diff options
| author | Erwin Lansing <erwin@FreeBSD.org> | 2014-02-24 13:57:07 +0000 |
|---|---|---|
| committer | Erwin Lansing <erwin@FreeBSD.org> | 2014-02-24 13:57:07 +0000 |
| commit | e83d3091807de4060c0f7654609c0ba97c607698 (patch) | |
| tree | 34b1e1c094bea6410885fbd65ce50ada5dc33cdf /lib/dns/hmac_link.c | |
| parent | 2f7409b5f669dbe3c0a8e58d8f526cb6ac4f64e1 (diff) | |
Notes
Diffstat (limited to 'lib/dns/hmac_link.c')
| -rw-r--r-- | lib/dns/hmac_link.c | 45 |
1 files changed, 20 insertions, 25 deletions
diff --git a/lib/dns/hmac_link.c b/lib/dns/hmac_link.c index bc0e9a04ed07..a40a131d36df 100644 --- a/lib/dns/hmac_link.c +++ b/lib/dns/hmac_link.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2011, 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -42,6 +42,7 @@ #include <isc/md5.h> #include <isc/sha1.h> #include <isc/mem.h> +#include <isc/safe.h> #include <isc/string.h> #include <isc/util.h> @@ -138,7 +139,7 @@ hmacmd5_compare(const dst_key_t *key1, const dst_key_t *key2) { else if (hkey1 == NULL || hkey2 == NULL) return (ISC_FALSE); - if (memcmp(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH) == 0) + if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH)) return (ISC_TRUE); else return (ISC_FALSE); @@ -227,9 +228,8 @@ hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_md5_update(&md5ctx, r.base, r.length); isc_md5_final(&md5ctx, hkey->key); keylen = ISC_MD5_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); + } else { + memmove(hkey->key, r.base, r.length); keylen = r.length; } @@ -414,7 +414,7 @@ hmacsha1_compare(const dst_key_t *key1, const dst_key_t *key2) { else if (hkey1 == NULL || hkey2 == NULL) return (ISC_FALSE); - if (memcmp(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH) == 0) + if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH)) return (ISC_TRUE); else return (ISC_FALSE); @@ -503,9 +503,8 @@ hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_sha1_update(&sha1ctx, r.base, r.length); isc_sha1_final(&sha1ctx, hkey->key); keylen = ISC_SHA1_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); + } else { + memmove(hkey->key, r.base, r.length); keylen = r.length; } @@ -690,7 +689,7 @@ hmacsha224_compare(const dst_key_t *key1, const dst_key_t *key2) { else if (hkey1 == NULL || hkey2 == NULL) return (ISC_FALSE); - if (memcmp(hkey1->key, hkey2->key, ISC_SHA224_BLOCK_LENGTH) == 0) + if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA224_BLOCK_LENGTH)) return (ISC_TRUE); else return (ISC_FALSE); @@ -781,9 +780,8 @@ hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_sha224_update(&sha224ctx, r.base, r.length); isc_sha224_final(hkey->key, &sha224ctx); keylen = ISC_SHA224_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); + } else { + memmove(hkey->key, r.base, r.length); keylen = r.length; } @@ -968,7 +966,7 @@ hmacsha256_compare(const dst_key_t *key1, const dst_key_t *key2) { else if (hkey1 == NULL || hkey2 == NULL) return (ISC_FALSE); - if (memcmp(hkey1->key, hkey2->key, ISC_SHA256_BLOCK_LENGTH) == 0) + if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA256_BLOCK_LENGTH)) return (ISC_TRUE); else return (ISC_FALSE); @@ -1059,9 +1057,8 @@ hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_sha256_update(&sha256ctx, r.base, r.length); isc_sha256_final(hkey->key, &sha256ctx); keylen = ISC_SHA256_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); + } else { + memmove(hkey->key, r.base, r.length); keylen = r.length; } @@ -1246,7 +1243,7 @@ hmacsha384_compare(const dst_key_t *key1, const dst_key_t *key2) { else if (hkey1 == NULL || hkey2 == NULL) return (ISC_FALSE); - if (memcmp(hkey1->key, hkey2->key, ISC_SHA384_BLOCK_LENGTH) == 0) + if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA384_BLOCK_LENGTH)) return (ISC_TRUE); else return (ISC_FALSE); @@ -1337,9 +1334,8 @@ hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_sha384_update(&sha384ctx, r.base, r.length); isc_sha384_final(hkey->key, &sha384ctx); keylen = ISC_SHA384_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); + } else { + memmove(hkey->key, r.base, r.length); keylen = r.length; } @@ -1524,7 +1520,7 @@ hmacsha512_compare(const dst_key_t *key1, const dst_key_t *key2) { else if (hkey1 == NULL || hkey2 == NULL) return (ISC_FALSE); - if (memcmp(hkey1->key, hkey2->key, ISC_SHA512_BLOCK_LENGTH) == 0) + if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA512_BLOCK_LENGTH)) return (ISC_TRUE); else return (ISC_FALSE); @@ -1615,9 +1611,8 @@ hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_sha512_update(&sha512ctx, r.base, r.length); isc_sha512_final(hkey->key, &sha512ctx); keylen = ISC_SHA512_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); + } else { + memmove(hkey->key, r.base, r.length); keylen = r.length; } |