Commit ee061820 authored by Michał Kępień's avatar Michał Kępień

Use RUNTIME_CHECK instead of check_result() where it is safe to do so

Replace calls to check_result() with RUNTIME_CHECK assertions for all
dns_rdata_tostruct() calls in lib/dns/zoneverify.c as this function
cannot fail when the "mctx" argument is NULL (and that is the case for
all call sites of this function throughout lib/dns/zoneverify.c).
parent fc6b5ad5
......@@ -205,7 +205,7 @@ goodsig(const vctx_t *vctx, dns_rdata_t *sigrdata, dns_name_t *name,
isc_result_t result;
result = dns_rdata_tostruct(sigrdata, &sig, NULL);
check_result(result, "dns_rdata_tostruct()");
RUNTIME_CHECK(result == ISC_R_SUCCESS);
for (result = dns_rdataset_first(keyrdataset);
result == ISC_R_SUCCESS;
......@@ -213,7 +213,7 @@ goodsig(const vctx_t *vctx, dns_rdata_t *sigrdata, dns_name_t *name,
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(keyrdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &key, NULL);
check_result(result, "dns_rdata_tostruct()");
RUNTIME_CHECK(result == ISC_R_SUCCESS);
result = dns_dnssec_keyfromrdata(vctx->origin, &rdata,
vctx->mctx, &dstkey);
if (result != ISC_R_SUCCESS)
......@@ -263,7 +263,7 @@ verifynsec(const vctx_t *vctx, dns_name_t *name, dns_dbnode_t *node,
dns_rdataset_current(&rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &nsec, NULL);
check_result(result, "dns_rdata_tostruct()");
RUNTIME_CHECK(result == ISC_R_SUCCESS);
/* Check bit next name is consistent */
if (!dns_name_equal(&nsec.next, nextname)) {
dns_name_format(name, namebuf, sizeof(namebuf));
......@@ -435,7 +435,7 @@ match_nsec3(const vctx_t *vctx, dns_name_t *name,
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &nsec3, NULL);
check_result(result, "dns_rdata_tostruct()");
RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (nsec3.hash == nsec3param->hash &&
nsec3.next_length == rhsize &&
nsec3.iterations == nsec3param->iterations &&
......@@ -478,7 +478,7 @@ match_nsec3(const vctx_t *vctx, dns_name_t *name,
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &nsec3, NULL);
check_result(result, "dns_rdata_tostruct()");
RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (nsec3.hash == nsec3param->hash &&
nsec3.iterations == nsec3param->iterations &&
nsec3.salt_length == nsec3param->salt_length &&
......@@ -510,7 +510,7 @@ innsec3params(dns_rdata_nsec3_t *nsec3, dns_rdataset_t *nsec3paramset) {
dns_rdataset_current(nsec3paramset, &rdata);
result = dns_rdata_tostruct(&rdata, &nsec3param, NULL);
check_result(result, "dns_rdata_tostruct()");
RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (nsec3param.flags == 0 &&
nsec3param.hash == nsec3->hash &&
nsec3param.iterations == nsec3->iterations &&
......@@ -556,7 +556,7 @@ record_found(const vctx_t *vctx, dns_name_t *name, dns_dbnode_t *node,
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &nsec3, NULL);
check_result(result, "dns_rdata_tostruct()");
RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (nsec3.next_length != isc_buffer_usedlength(&b))
continue;
/*
......@@ -594,7 +594,7 @@ isoptout(const vctx_t *vctx, dns_rdata_t *nsec3rdata) {
isc_boolean_t ret;
result = dns_rdata_tostruct(nsec3rdata, &nsec3param, NULL);
check_result(result, "dns_rdata_tostruct()");
RUNTIME_CHECK(result == ISC_R_SUCCESS);
dns_fixedname_init(&fixed);
result = dns_nsec3_hashname(&fixed, rawhash, &rhsize, vctx->origin,
......@@ -619,10 +619,8 @@ isoptout(const vctx_t *vctx, dns_rdata_t *nsec3rdata) {
dns_rdataset_current(&rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &nsec3, NULL);
if (result != ISC_R_SUCCESS)
ret = ISC_FALSE;
else
ret = ISC_TF((nsec3.flags & DNS_NSEC3FLAG_OPTOUT) != 0);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
ret = ISC_TF((nsec3.flags & DNS_NSEC3FLAG_OPTOUT) != 0);
if (dns_rdataset_isassociated(&rdataset))
dns_rdataset_disassociate(&rdataset);
......@@ -650,7 +648,7 @@ verifynsec3(const vctx_t *vctx, dns_name_t *name, dns_rdata_t *rdata,
isc_boolean_t optout;
result = dns_rdata_tostruct(rdata, &nsec3param, NULL);
check_result(result, "dns_rdata_tostruct()");
RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (nsec3param.flags != 0)
return (ISC_R_SUCCESS);
......@@ -774,7 +772,7 @@ verifyset(vctx_t *vctx, dns_rdataset_t *rdataset, dns_name_t *name,
dns_rdataset_current(&sigrdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &sig, NULL);
check_result(result, "dns_rdata_tostruct()");
RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (rdataset->ttl != sig.originalttl) {
dns_name_format(name, namebuf, sizeof(namebuf));
dns_rdatatype_format(rdataset->type, typebuf,
......@@ -1270,7 +1268,7 @@ check_dnskey(vctx_t *vctx) {
result = dns_rdataset_next(&vctx->keyset)) {
dns_rdataset_current(&vctx->keyset, &rdata);
result = dns_rdata_tostruct(&rdata, &dnskey, NULL);
check_result(result, "dns_rdata_tostruct");
RUNTIME_CHECK(result == ISC_R_SUCCESS);
is_ksk = ISC_TF((dnskey.flags & DNS_KEYFLAG_KSK) != 0);
if ((dnskey.flags & DNS_KEYOWNER_ZONE) == 0)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment