Clean up some Coverity-reported issues.

Author: michaelrsweet

cups/file.c

@@ -880,17 +880,24 @@ cupsFilePrintf(cups_file_t *fp,		// I - CUPS file
   va_start(ap, format);
   va_copy(ap2, ap);
   bytes = vsnprintf(fp->printf_buffer, fp->printf_size, format, ap2);
+  va_end(ap2);
 
   if (bytes >= (ssize_t)fp->printf_size)
   {
     // Expand the printf buffer...
     char	*temp;			// Temporary buffer pointer
 
     if (bytes > 65535)
+    {
+      va_end(ap);
       return (-1);
+    }
 
     if ((temp = realloc(fp->printf_buffer, (size_t)(bytes + 1))) == NULL)
+    {
+      va_end(ap);
       return (-1);
+    }
 
     fp->printf_buffer = temp;
     fp->printf_size   = (size_t)(bytes + 1);

cups/ipp.c

@@ -1613,7 +1613,8 @@ ippDateToTime(const ipp_uchar_t *date)	// I - RFC 2579 date info
   unixdate.tm_min  = date[5];
   unixdate.tm_sec  = date[6];
 
-  t = mktime(&unixdate);
+  if ((t = mktime(&unixdate)) < 0)
+    return (0);
 
   if (date[8] == '-')
     t += date[9] * 3600 + date[10] * 60;

cups/jwt.c

@@ -10,6 +10,7 @@
 #include "cups-private.h"
 #include "jwt.h"
 #include "json-private.h"
+#include <assert.h>
 #ifdef HAVE_OPENSSL
 #  include <openssl/ecdsa.h>
 #  include <openssl/evp.h>
@@ -421,6 +422,7 @@ cupsJWTHasValidSignature(
 
 #ifdef HAVE_OPENSSL
         hash_len = cupsHashData(cups_jwa_algorithms[jwt->sigalg], text, text_len, hash, sizeof(hash));
+        assert(hash_len > 0);
 
         if ((rsa = make_rsa(jwk)) != NULL)
         {
@@ -457,6 +459,7 @@ cupsJWTHasValidSignature(
 
 #ifdef HAVE_OPENSSL
         hash_len = cupsHashData(cups_jwa_algorithms[jwt->sigalg], text, text_len, hash, sizeof(hash));
+        assert(hash_len > 0);
 
         if ((ec = make_ec_key(jwk, true)) != NULL)
         {
@@ -1758,6 +1761,8 @@ make_signature(cups_jwt_t    *jwt,	// I  - JWT
     if ((rsa = make_rsa(jwk)) != NULL)
     {
       hash_len = cupsHashData(cups_jwa_algorithms[alg], text, text_len, hash, sizeof(hash));
+      assert(hash_len > 0);
+
       if (RSA_sign(nids[alg - CUPS_JWA_RS256], hash, hash_len, signature, &siglen, rsa) == 1)
       {
         *sigsize = siglen;
@@ -1805,6 +1810,8 @@ make_signature(cups_jwt_t    *jwt,	// I  - JWT
     if ((ec = make_ec_key(jwk, false)) != NULL)
     {
       hash_len = cupsHashData(cups_jwa_algorithms[alg], text, text_len, hash, sizeof(hash));
+      assert(hash_len > 0);
+
       if ((ec_sig = ECDSA_do_sign(hash, hash_len, ec)) != NULL)
       {
         // Get the raw coordinates...

cups/langprintf.c

@@ -1,7 +1,7 @@
 //
 // Localized printf/puts functions for CUPS.
 //
-// Copyright © 2022 by OpenPrinting.
+// Copyright © 2022-2024 by OpenPrinting.
 // Copyright © 2007-2014 by Apple Inc.
 // Copyright © 2002-2007 by Easy Software Products.
 //
@@ -110,6 +110,7 @@ cupsLangPuts(FILE       *fp,		// I - File to write to
              const char *message)	// I - Message string to use
 {
   ssize_t	bytes;			// Number of bytes formatted
+  size_t	length = 0;		// Total length
   char		output[8192];		// Message buffer
   _cups_globals_t *cg = _cupsGlobals();	// Global data
 
@@ -122,12 +123,14 @@ cupsLangPuts(FILE       *fp,		// I - File to write to
     cg->lang_default = cupsLangDefault();
 
   // Transcode to the destination charset...
-  bytes = cupsUTF8ToCharset(output, cupsLangGetString(cg->lang_default, message), sizeof(output) - 4, cg->lang_encoding);
-  bytes += cupsUTF8ToCharset(output + bytes, "\n", sizeof(output) - (size_t)bytes, cg->lang_encoding);
+  if ((bytes = cupsUTF8ToCharset(output, cupsLangGetString(cg->lang_default, message), sizeof(output) - 4, cg->lang_encoding)) > 0)
+    length += (size_t)bytes;
+  if ((bytes = cupsUTF8ToCharset(output + length, "\n", sizeof(output) - length, cg->lang_encoding)) > 0)
+    length += (size_t)bytes;
 
   // Write the string and return the number of bytes written...
-  if (bytes > 0)
-    return ((ssize_t)fwrite(output, 1, (size_t)bytes, fp));
+  if (length > 0)
+    return ((ssize_t)fwrite(output, 1, length, fp));
   else
     return (bytes);
 }

cups/oauth.c

@@ -1348,8 +1348,12 @@ oauth_copy_response(http_t *http)	// I - HTTP connection
   // Allocate memory for string...
   initial_state = httpGetState(http);
 
-  if ((bodylen = (size_t)httpGetLength(http)) == 0 || bodylen > 65536)
+  if ((bytes = httpGetLength(http)) < 0)
+    return (NULL);
+  else if (bytes == 0 || bytes > 65536)
     bodylen = 65536;			// Accept up to 64k for GETs/POSTs
+  else
+    bodylen = (size_t)bytes;
 
   if ((body = calloc(1, bodylen + 1)) != NULL)
   {