Commit d5707676 authored by Mukund Sivaraman's avatar Mukund Sivaraman

Don't use memset() to wipe memory (#45947)

parent 404c9b1c
4729. [bug] Don't use memset() to wipe memory, as it may be
removed by compiler optimizations when the
memset() occurs on automatic stack allocation
just before function return. [RT #45947]
4728. [func] Use C11's stdatomic.h instead of isc_atomic
where available. [RT #40668]
......
......@@ -242,6 +242,9 @@ int sigwait(const unsigned int *set, int *sig);
/* Define to 1 if you have the `EVP_sha512' function. */
#undef HAVE_EVP_SHA512
/* Define to 1 if you have the `explicit_bzero' function. */
#undef HAVE_EXPLICIT_BZERO
/* Define to 1 if you have the <fcntl.h> header file. */
#undef HAVE_FCNTL_H
......
......@@ -20111,7 +20111,7 @@ $as_echo "#define HAVE_IF_NAMETOINDEX 1" >>confdefs.h
esac
for ac_func in nanosleep usleep
for ac_func in nanosleep usleep explicit_bzero
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
......
......@@ -4001,7 +4001,7 @@ yes)
esac
AC_SUBST(ISC_PLATFORM_HAVEIFNAMETOINDEX)
AC_CHECK_FUNCS(nanosleep usleep)
AC_CHECK_FUNCS(nanosleep usleep explicit_bzero)
#
# Machine architecture dependent features
......
......@@ -44,6 +44,7 @@
#include <isc/print.h>
#include <isc/refcount.h>
#include <isc/random.h>
#include <isc/safe.h>
#include <isc/string.h>
#include <isc/time.h>
#include <isc/util.h>
......@@ -1259,8 +1260,8 @@ dst_key_free(dst_key_t **keyp) {
if (key->key_tkeytoken) {
isc_buffer_free(&key->key_tkeytoken);
}
memset(key, 0, sizeof(dst_key_t));
isc_mem_putanddetach(&mctx, key, sizeof(dst_key_t));
isc_safe_memwipe(key, sizeof(*key));
isc_mem_putanddetach(&mctx, key, sizeof(*key));
*keyp = NULL;
}
......
......@@ -165,7 +165,7 @@ hmacmd5_generate(dst_key_t *key, int pseudorandom_ok, void (*callback)(int)) {
isc_buffer_init(&b, data, bytes);
isc_buffer_add(&b, bytes);
ret = hmacmd5_fromdns(key, &b);
memset(data, 0, ISC_MD5_BLOCK_LENGTH);
isc_safe_memwipe(data, sizeof(data));
return (ret);
}
......@@ -180,8 +180,8 @@ static void
hmacmd5_destroy(dst_key_t *key) {
dst_hmacmd5_key_t *hkey = key->keydata.hmacmd5;
memset(hkey, 0, sizeof(dst_hmacmd5_key_t));
isc_mem_put(key->mctx, hkey, sizeof(dst_hmacmd5_key_t));
isc_safe_memwipe(hkey, sizeof(*hkey));
isc_mem_put(key->mctx, hkey, sizeof(*hkey));
key->keydata.hmacmd5 = NULL;
}
......@@ -307,7 +307,7 @@ hmacmd5_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
}
}
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (result);
}
......@@ -451,7 +451,7 @@ hmacsha1_generate(dst_key_t *key, int pseudorandom_ok, void (*callback)(int)) {
isc_buffer_init(&b, data, bytes);
isc_buffer_add(&b, bytes);
ret = hmacsha1_fromdns(key, &b);
memset(data, 0, ISC_SHA1_BLOCK_LENGTH);
isc_safe_memwipe(data, sizeof(data));
return (ret);
}
......@@ -466,8 +466,8 @@ static void
hmacsha1_destroy(dst_key_t *key) {
dst_hmacsha1_key_t *hkey = key->keydata.hmacsha1;
memset(hkey, 0, sizeof(dst_hmacsha1_key_t));
isc_mem_put(key->mctx, hkey, sizeof(dst_hmacsha1_key_t));
isc_safe_memwipe(hkey, sizeof(*hkey));
isc_mem_put(key->mctx, hkey, sizeof(*hkey));
key->keydata.hmacsha1 = NULL;
}
......@@ -593,7 +593,7 @@ hmacsha1_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
}
}
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (result);
}
......@@ -738,7 +738,7 @@ hmacsha224_generate(dst_key_t *key, int pseudorandom_ok,
isc_buffer_init(&b, data, bytes);
