From 7a0a2fc3e4e3bb9c5869fe0953d97f6019fb0967 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Mon, 13 Mar 2023 13:48:20 +1100 Subject: [PATCH 1/2] Add ISC_FORMAT_PRINTF to report's declaration dns_dnssec_updatekeys's 'report' could be called with invalid arguments which the compiler should be be able to detect. --- lib/dns/dnssec.c | 11 +++++++---- lib/dns/include/dns/dnssec.h | 3 ++- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index a258642137..cddb9daa3b 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -1885,7 +1885,8 @@ failure: static isc_result_t publish_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, - dns_ttl_t ttl, isc_mem_t *mctx, void (*report)(const char *, ...)) { + dns_ttl_t ttl, isc_mem_t *mctx, + void (*report)(const char *, ...) ISC_FORMAT_PRINTF(1, 2)) { isc_result_t result; unsigned char buf[DST_KEY_MAXSIZE]; char keystr[DST_KEY_FORMATSIZE]; @@ -1902,7 +1903,8 @@ publish_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, if (key->prepublish && ttl > key->prepublish) { isc_stdtime_t now; - report("Key %s: Delaying activation to match the DNSKEY TTL.", + report("Key %s: Delaying activation to match the DNSKEY TTL " + "(%u).", keystr, ttl); isc_stdtime_get(&now); @@ -1919,7 +1921,7 @@ failure: static isc_result_t remove_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, dns_ttl_t ttl, isc_mem_t *mctx, const char *reason, - void (*report)(const char *, ...)) { + void (*report)(const char *, ...) ISC_FORMAT_PRINTF(1, 2)) { isc_result_t result; unsigned char buf[DST_KEY_MAXSIZE]; dns_rdata_t dnskey = DNS_RDATA_INIT; @@ -2244,7 +2246,8 @@ isc_result_t dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, dns_dnsseckeylist_t *removed, const dns_name_t *origin, dns_ttl_t hint_ttl, dns_diff_t *diff, isc_mem_t *mctx, - void (*report)(const char *, ...)) { + void (*report)(const char *, ...) + ISC_FORMAT_PRINTF(1, 2)) { isc_result_t result; dns_dnsseckey_t *key, *key1, *key2, *next; bool found_ttl = false; diff --git a/lib/dns/include/dns/dnssec.h b/lib/dns/include/dns/dnssec.h index 1e9e576564..eb754bf459 100644 --- a/lib/dns/include/dns/dnssec.h +++ b/lib/dns/include/dns/dnssec.h @@ -322,7 +322,8 @@ isc_result_t dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, dns_dnsseckeylist_t *removed, const dns_name_t *origin, dns_ttl_t hint_ttl, dns_diff_t *diff, isc_mem_t *mctx, - void (*report)(const char *, ...)); + void (*report)(const char *, ...) + ISC_FORMAT_PRINTF(1, 2)); /*%< * Update the list of keys in 'keys' with new key information in 'newkeys'. * From 9f161544fd1a6e3415bfb8be3095623592691e03 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Mon, 13 Mar 2023 13:56:42 +1100 Subject: [PATCH 2/2] Report key name when removing it --- lib/dns/dnssec.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index cddb9daa3b..57453fa6cf 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -1926,9 +1926,11 @@ remove_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, unsigned char buf[DST_KEY_MAXSIZE]; dns_rdata_t dnskey = DNS_RDATA_INIT; char alg[80]; + char namebuf[DNS_NAME_FORMATSIZE]; dns_secalg_format(dst_key_alg(key->key), alg, sizeof(alg)); - report("Removing %s key %d/%s from DNSKEY RRset.", reason, + dns_name_format(dst_key_name(key->key), namebuf, sizeof(namebuf)); + report("Removing %s key %s/%d/%s from DNSKEY RRset.", reason, namebuf, dst_key_id(key->key), alg); RETERR(make_dnskey(key->key, buf, sizeof(buf), &dnskey));