From ec8fb644f178439e7cef630cf1774297a63d3e4d Mon Sep 17 00:00:00 2001
From: Tomas Krizek <tomas.krizek@nic.cz>
Date: Wed, 24 Mar 2021 17:44:44 +0100
Subject: [PATCH] lib/cache/nsec3.c: replace asserts

---
 lib/cache/nsec3.c | 54 ++++++++++++++++++-----------------------------
 1 file changed, 20 insertions(+), 34 deletions(-)

diff --git a/lib/cache/nsec3.c b/lib/cache/nsec3.c
index bebe01cf3..cee5dabbb 100644
--- a/lib/cache/nsec3.c
+++ b/lib/cache/nsec3.c
@@ -21,13 +21,8 @@ static const knot_db_val_t VAL_EMPTY = { NULL, 0 };
 static knot_db_val_t key_NSEC3_common(struct key *k, const knot_dname_t *zname,
 					const nsec_p_hash_t nsec_p_hash)
 {
-	int ret;
-	const bool ok = k && zname
-		&& !(ret = kr_dname_lf(k->buf, zname, false));
-	if (!ok) {
-		assert(false);
+	if (!kr_assume(k && zname && !kr_dname_lf(k->buf, zname, false)))
 		return VAL_EMPTY;
-	}
 
 	/* CACHE_KEY_DEF: key == zone's dname_lf + '\0' + '3' + nsec_p hash (4B)
 	 * 			+ NSEC3 hash (20B == NSEC3_HASH_LEN binary!)
@@ -89,9 +84,8 @@ static knot_db_val_t key_NSEC3_name(struct key *k, const knot_dname_t *name,
 		.data = (uint8_t *)/*const-cast*/name,
 	};
 
-	if (nsec_p->libknot.iterations > KR_NSEC3_MAX_ITERATIONS) {
+	if (!kr_assume(nsec_p->libknot.iterations <= KR_NSEC3_MAX_ITERATIONS)) {
 		/* This is mainly defensive; it shouldn't happen thanks to downgrades. */
-		assert(false);
 		return VAL_EMPTY;
 	}
 	#if 0 // LATER(optim.): this requires a patched libdnssec - tries to realloc()
@@ -101,16 +95,15 @@ static knot_db_val_t key_NSEC3_name(struct key *k, const knot_dname_t *name,
 	};
 	int ret = dnssec_nsec3_hash(&dname, &nsec_p->libknot, &hash);
 	if (ret != DNSSEC_EOK) return VAL_EMPTY;
-	assert(hash.size == NSEC3_HASH_LEN);
+	if (!kr_assume(hash.size == NSEC3_HASH_LEN))
+		return VAL_EMPTY;
 
 	#else
 	dnssec_binary_t hash = { .size = 0, .data = NULL };
 	int ret = dnssec_nsec3_hash(&dname, &nsec_p->libknot, &hash);
 	if (ret != DNSSEC_EOK) return VAL_EMPTY;
-	if (hash.size != NSEC3_HASH_LEN || !hash.data) {
-		assert(false);
+	if (!kr_assume(hash.size == NSEC3_HASH_LEN && hash.data))
 		return VAL_EMPTY;
-	}
 	memcpy(knot_db_val_bound(val), hash.data, NSEC3_HASH_LEN);
 	free(hash.data);
 	#endif
@@ -143,10 +136,8 @@ static const char * find_leq_NSEC3(struct kr_cache *cache, const struct kr_query
 {
 	/* Do the cache operation. */
 	const size_t hash_off = key_nsec3_hash_off(k);
-	if (!key.data || key.len < hash_off) {
-		assert(false);
+	if (!kr_assume(key.data && key.len >= hash_off))
 		return "range search ERROR";
-	}
 	knot_db_val_t key_found = key;
 	knot_db_val_t val = { NULL, 0 };
 	int ret = cache_op(cache, read_leq, &key_found, &val);
@@ -154,10 +145,9 @@ static const char * find_leq_NSEC3(struct kr_cache *cache, const struct kr_query
 		 * would probably be slightly more efficient with LMDB,
 		 * but the code complexity would grow considerably. */
 	if (ret < 0) {
-		if (ret == kr_error(ENOENT)) {
+		if (kr_assume(ret == kr_error(ENOENT))) {
 			return "range search miss";
 		} else {
-			assert(false);
 			return "range search ERROR";
 		}
 	}
@@ -209,11 +199,8 @@ static const char * find_leq_NSEC3(struct kr_cache *cache, const struct kr_query
 	}
 	/* We know it starts before sname, so let's check the other end.
 	 * A. find the next hash and check its length. */
-	if (KR_CACHE_RR_COUNT_SIZE != 2 || get_uint16(eh->data) == 0) {
-		assert(false);
-		return "ERROR";
-		/* TODO: more checks?  Also, `next` computation is kinda messy. */
-	}
+	if (!kr_assume(KR_CACHE_RR_COUNT_SIZE == 2 && get_uint16(eh->data) != 0))
+		return "ERROR"; /* TODO: more checks?  Also, `next` computation is kinda messy. */
 	const uint8_t *hash_next = nsec_p_raw + nsec_p_len
 				 + sizeof(uint8_t) /* hash length from rfc5155 */;
 	if (hash_next[-1] != NSEC3_HASH_LEN) {
@@ -235,12 +222,12 @@ static const char * find_leq_NSEC3(struct kr_cache *cache, const struct kr_query
  * \param text must have length at least NSEC3_HASH_TXT_LEN+1 (will get 0-terminated). */
 static void key_NSEC3_hash2text(const knot_db_val_t key, char *text)
 {
-	assert(key.data && key.len > NSEC3_HASH_LEN);
+	kr_require(key.data && key.len > NSEC3_HASH_LEN);
 	const uint8_t *hash_raw = knot_db_val_bound(key) - NSEC3_HASH_LEN;
 			/* CACHE_KEY_DEF ^^ */
 	int len = base32hex_encode(hash_raw, NSEC3_HASH_LEN, (uint8_t *)text,
 				   NSEC3_HASH_TXT_LEN);
-	assert(len == NSEC3_HASH_TXT_LEN); (void)len;
+	(void)!kr_assume(len == NSEC3_HASH_TXT_LEN);
 	text[NSEC3_HASH_TXT_LEN] = '\0';
 }
 
