diff --git a/cocci/isc_x_tobuffer.spatch b/cocci/isc_x_tobuffer.spatch new file mode 100644 index 0000000000..94cb21a426 --- /dev/null +++ b/cocci/isc_x_tobuffer.spatch @@ -0,0 +1,24 @@ +@@ +expression E1, E2; +@@ +isc_base64_tobuffer +-(E1, E2, -1) ++(E1, E2, isc_zero_or_more) +@@ +expression E1, E2; +@@ +isc_base64_tobuffer +-(E1, E2, -2) ++(E1, E2, isc_one_or_more) +@@ +expression E1, E2; +@@ +isc_hex_tobuffer +-(E1, E2, -1) ++(E1, E2, isc_zero_or_more) +@@ +expression E1, E2; +@@ +isc_hex_tobuffer +-(E1, E2, -2) ++(E1, E2, isc_one_or_more) diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c index 8da342b89a..c4b3098f1b 100644 --- a/lib/dns/dst_parse.c +++ b/lib/dns/dst_parse.c @@ -549,7 +549,7 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, data = isc_mem_get(mctx, MAXFIELDSIZE); isc_buffer_init(&b, data, MAXFIELDSIZE); - CHECK(isc_base64_tobuffer(lex, &b, -1)); + CHECK(isc_base64_tobuffer(lex, &b, isc_zero_or_more)); isc_buffer_usedregion(&b, &r); priv->elements[n].length = r.length; diff --git a/lib/dns/rdata/generic/brid_68.c b/lib/dns/rdata/generic/brid_68.c index 460aa4f00e..cf8b50fba0 100644 --- a/lib/dns/rdata/generic/brid_68.c +++ b/lib/dns/rdata/generic/brid_68.c @@ -28,7 +28,7 @@ fromtext_brid(ARGS_FROMTEXT) { UNUSED(options); UNUSED(callbacks); - return isc_base64_tobuffer(lexer, target, -2); + return isc_base64_tobuffer(lexer, target, isc_one_or_more); } static isc_result_t diff --git a/lib/dns/rdata/generic/cert_37.c b/lib/dns/rdata/generic/cert_37.c index 138c296702..d901f44b63 100644 --- a/lib/dns/rdata/generic/cert_37.c +++ b/lib/dns/rdata/generic/cert_37.c @@ -58,7 +58,7 @@ fromtext_cert(ARGS_FROMTEXT) { RETTOK(dns_secalg_fromtext(&secalg, &token.value.as_textregion)); RETERR(mem_tobuffer(target, &secalg, 1)); - return isc_base64_tobuffer(lexer, target, -2); + return isc_base64_tobuffer(lexer, target, isc_one_or_more); } static isc_result_t diff --git a/lib/dns/rdata/generic/doa_259.c b/lib/dns/rdata/generic/doa_259.c index be926981f1..1398c782b6 100644 --- a/lib/dns/rdata/generic/doa_259.c +++ b/lib/dns/rdata/generic/doa_259.c @@ -67,7 +67,7 @@ fromtext_doa(ARGS_FROMTEXT) { return ISC_R_SUCCESS; } else { isc_lex_ungettoken(lexer, &token); - return isc_base64_tobuffer(lexer, target, -1); + return isc_base64_tobuffer(lexer, target, isc_zero_or_more); } } diff --git a/lib/dns/rdata/generic/hhit_67.c b/lib/dns/rdata/generic/hhit_67.c index 495e2a50fc..44331bcfe0 100644 --- a/lib/dns/rdata/generic/hhit_67.c +++ b/lib/dns/rdata/generic/hhit_67.c @@ -28,7 +28,7 @@ fromtext_hhit(ARGS_FROMTEXT) { UNUSED(options); UNUSED(callbacks); - return isc_base64_tobuffer(lexer, target, -2); + return isc_base64_tobuffer(lexer, target, isc_one_or_more); } static isc_result_t diff --git a/lib/dns/rdata/generic/ipseckey_45.c b/lib/dns/rdata/generic/ipseckey_45.c