Add bounded attributes to hmac.h

ok beck

diff --git a/lib/libcrypto/hmac/hmac.h b/lib/libcrypto/hmac/hmac.h
index abdd194..0f39009 100644 (file)
--- a/lib/libcrypto/hmac/hmac.h
+++ b/lib/libcrypto/hmac/hmac.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: hmac.h,v 1.18 2024/06/01 07:36:16 tb Exp $ */
+/* $OpenBSD: hmac.h,v 1.19 2024/07/09 07:57:57 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -60,6 +60,10 @@
 
 #include <openssl/opensslconf.h>
 
+#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__)
+#define __bounded__(x, y, z)
+#endif
+
 #ifdef OPENSSL_NO_HMAC
 #error HMAC is disabled.
 #endif
@@ -78,14 +82,18 @@ HMAC_CTX *HMAC_CTX_new(void);
 void HMAC_CTX_free(HMAC_CTX *ctx);
 int HMAC_CTX_reset(HMAC_CTX *ctx);
 
-int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
-    const EVP_MD *md); /* deprecated */
+int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md)
+    __attribute__ ((__bounded__(__buffer__, 2, 3)));
 int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md,
-    ENGINE *impl);
-int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
+    ENGINE *impl)
+    __attribute__ ((__bounded__(__buffer__, 2, 3)));
+int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
+    __attribute__ ((__bounded__(__buffer__, 2, 3)));
 int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
 unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
     const unsigned char *d, size_t n, unsigned char *md, unsigned int *md_len)
+    __attribute__ ((__bounded__(__buffer__, 2, 3)))
+    __attribute__ ((__bounded__(__buffer__, 4, 5)))
     __attribute__((__nonnull__ (6)));
 int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);