From 262f087bcff969b6eca2ae0a71be4323a3c1729d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
Date: Wed, 25 Mar 2020 17:00:07 +0100
Subject: [PATCH 1/2] Fix 'Dead nested assignment's from scan-build-10

The 3 warnings reported are:

os.c:872:7: warning: Although the value stored to 'ptr' is used in the enclosing expression, the value is never actually read from 'ptr'
        if ((ptr = strtok_r(command, " \t", &last)) == NULL) {
             ^     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

--

rpz.c:1117:10: warning: Although the value stored to 'zbits' is used in the enclosing expression, the value is never actually read from 'zbits'
        return (zbits &= x);
                ^        ~
1 warning generated.

--

openssleddsa_link.c:532:10: warning: Although the value stored to 'err' is used in the enclosing expression, the value is never actually read from 'err'
        while ((err = ERR_get_error()) != 0) {
                ^     ~~~~~~~~~~~~~~~
1 warning generated.
---
 bin/named/unix/os.c         | 2 +-
 lib/dns/openssleddsa_link.c | 3 +--
 lib/dns/rpz.c               | 3 ++-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/bin/named/unix/os.c b/bin/named/unix/os.c
index 54f0a694bf..b99b0d3d00 100644
--- a/bin/named/unix/os.c
+++ b/bin/named/unix/os.c
@@ -869,7 +869,7 @@ named_os_shutdownmsg(char *command, isc_buffer_t *text) {
 	pid_t pid;
 
 	/* Skip the command name. */
-	if ((ptr = strtok_r(command, " \t", &last)) == NULL) {
+	if (strtok_r(command, " \t", &last) == NULL) {
 		return;
 	}
 
diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c
index 19c52670af..326cf67c7e 100644
--- a/lib/dns/openssleddsa_link.c
+++ b/lib/dns/openssleddsa_link.c
@@ -518,7 +518,6 @@ static bool
 openssleddsa_isprivate(const dst_key_t *key) {
 	EVP_PKEY *pkey = key->keydata.pkey;
 	int len;
-	unsigned long err;
 
 	if (pkey == NULL) {
 		return (false);
@@ -529,7 +528,7 @@ openssleddsa_isprivate(const dst_key_t *key) {
 		return (true);
 	}
 	/* can check if first error is EC_R_INVALID_PRIVATE_KEY */
-	while ((err = ERR_get_error()) != 0) {
+	while (ERR_get_error() != 0) {
 		/**/
 	}
 
diff --git a/lib/dns/rpz.c b/lib/dns/rpz.c
index a2f2e4b7ea..a16b760ee4 100644
--- a/lib/dns/rpz.c
+++ b/lib/dns/rpz.c
@@ -1114,7 +1114,8 @@ trim_zbits(dns_rpz_zbits_t zbits, dns_rpz_zbits_t found) {
 	x = zbits & found;
 	x &= (~x + 1);
 	x = (x << 1) - 1;
-	return (zbits &= x);
+	zbits &= x;
+	return (zbits);
 }
 
 /*

From ddd0d356e5922e6b1958b3050e04a160e106734a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
Date: Wed, 25 Mar 2020 17:25:45 +0100
Subject: [PATCH 2/2] Fix 'Dereference of null pointer' from scan-build-10

These are mostly false positives, the clang-analyzer FAQ[1] specifies
why and how to fix it:

> The reason the analyzer often thinks that a pointer can be null is
> because the preceding code checked compared it against null. So if you
> are absolutely sure that it cannot be null, remove the preceding check
> and, preferably, add an assertion as well.

The 4 warnings reported are:

dnssec-cds.c:781:4: warning: Access to field 'base' results in a dereference of a null pointer (loaded from variable 'buf')
                        isc_buffer_availableregion(buf, &r);
                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/builds/isc-projects/bind9/lib/isc/include/isc/buffer.h:996:36: note: expanded from macro 'isc_buffer_availableregion'
                                   ^
/builds/isc-projects/bind9/lib/isc/include/isc/buffer.h:821:16: note: expanded from macro 'ISC__BUFFER_AVAILABLEREGION'
                (_r)->base = isc_buffer_used(_b);              \
                             ^~~~~~~~~~~~~~~~~~~
/builds/isc-projects/bind9/lib/isc/include/isc/buffer.h:152:29: note: expanded from macro 'isc_buffer_used'
        ((void *)((unsigned char *)(b)->base + (b)->used)) /*d*/
                                   ^~~~~~~~~
1 warning generated.