index 7b43c5111f..c7390891e8 100644 --- a/lib/dns/rdata/generic/ipseckey_45.c +++ b/lib/dns/rdata/generic/ipseckey_45.c @@ -118,7 +118,7 @@ fromtext_ipseckey(ARGS_FROMTEXT) { /* * Public key. */ - return isc_base64_tobuffer(lexer, target, -2); + return isc_base64_tobuffer(lexer, target, isc_one_or_more); } static isc_result_t diff --git a/lib/dns/rdata/generic/key_25.c b/lib/dns/rdata/generic/key_25.c index 503e450c3d..b30a8dae72 100644 --- a/lib/dns/rdata/generic/key_25.c +++ b/lib/dns/rdata/generic/key_25.c @@ -89,7 +89,7 @@ generic_fromtext_key(ARGS_FROMTEXT) { */ used = isc_buffer_usedlength(target); - RETERR(isc_base64_tobuffer(lexer, target, -2)); + RETERR(isc_base64_tobuffer(lexer, target, isc_one_or_more)); if (alg == DNS_KEYALG_PRIVATEDNS || alg == DNS_KEYALG_PRIVATEOID) { isc_buffer_t b; diff --git a/lib/dns/rdata/generic/keydata_65533.c b/lib/dns/rdata/generic/keydata_65533.c index 2a5d78cc23..ee8cf0307a 100644 --- a/lib/dns/rdata/generic/keydata_65533.c +++ b/lib/dns/rdata/generic/keydata_65533.c @@ -83,7 +83,7 @@ fromtext_keydata(ARGS_FROMTEXT) { return ISC_R_SUCCESS; } - return isc_base64_tobuffer(lexer, target, -2); + return isc_base64_tobuffer(lexer, target, isc_one_or_more); } static isc_result_t diff --git a/lib/dns/rdata/generic/openpgpkey_61.c b/lib/dns/rdata/generic/openpgpkey_61.c index 9ccfaeef75..74e3147eca 100644 --- a/lib/dns/rdata/generic/openpgpkey_61.c +++ b/lib/dns/rdata/generic/openpgpkey_61.c @@ -29,7 +29,7 @@ fromtext_openpgpkey(ARGS_FROMTEXT) { /* * Keyring. */ - return isc_base64_tobuffer(lexer, target, -2); + return isc_base64_tobuffer(lexer, target, isc_one_or_more); } static isc_result_t diff --git a/lib/dns/rdata/generic/rrsig_46.c b/lib/dns/rdata/generic/rrsig_46.c index 9a06a4892d..80b6fbc711 100644 --- a/lib/dns/rdata/generic/rrsig_46.c +++ b/lib/dns/rdata/generic/rrsig_46.c @@ -157,7 +157,7 @@ fromtext_rrsig(ARGS_FROMTEXT) { */ used = isc_buffer_usedlength(target); - RETERR(isc_base64_tobuffer(lexer, target, -2)); + RETERR(isc_base64_tobuffer(lexer, target, isc_one_or_more)); if (alg == DNS_KEYALG_PRIVATEDNS || alg == DNS_KEYALG_PRIVATEOID) { isc_buffer_t b; diff --git a/lib/dns/rdata/generic/sig_24.c b/lib/dns/rdata/generic/sig_24.c index fd7487897f..cedf400b7f 100644 --- a/lib/dns/rdata/generic/sig_24.c +++ b/lib/dns/rdata/generic/sig_24.c @@ -121,7 +121,7 @@ fromtext_sig(ARGS_FROMTEXT) { */ used = isc_buffer_usedlength(target); - RETERR(isc_base64_tobuffer(lexer, target, -2)); + RETERR(isc_base64_tobuffer(lexer, target, isc_one_or_more)); if (alg == DNS_KEYALG_PRIVATEDNS || alg == DNS_KEYALG_PRIVATEOID) { isc_buffer_t b; diff --git a/lib/dns/rdata/generic/sink_40.c b/lib/dns/rdata/generic/sink_40.c index 4ce1cf8808..0fb8aa5c07 100644 --- a/lib/dns/rdata/generic/sink_40.c +++ b/lib/dns/rdata/generic/sink_40.c @@ -54,7 +54,7 @@ fromtext_sink(ARGS_FROMTEXT) { } RETERR(uint8_tobuffer(token.value.as_ulong, target)); - return isc_base64_tobuffer(lexer, target, -1); + return isc_base64_tobuffer(lexer, target, isc_zero_or_more); } static isc_result_t diff --git a/lib/dns/rdata/generic/tlsa_52.c b/lib/dns/rdata/generic/tlsa_52.c index cf019ae8e4..8943ea3f8e 100644 --- a/lib/dns/rdata/generic/tlsa_52.c +++ b/lib/dns/rdata/generic/tlsa_52.c @@ -61,7 +61,7 @@ generic_fromtext_tlsa(ARGS_FROMTEXT) { /* * Certificate Association Data. */ - return isc_hex_tobuffer(lexer, target, -2); + return isc_hex_tobuffer(lexer, target, isc_one_or_more); } static isc_result_t diff --git a/lib/dns/rdata/in_1/dhcid_49.c b/lib/dns/rdata/in_1/dhcid_49.c index 6f2b9dfb9f..7486ca86bd 100644 --- a/lib/dns/rdata/in_1/dhcid_49.c +++ b/lib/dns/rdata/in_1/dhcid_49.c @@ -29,7 +29,7 @@ fromtext_in_dhcid(ARGS_FROMTEXT) { UNUSED(options); UNUSED(callbacks); - return isc_base64_tobuffer(lexer, target, -2); + return isc_base64_tobuffer(lexer, target, isc_one_or_more); } static isc_result_t diff --git a/lib/dns/rdata/in_1/eid_31.c b/lib/dns/rdata/in_1/eid_31.c index 0cbad9ae4c..461d770c01 100644 --- a/lib/dns/rdata/in_1/eid_31.c +++ b/lib/dns/rdata/in_1/eid_31.c @@ -29,7 +29,7 @@ fromtext_in_eid(ARGS_FROMTEXT) { UNUSED(rdclass); UNUSED(callbacks); - return isc_hex_tobuffer(lexer, target, -2); + return isc_hex_tobuffer(lexer, target, isc_one_or_more); } static isc_result_t diff --git a/lib/dns/rdata/in_1/nimloc_32.c b/lib/dns/rdata/in_1/nimloc_32.c index 80ce2bd559..7f4c5370f6 100644 --- a/lib/dns/rdata/in_1/nimloc_32.c +++ b/lib/dns/rdata/in_1/nimloc_32.c @@ -29,7 +29,7 @@ fromtext_in_nimloc(ARGS_FROMTEXT) { UNUSED(rdclass); UNUSED(callbacks); - return isc_hex_tobuffer(lexer, target, -2); + return isc_hex_tobuffer(lexer, target, isc_one_or_more); } static isc_result_t diff --git a/lib/isc/base64.c b/lib/isc/base64.c index ba4ee7148f..3b2d19af70 100644 --- a/lib/isc/base64.c +++ b/lib/isc/base64.c @@ -179,7 +179,7 @@ isc_base64_tobuffer(isc_lex_t *lexer, isc_buffer_t *target, int length) { isc_token_t token; bool eol; - REQUIRE(length >= -2); + REQUIRE(length >= isc_one_or_more); base64_decode_init(&ctx, length, target); @@ -207,7 +207,7 @@ isc_base64_tobuffer(isc_lex_t *lexer, isc_buffer_t *target, int length) { isc_lex_ungettoken(lexer, &token); } RETERR(base64_decode_finish(&ctx)); - if (length == -2 && before == after) { + if (length == isc_one_or_more && before == after) { return ISC_R_UNEXPECTEDEND; } return ISC_R_SUCCESS; @@ -217,7 +217,7 @@ isc_result_t isc_base64_decodestring(const char *cstr, isc_buffer_t *target) { base64_decode_ctx_t ctx; - base64_decode_init(&ctx, -1, target); + base64_decode_init(&ctx, isc_zero_or_more, target); for (;;) { int c = *cstr++; if (c == '\0') { diff --git a/lib/isc/hex.c b/lib/isc/hex.c index