projects / platform / core / multimedia / libmm-utility.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6eefeea) | patch
Bug fix. insecure strncmp 76/314376/1 accepted/tizen_unified accepted/tizen_unified_dev accepted/tizen_unified_x tizen accepted/tizen/unified/20240712.160041 accepted/tizen/unified/dev/20240715.080538 accepted/tizen/unified/x/20240715.042502
authorJiyong <jiyong.min@samsung.com>
Thu, 11 Jul 2024 03:46:20 +0000 (12:46 +0900)
committerJiyong <jiyong.min@samsung.com>
Thu, 11 Jul 2024 03:46:20 +0000 (12:46 +0900)
commit5f46fca69040dd22865a4b07ebe523d5a57669ba
tree239949a4ac27fff8cd7bbb20fff65923a556f379tree | snapshot
parent6eefeea69448d3f6913af12fe86d3db681746147commit | diff
Bug fix. insecure strncmp

 - fix svace issue (LIB.INSECURE_STRNCMP)

The problem that such using checks only prefix of string because null-terminator is not checked.
It may be source of vulnarability when using for compariso passwords.
Correct pattern should use strlen(arg) + 1.

Change-Id: Ib66d43aac119b265c462b0ba35519caa3885d631
common/mm_util_private.c diff | blob | history
packaging/libmm-utility.spec diff | blob | history
Domain: Multimedia / Imaging;