Small cleanups in RPC code, e.g. to support null arguments.

- Add support for null pointer arguments in RPCs for get_digest_algorithm_id
  and get_public_key. This is years overdue, and would have obviated the need
  for get_public_key_len as a separate RPC.

- Refactor pkey_local_get_public_key_len in terms of pkey_local_get_public_key.

- Add more parameter sanity checks to rpc_api.c.

- Add a len_max parameter to hal_xdr_decode_variable_opaque, rather than
  having len be an in/out parameter. This brings xdr slightly more in line
  with the rest of the code base (again after literal years), and slightly
  simplifies several calls in rpc_client.c.

1 files changed, 5 insertions, 2 deletions

diff --git a/xdr.c b/xdr.c
index 2b42be9..92c2b64 100644
--- a/xdr.c
+++ b/xdr.c
@@ -190,16 +190,19 @@ hal_error_t hal_xdr_decode_variable_opaque_ptr(const uint8_t ** const inbuf, con
 /* This version copies the data to the user-supplied buffer.
  * It is used in the rpc client.
  */
-hal_error_t hal_xdr_decode_variable_opaque(const uint8_t ** const inbuf, const uint8_t * const limit, uint8_t * const value, size_t * const len)
+hal_error_t hal_xdr_decode_variable_opaque(const uint8_t ** const inbuf, const uint8_t * const limit, uint8_t * const value, size_t * const len, const size_t len_max)
 {
     hal_error_t err;
     size_t xdr_len;
     const uint8_t *p;
 
+    /* arg checks */
+    hal_assert(value != NULL && len != NULL && len_max != 0);
+
     /* read data pointer and length */
     if ((err = hal_xdr_decode_variable_opaque_ptr(inbuf, limit, &p, &xdr_len)) == HAL_OK) {
         /* user buffer overflow check */
-        if (*len < xdr_len)
+        if (len_max < xdr_len)
             return HAL_ERROR_XDR_BUFFER_OVERFLOW;
         /* read the data */
         memcpy(value, p, xdr_len);