c46ccf8abe..5b7ee6d63a 100644 --- a/lib/isc/hex.c +++ b/lib/isc/hex.c @@ -138,7 +138,7 @@ isc_hex_tobuffer(isc_lex_t *lexer, isc_buffer_t *target, int length) { isc_token_t token; bool eol; - REQUIRE(length >= -2); + REQUIRE(length >= isc_one_or_more); hex_decode_init(&ctx, length, target); @@ -166,7 +166,7 @@ isc_hex_tobuffer(isc_lex_t *lexer, isc_buffer_t *target, int length) { isc_lex_ungettoken(lexer, &token); } RETERR(hex_decode_finish(&ctx)); - if (length == -2 && before == after) { + if (length == isc_one_or_more && before == after) { return ISC_R_UNEXPECTEDEND; } return ISC_R_SUCCESS; @@ -176,7 +176,7 @@ isc_result_t isc_hex_decodestring(const char *cstr, isc_buffer_t *target) { hex_decode_ctx_t ctx; - hex_decode_init(&ctx, -1, target); + hex_decode_init(&ctx, isc_zero_or_more, target); for (;;) { int c = *cstr++; if (c == '\0') { diff --git a/lib/isc/include/isc/base64.h b/lib/isc/include/isc/base64.h index b1bc0892df..cf0577472e 100644 --- a/lib/isc/include/isc/base64.h +++ b/lib/isc/include/isc/base64.h @@ -75,8 +75,11 @@ isc_base64_tobuffer(isc_lex_t *lexer, isc_buffer_t *target, int length); * `target`. If 'length' is non-negative, it is the expected number of * encoded octets to convert. * - * If 'length' is -1 then 0 or more encoded octets are expected. - * If 'length' is -2 then 1 or more encoded octets are expected. + * If 'length' is isc_zero_or_more then 0 or more encoded octets are + * expected. + * + * If 'length' is isc_one_or_more then 1 or more encoded octets are + * expected. * * Returns: *\li #ISC_R_BADBASE64 -- invalid base64 encoding. diff --git a/lib/isc/include/isc/hex.h b/lib/isc/include/isc/hex.h index 4599bfc893..d15a56dbdd 100644 --- a/lib/isc/include/isc/hex.h +++ b/lib/isc/include/isc/hex.h @@ -88,8 +88,11 @@ isc_hex_tobuffer(isc_lex_t *lexer, isc_buffer_t *target, int length); * `target`. If 'length' is non-negative, it is the expected number of * encoded octets to convert. * - * If 'length' is -1 then 0 or more encoded octets are expected. - * If 'length' is -2 then 1 or more encoded octets are expected. + * If 'length' is isc_zero_or_more then 0 or more encoded octets are + * expected. + * + * If 'length' is isc_one_or_more then 1 or more encoded octets are + * expected. * * Returns: *\li #ISC_R_BADHEX -- invalid hex encoding diff --git a/lib/isc/include/isc/types.h b/lib/isc/include/isc/types.h index 8a74a161aa..3e6baea242 100644 --- a/lib/isc/include/isc/types.h +++ b/lib/isc/include/isc/types.h @@ -86,6 +86,12 @@ typedef struct isc_nm_http_endpoints isc_nm_http_endpoints_t; /*%< HTTP endpoints set */ #endif /* HAVE_LIBNGHTTP2 */ +/*% Used by isc_base64 and isc_hex for expected lower bound */ +enum { + isc_zero_or_more = -1, + isc_one_or_more = -2, +}; + /*% Statistics formats (text file or XML) */ typedef enum { isc_statsformat_file,