isc_buffer_add(&b, bytes);
ret = hmacsha224_fromdns(key, &b);
memset(data, 0, ISC_SHA224_BLOCK_LENGTH);
isc_safe_memwipe(data, sizeof(data));
return (ret);
}
......@@ -753,8 +753,8 @@ static void
hmacsha224_destroy(dst_key_t *key) {
dst_hmacsha224_key_t *hkey = key->keydata.hmacsha224;
memset(hkey, 0, sizeof(dst_hmacsha224_key_t));
isc_mem_put(key->mctx, hkey, sizeof(dst_hmacsha224_key_t));
isc_safe_memwipe(hkey, sizeof(*hkey));
isc_mem_put(key->mctx, hkey, sizeof(*hkey));
key->keydata.hmacsha224 = NULL;
}
......@@ -880,7 +880,7 @@ hmacsha224_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
}
}
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (result);
}
......@@ -1025,7 +1025,7 @@ hmacsha256_generate(dst_key_t *key, int pseudorandom_ok,
isc_buffer_init(&b, data, bytes);
isc_buffer_add(&b, bytes);
ret = hmacsha256_fromdns(key, &b);
memset(data, 0, ISC_SHA256_BLOCK_LENGTH);
isc_safe_memwipe(data, sizeof(data));
return (ret);
}
......@@ -1040,8 +1040,8 @@ static void
hmacsha256_destroy(dst_key_t *key) {
dst_hmacsha256_key_t *hkey = key->keydata.hmacsha256;
memset(hkey, 0, sizeof(dst_hmacsha256_key_t));
isc_mem_put(key->mctx, hkey, sizeof(dst_hmacsha256_key_t));
isc_safe_memwipe(hkey, sizeof(*hkey));
isc_mem_put(key->mctx, hkey, sizeof(*hkey));
key->keydata.hmacsha256 = NULL;
}
......@@ -1167,7 +1167,7 @@ hmacsha256_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
}
}
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (result);
}
......@@ -1312,7 +1312,7 @@ hmacsha384_generate(dst_key_t *key, int pseudorandom_ok,
isc_buffer_init(&b, data, bytes);
isc_buffer_add(&b, bytes);
ret = hmacsha384_fromdns(key, &b);
memset(data, 0, ISC_SHA384_BLOCK_LENGTH);
isc_safe_memwipe(data, sizeof(data));
return (ret);
}
......@@ -1327,8 +1327,8 @@ static void
hmacsha384_destroy(dst_key_t *key) {
dst_hmacsha384_key_t *hkey = key->keydata.hmacsha384;
memset(hkey, 0, sizeof(dst_hmacsha384_key_t));
isc_mem_put(key->mctx, hkey, sizeof(dst_hmacsha384_key_t));
isc_safe_memwipe(hkey, sizeof(*hkey));
isc_mem_put(key->mctx, hkey, sizeof(*hkey));
key->keydata.hmacsha384 = NULL;
}
......@@ -1454,7 +1454,7 @@ hmacsha384_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
}
}
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (result);
}
......@@ -1599,7 +1599,7 @@ hmacsha512_generate(dst_key_t *key, int pseudorandom_ok,
isc_buffer_init(&b, data, bytes);
isc_buffer_add(&b, bytes);
ret = hmacsha512_fromdns(key, &b);
memset(data, 0, ISC_SHA512_BLOCK_LENGTH);
isc_safe_memwipe(data, sizeof(data));
return (ret);
}
......@@ -1614,8 +1614,8 @@ static void
hmacsha512_destroy(dst_key_t *key) {
dst_hmacsha512_key_t *hkey = key->keydata.hmacsha512;
memset(hkey, 0, sizeof(dst_hmacsha512_key_t));
isc_mem_put(key->mctx, hkey, sizeof(dst_hmacsha512_key_t));
isc_safe_memwipe(hkey, sizeof(*hkey));
isc_mem_put(key->mctx, hkey, sizeof(*hkey));
key->keydata.hmacsha512 = NULL;
}
......@@ -1741,7 +1741,7 @@ hmacsha512_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
}
}
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (result);
}
......
......@@ -36,6 +36,7 @@
#include <ctype.h>
#include <isc/mem.h>
#include <isc/safe.h>
#include <isc/string.h>
#include <isc/util.h>
......@@ -685,7 +686,7 @@ openssldh_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
BN_free(priv_key);
openssldh_destroy(key);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ret);
}
......
