Fix CodeQL warnings

.github/workflows/build.yml

@@ -55,7 +55,7 @@ jobs:
     container: ${{ matrix.container }}
     strategy:
       matrix:
-        container: ['ubuntu:20.04', 'ubuntu:22.04', 'ubuntu:23.04', 'ubuntu:23.10']
+        container: ['ubuntu:20.04', 'ubuntu:22.04', 'ubuntu:23.10']
     env:
       DEBIAN_FRONTEND: noninteractive
       DEBFULLNAME: github-actions

client/CDoc2.cpp

@@ -392,6 +392,8 @@ namespace cdoc20 {
 CDoc2::CDoc2(const QString &path)
 	: QFile(path)
 {
+	using namespace cdoc20::Recipients;
+	using namespace cdoc20::Header;
 	setLastError(QStringLiteral("Invalid CDoc 2.0 header"));
 	uint32_t header_len = 0;
 	if(!open(QFile::ReadOnly) ||
@@ -406,12 +408,12 @@ CDoc2::CDoc2(const QString &path)
 		return;
 	noncePos = pos();
 	flatbuffers::Verifier verifier(reinterpret_cast<const uint8_t*>(header_data.data()), header_data.size());
-	if(!cdoc20::Header::VerifyHeaderBuffer(verifier))
+	if(!VerifyHeaderBuffer(verifier))
 		return;
-	const auto *header = cdoc20::Header::GetHeader(header_data.constData());
+	const auto *header = GetHeader(header_data.constData());
 	if(!header)
 		return;
-	if(header->payload_encryption_method() != cdoc20::Header::PayloadEncryptionMethod::CHACHA20POLY1305)
+	if(header->payload_encryption_method() != PayloadEncryptionMethod::CHACHA20POLY1305)
 		return;
 	const auto *recipients = header->recipients();
 	if(!recipients)
@@ -425,7 +427,7 @@ CDoc2::CDoc2(const QString &path)
 		return data ? QString::fromUtf8(data->c_str(), data->size()) : QString();
 	};
 	for(const auto *recipient: *recipients){
-		if(recipient->fmk_encryption_method() != cdoc20::Header::FMKEncryptionMethod::XOR)
+		if(recipient->fmk_encryption_method() != FMKEncryptionMethod::XOR)
 		{
 			qWarning() << "Unsupported FMK encryption method: skipping";
 			continue;
@@ -436,14 +438,12 @@ CDoc2::CDoc2(const QString &path)
 			k.cipher = toByteArray(recipient->encrypted_fmk());
 			return k;
 		};
-		using cdoc20::Recipients::Capsule;
 		switch(recipient->capsule_type())
 		{
 		case Capsule::ECCPublicKeyCapsule:
-		{
 			if(const auto *key = recipient->capsule_as_ECCPublicKeyCapsule())
 			{
-				if(key->curve() != cdoc20::Recipients::EllipticCurve::secp384r1)
+				if(key->curve() != EllipticCurve::secp384r1)
 				{
 					qWarning() << "Unsupported ECC curve: skipping";
 					continue;
@@ -453,51 +453,41 @@ CDoc2::CDoc2(const QString &path)
 				keys.append(std::move(k));
 			}
 			break;
-		}
 		case Capsule::RSAPublicKeyCapsule:
-		{
 			if(const auto *key = recipient->capsule_as_RSAPublicKeyCapsule())
 			{
 				CKey k = fillRecipient(key, true);
 				k.encrypted_kek = toByteArray(key->encrypted_kek());
 				keys.append(std::move(k));
 			}
 			break;
-		}
 		case Capsule::KeyServerCapsule:
-		{
-			const auto *server = recipient->capsule_as_KeyServerCapsule();
-			if(!server)
-				qWarning() << "Unsupported Key Details: skipping";
-
-			auto fillKeyServer = [&] (auto key, bool isRSA) {
-				CKey k = fillRecipient(key, isRSA);
-				k.keyserver_id = toString(server->keyserver_id());
-				k.transaction_id = toString(server->transaction_id());
-				return k;
-			};
-			switch(server->recipient_key_details_type())
+			if(const auto *server = recipient->capsule_as_KeyServerCapsule())
 			{
-			case cdoc20::Recipients::ServerDetailsUnion::ServerEccDetails:
-			{
-				if(const auto *eccDetails = server->recipient_key_details_as_ServerEccDetails())
+				auto fillKeyServer = [&] (auto key, bool isRSA) {
+					CKey k = fillRecipient(key, isRSA);
+					k.keyserver_id = toString(server->keyserver_id());
+					k.transaction_id = toString(server->transaction_id());
+					return k;
+				};
+				switch(server->recipient_key_details_type())
 				{
-					if(eccDetails->curve() == cdoc20::Recipients::EllipticCurve::secp384r1)
-						keys.append(fillKeyServer(eccDetails, false));
+				case ServerDetailsUnion::ServerEccDetails:
+					if(const auto *eccDetails = server->recipient_key_details_as_ServerEccDetails())
+					{
+						if(eccDetails->curve() == EllipticCurve::secp384r1)
+							keys.append(fillKeyServer(eccDetails, false));
+					}
+					break;
+				case ServerDetailsUnion::ServerRsaDetails:
+					if(const auto *rsaDetails = server->recipient_key_details_as_ServerRsaDetails())
+						keys.append(fillKeyServer(rsaDetails, true));
+					break;
+				default:
+					qWarning() << "Unsupported Key Server Details: skipping";
 				}
-				break;
-			}
-			case cdoc20::Recipients::ServerDetailsUnion::ServerRsaDetails:
-			{
-				if(const auto *rsaDetails = server->recipient_key_details_as_ServerRsaDetails())
-					keys.append(fillKeyServer(rsaDetails, true));
-				break;
-			}
-			default:
-				qWarning() << "Unsupported Key Server Details: skipping";
 			}
 			break;
-		}
 		default:
 			qWarning() << "Unsupported Key Details: skipping";
 		}

client/CMakeLists.txt

@@ -29,37 +29,41 @@ add_executable(${PROJECT_NAME} WIN32 MACOSX_BUNDLE
 	fonts/fonts.qrc
 	${CMAKE_CURRENT_BINARY_DIR}/tr.qrc
 	${CMAKE_CURRENT_BINARY_DIR}/TSL.qrc
+	common_enums.h
 	main.cpp
 	Application.cpp
 	Application.h
-	CheckConnection.cpp
-	CheckConnection.h
 	CDoc1.cpp
 	CDoc1.h
 	CDoc2.cpp
 	CDoc2.h
+	CheckConnection.cpp
+	CheckConnection.h
+	Colors.h
 	Crypto.cpp
 	Crypto.h
 	CryptoDoc.cpp
 	CryptoDoc.h
 	DateTime.cpp
 	DateTime.h
-	DigiDoc.cpp
-	DigiDoc.h
 	Diagnostics.cpp
 	Diagnostics.h
 	DiagnosticsTask.cpp
 	DiagnosticsTask.h
+	DigiDoc.cpp
+	DigiDoc.h
 	DocumentModel.cpp
 	DocumentModel.h
 	IKValidator.cpp
 	IKValidator.h
+	LdapSearch.cpp
+	LdapSearch.h
 	MainWindow.cpp
 	MainWindow_MyEID.cpp
 	MainWindow.h
 	MainWindow.ui
-	LdapSearch.cpp
-	LdapSearch.h
+	PrintSheet.cpp
+	PrintSheet.h
 	QCardLock.cpp
 	QCardLock.h
 	QCryptoBackend.cpp
@@ -69,17 +73,17 @@ add_executable(${PROJECT_NAME} WIN32 MACOSX_BUNDLE
 	QSigner.cpp
 	QSigner.h
 	QSmartCard.cpp
+	QSmartCard_p.h
 	QSmartCard.h
-	Styles.cpp
-	Styles.h
-	PrintSheet.cpp
-	PrintSheet.h
 	Settings.cpp
 	Settings.h
 	SslCertificate.cpp
 	SslCertificate.h
+	Styles.cpp
+	Styles.h
 	TokenData.cpp
 	TokenData.h
+	Utils.h
 )
 
 target_link_libraries(${PROJECT_NAME}

client/dialogs/WarningDialog.cpp

@@ -102,6 +102,7 @@ QString WarningDialog::buttonLabel(ButtonText label)
 	case OK: return QStringLiteral("OK");
 	case Cancel: return tr("CANCEL");
 	case YES: return tr("YES");
+	default: return {};
 	}
 }