Clang cannot see that ret is -1, 0, or 1 upon assigment, and therefore
-1 or 0 upon entry into the if block. Therefore it considers ret==0
not to be a tautology if ret!=-1, and thus falsifiable. It concludes
that bad things can later happen.
The easiest way to persuade it otherwise and make it clear to a human
that things are sane is to make the first error check to be for any
negative ret value, which forces the else path to explicitly imply
ret==0, which means that clause can also be removed. Just removing the
ret==0 doesn't make it so clear to the human that there's no third case.
The final change is simply to mimic the ret==-1 to ret<0 change earlier.
clang's error message:
doveadm-mail-crypt.c:290:14: error: variable 'pubid' is used uninitialized whenever '&&' condition is false [-Werror,-Wsometimes-uninitialized]
} else if (ret == 0 &&
^~~~~~~~
doveadm-mail-crypt.c:304:35: note: uninitialized use occurs here
res->id = p_strdup(_ctx->pool, pubid);
^~~~~
doveadm-mail-crypt.c:290:14: note: remove the '&&' if its condition is always true
} else if (ret == 0 &&
^~~~~~~~~~~
Signed-off-by: Phil Carmody <phil@dovecot.fi>
if ((ret = mail_crypt_user_get_public_key(user, &user_key,
&error)) <= 0) {
struct dcrypt_keypair pair;
- if (ret == -1) {
+ if (ret < 0) {
i_error("mail_crypt_user_get_public_key(%s) failed: %s",
user->username,
error);
- } else if (ret == 0 &&
- mail_crypt_user_generate_keypair(user, &pair,
+ } else if (mail_crypt_user_generate_keypair(user, &pair,
&pubid, &error) < 0) {
ret = -1;
i_error("mail_crypt_user_generate_keypair(%s) failed: %s",
user_key = pair.pub;
dcrypt_key_unref_private(&pair.priv);
}
- if (ret == -1) return ret;
+ if (ret < 0) return ret;
}
if (ret == 1 && ctx->force &&
projects / thirdparty / dovecot / core.git / commitdiff
