From 8837491697d8debbc4b8a2e941bf0066321d39e9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
Date: Thu, 7 Aug 2025 08:12:36 +0200
Subject: [PATCH] Add strict checks on typepair values in the developer's mode

When in developer's mode, make the DNS_TYPEPAIR_* macros be more
strict on the contents of the 'base' and 'covers', so we can catch
invalid use of the API.
---
 lib/dns/include/dns/rdatatype.h | 39 +++++++++++++++++++++++++++------
 meson.build                     |  1 +
 2 files changed, 33 insertions(+), 7 deletions(-)

diff --git a/lib/dns/include/dns/rdatatype.h b/lib/dns/include/dns/rdatatype.h
index b4005367c9..13847136d5 100644
--- a/lib/dns/include/dns/rdatatype.h
+++ b/lib/dns/include/dns/rdatatype.h
@@ -17,13 +17,38 @@
 
 #include <dns/types.h>
 
-#define DNS_TYPEPAIR_TYPE(type)	  ((dns_rdatatype_t)((type) & 0xFFFF))
-#define DNS_TYPEPAIR_COVERS(type) ((dns_rdatatype_t)((type) >> 16))
-#define DNS_TYPEPAIR_VALUE(base, ext) \
-	((dns_typepair_t)(((uint32_t)ext) << 16) | (((uint32_t)base) & 0xffff))
-#define DNS_SIGTYPE(type)                           \
-	((dns_typepair_t)(((uint32_t)type) << 16) | \
-	 (((uint32_t)dns_rdatatype_rrsig) & 0xffff))
+#if DNS_TYPEPAIR_CHECK
+#define DNS__TYPEPAIR_CHECK(base, covers)                    \
+	INSIST((dns_rdatatype_issig(base) && covers != 0) || \
+	       (base == 0 && covers != 0) || (base != 0 && covers == 0))
+#else
+#define DNS__TYPEPAIR_CHECK(base, covers)
+#endif
+
+#define DNS_TYPEPAIR_TYPE(type)                                              \
+	({                                                                   \
+		dns_rdatatype_t __base = (dns_rdatatype_t)((type) & 0xFFFF); \
+		dns_rdatatype_t __covers = (dns_rdatatype_t)((type) >> 16);  \
+		DNS__TYPEPAIR_CHECK(__base, __covers);                       \
+		__base;                                                      \
+	})
+#define DNS_TYPEPAIR_COVERS(type)                                            \
+	({                                                                   \
+		dns_rdatatype_t __base = (dns_rdatatype_t)((type) & 0xFFFF); \
+		dns_rdatatype_t __covers = (dns_rdatatype_t)((type) >> 16);  \
+		DNS__TYPEPAIR_CHECK(__base, __covers);                       \
+		__covers;                                                    \
+	})
+#define DNS__TYPEPAIR_VALUE(base, covers)             \
+	((dns_typepair_t)(((uint32_t)covers) << 16) | \
+	 (((uint32_t)base) & 0xffff))
+#define DNS_TYPEPAIR_VALUE(base, covers)           \
+	({                                         \
+		DNS__TYPEPAIR_CHECK(base, covers); \
+		DNS__TYPEPAIR_VALUE(base, covers); \
+	})
+
+#define DNS_SIGTYPE(type) DNS__TYPEPAIR_VALUE(dns_rdatatype_rrsig, type)
 
 isc_result_t
 dns_rdatatype_fromtext(dns_rdatatype_t *typep, isc_textregion_t *source);
diff --git a/meson.build b/meson.build
index 1f41ee0166..6f45d81f63 100644
--- a/meson.build
+++ b/meson.build
@@ -307,6 +307,7 @@ if developer_mode
     config.set('ISC_MUTEX_ERROR_CHECK', 1)
     config.set('ISC_SOCKET_DETAILS', 1)
     config.set('ISC_STATS_CHECKUNDERFLOW', 1)
+    config.set('DNS_TYPEPAIR_CHECK', 1)
 endif
 
 foreach fn : [