Commit 0f750c4f authored by Shawn Routhier's avatar Shawn Routhier

[master]

[rt23833]
Clean up a number of items identified by the Coverity
static analysis tool.  Runs courtesy of Red Hat.
parent 881442e2
......@@ -142,6 +142,11 @@ work on other platforms. Please report any problems and suggested fixes to
is only useful when doing load balancing within failover.
[ISC-Bugs #26108]
- Fix a set of issues that were discovered via a code inspection
tool. Thanks to Jiri Popelka and Tomas Hozza Red Hat for the logs
and patches.
[ISC-Bugs #23833]
Changes since 4.2.3
! Add a check for a null pointer before calling the regexec function.
......
......@@ -214,8 +214,10 @@ dhcpv6_client_assignments(void)
memset(&DHCPv6DestAddr, 0, sizeof(DHCPv6DestAddr));
DHCPv6DestAddr.sin6_family = AF_INET6;
DHCPv6DestAddr.sin6_port = remote_port;
inet_pton(AF_INET6, All_DHCP_Relay_Agents_and_Servers,
&DHCPv6DestAddr.sin6_addr);
if (inet_pton(AF_INET6, All_DHCP_Relay_Agents_and_Servers,
&DHCPv6DestAddr.sin6_addr) <= 0) {
log_fatal("Bad address %s", All_DHCP_Relay_Agents_and_Servers);
}
code = D6O_CLIENTID;
if (!option_code_hash_lookup(&clientid_option,
......@@ -656,7 +658,8 @@ dhc6_leaseify(struct packet *packet)
* not sure based on what additional keys now).
*/
oc = lookup_option(&dhcpv6_universe, packet->options, D6O_SERVERID);
if (!evaluate_option_cache(&lease->server_id, packet, NULL, NULL,
if ((oc == NULL) ||
!evaluate_option_cache(&lease->server_id, packet, NULL, NULL,
lease->options, NULL, &global_scope,
oc, MDL) ||
lease->server_id.len == 0) {
......
......@@ -3,7 +3,8 @@
Memory allocation... */
/*
* Copyright (c) 2004-2007,2009 by Internet Systems Consortium, Inc. ("ISC")
* Copyright (c) 2009,2012 by Internet Systems Consortium, Inc. ("ISC")
* Copyright (c) 2004-2007 by Internet Systems Consortium, Inc. ("ISC")
* Copyright (c) 1996-2003 by Internet Software Consortium
*
* Permission to use, copy, modify, and distribute this software for any
......@@ -831,11 +832,11 @@ int dns_host_entry_dereference (ptr, file, line)
#endif
}
(*ptr) -> refcnt--;
rc_register (file, line, ptr, *ptr, (*ptr) -> refcnt, 1, RC_MISC);
if (!(*ptr) -> refcnt)
(*ptr)->refcnt--;
rc_register (file, line, ptr, *ptr, (*ptr)->refcnt, 1, RC_MISC);
if ((*ptr)->refcnt == 0) {
dfree ((*ptr), file, line);
if ((*ptr) -> refcnt < 0) {
} else if ((*ptr)->refcnt < 0) {
log_error ("%s(%d): negative refcnt!", file, line);
#if defined (DEBUG_RC_HISTORY)
dump_rc_history (*ptr);
......
......@@ -692,7 +692,6 @@ isc_result_t dhcp_subnet_signal_handler (omapi_object_t *h,
/* In this function h should be a (struct subnet *) */
isc_result_t status;
int updatep = 0;
if (h -> type != dhcp_type_subnet)
return DHCP_R_INVALIDARG;
......@@ -706,8 +705,7 @@ isc_result_t dhcp_subnet_signal_handler (omapi_object_t *h,
if (status == ISC_R_SUCCESS)
return status;
}
if (updatep)
return ISC_R_SUCCESS;
return ISC_R_NOTFOUND;
}
......@@ -861,7 +859,6 @@ isc_result_t dhcp_shared_network_signal_handler (omapi_object_t *h,
/* In this function h should be a (struct shared_network *) */
isc_result_t status;
int updatep = 0;
if (h -> type != dhcp_type_shared_network)
return DHCP_R_INVALIDARG;
......@@ -875,8 +872,7 @@ isc_result_t dhcp_shared_network_signal_handler (omapi_object_t *h,
if (status == ISC_R_SUCCESS)
return status;
}
if (updatep)
return ISC_R_SUCCESS;
return ISC_R_NOTFOUND;
}
......