......@@ -35,6 +35,7 @@
#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/safe.h>
#include <isc/sha1.h>
#include <isc/util.h>
......@@ -711,7 +712,7 @@ openssldsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
pub->keydata.pkey = NULL;
key->key_size = pub->key_size;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ISC_R_SUCCESS);
}
......@@ -747,7 +748,7 @@ openssldsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
}
}
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
DSA_set0_key(dsa, pub_key, priv_key);
DSA_set0_pqg(dsa, p, q, g);
key->key_size = BN_num_bits(p);
......@@ -762,7 +763,7 @@ openssldsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
BN_free(g);
openssldsa_destroy(key);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ret);
}
......
......@@ -16,6 +16,7 @@
#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/safe.h>
#include <isc/sha2.h>
#include <isc/string.h>
#include <isc/util.h>
......@@ -559,7 +560,7 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
key->keydata.pkey = pub->keydata.pkey;
pub->keydata.pkey = NULL;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ISC_R_SUCCESS);
}
......@@ -601,7 +602,7 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
if (eckey != NULL)
EC_KEY_free(eckey);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ret);
}
......
......@@ -13,6 +13,7 @@
#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/safe.h>
#include <isc/sha2.h>
#include <isc/string.h>
#include <isc/util.h>
......@@ -597,7 +598,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
key->keydata.pkey = pub->keydata.pkey;
pub->keydata.pkey = NULL;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ISC_R_SUCCESS);
}
......@@ -624,7 +625,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
err:
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ret);
}
......
......@@ -471,7 +471,7 @@ opensslgost_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
pub->keydata.pkey = NULL;
key->key_size = pub->key_size;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ISC_R_SUCCESS);
}
......@@ -523,7 +523,7 @@ opensslgost_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
key->keydata.pkey = pkey;
key->key_size = EVP_PKEY_bits(pkey);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ISC_R_SUCCESS);
err:
......@@ -533,7 +533,7 @@ opensslgost_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
EVP_PKEY_free(pkey);
opensslgost_destroy(key);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ret);
}
......
......@@ -1487,7 +1487,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
pub->keydata.pkey = NULL;
key->key_size = pub->key_size;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ISC_R_SUCCESS);
}
......@@ -1555,7 +1555,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
EVP_PKEY_free(pkey);
#endif
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ISC_R_SUCCESS);
#else
DST_RET(DST_R_NOENGINE);
......@@ -1619,7 +1619,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
}
}
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
if (RSA_set0_key(rsa, n, e, d) == 0) {
if (n != NULL) BN_free(n);
......@@ -1660,7 +1660,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
RSA_free(pubrsa);
key->keydata.generic = NULL;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
isc_safe_memwipe(&priv, sizeof(priv));
return (ret);
}
......
......@@ -139,8 +139,8 @@ pkcs11dh_loadpriv(const dst_key_t *key,
err:
for (i = 6; i <= 8; i++)
if (keyTemplate[i].pValue != NULL) {
memset(keyTemplate[i].pValue, 0,
keyTemplate[i].ulValueLen);
isc_safe_memwipe(keyTemplate[i].pValue,
keyTemplate[i].ulValueLen);
isc_mem_put(key->mctx,
keyTemplate[i].pValue,
keyTemplate[i].ulValueLen);
......@@ -240,7 +240,8 @@ pkcs11dh_computesecret(const dst_key_t *pub, const dst_key_t *priv,
if (hDerived != CK_INVALID_HANDLE)
(void) pkcs_C_DestroyObject(ctx.session, hDerived);
