From: Andreas Gustafsson <source@isc.org>
Date: Thu, 14 Jun 2001 13:56:40 +0000 (+0000)
Subject: pullup:
X-Git-Tag: v9.1.3rc2~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=80d1d675f36daf5733f840bba68a5c84c10fa0f4;p=thirdparty%2Fbind9.git

pullup:
Signing with a large key didn't work since the static output buffer was too
small; use a dynamic buffer instead.  Also, comment a section
---

diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c
index b2a4c1b3dd9..9e7c2ece319 100644
--- a/lib/dns/dnssec.c
+++ b/lib/dns/dnssec.c
@@ -16,7 +16,7 @@
  */
 
 /*
- * $Id: dnssec.c,v 1.56.2.6 2001/06/08 19:38:57 bwelling Exp $
+ * $Id: dnssec.c,v 1.56.2.7 2001/06/14 13:56:40 gson Exp $
  */
 
 
@@ -168,11 +168,12 @@ dns_dnssec_sign(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key,
 	dns_rdata_t tmpsigrdata;
 	dns_rdata_t *rdatas;
 	int nrdatas, i;
-	isc_buffer_t b, sigbuf, envbuf;
+	isc_buffer_t sigbuf, envbuf;
 	isc_region_t r;
 	dst_context_t *ctx = NULL;
 	isc_result_t ret;
-	unsigned char data[300];
+	isc_buffer_t *databuf = NULL;
+	char data[256 + 8];
 	isc_uint32_t flags;
 	unsigned int sigsize;
 	dns_fixedname_t fnewname;
@@ -219,20 +220,27 @@ dns_dnssec_sign(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key,
 	if (ret != ISC_R_SUCCESS)
 		return (ret);
 	sig.siglen = sigsize;
+	/*
+	 * The actual contents of sig.signature are not important yet, since
+	 * they're not used in digest_sig().
+	 */
 	sig.signature = isc_mem_get(mctx, sig.siglen);
 	if (sig.signature == NULL)
 		return (ISC_R_NOMEMORY);
 
-	isc_buffer_init(&b, data, sizeof(data));
+	ret = isc_buffer_allocate(mctx, &databuf, sigsize + 256 + 18);
+	if (ret != ISC_R_SUCCESS)
+		goto cleanup_signature;
+
 	dns_rdata_init(&tmpsigrdata);
 	ret = dns_rdata_fromstruct(&tmpsigrdata, sig.common.rdclass,
-				   sig.common.rdtype, &sig, &b);
+				   sig.common.rdtype, &sig, databuf);
 	if (ret != ISC_R_SUCCESS)
-		goto cleanup_signature;
+		goto cleanup_databuf;
 
 	ret = dst_context_create(key, mctx, &ctx);
 	if (ret != ISC_R_SUCCESS)
-		goto cleanup_signature;
+		goto cleanup_databuf;
 
 	/*
 	 * Digest the SIG rdata.
@@ -309,6 +317,9 @@ cleanup_array:
 	isc_mem_put(mctx, rdatas, nrdatas * sizeof(dns_rdata_t));
 cleanup_context:
 	dst_context_destroy(&ctx);
+cleanup_databuf:
+	if (databuf != NULL)
+		isc_buffer_free(&databuf);
 cleanup_signature:
 	isc_mem_put(mctx, sig.signature, sig.siglen);