......@@ -4,7 +4,8 @@
Support Services in Vancouver, B.C. */
/*
* Copyright (c) 2004,2007,2009 by Internet Systems Consortium, Inc. ("ISC")
* Copyright (c) 2009,2012 by Internet Systems Consortium, Inc. ("ISC")
* Copyright (c) 2004,2007 by Internet Systems Consortium, Inc. ("ISC")
* Copyright (c) 1996-2003 by Internet Software Consortium
*
* Permission to use, copy, modify, and distribute this software for any
......@@ -463,9 +464,9 @@ get_hw_addr(const char *name, struct hardware *hw) {
memcpy(&hw->hbuf[1], sa->sa_data, 6);
break;
case ARPHRD_FDDI:
hw->hlen = 17;
hw->hlen = 7;
hw->hbuf[0] = HTYPE_FDDI;
memcpy(&hw->hbuf[1], sa->sa_data, 16);
memcpy(&hw->hbuf[1], sa->sa_data, 6);
break;
default:
log_fatal("Unsupported device type %ld for \"%s\"",
......
......@@ -258,9 +258,14 @@ int parse_option_buffer (options, buffer, length, universe)
option_cache_reference(&op->next, nop, MDL);
option_cache_dereference(&nop, MDL);
} else {
save_option_buffer(universe, options, bp,
bp->data + offset, len,
code, 1);
if (save_option_buffer(universe, options, bp,
bp->data + offset, len,
code, 1) == 0) {
log_error("parse_option_buffer: "
"save_option_buffer failed");
buffer_dereference(&bp, MDL);
return 0;
}
}
}
option_dereference(&option, MDL);
......@@ -517,6 +522,8 @@ int fqdn_universe_decode (struct option_state *options,
* Load all options into a buffer, and then split them out into the three
* separate fields in the dhcp packet (options, file, and sname) where
* options can be stored.
*
* returns 0 on error, length of packet on success
*/
int
cons_options(struct packet *inpacket, struct dhcp_packet *outpacket,
......@@ -553,10 +560,10 @@ cons_options(struct packet *inpacket, struct dhcp_packet *outpacket,
if (inpacket &&
(op = lookup_option(&dhcp_universe, inpacket->options,
DHO_DHCP_MAX_MESSAGE_SIZE))) {
evaluate_option_cache(&ds, inpacket,
lease, client_state, in_options,
cfg_options, scope, op, MDL);
DHO_DHCP_MAX_MESSAGE_SIZE)) &&
(evaluate_option_cache(&ds, inpacket, lease,
client_state, in_options,
cfg_options, scope, op, MDL) != 0)) {
if (ds.len >= sizeof (u_int16_t)) {
i = getUShort(ds.data);
if(!mms || (i < mms))
......@@ -679,7 +686,7 @@ cons_options(struct packet *inpacket, struct dhcp_packet *outpacket,
* in the packet if there is space. Note that the option
* may only be included if the client supplied one.
*/
if ((priority_len < PRIORITY_COUNT) &&
if ((inpacket != NULL) && (priority_len < PRIORITY_COUNT) &&
(lookup_option(&fqdn_universe, inpacket->options,
FQDN_ENCODED) != NULL))
priority_list[priority_len++] = DHO_FQDN;
......@@ -695,7 +702,7 @@ cons_options(struct packet *inpacket, struct dhcp_packet *outpacket,
* DHCPINFORM or DHCPLEASEQUERY responses (if the client
* didn't request it).