@@ -250,10 +237,8 @@ static int dname_wire_reconstruct(knot_dname_t *buf, const knot_dname_t *zname,
 				  const uint8_t *hash_raw)
 {
 	int len = base32hex_encode(hash_raw, NSEC3_HASH_LEN, buf + 1, NSEC3_HASH_TXT_LEN);
-	if (len != NSEC3_HASH_TXT_LEN) {
-		assert(false);
+	if (!kr_assume(len == NSEC3_HASH_TXT_LEN))
 		return kr_error(EINVAL);
-	}
 	buf[0] = len;
 	int ret = knot_dname_to_wire(buf + 1 + len, zname, KNOT_DNAME_MAXLEN - 1 - len);
 	return ret < 0 ? kr_error(ret) : kr_ok();
@@ -261,7 +246,7 @@ static int dname_wire_reconstruct(knot_dname_t *buf, const knot_dname_t *zname,
 
 static void nsec3_hash2text(const knot_dname_t *owner, char *text)
 {
-	assert(owner[0] == NSEC3_HASH_TXT_LEN);
+	kr_require(owner[0] == NSEC3_HASH_TXT_LEN);
 	memcpy(text, owner + 1, MIN(owner[0], NSEC3_HASH_TXT_LEN));
 	text[NSEC3_HASH_TXT_LEN] = '\0';
 }
@@ -274,10 +259,8 @@ int nsec3_encloser(struct key *k, struct answer *ans,
 	/* Basic sanity check. */
 	const bool ok = k && k->zname && ans && clencl_labels
 			&& qry && cache;
-	if (!ok) {
-		assert(!EINVAL);
+	if (!kr_assume(ok))
 		return kr_error(EINVAL);
-	}
 
 	/*** Find the closest encloser - cycle: name starting at sname,
 	 * proceeding while longer than zname, shortening by one label on step.
@@ -368,7 +351,8 @@ int nsec3_encloser(struct key *k, struct answer *ans,
 		const knot_rrset_t *nsec_rr = ans->rrsets[ans_id].set.rr;
 		const uint8_t *bm = knot_nsec3_bitmap(nsec_rr->rrs.rdata);
 		uint16_t bm_size = knot_nsec3_bitmap_len(nsec_rr->rrs.rdata);
-		assert(bm);
+		if (!kr_assume(bm))
+			return kr_error(EFAULT);
 		if (name_labels == sname_labels) {
 			if (kr_nsec_bitmap_nodata_check(bm, bm_size, qry->stype,
 							nsec_rr->owner) != 0) {
@@ -385,7 +369,8 @@ int nsec3_encloser(struct key *k, struct answer *ans,
 
 		} /* else */
 
-		assert(name_labels + 1 == last_nxproven_labels);
+		if (!kr_assume(name_labels + 1 == last_nxproven_labels))
+			return kr_error(EINVAL);
 		if (kr_nsec_children_in_zone_check(bm, bm_size) != 0) {
 			VERBOSE_MSG(qry,
 				"=> NSEC3 encloser: found but delegated (or error)\n");
@@ -476,7 +461,8 @@ int nsec3_src_synth(struct key *k, struct answer *ans, const knot_dname_t *clenc
 	/* The wildcard exists.  Find if it's NODATA - check type bitmap. */
 	const uint8_t *bm = knot_nsec3_bitmap(nsec_rr->rrs.rdata);
 	uint16_t bm_size = knot_nsec3_bitmap_len(nsec_rr->rrs.rdata);
-	assert(bm);
+	if (!kr_assume(bm))
+		return kr_error(EFAULT);
 	if (kr_nsec_bitmap_nodata_check(bm, bm_size, qry->stype, nsec_rr->owner) == 0) {
 		/* NODATA proven; just need to add SOA+RRSIG later */
 		VERBOSE_MSG(qry, "=> NSEC3 wildcard: match proved NODATA, new TTL %d\n",
-- 
2.47.2