Fixed vulnerability issues.

Added out-of-memory error code.

Change-Id: I3efc6f1dd82b81f4d05646e36325bb5f5d9330b0
Signed-off-by: saerome.kim <saerome.kim@samsung.com>

diff --git a/include/ua-api.h b/include/ua-api.h
index 92fa95a..5c38b3b 100644 (file)
--- a/include/ua-api.h
+++ b/include/ua-api.h
@@ -141,6 +141,7 @@ typedef enum {
 typedef enum {
        UAM_ERROR_NONE = TIZEN_ERROR_NONE, /**< Succsssful */
        UAM_ERROR_INVALID_PARAMETER = TIZEN_ERROR_INVALID_PARAMETER, /**< Invalid parameter */
+       UAM_ERROR_OUT_OF_MEMORY = TIZEN_ERROR_OUT_OF_MEMORY, /**< Out of memory */
        UAM_ERROR_PERMISSION_DENIED = TIZEN_ERROR_PERMISSION_DENIED, /**< Permission denied */
        UAM_ERROR_TIMED_OUT = TIZEN_ERROR_TIMED_OUT, /**< Time out */
        UAM_ERROR_NOW_IN_PROGRESS = TIZEN_ERROR_NOW_IN_PROGRESS, /**< Now in progress */

diff --git a/packaging/ua-manager.spec b/packaging/ua-manager.spec
index 100fd57..cae5fba 100644 (file)
--- a/packaging/ua-manager.spec
+++ b/packaging/ua-manager.spec
@@ -1,6 +1,6 @@
 Name:       ua-manager
 Summary:    User awareness manager
-Version:    0.6.0
+Version:    0.6.1
 Release:    1
 License:    Apache-2.0
 Source0:    %{name}-%{version}.tar.gz

diff --git a/ua-daemon/src/ua-manager-common.c b/ua-daemon/src/ua-manager-common.c
index 9d74a01..6ee377c 100644 (file)
--- a/ua-daemon/src/ua-manager-common.c
+++ b/ua-daemon/src/ua-manager-common.c
@@ -123,6 +123,7 @@ const char *_uam_manager_error_to_str(int error)
        /* CHECK: List all enum values here */
        CASE_TO_STR(UAM_ERROR_NONE)
        CASE_TO_STR(UAM_ERROR_INVALID_PARAMETER)
+       CASE_TO_STR(UAM_ERROR_OUT_OF_MEMORY)
        CASE_TO_STR(UAM_ERROR_PERMISSION_DENIED)
        CASE_TO_STR(UAM_ERROR_TIMED_OUT)
        CASE_TO_STR(UAM_ERROR_NOW_IN_PROGRESS)

diff --git a/ua-daemon/src/ua-manager-event-sender.c b/ua-daemon/src/ua-manager-event-sender.c
index ee1529d..a29f72d 100644 (file)
--- a/ua-daemon/src/ua-manager-event-sender.c
+++ b/ua-daemon/src/ua-manager-event-sender.c
@@ -245,7 +245,15 @@ int _uam_register_app_info(char *sender, uam_app_info_s app_info)
        }
 
        app = g_malloc0(sizeof(uam_app_info_s));
+       if (!app) {
+               UAM_ERR("Failed allocated memory");
+               return UAM_ERROR_OUT_OF_MEMORY;
+       }
        app->sender = g_strdup(sender);
+       if (!app->sender) {
+               UAM_ERR("Failed allocated memory");
+               return UAM_ERROR_OUT_OF_MEMORY;
+       }
        g_strlcpy(app->app_id, app_info.app_id, UAM_APP_ID_MAX_STRING_LEN);
        app->uid = app_info.uid;
 

diff --git a/ua-daemon/src/ua-manager-request-handler.c b/ua-daemon/src/ua-manager-request-handler.c
index 827551f..7b34b4f 100644 (file)
--- a/ua-daemon/src/ua-manager-request-handler.c
+++ b/ua-daemon/src/ua-manager-request-handler.c
@@ -73,7 +73,7 @@ static void __uam_manager_copy_params(
        void *buf = NULL;
 
        buf = (void *)g_variant_get_data(in_param);
-       memcpy(value, buf, size);
+       memcpy(value, buf, sizeof(memcpy) >= size ? sizeof(value) : size);
 
        FUNC_EXIT;
 }
@@ -653,9 +653,19 @@ static void __uam_manager_save_request_context(
                        _uam_manager_request_to_str(function), function);
 
        info = g_malloc0(sizeof(uam_request_context_t));
+       if (!info) {
+               UAM_ERR("Failed to allocated memory [%s][%d]", sender, function);
+               return;
+       }
        info->context = context;
        info->result = result;
        info->sender = g_strdup(sender);
+       if (!info->sender) {
+               g_free(info);
+               info = NULL;
+               UAM_ERR("Failed to allocated memory [%s][%d]", sender, function);
+               return;
+       }
        info->function = function;
        info->data = data;
        request_list = g_slist_append(request_list, info);