*/
if ((priority_len < PRIORITY_COUNT) &&
if ((inpacket != NULL) && (priority_len < PRIORITY_COUNT) &&
((inpacket->packet_type == DHCPDISCOVER) ||
(inpacket->packet_type == DHCPREQUEST)))
priority_list[priority_len++] = DHO_SUBNET_MASK;
......@@ -1266,11 +1273,12 @@ store_options(int *ocount,
cfg_options,
vendor_cfg_option -> code);
if (tmp)
evaluate_option_cache (&name, packet, lease,
client_state,
in_options,
cfg_options,
scope, tmp, MDL);
/* No need to check the return as we check name.len below */
(void) evaluate_option_cache (&name, packet, lease,
client_state,
in_options,
cfg_options,
scope, tmp, MDL);
} else if (vuname) {
name.data = (unsigned char *)s;
name.len = strlen (s);
......@@ -1308,9 +1316,10 @@ store_options(int *ocount,
/* Find the value of the option... */
od.len = 0;
if (oc) {
evaluate_option_cache (&od, packet,
lease, client_state, in_options,
cfg_options, scope, oc, MDL);
/* No need to check the return as we check od.len below */
(void) evaluate_option_cache (&od, packet,
lease, client_state, in_options,
cfg_options, scope, oc, MDL);
/* If we have encapsulation for this option, and an oc
* lookup succeeded, but the evaluation failed, it is
......@@ -3143,9 +3152,11 @@ int fqdn_option_space_encapsulate (result, packet, lease, client_state,
struct option_cache *oc = (struct option_cache *)(ocp -> car);
if (oc -> option -> code > FQDN_SUBOPTION_COUNT)
continue;
evaluate_option_cache (&results [oc -> option -> code],
packet, lease, client_state, in_options,
cfg_options, scope, oc, MDL);
/* No need to check the return code, we check the length later */
(void) evaluate_option_cache (&results[oc->option->code],
packet, lease, client_state,
in_options, cfg_options, scope,
oc, MDL);
}
/* We add a byte for the flags field.
* We add two bytes for the two RCODE fields.
......@@ -3310,10 +3321,10 @@ fqdn6_option_space_encapsulate(struct data_string *result,
oc = (struct option_cache *)(ocp->car);
if (oc->option->code > FQDN_SUBOPTION_COUNT)
log_fatal("Impossible condition at %s:%d.", MDL);
evaluate_option_cache(&results[oc->option->code], packet,
lease, client_state, in_options,
cfg_options, scope, oc, MDL);
/* No need to check the return code, we check the length later */
(void) evaluate_option_cache(&results[oc->option->code], packet,
lease, client_state, in_options,
cfg_options, scope, oc, MDL);
}
/* We add a byte for the flags field at the start of the option.
......
......@@ -675,7 +675,23 @@ void parse_lease_time (cfile, timep)
the token specified in separator. If max is zero, any number of
numbers will be parsed; otherwise, exactly max numbers are
expected. Base and size tell us how to internalize the numbers
once they've been tokenized. */
once they've been tokenized.
buf - A pointer to space to return the parsed value, if it is null
then the function will allocate space for the return.
max - The maximum number of items to store. If zero there is no
maximum. When buf is null and the function needs to allocate space
it will do an allocation of max size at the beginning if max is non
zero. If max is zero then the allocation will be done later, after
the function has determined the size necessary for the incoming
string.
returns NULL on errors or a pointer to the value string on success.
The pointer will either be buf if it was non-NULL or newly allocated
space if buf was NULL
*/
unsigned char *parse_numeric_aggregate (cfile, buf,
max, separator, base, size)
......@@ -696,9 +712,8 @@ unsigned char *parse_numeric_aggregate (cfile, buf,
bufp = (unsigned char *)dmalloc (*max * size / 8, MDL);
if (!bufp)
log_fatal ("no space for numeric aggregate");
s = 0;
} else
s = bufp;
}
s = bufp;
do {
if (count) {
