From 169ca7f06d99d3e8e4db06c56474f90a8c357be1 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 25 Aug 2020 22:50:06 +0200
Subject: [PATCH] psa_crypto_storage: Annotate file removal after a failed
 creation

Let static analyzers know that it's ok if psa_its_remove() fails here.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 library/psa_crypto_storage.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index 37820533f..103c9bbb8 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c
@@ -174,7 +174,13 @@ static psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key,
 
 exit:
     if( status != PSA_SUCCESS )
-        psa_its_remove( data_identifier );
+    {
+        /* Remove the file in case we managed to create it but something
+         * went wrong. It's ok if the file doesn't exist. If the file exists
+         * but the removal fails, we're already reporting an error so there's
+         * nothing else we can do. */
+        (void) psa_its_remove( data_identifier );
+    }
     return( status );
 }