--

byname_test.c:308:34: warning: Access to field 'fwdtable' results in a dereference of a null pointer (loaded from variable 'view')
                RUNTIME_CHECK(dns_fwdtable_add(view->fwdtable, dns_rootname,
                                               ^~~~~~~~~~~~~~
/builds/isc-projects/bind9/lib/isc/include/isc/util.h:318:52: note: expanded from macro 'RUNTIME_CHECK'
                                                   ^~~~
/builds/isc-projects/bind9/lib/isc/include/isc/error.h:50:21: note: expanded from macro 'ISC_ERROR_RUNTIMECHECK'
        ((void)(ISC_LIKELY(cond) ||  \
                           ^~~~
/builds/isc-projects/bind9/lib/isc/include/isc/likely.h:23:43: note: expanded from macro 'ISC_LIKELY'
                                            ^
1 warning generated.

--

./rndc.c:255:6: warning: Dereference of null pointer (loaded from variable 'host')
        if (*host == '/') {
            ^~~~~
1 warning generated.

--

./main.c:1254:9: warning: Access to field 'sctx' results in a dereference of a null pointer (loaded from variable 'named_g_server')
        sctx = named_g_server->sctx;
               ^~~~~~~~~~~~~~~~~~~~
1 warning generated.

References:
1. https://clang-analyzer.llvm.org/faq.html#null_pointer
---
 bin/dnssec/dnssec-cds.c          | 4 ++++
 bin/named/main.c                 | 1 +
 bin/rndc/rndc.c                  | 4 +++-
 bin/tests/optional/byname_test.c | 1 +
 4 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/bin/dnssec/dnssec-cds.c b/bin/dnssec/dnssec-cds.c
index e94235786c..a9ba59d4f2 100644
--- a/bin/dnssec/dnssec-cds.c
+++ b/bin/dnssec/dnssec-cds.c
@@ -754,6 +754,8 @@ ds_from_cds(dns_rdatalist_t *dslist, isc_buffer_t *buf, dns_rdata_t *cds) {
 	dns_rdata_ds_t ds;
 	dns_rdata_t *rdata;
 
+	REQUIRE(buf != NULL);
+
 	rdata = rdata_get();
 
 	result = dns_rdata_tostruct(cds, &ds, NULL);
@@ -772,6 +774,8 @@ ds_from_cdnskey(dns_rdatalist_t *dslist, isc_buffer_t *buf,
 	isc_result_t result;
 	unsigned i, n;
 
+	REQUIRE(buf != NULL);
+
 	n = sizeof(dtype) / sizeof(dtype[0]);
 	for (i = 0; i < n; i++) {
 		if (dtype[i] != 0) {
diff --git a/bin/named/main.c b/bin/named/main.c
index 19875e2ce8..ec8d22100f 100644
--- a/bin/named/main.c
+++ b/bin/named/main.c
@@ -1251,6 +1251,7 @@ setup(void) {
 #endif /* if CONTRIB_DLZ */
 
 	named_server_create(named_g_mctx, &named_g_server);
+	ENSURE(named_g_server != NULL);
 	sctx = named_g_server->sctx;
 
 	/*
diff --git a/bin/rndc/rndc.c b/bin/rndc/rndc.c
index b6e7a18664..f238b1d584 100644
--- a/bin/rndc/rndc.c
+++ b/bin/rndc/rndc.c
@@ -252,6 +252,8 @@ get_addresses(const char *host, in_port_t port) {
 	isc_result_t result;
 	int found = 0, count;
 
+	REQUIRE(host != NULL);
+
 	if (*host == '/') {
 		result = isc_sockaddr_frompath(&serveraddrs[nserveraddrs],
 					       host);
@@ -1036,7 +1038,7 @@ main(int argc, char **argv) {
 		fatal("'%s' is not implemented", command);
 	}
 
-	if (nserveraddrs == 0) {
+	if (nserveraddrs == 0 && servername != NULL) {
 		get_addresses(servername, (in_port_t)remoteport);
 	}
 
diff --git a/bin/tests/optional/byname_test.c b/bin/tests/optional/byname_test.c
index a80160a690..1d6ab599c1 100644
--- a/bin/tests/optional/byname_test.c
+++ b/bin/tests/optional/byname_test.c
@@ -305,6 +305,7 @@ main(int argc, char *argv[]) {
 		isc_sockaddr_fromin(&sa, &ina, 53);
 		ISC_LIST_APPEND(sal, &sa, link);
 
+		REQUIRE(DNS_VIEW_VALID(view));
 		RUNTIME_CHECK(dns_fwdtable_add(view->fwdtable, dns_rootname,
 					       &sal, dns_fwdpolicy_only) ==
 			      ISC_R_SUCCESS);