projects / platform / core / connectivity / stc-manager.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fixed some svace issues
[platform/core/connectivity/stc-manager.git] / src / helper / helper-nfacct-rule.c
diff --git a/src/helper/helper-nfacct-rule.c b/src/helper/helper-nfacct-rule.c
index f2b819f..94ad5d1 100755 (executable)
--- a/src/helper/helper-nfacct-rule.c
+++ b/src/helper/helper-nfacct-rule.c
@@ -55,6 +55,7 @@
 
 
 #define NFNL_SUBSYS_ACCT                7
+#define BUF_SIZE_FOR_ERR 100
 
 static void prepare_netlink_msg(struct genl *req, int type, int flag)
 {
@@ -238,6 +239,7 @@ bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *cnt)
        char *classid_part;
        char *io_part;
        char *ifname_part;
+       char *save_ptr = NULL;
        char name[NFACCT_NAME_MAX] = {0}; /* parse buffer to avoid cnt_name modification */
 
        strncpy(name, cnt_name, sizeof(name) - 1);
@@ -276,7 +278,7 @@ bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *cnt)
                iface = get_iftype_by_name(ifname_buf);
                /* check first part is it datacall */
                if (iface == STC_IFACE_DATACALL) {
-                       strcpy(cnt->ifname, ifname_buf);
+                       strncpy(cnt->ifname, ifname_buf, MAX_IFACE_LENGTH);
                        cnt->iotype = NFACCT_COUNTER_IN;
                } else {
                        /* +1, due : symbol and till the end of cnt_name */
@@ -297,19 +299,19 @@ bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *cnt)
                return true;
        }
 
-       io_part = strtok(name, "_");
+       io_part = strtok_r(name, "_", &save_ptr);
        if (io_part != NULL)
                cnt->iotype = convert_to_iotype(atoi(io_part + 1));
        else
                return false;
 
-       iftype_part = strtok(NULL, "_");
+       iftype_part = strtok_r(NULL, "_", &save_ptr);
        if (iftype_part != NULL)
                cnt->iftype = convert_to_iftype(atoi(iftype_part));
        else
                return false;
 
-       classid_part = strtok(NULL, "_");
+       classid_part = strtok_r(NULL, "_", &save_ptr);
        if (classid_part != NULL)
                cnt->classid = atoi(classid_part);
        else {
@@ -317,7 +319,7 @@ bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *cnt)
                return cnt->intend == NFACCT_BLOCK ? true : false;
        }
 
-       ifname_part = strtok(NULL, "\0");
+       ifname_part = strtok_r(NULL, "\0", &save_ptr);
        if (ifname_part != NULL)
                STRING_SAVE_COPY(cnt->ifname, ifname_part);
        else
@@ -386,6 +388,8 @@ static void wait_for_rule_cmd(pid_t pid)
 {
        int status;
        pid_t ret_pid;
+       char buf[BUF_SIZE_FOR_ERR] = { 0 };
+
        if (!pid) {
                STC_LOGD("no need to wait");
                return;
@@ -393,7 +397,7 @@ static void wait_for_rule_cmd(pid_t pid)
        ret_pid = waitpid(pid, &status, 0);
        if (ret_pid < 0)
                STC_LOGD("can't wait for a pid %d %d %s", pid, status,
-                        strerror(errno));
+                        strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
 }
 
 static char* get_cmd_pos(const char *cmd_buf)
@@ -440,6 +444,8 @@ stc_error_e exec_iptables_cmd(const char *cmd_buf, pid_t *cmd_pid)
                const size_t args_number = get_args_number(cmd_buf);
                char *args[args_number + 2];
                int ret;
+               char *save_ptr = NULL;
+               char buf[BUF_SIZE_FOR_ERR] = { 0 };
 