if (valTemplate[0].pValue != NULL) {
memset(valTemplate[0].pValue, 0, valTemplate[0].ulValueLen);
isc_safe_memwipe(valTemplate[0].pValue,
valTemplate[0].ulValueLen);
isc_mem_put(pub->mctx,
valTemplate[0].pValue,
valTemplate[0].ulValueLen);
......@@ -248,7 +249,7 @@ pkcs11dh_computesecret(const dst_key_t *pub, const dst_key_t *priv,
if ((hKey != CK_INVALID_HANDLE) && !priv->keydata.pkey->ontoken)
(void) pkcs_C_DestroyObject(ctx.session, hKey);
if (mech.pParameter != NULL) {
memset(mech.pParameter, 0, mech.ulParameterLen);
isc_safe_memwipe(mech.pParameter, mech.ulParameterLen);
isc_mem_put(pub->mctx, mech.pParameter, mech.ulParameterLen);
}
pk11_return_session(&ctx);
......@@ -540,7 +541,7 @@ pkcs11dh_generate(dst_key_t *key, int generator, void (*callback)(int)) {
(void) pkcs_C_DestroyObject(pk11_ctx->session, pub);
(void) pkcs_C_DestroyObject(pk11_ctx->session, domainparams);
pk11_return_session(pk11_ctx);
memset(pk11_ctx, 0, sizeof(*pk11_ctx));
isc_safe_memwipe(pk11_ctx, sizeof(*pk11_ctx));
isc_mem_put(key->mctx, pk11_ctx, sizeof(*pk11_ctx));
return (ISC_R_SUCCESS);
......@@ -555,32 +556,36 @@ pkcs11dh_generate(dst_key_t *key, int generator, void (*callback)(int)) {
(void) pkcs_C_DestroyObject(pk11_ctx->session, domainparams);
if (pubTemplate[4].pValue != NULL) {
memset(pubTemplate[4].pValue, 0, pubTemplate[4].ulValueLen);
isc_safe_memwipe(pubTemplate[4].pValue,
pubTemplate[4].ulValueLen);
isc_mem_put(key->mctx,
pubTemplate[4].pValue,
pubTemplate[4].ulValueLen);
}
if (pubTemplate[5].pValue != NULL) {
memset(pubTemplate[5].pValue, 0, pubTemplate[5].ulValueLen);
isc_safe_memwipe(pubTemplate[5].pValue,
pubTemplate[5].ulValueLen);
isc_mem_put(key->mctx,
pubTemplate[5].pValue,
pubTemplate[5].ulValueLen);
}
if (pTemplate[0].pValue != NULL) {
memset(pTemplate[0].pValue, 0, pTemplate[0].ulValueLen);
isc_safe_memwipe(pTemplate[0].pValue,
pTemplate[0].ulValueLen);
isc_mem_put(key->mctx,
pTemplate[0].pValue,
pTemplate[0].ulValueLen);
}
if (pTemplate[1].pValue != NULL) {
memset(pTemplate[1].pValue, 0, pTemplate[1].ulValueLen);
isc_safe_memwipe(pTemplate[1].pValue,
pTemplate[1].ulValueLen);
isc_mem_put(key->mctx,
pTemplate[1].pValue,
pTemplate[1].ulValueLen);
}
pk11_return_session(pk11_ctx);
memset(pk11_ctx, 0, sizeof(*pk11_ctx));
isc_safe_memwipe(pk11_ctx, sizeof(*pk11_ctx));
isc_mem_put(key->mctx, pk11_ctx, sizeof(*pk11_ctx));
return (ret);
......@@ -616,7 +621,8 @@ pkcs11dh_destroy(dst_key_t *key) {
case CKA_PRIME:
case CKA_BASE:
if (attr->pValue != NULL) {
memset(attr->pValue, 0, attr->ulValueLen);
isc_safe_memwipe(attr->pValue,
attr->ulValueLen);
isc_mem_put(key->mctx,
attr->pValue,
attr->ulValueLen);
......@@ -624,10 +630,10 @@ pkcs11dh_destroy(dst_key_t *key) {
break;
}
if (dh->repr != NULL) {
memset(dh->repr, 0, dh->attrcnt * sizeof(*attr));
isc_safe_memwipe(dh->repr, dh->attrcnt * sizeof(*attr));
isc_mem_put(key->mctx, dh->repr, dh->attrcnt * sizeof(*attr));
}
memset(dh, 0, sizeof(*dh));
isc_safe_memwipe(dh, sizeof(*dh));
isc_mem_put(key->mctx, dh, sizeof(*dh));
key->keydata.pkey = NULL;
}
......@@ -732,42 +738,43 @@ pkcs11dh_todns(const dst_key_t *key, isc_buffer_t *data) {
static isc_result_t
pkcs11dh_fromdns(dst_key_t *key, isc_buffer_t *data) {
pk11_object_t *dh;
pk11_object_t *dh = NULL;
isc_region_t r;
isc_uint16_t plen, glen, plen_, glen_, publen;
CK_BYTE *prime = NULL, *base = NULL, *pub = NULL;
CK_ATTRIBUTE *attr;
int special = 0;
isc_result_t result;
isc_buffer_remainingregion(data, &r);
if (r.length == 0)
return (ISC_R_SUCCESS);
if (r.length == 0) {
result = ISC_R_SUCCESS;
goto cleanup;
}
dh = (pk11_object_t *) isc_mem_get(key->mctx, sizeof(*dh));
if (dh == NULL)
return (ISC_R_NOMEMORY);
if (dh == NULL) {
result = ISC_R_NOMEMORY;
goto cleanup;
}
memset(dh, 0, sizeof(*dh));
result = DST_R_INVALIDPUBLICKEY;
/*
* Read the prime length. 1 & 2 are table entries, > 16 means a
* prime follows, otherwise an error.
