diff --git a/src/trunnel/pwbox.c b/src/trunnel/pwbox.c
index b70e1d826..bfea3ac67 100644
--- a/src/trunnel/pwbox.c
+++ b/src/trunnel/pwbox.c
@@ -12,6 +12,22 @@
     (obj)->trunnel_error_code_ = 1; \
   } while (0)
 
+#if defined(__COVERITY__) || defined(__clang_analyzer__)
+/* If we're runnning a static analysis tool, we don't want it to complain
+ * that some of our remaining-bytes checks are dead-code. */
+int pwbox_deadcode_dummy__ = 0;
+#define OR_DEADCODE_DUMMY || pwbox_deadcode_dummy__
+#else
+#define OR_DEADCODE_DUMMY
+#endif
+
+#define CHECK_REMAINING(nbytes, label)                           \
+  do {                                                           \
+    if (remaining < (nbytes) OR_DEADCODE_DUMMY) {                \
+      goto label;                                                \
+    }                                                            \
+  } while (0)
+
 pwbox_encoded_t *
 pwbox_encoded_new(void)
 {
@@ -422,49 +438,38 @@ pwbox_encoded_parse_into(pwbox_encoded_t *obj, const uint8_t *input, const size_
   (void)result;
 
   /* Parse u32 fixedbytes0 IN [PWBOX0_CONST0] */
-  if (remaining < 4)
-    goto truncated;
+  CHECK_REMAINING(4, truncated);
   obj->fixedbytes0 = trunnel_ntohl(trunnel_get_uint32(ptr));
   remaining -= 4; ptr += 4;
   if (! (obj->fixedbytes0 == PWBOX0_CONST0))
     goto fail;
 
   /* Parse u32 fixedbytes1 IN [PWBOX0_CONST1] */
-  if (remaining < 4)
-    goto truncated;
+  CHECK_REMAINING(4, truncated);
   obj->fixedbytes1 = trunnel_ntohl(trunnel_get_uint32(ptr));
   remaining -= 4; ptr += 4;
   if (! (obj->fixedbytes1 == PWBOX0_CONST1))
     goto fail;
 
   /* Parse u8 header_len */
-  if (remaining < 1)
-    goto truncated;
+  CHECK_REMAINING(1, truncated);
   obj->header_len = (trunnel_get_uint8(ptr));
   remaining -= 1; ptr += 1;
 
   /* Parse u8 skey_header[header_len] */
-  if (remaining < obj->header_len)
-    goto truncated;
+  CHECK_REMAINING(obj->header_len, truncated);
   TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->skey_header, obj->header_len, {});
   obj->skey_header.n_ = obj->header_len;
   memcpy(obj->skey_header.elts_, ptr, obj->header_len);
   ptr += obj->header_len; remaining -= obj->header_len;
 
   /* Parse u8 iv[16] */
-  if (remaining < (16))
-    goto truncated;
+  CHECK_REMAINING(16, truncated);
   memcpy(obj->iv, ptr, 16);
-  {
-    unsigned idx;
-    for (idx = 0; idx < 16; ++idx)
-      obj->iv[idx] = (obj->iv[idx]);
-  }
   remaining -= 16; ptr += 16;
   {
     size_t remaining_after;
-    if (remaining < 32)
-       goto truncated;
+    CHECK_REMAINING(32, truncated);
     remaining_after = 32;
     remaining = remaining - 32;
 
@@ -479,14 +484,8 @@ pwbox_encoded_parse_into(pwbox_encoded_t *obj, const uint8_t *input, const size_
   }
 
   /* Parse u8 hmac[32] */
-  if (remaining < (32))
-    goto truncated;
+  CHECK_REMAINING(32, truncated);
   memcpy(obj->hmac, ptr, 32);
-  {
-    unsigned idx;
-    for (idx = 0; idx < 32; ++idx)
-      obj->hmac[idx] = (obj->hmac[idx]);
-  }
   remaining -= 32; ptr += 32;
   trunnel_assert(ptr + remaining == input + len_in);
   return len_in - remaining;