diff options
author | Luca Boccassi <luca.boccassi@microsoft.com> | 2021-04-01 09:48:36 +0100 |
---|---|---|
committer | Luca Boccassi <luca.boccassi@gmail.com> | 2021-04-01 15:00:51 +0100 |
commit | 677ba9d062850cc37c31316ecba241a7d6c48af5 (patch) | |
tree | 5bbc597fda3acf574580840b069e25ed4f7e1282 /src/resolve/resolved-dns-dnssec.c | |
parent | 0f4b6e59bde9e150f07cdff0d5eabe5de959ff7b (diff) | |
download | systemd-677ba9d062850cc37c31316ecba241a7d6c48af5.tar.gz |
resolved: use _cleanup_(gcry_md_closep) in one more place
Documentation says gcry_md_close will ignore a NULL input so should be safe:
https://gnupg.org/documentation/manuals/gcrypt/Working-with-hash-algorithms.html
Makes Coverity happy, follow-up for 248b1e0aa4
CID #1451555
Diffstat (limited to 'src/resolve/resolved-dns-dnssec.c')
-rw-r--r-- | src/resolve/resolved-dns-dnssec.c | 20 |
1 files changed, 6 insertions, 14 deletions
diff --git a/src/resolve/resolved-dns-dnssec.c b/src/resolve/resolved-dns-dnssec.c index d14e5a90af..a107769130 100644 --- a/src/resolve/resolved-dns-dnssec.c +++ b/src/resolve/resolved-dns-dnssec.c @@ -1205,7 +1205,7 @@ static int nsec3_hash_to_gcrypt_md(uint8_t algorithm) { int dnssec_nsec3_hash(DnsResourceRecord *nsec3, const char *name, void *ret) { uint8_t wire_format[DNS_WIRE_FORMAT_HOSTNAME_MAX]; - gcry_md_hd_t md = NULL; + _cleanup_(gcry_md_closep) gcry_md_hd_t md = NULL; gcry_error_t err; size_t hash_size; int algorithm; @@ -1249,10 +1249,8 @@ int dnssec_nsec3_hash(DnsResourceRecord *nsec3, const char *name, void *ret) { gcry_md_write(md, nsec3->nsec3.salt, nsec3->nsec3.salt_size); result = gcry_md_read(md, 0); - if (!result) { - r = -EIO; - goto finish; - } + if (!result) + return -EIO; for (k = 0; k < nsec3->nsec3.iterations; k++) { uint8_t tmp[hash_size]; @@ -1263,18 +1261,12 @@ int dnssec_nsec3_hash(DnsResourceRecord *nsec3, const char *name, void *ret) { gcry_md_write(md, nsec3->nsec3.salt, nsec3->nsec3.salt_size); result = gcry_md_read(md, 0); - if (!result) { - r = -EIO; - goto finish; - } + if (!result) + return -EIO; } memcpy(ret, result, hash_size); - r = (int) hash_size; - -finish: - gcry_md_close(md); - return r; + return (int) hash_size; } static int nsec3_is_good(DnsResourceRecord *rr, DnsResourceRecord *nsec3) { |