From: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Date: Mon, 14 Feb 2022 19:49:40 +0000 (+0100)
Subject: Check return value of DNSCryptoKeyEngine::makeFromPEMString() and
X-Git-Tag: auth-4.7.0-alpha1~1^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F11326%2Fhead;p=thirdparty%2Fpdns.git

Check return value of DNSCryptoKeyEngine::makeFromPEMString() and
do not implement non-implemented features with an empty body.
---

diff --git a/pdns/decafsigners.cc b/pdns/decafsigners.cc
index cce6fd0479..3b348e3c84 100644
--- a/pdns/decafsigners.cc
+++ b/pdns/decafsigners.cc
@@ -26,8 +26,6 @@ public:
   int getBits() const override;
   void fromISCMap(DNSKEYRecordContent& drc, std::map<std::string, std::string>& stormap) override;
   void fromPublicKeyString(const std::string& content) override;
-  void fromPEMString(DNSKEYRecordContent& drc, const std::string& raw) override
-  {}
 
   static std::unique_ptr<DNSCryptoKeyEngine> maker(unsigned int algorithm)
   {
diff --git a/pdns/pdnsutil.cc b/pdns/pdnsutil.cc
index 6b99588d50..37660105ff 100644
--- a/pdns/pdnsutil.cc
+++ b/pdns/pdnsutil.cc
@@ -3296,6 +3296,10 @@ try
     DNSSECPrivateKey dpk;
     DNSKEYRecordContent drc;
     shared_ptr<DNSCryptoKeyEngine> key(DNSCryptoKeyEngine::makeFromPEMString(drc, raw));
+    if (!key) {
+      cerr << "Could not convert key from PEM to internal format" << endl;
+      return 1;
+    }
     dpk.setKey(key);
 
     dpk.d_algorithm = pdns_stou(cmds.at(3));
diff --git a/pdns/sodiumsigners.cc b/pdns/sodiumsigners.cc
index 90ed36fb12..ee142a6c1c 100644
--- a/pdns/sodiumsigners.cc
+++ b/pdns/sodiumsigners.cc
@@ -21,8 +21,6 @@ public:
   int getBits() const override;
   void fromISCMap(DNSKEYRecordContent& drc, std::map<std::string, std::string>& stormap) override;
   void fromPublicKeyString(const std::string& content) override;
-  void fromPEMString(DNSKEYRecordContent& drc, const std::string& raw) override
-  {}
 
   static std::unique_ptr<DNSCryptoKeyEngine> maker(unsigned int algorithm)
   {