......@@ -713,6 +728,9 @@ unsigned char *parse_numeric_aggregate (cfile, buf,
parse_warn (cfile, "too few numbers.");
if (token != SEMI)
skip_to_semi (cfile);
/* free bufp if it was allocated */
if ((bufp != NULL) && (bufp != buf))
dfree(bufp, MDL);
return (unsigned char *)0;
}
token = next_token (&val, (unsigned *)0, cfile);
......@@ -729,7 +747,17 @@ unsigned char *parse_numeric_aggregate (cfile, buf,
(base != 16 || token != NUMBER_OR_NAME)) {
parse_warn (cfile, "expecting numeric value.");
skip_to_semi (cfile);
return (unsigned char *)0;
/* free bufp if it was allocated */
if ((bufp != NULL) && (bufp != buf))
dfree(bufp, MDL);
/* free any linked numbers we may have allocated */
while (c) {
pair cdr = c->cdr;
dfree(c->car, MDL);
dfree(c, MDL);
c = cdr;
}
return (NULL);
}
/* If we can, convert the number now; otherwise, build
a linked list of all the numbers. */
......@@ -747,6 +775,10 @@ unsigned char *parse_numeric_aggregate (cfile, buf,
/* If we had to cons up a list, convert it now. */
if (c) {
/*
* No need to cleanup bufp, to get here we didn't allocate
* bufp above
*/
bufp = (unsigned char *)dmalloc (count * size / 8, MDL);
if (!bufp)
log_fatal ("no space for numeric aggregate.");
......@@ -1870,7 +1902,7 @@ int parse_base64 (data, cfile)
parse_warn (cfile, "can't allocate buffer for base64 data.");
data -> len = 0;
data -> data = (unsigned char *)0;
return 0;
goto out;
}
j = k = 0;
......@@ -5258,6 +5290,8 @@ int parse_option_token (rv, cfile, fmt, expr, uniform, lookups)
return 0;
}
*fmt = g;
/* FALL THROUGH */
/* to get string value for the option */
case 'X':
token = peek_token (&val, (unsigned *)0, cfile);
if (token == NUMBER_OR_NAME || token == NUMBER) {
......@@ -5549,6 +5583,8 @@ int parse_option_decl (oc, cfile)
"encapsulation format");
goto parse_exit;
}
/* FALL THROUGH */
/* to get string value for the option */
case 'X':
len = parse_X (cfile, &hunkbuf [hunkix],
sizeof hunkbuf - hunkix);
......@@ -5760,8 +5796,6 @@ int parse_option_decl (oc, cfile)
bp = (struct buffer *)0;
if (!buffer_allocate (&bp, hunkix + nul_term, MDL))
log_fatal ("no memory to store option declaration.");
if (!bp -> data)
log_fatal ("out of memory allocating option data.");
memcpy (bp -> data, hunkbuf, hunkix + nul_term);
if (!option_cache_allocate (oc, MDL))
......
......@@ -1134,6 +1134,7 @@ static unsigned print_subexpression (expr, buf, len)
buf [rv] = 0;
return rv;
}
break;
case expr_gethostname:
if (len > 13) {
......@@ -1245,7 +1246,12 @@ int token_print_indent (FILE *file, int col, int indent,
const char *prefix,
const char *suffix, const char *buf)
{
int len = strlen (buf) + strlen (prefix);
int len = 0;
if (prefix != NULL)
len = strlen (prefix);
if (buf != NULL)
len += strlen (buf);
if (col + len > 79) {
if (indent + len < 79) {
indent_spaces (file, indent);
......@@ -1258,8 +1264,10 @@ int token_print_indent (FILE *file, int col, int indent,
fputs (prefix, file);
col += strlen (prefix);
}
fputs (buf, file);
col += len;
if ((buf != NULL) && (*buf != 0)) {
fputs (buf, file);
col += strlen(buf);
}
if (suffix && *suffix) {
if (col + strlen (suffix) > 79) {
indent_spaces (file, indent);
......
......@@ -2902,10 +2902,17 @@ int evaluate_numeric_expression (result, packet, lease, client_state,
return 0;
}
/* Return data hanging off of an option cache structure, or if there
isn't any, evaluate the expression hanging off of it and return the
result of that evaluation. There should never be both an expression
and a valid data_string. */
/*
* Return data hanging off of an option cache structure, or if there
* isn't any, evaluate the expression hanging off of it and return the
* result of that evaluation. There should never be both an expression
* and a valid data_string.