*/
if (r.length < 2) {
memset(dh, 0, sizeof(*dh));
isc_mem_put(key->mctx, dh, sizeof(*dh));
return (DST_R_INVALIDPUBLICKEY);
}
if (r.length < 2)
goto cleanup;
plen = uint16_fromregion(&r);
if (plen < 16 && plen != 1 && plen != 2) {
memset(dh, 0, sizeof(*dh));
isc_mem_put(key->mctx, dh, sizeof(*dh));
return (DST_R_INVALIDPUBLICKEY);
}
if (r.length < plen) {
memset(dh, 0, sizeof(*dh));
isc_mem_put(key->mctx, dh, sizeof(*dh));
return (DST_R_INVALIDPUBLICKEY);
}
if (plen < 16 && plen != 1 && plen != 2)
goto cleanup;
if (r.length < plen)
goto cleanup;
plen_ = plen;
if (plen == 1 || plen == 2) {
if (plen == 1) {
......@@ -790,9 +797,7 @@ pkcs11dh_fromdns(dst_key_t *key, isc_buffer_t *data) {
plen_ = sizeof(pk11_dh_bn1536);
break;
default:
memset(dh, 0, sizeof(*dh));
isc_mem_put(key->mctx, dh, sizeof(*dh));
return (DST_R_INVALIDPUBLICKEY);
goto cleanup;
}
}
else {
......@@ -805,17 +810,13 @@ pkcs11dh_fromdns(dst_key_t *key, isc_buffer_t *data) {
* special, but it might not be. If it's 0 and the prime is not
* special, we have a problem.
*/
if (r.length < 2) {
memset(dh, 0, sizeof(*dh));
isc_mem_put(key->mctx, dh, sizeof(*dh));
return (DST_R_INVALIDPUBLICKEY);
}
if (r.length < 2)
goto cleanup;
glen = uint16_fromregion(&r);
if (r.length < glen) {
memset(dh, 0, sizeof(*dh));
isc_mem_put(key->mctx, dh, sizeof(*dh));
return (DST_R_INVALIDPUBLICKEY);
}
if (r.length < glen)
goto cleanup;
glen_ = glen;
if (special != 0) {
if (glen == 0) {
......@@ -824,38 +825,26 @@ pkcs11dh_fromdns(dst_key_t *key, isc_buffer_t *data) {
}
else {
base = r.base;
if (isc_safe_memequal(base, pk11_dh_bn2, glen)) {
base = pk11_dh_bn2;
glen_ = sizeof(pk11_dh_bn2);
}
else {
memset(dh, 0, sizeof(*dh));
isc_mem_put(key->mctx, dh, sizeof(*dh));
return (DST_R_INVALIDPUBLICKEY);
}
if (!isc_safe_memequal(base, pk11_dh_bn2, glen))
goto cleanup;
base = pk11_dh_bn2;
glen_ = sizeof(pk11_dh_bn2);
}
}
else {
if (glen == 0) {
memset(dh, 0, sizeof(*dh));
isc_mem_put(key->mctx, dh, sizeof(*dh));
return (DST_R_INVALIDPUBLICKEY);
}
if (glen == 0)
goto cleanup;
base = r.base;
}
isc_region_consume(&r, glen);
if (r.length < 2) {
memset(dh, 0, sizeof(*dh));
isc_mem_put(key->mctx, dh, sizeof(*dh));
return (DST_R_INVALIDPUBLICKEY);
}
if (r.length < 2)
goto cleanup;
publen = uint16_fromregion(&r);
if (r.length < publen) {
memset(dh, 0, sizeof(*dh));
isc_mem_put(key->mctx, dh, sizeof(*dh));
return (DST_R_INVALIDPUBLICKEY);
}
if (r.length < publen)
goto cleanup;