From: Willem Toorop Date: Fri, 18 May 2012 15:09:22 +0000 (+0000) Subject: Final code reviews X-Git-Tag: release-1.6.13~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1ca255c60b6d0af1d01aa3cf8ba0f4d86e1392b7;p=thirdparty%2Fldns.git Final code reviews - Potential uninitialized variable usage in dnssec.c - Freeing of temporarily allocated ldns_zone in ldns_dnssec_zone_new_frm_fp_l - Clarify defaults for -i and -e options to ldns-verify-zone --- diff --git a/dnssec_zone.c b/dnssec_zone.c index 385ba2b9..1f7274bb 100644 --- a/dnssec_zone.c +++ b/dnssec_zone.c @@ -634,7 +634,7 @@ rr_is_rrsig_covering(ldns_rr* rr, ldns_rr_type t) * function) uses the rbtree mostly for sequentual walking, this results * in a speed increase (of 15% on linux) because we have less CPU-cache misses. */ -#define FASTER_DNSSEC_ZONE_NEW_FRM_FP 1 +#define FASTER_DNSSEC_ZONE_NEW_FRM_FP 1 /* Because of L2 cache efficiency */ ldns_status ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin, @@ -657,7 +657,7 @@ ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin, ldns_status status = LDNS_STATUS_MEM_ERR; #ifdef FASTER_DNSSEC_ZONE_NEW_FRM_FP - ldns_zone* zone; + ldns_zone* zone = NULL; if (ldns_zone_new_frm_fp_l(&zone, fp, origin,ttl, c, line_nr) != LDNS_STATUS_OK) goto error; #else @@ -748,6 +748,11 @@ ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin, return LDNS_STATUS_OK; error: +#ifdef FASTER_DNSSEC_ZONE_NEW_FRM_FP + if (zone) { + ldns_zone_free(zone); + } +#endif if (my_origin) { ldns_rdf_deep_free(my_origin); } diff --git a/drill/dnssec.c b/drill/dnssec.c index de3ccf44..b72ffb95 100644 --- a/drill/dnssec.c +++ b/drill/dnssec.c @@ -353,7 +353,7 @@ ldns_nsec3_closest_encloser(ldns_rdf *qname, ldns_rr_type qtype, ldns_rr_list *n bool exact_match_found; bool in_range_found; - ldns_rdf *zone_name; + ldns_rdf *zone_name = NULL; size_t nsec_i; ldns_rr *nsec; diff --git a/examples/ldns-verify-zone.1 b/examples/ldns-verify-zone.1 index cc93ce75..a4cb767d 100644 --- a/examples/ldns-verify-zone.1 +++ b/examples/ldns-verify-zone.1 @@ -25,10 +25,12 @@ Apex only, check only the zone apex .TP \fB-e\fR \fIperiod\fR Signatures may not expire within this period. +Default no period is used. .TP \fB-i\fR \fIperiod\fR Signatures must have been valid at least this long. +Default signatures should just be valid now. .TP \fB-k\fR \fIfile\fR @@ -67,6 +69,13 @@ Set the verbosity level (default 3): 5: Print the zone after it has been read, the result, any errors, and the names that are being checked +.LP +\fIperiod\fRs are given in ISO 8601 duration format: +.RS +P[n]Y[n]M[n]DT[n]H[n]M[n]S +.RE +.LP +If no file is given standard input is read. .SH AUTHOR Written by the ldns team as an example for ldns usage. diff --git a/examples/ldns-verify-zone.c b/examples/ldns-verify-zone.c index e30907b4..1dd9aaea 100644 --- a/examples/ldns-verify-zone.c +++ b/examples/ldns-verify-zone.c @@ -741,9 +741,12 @@ main(int argc, char **argv) printf("\t-a\t\tapex only, " "check only the zone apex\n"); printf("\t-e \tsignatures may not expire " - "within this period.\n"); + "within this period.\n\t\t\t" + "(default no period is used)\n"); printf("\t-i \tsignatures must have been " - "valid at least this long.\n"); + "valid at least this long.\n\t\t\t" + "(default signatures should just be valid " + "now)\n"); printf("\t-k \tspecify a file that contains a " "trusted DNSKEY or DS rr.\n\t\t\t" "This option may be given more than once.\n");