diff options
Diffstat (limited to 'lib/isccc/cc.c')
| -rw-r--r-- | lib/isccc/cc.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c index 07f8157b0aa67..69e7f7cee0b7f 100644 --- a/lib/isccc/cc.c +++ b/lib/isccc/cc.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004-2007, 2012 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2007, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -42,6 +42,7 @@ #include <isc/assertions.h> #include <isc/hmacmd5.h> #include <isc/print.h> +#include <isc/safe.h> #include <isc/stdlib.h> #include <isccc/alist.h> @@ -86,7 +87,7 @@ list_towire(isccc_sexpr_t *alist, isccc_region_t *target); static isc_result_t value_towire(isccc_sexpr_t *elt, isccc_region_t *target) { - size_t len; + unsigned int len; unsigned char *lenp; isccc_region_t *vr; isc_result_t result; @@ -116,7 +117,7 @@ value_towire(isccc_sexpr_t *elt, isccc_region_t *target) result = table_towire(elt, target); if (result != ISC_R_SUCCESS) return (result); - len = (size_t)(target->rstart - lenp); + len = (unsigned int)(target->rstart - lenp); /* * 'len' is 4 bytes too big, since it counts * the placeholder length too. Adjust and @@ -140,7 +141,7 @@ value_towire(isccc_sexpr_t *elt, isccc_region_t *target) result = list_towire(elt, target); if (result != ISC_R_SUCCESS) return (result); - len = (size_t)(target->rstart - lenp); + len = (unsigned int)(target->rstart - lenp); /* * 'len' is 4 bytes too big, since it counts * the placeholder length. Adjust and emit. @@ -264,7 +265,8 @@ isccc_cc_towire(isccc_sexpr_t *alist, isccc_region_t *target, if (result != ISC_R_SUCCESS) return (result); if (secret != NULL) - return (sign(signed_rstart, (target->rstart - signed_rstart), + return (sign(signed_rstart, + (unsigned int)(target->rstart - signed_rstart), hmd5_rstart, secret)); return (ISC_R_SUCCESS); } @@ -311,7 +313,8 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, /* * Verify. */ - if (strcmp((char *)digestb64, isccc_sexpr_tostring(hmd5)) != 0) + if (!isc_safe_memcmp((unsigned char *) isccc_sexpr_tostring(hmd5), + digestb64, HMD5_LENGTH)) return (ISCCC_R_BADAUTH); return (ISC_R_SUCCESS); @@ -402,6 +405,7 @@ table_fromwire(isccc_region_t *source, isccc_region_t *secret, if (secret != NULL) { if (checksum_rstart != NULL) result = verify(alist, checksum_rstart, + (unsigned int) (source->rend - checksum_rstart), secret); else |