                STC_LOGD("executing iptables cmd %s in forked process",
                         cmd_buf);
@@ -451,17 +457,17 @@ stc_error_e exec_iptables_cmd(const char *cmd_buf, pid_t *cmd_pid)
                        exit(0);
                }
                args[0] = "iptables";
-               cmd = strtok((char *)cmd_buf, " ");
+               cmd = strtok_r((char *)cmd_buf, " ", &save_ptr);
                ret_value_msg_if(cmd == NULL, STC_ERROR_FAIL, "no arguments");
                for (i = 1; i <= args_number; ++i)
-                       args[i] = strtok(NULL, " ");
+                       args[i] = strtok_r(NULL, " ", &save_ptr);
 
                args[i] = NULL;
 
                ret = execv(cmd, args);
                if (ret)
                        STC_LOGE("Can't execute %s: %s",
-                                cmd_buf, strerror(errno));
+                                cmd_buf, strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
                exit(ret);
        }
 
@@ -479,6 +485,8 @@ stc_error_e exec_ip6tables_cmd(const char *cmd_buf, pid_t *cmd_pid)
                const size_t args_number = get_args_number(cmd_buf);
                char *args[args_number + 2];
                int ret;
+               char *save_ptr = NULL;
+               char buf[BUF_SIZE_FOR_ERR] = { 0 };
 
                STC_LOGD("executing ip6tables cmd %s in forked process",
                         cmd_buf);
@@ -490,17 +498,17 @@ stc_error_e exec_ip6tables_cmd(const char *cmd_buf, pid_t *cmd_pid)
                        exit(0);
                }
                args[0] = "ip6tables";
-               cmd = strtok((char *)cmd_buf, " ");
+               cmd = strtok_r((char *)cmd_buf, " ", &save_ptr);
                ret_value_msg_if(cmd == NULL, STC_ERROR_FAIL, "no arguments");
                for (i = 1; i <= args_number; ++i)
-                       args[i] = strtok(NULL, " ");
+                       args[i] = strtok_r(NULL, " ", &save_ptr);
 
                args[i] = NULL;
 
                ret = execv(cmd, args);
                if (ret)
                        STC_LOGE("Can't execute %s: %s",
-                                cmd_buf, strerror(errno));
+                                cmd_buf, strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
                exit(ret);
        }
 
@@ -526,14 +534,14 @@ static stc_error_e exec_iface_cmd(const char *pattern, const char *cmd,
                         "Invalid network interface name argument");
 
        /* iptables rule */
-       ret = sprintf(block_buf, pattern, IPTABLES, cmd, chain,
+       ret = snprintf(block_buf, sizeof(block_buf), pattern, IPTABLES, cmd, chain,
                      iftype_name, nfacct, jump);
        ret_value_msg_if(ret > sizeof(block_buf), STC_ERROR_FAIL,
                         "Not enough buffer");
        exec_iptables_cmd(block_buf, pid);
 
        /* ip6tables rule */
-       ret = sprintf(block_buf, pattern, IP6TABLES, cmd, chain,
+       ret = snprintf(block_buf, sizeof(block_buf), pattern, IP6TABLES, cmd, chain,
                      iftype_name, nfacct, jump);
        ret_value_msg_if(ret > sizeof(block_buf), STC_ERROR_FAIL,
                         "Not enough buffer");
@@ -551,14 +559,14 @@ static stc_error_e exec_app_cmd(const char *pattern, const char *cmd,
                         "Invalid network interface name argument");
 
        /* iptables rules */
-       ret = sprintf(block_buf, pattern, IPTABLES, cmd,
+       ret = snprintf(block_buf, sizeof(block_buf), pattern, IPTABLES, cmd,
                      iftype_name, classid, nfacct, jump);
        ret_value_msg_if(ret > sizeof(block_buf), STC_ERROR_FAIL,
                         "Not enough buffer");
        exec_iptables_cmd(block_buf, pid);
 
        /* ip6tables rules */
-       ret = sprintf(block_buf, pattern, IP6TABLES, cmd,
+       ret = snprintf(block_buf, sizeof(block_buf), pattern, IP6TABLES, cmd,
                      iftype_name, classid, nfacct, jump);
        ret_value_msg_if(ret > sizeof(block_buf), STC_ERROR_FAIL,
                         "Not enough buffer");
Domain: Network & Connectivity / Data Network; Licenses: Apache-2.0;