Rewrite questionable address length check in check_roa().

svn path=/branches/tk705/; revision=6216
author: Rob Austein <sra@hactrn.net> 2015-12-08 02:25:05 +0000
committer: Rob Austein <sra@hactrn.net> 2015-12-08 02:25:05 +0000
commit: ec85910950d68c287b76adb36a3c3fa24f64956f (patch)
tree: 15626862a9e0ec59fe18691d6ec8b9c926227397 /ext/POW.c
parent: 9f5ebc2dc159a95f134956203cbca33e436c0da3 (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/ext/POW.c b/ext/POW.c
index a60dfca7..7509cefe 100644
--- a/ext/POW.c
+++ b/ext/POW.c
@@ -1604,14 +1604,14 @@ static int check_roa(CMS_ContentInfo *cms,
 	IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, j + 1);
 	unsigned char a_min[RAW_IPADDR_BUFLEN], a_max[RAW_IPADDR_BUFLEN];
 	unsigned char b_min[RAW_IPADDR_BUFLEN], b_max[RAW_IPADDR_BUFLEN];
-	int length;
+	int a_len, b_len;
 
-#warning Handling of length here looks weird, double check
-	if ((length = v3_addr_get_range(a, afi, a_min, a_max, RAW_IPADDR_BUFLEN)) == 0 ||
-	    (length = v3_addr_get_range(b, afi, b_min, b_max, RAW_IPADDR_BUFLEN)) == 0)
+	if ((a_len = v3_addr_get_range(a, afi, a_min, a_max, RAW_IPADDR_BUFLEN)) == 0 ||
+	    (b_len = v3_addr_get_range(b, afi, b_min, b_max, RAW_IPADDR_BUFLEN)) == 0 ||
+            a_len != b_len)
           record_validation_status(status, ROA_RESOURCES_MALFORMED);
 
-	if (memcmp(a_max, b_max, length) >= 0) {
+	if (memcmp(a_max, b_max, a_len) >= 0) {
 	  (void) sk_IPAddressOrRange_delete(aors, j + 1);
 	  IPAddressOrRange_free(b);
 	  --j;
author	Rob Austein <sra@hactrn.net>	2015-12-08 02:25:05 +0000
committer	Rob Austein <sra@hactrn.net>	2015-12-08 02:25:05 +0000
commit	ec85910950d68c287b76adb36a3c3fa24f64956f (patch)
tree	15626862a9e0ec59fe18691d6ec8b9c926227397 /ext/POW.c
parent	9f5ebc2dc159a95f134956203cbca33e436c0da3 (diff)