From ec85910950d68c287b76adb36a3c3fa24f64956f Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Tue, 8 Dec 2015 02:25:05 +0000
Subject: Rewrite questionable address length check in check_roa().

svn path=/branches/tk705/; revision=6216
---
 ext/POW.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'ext/POW.c')

diff --git a/ext/POW.c b/ext/POW.c
index a60dfca7..7509cefe 100644
--- a/ext/POW.c
+++ b/ext/POW.c
@@ -1604,14 +1604,14 @@ static int check_roa(CMS_ContentInfo *cms,
 	IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, j + 1);
 	unsigned char a_min[RAW_IPADDR_BUFLEN], a_max[RAW_IPADDR_BUFLEN];
 	unsigned char b_min[RAW_IPADDR_BUFLEN], b_max[RAW_IPADDR_BUFLEN];
-	int length;
+	int a_len, b_len;
 
-#warning Handling of length here looks weird, double check
-	if ((length = v3_addr_get_range(a, afi, a_min, a_max, RAW_IPADDR_BUFLEN)) == 0 ||
-	    (length = v3_addr_get_range(b, afi, b_min, b_max, RAW_IPADDR_BUFLEN)) == 0)
+	if ((a_len = v3_addr_get_range(a, afi, a_min, a_max, RAW_IPADDR_BUFLEN)) == 0 ||
+	    (b_len = v3_addr_get_range(b, afi, b_min, b_max, RAW_IPADDR_BUFLEN)) == 0 ||
+            a_len != b_len)
           record_validation_status(status, ROA_RESOURCES_MALFORMED);
 
-	if (memcmp(a_max, b_max, length) >= 0) {
+	if (memcmp(a_max, b_max, a_len) >= 0) {
 	  (void) sk_IPAddressOrRange_delete(aors, j + 1);
 	  IPAddressOrRange_free(b);
 	  --j;
-- 
cgit v1.2.3