*
* returns 0 if there wasn't an expression or it couldn't be evaluated
* returns non-zero if there was an expression or string that was evaluated
* When it returns zero the arguements, in particualr resutl, should not
* be modified
*/
int evaluate_option_cache (result, packet, lease, client_state,
in_options, cfg_options, scope, oc, file, line)
......@@ -3613,6 +3620,7 @@ int write_expression (file, expr, col, indent, firstp)
col = write_expression (file, expr -> data.suffix.len,
col, scol, 0);
col = token_print_indent (file, col, indent, "", "", ")");
break;
case expr_lcase:
col = token_print_indent(file, col, indent, "", "", "lcase");
......@@ -4148,19 +4156,10 @@ int fundef_dereference (ptr, file, line)
const char *file;
int line;
{
struct fundef *bp = *ptr;
struct fundef *bp;
struct string_list *sp, *next;
if (!ptr) {
log_error ("%s(%d): null pointer", file, line);
#if defined (POINTER_DEBUG)
abort ();
#else
return 0;
#endif
}
if (!bp) {
if ((ptr == NULL) || (*ptr == NULL)) {
log_error ("%s(%d): null pointer", file, line);
#if defined (POINTER_DEBUG)
abort ();
......@@ -4169,6 +4168,7 @@ int fundef_dereference (ptr, file, line)
#endif
}
bp = *ptr;
bp -> refcnt--;
rc_register (file, line, ptr, bp, bp -> refcnt, 1, RC_MISC);
if (bp -> refcnt < 0) {
......@@ -4440,11 +4440,11 @@ int find_bound_string (struct data_string *value,
if (binding -> value -> value.data.terminated) {
data_string_copy (value, &binding -> value -> value.data, MDL);
} else {
buffer_allocate (&value -> buffer,
binding -> value -> value.data.len,
MDL);
if (!value -> buffer)
if (buffer_allocate (&value->buffer,
binding->value->value.data.len,
MDL) == 0) {
return 0;
}
memcpy (value -> buffer -> data,
binding -> value -> value.data.data,
......
......@@ -349,7 +349,7 @@ dst_read_key(const char *in_keyname, const unsigned in_id,
EREPORT(("dst_read_private_key(): Null key name passed in\n"));
return (NULL);
} else
strcpy(keyname, in_keyname);
strncpy(keyname, in_keyname, PATH_MAX);
/* before I read in the public key, check if it is allowed to sign */
if ((pubkey = dst_s_read_public_key(keyname, in_id, in_alg)) == NULL)
......@@ -443,6 +443,7 @@ dst_s_write_private_key(const DST_KEY *key)
if ((nn = fwrite(encoded_block, 1, len, fp)) != len) {
EREPORT(("dst_write_private_key(): Write failure on %s %d != %d errno=%d\n",
file, out_len, nn, errno));
fclose(fp);
return (-5);
}
fclose(fp);
......@@ -663,7 +664,7 @@ dst_dnskey_to_key(const char *in_name,
int alg ;
int start = DST_KEY_START;
if (rdata == NULL || len <= DST_KEY_ALG) /* no data */
if (in_name == NULL || rdata == NULL || len <= DST_KEY_ALG) /* no data */
return (NULL);
alg = (u_int8_t) rdata[DST_KEY_ALG];
if (!dst_check_algorithm(alg)) { /* make sure alg is available */
......@@ -674,8 +675,6 @@ dst_dnskey_to_key(const char *in_name,
if ((key_st = dst_s_get_key_struct(in_name, alg, 0, 0, 0)) == NULL)
return (NULL);
if (in_name == NULL)
return (NULL);
key_st->dk_flags = dst_s_get_int16(rdata);
key_st->dk_proto = (u_int16_t) rdata[DST_KEY_PROT];
if (key_st->dk_flags & DST_EXTEND_FLAG) {
......@@ -795,10 +794,12 @@ dst_buffer_to_key(const char *key_name, /* name of the key */
dkey->dk_func->from_dns_key != NULL) {
if (dkey->dk_func->from_dns_key(dkey, key_buf, key_len) < 0) {
EREPORT(("dst_buffer_to_key(): dst_buffer_to_hmac failed\n"));
return (dst_free_key(dkey));
(void) (dst_free_key(dkey));
return (NULL);
}
return (dkey);
}
(void) (dst_free_key(dkey));
return (NULL);
}
......@@ -1012,11 +1013,9 @@ dst_free_key(DST_KEY *f_key)
else {
EREPORT(("dst_free_key(): Unknown key alg %d\n",
f_key->dk_alg));
free(f_key->dk_KEY_struct); /* SHOULD NOT happen */
}
if (f_key->dk_KEY_struct) {
free(f_key->dk_KEY_struct);
f_key->dk_KEY_struct = NULL;
SAFE_FREE(f_key->dk_KEY_struct);
}
if (f_key->dk_key_name)
SAFE_FREE(f_key->dk_key_name);
......
......@@ -4,6 +4,7 @@ static const char rcsid[] = "$Header: /tmp/cvstest/DHCP/dst/dst_support.c,v 1.7
/*
* Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc.
