5_copy_keyblock(context, crypto->key.key, &d->key);
     _krb5_put_int(constant, usage, 5);
     _krb5_derive_key(context, crypto->et, d, constant, sizeof(constant));

lib/krb5/dcache.c

@@ -146,6 +146,7 @@ get_default_cache(krb5_context context, krb5_dcache *dc, char **residual)
     char *primary;
     FILE *f;
 
+    *residual = NULL;
     primary = primary_create(dc);
     if (primary == NULL)
 	return krb5_enomem(context);

lib/krb5/fcache.c

@@ -662,6 +662,8 @@ init_fcc(krb5_context context,
     krb5_storage *sp;
     krb5_error_code ret;
 
+    *ret_fd = -1;
+    *ret_sp = NULL;
     if (kdc_offset)
 	*kdc_offset = 0;
 

lib/krb5/scache.c

@@ -656,6 +656,7 @@ encode_creds(krb5_context context, krb5_creds *creds, krb5_data *data)
     krb5_error_code ret;
     krb5_storage *sp;
 
+    krb5_data_zero(data);
     sp = krb5_storage_emem();
     if (sp == NULL)
 	return krb5_enomem(context);