Record when querytsig is valid

(cherry picked from commit 4938f97c971ce1af8317fc0274b02529c9cebe76)

This commit was cherry-picked from v9_14 and it fixes the following
scan-build warnings:

tsig.c:1030:20: warning: Assigned value is garbage or undefined
                        tsig.timesigned = querytsig.timesigned;
                                        ^ ~~~~~~~~~~~~~~~~~~~~
tsig.c:1092:26: warning: The right operand of '<' is a garbage value
                        if (response && bytes < querytsig.siglen)
                                              ^ ~~~~~~~~~~~~~~~~
2 warnings generated.

diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c
index 48842c055e50c84f7bf9f1de46d0dd4784924ce3..2a9f511134335f30b99a04c4fef137c17c25bde8 100644 (file)
--- a/lib/dns/tsig.c
+++ b/lib/dns/tsig.c
@@ -926,6 +926,7 @@ dns_tsig_sign(dns_message_t *msg) {
                unsigned char header[DNS_MESSAGE_HEADERLEN];
                isc_buffer_t headerbuf;
                uint16_t digestbits;
+               bool querytsig_ok = false;
 
                /*
                 * If it is a response, we assume that the request MAC
@@ -972,14 +973,8 @@ dns_tsig_sign(dns_message_t *msg) {
                        ret = dst_context_adddata(ctx, &r);
                        if (ret != ISC_R_SUCCESS)
                                goto cleanup_context;
+                       querytsig_ok = true;
                }
-#if defined(__clang__)  && \
-       ( __clang_major__ < 3 || \
-       (__clang_major__ == 3 && __clang_minor__ < 2) || \
-       (__clang_major__ == 4 && __clang_minor__ < 2))
-       /* false positive: http://llvm.org/bugs/show_bug.cgi?id=14461 */
-               else memset(&querytsig, 0, sizeof(querytsig));
-#endif
 
                /*
                 * Digest the header.
@@ -1025,8 +1020,7 @@ dns_tsig_sign(dns_message_t *msg) {
                }
                /* Digest the timesigned and fudge */
                isc_buffer_clear(&databuf);
-               if (tsig.error == dns_tsigerror_badtime) {
-                       INSIST(response);
+               if (tsig.error == dns_tsigerror_badtime && querytsig_ok) {
                        tsig.timesigned = querytsig.timesigned;
                }
                isc_buffer_putuint48(&databuf, tsig.timesigned);
@@ -1077,19 +1071,8 @@ dns_tsig_sign(dns_message_t *msg) {
                dst_context_destroy(&ctx);
                digestbits = dst_key_getbits(key->key);
                if (digestbits != 0) {
-                       /*
-                        * XXXRAY: Is this correct? What is the
-                        * expected behavior when digestbits is not an
-                        * integral multiple of 8? It looks like bytes
-                        * should either be (digestbits/8) or
-                        * (digestbits+7)/8.
-                        *
-                        * In any case, for current algorithms,
-                        * digestbits are an integral multiple of 8, so
-                        * it has the same effect as (digestbits/8).
-                        */
-                       unsigned int bytes = (digestbits + 1) / 8;
-                       if (response && bytes < querytsig.siglen)
+                       unsigned int bytes = (digestbits + 7) / 8;
+                       if (querytsig_ok && bytes < querytsig.siglen)
                                bytes = querytsig.siglen;
                        if (bytes > isc_buffer_usedlength(&sigbuf))
                                bytes = isc_buffer_usedlength(&sigbuf);
@@ -1482,18 +1465,8 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
        {
                uint16_t digestbits = dst_key_getbits(key);
 
-               /*
-                * XXXRAY: Is this correct? What is the expected
-                * behavior when digestbits is not an integral multiple
-                * of 8? It looks like bytes should either be
-                * (digestbits/8) or (digestbits+7)/8.
-                *
-                * In any case, for current algorithms, digestbits are
-                * an integral multiple of 8, so it has the same effect
-                * as (digestbits/8).
-                */
                if (tsig.siglen > 0 && digestbits != 0 &&
-                   tsig.siglen < ((digestbits + 1) / 8))
+                   tsig.siglen < ((digestbits + 7) / 8))
                {
                        msg->tsigstatus = dns_tsigerror_badtrunc;
                        tsig_log(msg->tsigkey, 2,
@@ -1805,19 +1778,8 @@ tsig_verify_tcp(isc_buffer_t *source, dns_message_t *msg) {
                {
                        uint16_t digestbits = dst_key_getbits(key);
 
-                       /*
-                        * XXXRAY: Is this correct? What is the
-                        * expected behavior when digestbits is not an
-                        * integral multiple of 8? It looks like bytes
-                        * should either be (digestbits/8) or
-                        * (digestbits+7)/8.
-                        *
-                        * In any case, for current algorithms,
-                        * digestbits are an integral multiple of 8, so
-                        * it has the same effect as (digestbits/8).
-                        */
                        if (tsig.siglen > 0 && digestbits != 0 &&
-                           tsig.siglen < ((digestbits + 1) / 8))
+                           tsig.siglen < ((digestbits + 7) / 8))
                        {
                                msg->tsigstatus = dns_tsigerror_badtrunc;
                                tsig_log(msg->tsigkey, 2,