* Portions Copyright (c) 2007,2009 by Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (c) 2012 by Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
......@@ -58,6 +59,7 @@ dst_s_conv_bignum_u8_to_b64(char *out_buf, const unsigned out_len,
{
const u_char *bp = bin_data;
char *op = out_buf;
int res = 0;
unsigned lenh = 0, len64 = 0;
unsigned local_in_len = bin_len;
unsigned local_out_len = out_len;
......@@ -81,9 +83,10 @@ dst_s_conv_bignum_u8_to_b64(char *out_buf, const unsigned out_len,
local_out_len -= lenh;
op += lenh;
}
len64 = b64_ntop(bp, local_in_len, op, local_out_len - 2);
if (len64 < 0)
res = b64_ntop(bp, local_in_len, op, local_out_len - 2);
if (res < 0)
return (-1);
len64 = (unsigned) res;
op += len64++;
*(op++) = '\n'; /* put CR in the output */
*op = '\0'; /* make sure output is 0 terminated */
......@@ -150,6 +153,7 @@ dst_s_conv_bignum_b64_to_u8(const char **buf,
unsigned blen;
char *bp;
u_char bstr[RAW_KEY_SIZE];
int res = 0;
if (buf == NULL || *buf == NULL) { /* error checks */
EREPORT(("dst_s_conv_bignum_b64_to_u8: null input buffer.\n"));
......@@ -159,12 +163,13 @@ dst_s_conv_bignum_b64_to_u8(const char **buf,
if (bp != NULL)
*bp = '\0';
blen = b64_pton(*buf, bstr, sizeof(bstr));
if (blen <= 0) {
res = b64_pton(*buf, bstr, sizeof(bstr));
if (res <= 0) {
EREPORT(("dst_s_conv_bignum_b64_to_u8: decoded value is null.\n"));
return (0);
}
else if (loclen < blen) {
blen = (unsigned) res;
if (loclen < blen) {
EREPORT(("dst_s_conv_bignum_b64_to_u8: decoded value is longer than output buffer.\n"));
return (0);
}
......@@ -429,7 +434,7 @@ dst_s_fopen(const char *filename, const char *mode, unsigned perm)
unsigned plen = sizeof(pathname);
if (*dst_path != '\0') {
strcpy(pathname, dst_path);
strncpy(pathname, dst_path, PATH_MAX);
plen -= strlen(pathname);
}
else
......
......@@ -5,6 +5,7 @@ static const char rcsid[] = "$Header: /tmp/cvstest/DHCP/dst/hmac_link.c,v 1.6 20
/*
* Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc.
* Portions Copyright (c) 2007,2009 by Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (c) 2012 by Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
......@@ -87,6 +88,10 @@ dst_hmac_md5_sign(const int mode, DST_KEY *d_key, void **context,
int sign_len = 0;
MD5_CTX *ctx = NULL;
if (d_key == NULL || d_key->dk_KEY_struct == NULL)
return (-1);
key = (HMAC_Key *) d_key->dk_KEY_struct;
if (mode & SIG_MODE_INIT)
ctx = (MD5_CTX *) malloc(sizeof(*ctx));
else if (context)
......@@ -94,10 +99,6 @@ dst_hmac_md5_sign(const int mode, DST_KEY *d_key, void **context,
if (ctx == NULL)
return (-1);
if (d_key == NULL || d_key->dk_KEY_struct == NULL)
return (-1);
key = (HMAC_Key *) d_key->dk_KEY_struct;
if (mode & SIG_MODE_INIT) {
MD5Init(ctx);
MD5Update(ctx, key->hk_ipad, HMAC_LEN);
......@@ -154,6 +155,10 @@ dst_hmac_md5_verify(const int mode, DST_KEY *d_key, void **context,
HMAC_Key *key;
MD5_CTX *ctx = NULL;
if (d_key == NULL || d_key->dk_KEY_struct == NULL)
return (-1);
key = (HMAC_Key *) d_key->dk_KEY_struct;
if (mode & SIG_MODE_INIT)
ctx = (MD5_CTX *) malloc(sizeof(*ctx));
else if (context)
......@@ -161,10 +166,6 @@ dst_hmac_md5_verify(const int mode, DST_KEY *d_key, void **context,
if (ctx == NULL)
return (-1);