manager: fix SVACE issues

- Add check return code for:
  - lseek()
  - strtoul()
  - remove()
  - fseek()
  - ftruncate()
- Remove dead code
- Fix integer overflow
- Change UNIX permissions for temporary file

Change-Id: If875ccc33229b925bdd53e295feecdd2c8ec595c
Signed-off-by: Vyacheslav Cherkashin <v.cherkashin@samsung.com>

diff --git a/daemon/cpp/inst/Anr.cpp b/daemon/cpp/inst/Anr.cpp
index df9ce3741199b3b9d052149cf8fa87a4d970bcd3..5211cb43736886cd5750b4045d01992014df0198 100644 (file)
--- a/daemon/cpp/inst/Anr.cpp
+++ b/daemon/cpp/inst/Anr.cpp
@@ -84,8 +84,16 @@ int del(const std::string &name)
             free(line);
 
     // clean file
-    fseek(f, 0L, SEEK_SET);
-    ftruncate(fileno(f), 0);
+    if (fseek(f, 0L, SEEK_SET) == -1) {
+        int err = errno;
+        LOGE("Failed to set file offset, errno=%d\n", err);
+        return -err;
+    }
+    if (ftruncate(fileno(f), 0) == -1) {
+        int err = errno;
+        LOGE("Failed to truncate file, errno=%d\n", err);
+        return -err;
+    }
 
     // write new names list without 'name'
     bool delFlag = false;

diff --git a/daemon/daemon.c b/daemon/daemon.c
index d6b7714e12075ee2a9b7cd2d2e9634b875f0abb4..8e63459c5f94dbeae26ab23c74d655296ee9eefb 100644 (file)
--- a/daemon/daemon.c
+++ b/daemon/daemon.c
@@ -205,8 +205,11 @@ static int exec_app_case_type_tizen(const struct app_info_t *app_info)
 {
        const char ui_viewer_log[] = "/run/swap/uilib.log";
 
-       if (access(ui_viewer_log, F_OK) != -1)
-               remove(ui_viewer_log);
+       if (access(ui_viewer_log, F_OK) != -1) {
+               if (remove(ui_viewer_log) == -1)
+                       LOGE("Cannot remove UIHV log file: %s, errno=%d\n",
+                            ui_viewer_log, errno);
+       }
 
        if (!auxd_client_tizen_app_start(manager.auxd_client, app_info->app_id)) {
                LOGE("Cannot exec tizen app %s\n", app_info->app_id);

diff --git a/daemon/sys_stat.c b/daemon/sys_stat.c
index c31e8f953b60578b0af4539acc59ad0253e7e541..d67132cd486cdfe3c3251ab55ca74a52d57249fa 100644 (file)
--- a/daemon/sys_stat.c
+++ b/daemon/sys_stat.c
@@ -32,6 +32,7 @@
 #include <glob.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>
 #include <string.h>
 #include <stdbool.h>
 #include <ctype.h>
@@ -138,7 +139,9 @@ static int get_file_status_no_open(int pfd, const char *filename)
                return 0;
        }
 
-       lseek(pfd, 0, SEEK_SET);        // rewind to start of file
+       // rewind to start of file
+       if (lseek(pfd, 0, SEEK_SET) == (off_t)-1)
+               return -errno;
 
        // read from file
        if (unlikely(read(pfd, buf, STATUS_STRING_MAX) == -1))
@@ -955,7 +958,9 @@ static int read_mapinfo_section(FILE* fp, mapinfo_section_t *map)
 static bool save_to_tmpfile(char *path, int suffixlen,
                            const char *data, size_t len)
 {
+       mode_t old_umask = umask(077);
        int fd = mkstemps(path, suffixlen);
+       umask(old_umask);
        if (fd == -1) {
                LOGE("Cannot make temp file, errno=%d\n", errno);
                return false;
@@ -1089,21 +1094,16 @@ static int update_process_data(procNode **prochead, pid_t* pidarray, int pidcoun
                        continue;
                }
 
-               if ((procnode = find_node(*prochead, pidarray[i])) == NULL) {
+               procnode = find_node(*prochead, pidarray[i]);
+               if (procnode == NULL) {
                        // new process
+                       is_new_node = 1;
                        procnode = add_node(prochead, pidarray[i]);
                        if (procnode == NULL) {
                                LOGE("Failed to add node\n");
                                ret = 1;
-                               continue;
+                               goto exit;
                        }
-                       is_new_node = 1;
-               }
-
-               if (procnode == NULL) {
-                       LOGE("failed to create new procnode\n");
-                       ret = errno;
-                       goto exit;
                }
 
                if (datatype == PROCDATA_STAT) {
@@ -1337,7 +1337,11 @@ static int update_system_memory_data(uint64_t *memtotal, uint64_t *memused)
        if (meminfo_fd == -1)
                return -1;
 
-       lseek(meminfo_fd, 0L, SEEK_SET);
+       if (lseek(meminfo_fd, 0L, SEEK_SET) == (off_t)-1) {
+               LOGE("Failed to set file offset, errno=%d\n", errno);
+               return -1;
+       }
+
        if((num = read(meminfo_fd, buf, BUFFER_MAX)) < 0)
        {
                LOGE("Failed to read from " PROCMEMINFO "\n");
@@ -1415,7 +1419,10 @@ static unsigned long get_system_total_memory(void)
        if (meminfo_fd == -1)
                return 0;
 
-       lseek(meminfo_fd, 0L, SEEK_SET);
+       if (lseek(meminfo_fd, 0L, SEEK_SET) == (off_t)-1) {
+               LOGE("Failed to set file offset, errno=%d\n", errno);
+               return 0;
+       }
 
        if((num = read(meminfo_fd, buf, BUFFER_MAX)) < 0)
        {
@@ -1438,6 +1445,10 @@ static unsigned long get_system_total_memory(void)
                {
                        head = tail + 1;
                        totalmem = strtoul(head, &tail, 10);
+                       if (totalmem == ULONG_MAX) {
+                               LOGE("Failed to read field: %s\n", memtotalstr);
+                               return 0;
+                       }
                        break;
                }
 
@@ -1448,6 +1459,11 @@ static unsigned long get_system_total_memory(void)
                head = tail + 1;
        }
 
+       if (totalmem >= ULONG_MAX / 1024) {
+               LOGE("Field '%s' is very big\n", memtotalstr);
+               return 0;
+       }
+
        return (totalmem * 1024);
 }