fix: Check for all zero UUID of a subject

author Volodymyr Brynza <v.brynza@samsung.com>

Wed, 10 Feb 2021 09:50:28 +0000 (11:50 +0200)

committer DoHyun Pyun <dh79.pyun@samsung.com>

Wed, 17 Feb 2021 02:58:33 +0000 (11:58 +0900)
author Volodymyr Brynza <v.brynza@samsung.com>
Wed, 10 Feb 2021 09:50:28 +0000 (11:50 +0200)
committer DoHyun Pyun <dh79.pyun@samsung.com>
Wed, 17 Feb 2021 02:58:33 +0000 (11:58 +0900)
diff --git a/resource/csdk/security/src/policyengine.c b/resource/csdk/security/src/policyengine.c

index 649ba6e..9be59fb 100644 (file)
--- a/resource/csdk/security/src/policyengine.c
+++ b/resource/csdk/security/src/policyengine.c
@@ -91,6 +91,17 @@ static bool UuidCmp(OicUuid_t *firstId, OicUuid_t *secondId)
      return true;
  }
  
      return true;
  }
  
+/**
+ * Compares input OicUuid_t struct with OicUuid_t struct which has all zero values.
+ *
+ * @return true if the two OicUuid_t structs are equal, else false.
+ */
+static bool IsUuidAllZero(OicUuid_t *uuid)
+{
+    OicUuid_t allZeroUuid = {.id={0}};
+    return UuidCmp(&allZeroUuid, uuid);
+}
+
  void SetPolicyEngineState(PEContext_t *context, const PEState_t state)
  {
      if (NULL == context)
  void SetPolicyEngineState(PEContext_t *context, const PEState_t state)
  {
      if (NULL == context)
@@ -134,12 +145,12 @@ static bool IsRequestFromDevOwner(PEContext_t *context)
          return retVal;
      }
  
          return retVal;
      }
  
-    /*
-    if(OC_STACK_OK == GetDoxmDevOwnerId(&ownerid))
+    // Check for all zero UUID
+    if (true == IsUuidAllZero(&context->subject))
      {
      {
-        retVal = UuidCmp(&context->subject, &ownerid);
+        OIC_LOG_V(DEBUG, TAG, "%s: UUID is all zero", __func__);
+        return retVal;
      }
      }
-    */
  
      // TODO: Added as workaround for CTT
      OicSecDoxm_t* doxm = (OicSecDoxm_t*) GetDoxmResourceData();
  
      // TODO: Added as workaround for CTT
      OicSecDoxm_t* doxm = (OicSecDoxm_t*) GetDoxmResourceData();
@@ -180,6 +191,13 @@ static bool IsRequestFromSubOwner(PEContext_t *context)
          return retVal;
      }
  
          return retVal;
      }
  
+    // Check for all zero UUID
+    if (true == IsUuidAllZero(&context->subject))
+    {
+        OIC_LOG_V(DEBUG, TAG, "%s: UUID is all zero", __func__);
+        return retVal;
+    }
+
      if(IsSubOwner(&context->subject))
      {
          retVal = true;
      if(IsSubOwner(&context->subject))
      {
          retVal = true;
@@ -302,6 +320,13 @@ bool IsRequestFromResourceOwner(PEContext_t *context)
          return false;
      }
  
          return false;
      }
  
+    // Check for all zero UUID
+    if (true == IsUuidAllZero(&context->subject))
+    {
+        OIC_LOG_V(DEBUG, TAG, "%s: UUID is all zero", __func__);
+        return retVal;
+    }
+
      if((OIC_R_ACL_TYPE <= context->resourceType) && \
          (OIC_SEC_SVR_TYPE_COUNT > context->resourceType))
      {
      if((OIC_R_ACL_TYPE <= context->resourceType) && \
          (OIC_SEC_SVR_TYPE_COUNT > context->resourceType))
      {
author	Volodymyr Brynza <v.brynza@samsung.com>
	Wed, 10 Feb 2021 09:50:28 +0000 (11:50 +0200)
committer	DoHyun Pyun <dh79.pyun@samsung.com>
	Wed, 17 Feb 2021 02:58:33 +0000 (11:58 +0900)