fix security issues

Change-Id: Ib3a5d23d8c81bc02ce0bfa5b843364a90d1c1ad9
Signed-off-by: Kyeonghun Lee <kh9090.lee@samsung.com>

diff --git a/email-common-use/email-utilities.c b/email-common-use/email-utilities.c
index f0e6ee4..be688f6 100755 (executable)
--- a/email-common-use/email-utilities.c
+++ b/email-common-use/email-utilities.c
@@ -416,7 +416,7 @@ INTERNAL_FUNC int em_replace_string_ex(char **input_source_string, char *input_o
                found_pos = strstr(found_pos, input_old_string);
        }
 
-       EM_SAFE_STRCAT(result_buffer, cursor_of_source_string);
+       EM_SAFE_STRNCAT(result_buffer, cursor_of_source_string, buffer_length - EM_SAFE_STRLEN(result_buffer) - 1);
 
        EM_SAFE_FREE(*input_source_string);
        *input_source_string = result_buffer;

diff --git a/email-common-use/include/email-debug-log.h b/email-common-use/include/email-debug-log.h
index 92c878b..27670f4 100644 (file)
--- a/email-common-use/include/email-debug-log.h
+++ b/email-common-use/include/email-debug-log.h
@@ -277,13 +277,6 @@ extern "C"
                ((_src) && (_dest))? strncpy(_dest, _src, _size) : NULL;\
        })
 
-#define EM_SAFE_STRCAT(dest, src) \
-       ({\
-               char* _dest = dest;\
-               char* _src = src;\
-               ((_src) && (_dest))? strcat(_dest, _src) : NULL;\
-       })
-
 
 #define EM_SAFE_STRNCAT(dest, src, size) \
        ({\

diff --git a/email-core/email-core-account.c b/email-core/email-core-account.c
index a8fde23..2386f88 100755 (executable)
--- a/email-core/email-core-account.c
+++ b/email-core/email-core-account.c
@@ -322,8 +322,8 @@ INTERNAL_FUNC int emcore_validate_account_with_account_info(char *multi_user_nam
                                err = EMAIL_ERROR_OUT_OF_MEMORY;
                                goto FINISH_OFF;
                        }
-                       EM_SAFE_STRNCAT(*output_server_capability_string,smtp_capability_string , (server_capability_string_length + 1) - EM_SAFE_STRLEN(*output_server_capability_string)- 1);
-                       EM_SAFE_STRCAT(*output_server_capability_string, imap_capability_string);
+                       EM_SAFE_STRNCAT(*output_server_capability_string, smtp_capability_string, (server_capability_string_length + 1) - EM_SAFE_STRLEN(*output_server_capability_string) - 1);
+                       EM_SAFE_STRNCAT(*output_server_capability_string, imap_capability_string, (server_capability_string_length + 1) - EM_SAFE_STRLEN(*output_server_capability_string) - 1);
                        EM_DEBUG_LOG("%s", *output_server_capability_string);
                }
        }

diff --git a/email-core/email-core-mail.c b/email-core/email-core-mail.c
index 2b9fb15..5a0ffbc 100755 (executable)
--- a/email-core/email-core-mail.c
+++ b/email-core/email-core-mail.c
@@ -1300,18 +1300,18 @@ int emcore_get_mail_contact_info_with_update(char *multi_user_name, email_mail_c
                if (temp_emailaddr && email_address) {
                        if (mail_id == 0) {     /*  if mail_id is 0, return only contact info without saving contact info to DB */
                                /* snprintf(temp_emailaddr, 400, "%s", contact_info->email_address); */
-                               EM_SAFE_STRCAT(temp_emailaddr, email_address);
+                               EM_SAFE_STRNCAT(temp_emailaddr, email_address, address_length - EM_SAFE_STRLEN(temp_emailaddr) - 1);
                                if (addr->next != NULL)
-                                       EM_SAFE_STRCAT(temp_emailaddr, ", ");
+                                       EM_SAFE_STRNCAT(temp_emailaddr, ", ", address_length - EM_SAFE_STRLEN(temp_emailaddr) - 1);
                                EM_DEBUG_LOG_SEC(">>>> TEMP EMail Address [ %s ] ", temp_emailaddr);
                        } else {        /*  save only the first address information - 09-SEP-2010 */
                                if (is_saved == 0) {
                                        is_saved = 1;
                                        /* snprintf(temp_emailaddr, 400, "%s", contact_info->email_address); */
-                                       EM_SAFE_STRCAT(temp_emailaddr, email_address);
+                                       EM_SAFE_STRNCAT(temp_emailaddr, email_address, address_length - EM_SAFE_STRLEN(temp_emailaddr) - 1);
                                        /*
                                        if (addr->next != NULL)
-                                               EM_SAFE_STRCAT(temp_emailaddr, ", ");
+                                               EM_SAFE_STRNCAT(temp_emailaddr, ", ", address_length - EM_SAFE_STRLEN(temp_emailaddr) - 1);
                                        */
                                        EM_DEBUG_LOG_SEC(">>>> TEMP EMail Address [ %s ] ", temp_emailaddr);
                                }

diff --git a/email-core/email-core-utils.c b/email-core/email-core-utils.c
index 3013423..02d00b4 100755 (executable)
--- a/email-core/email-core-utils.c
+++ b/email-core/email-core-utils.c
@@ -3140,7 +3140,7 @@ static void emcore_get_content_string(xmlNode *input_node, char *input_result_bu
                                *input_exit_flag = 1;
                                break;
                        } else {
-                               EM_SAFE_STRCAT(input_result_buffer, " ");
+                               EM_SAFE_STRNCAT(input_result_buffer, " ", input_result_buffer_length - EM_SAFE_STRLEN(input_result_buffer) - 1);
                                continue;
                        }
                }
@@ -3160,7 +3160,7 @@ static void emcore_get_content_string(xmlNode *input_node, char *input_result_bu
                                        if (remain_str) {
                                                char *replaced_string = NULL;
                                                replaced_string = reg_replace_new(remain_str, "[ \t\r\n\v\f]+", " ");
-                                               EM_SAFE_STRCAT(input_result_buffer, replaced_string);
+                                               EM_SAFE_STRNCAT(input_result_buffer, replaced_string, input_result_buffer_length - EM_SAFE_STRLEN(input_result_buffer) - 1);
                                                EM_SAFE_FREE(replaced_string);
                                                free(remain_str);
                                        }
@@ -3174,7 +3174,7 @@ static void emcore_get_content_string(xmlNode *input_node, char *input_result_bu
                        if (temp_content_string) {
                                char *replaced_string = NULL;
                                replaced_string = reg_replace_new(temp_content_string, "[ \t\r\n\v\f]+", " ");
-                               EM_SAFE_STRCAT(input_result_buffer, replaced_string);
+                               EM_SAFE_STRNCAT(input_result_buffer, replaced_string, input_result_buffer_length - EM_SAFE_STRLEN(input_result_buffer) - 1);
                                EM_SAFE_FREE(replaced_string);
                                free(temp_content_string);
                        }

diff --git a/email-core/email-storage/email-storage.c b/email-core/email-storage/email-storage.c
index 0de3a0b..d29f960 100755 (executable)
--- a/email-core/email-storage/email-storage.c
+++ b/email-core/email-storage/email-storage.c
@@ -2698,7 +2698,7 @@ INTERNAL_FUNC int emstorage_query_mail_count(char *multi_user_name, const char *
        EMSTORAGE_START_READ_TRANSACTION(input_transaction);
 
        SNPRINTF(sql_query_string, query_size, "SELECT COUNT(*) FROM mail_tbl");
-       EM_SAFE_STRCAT(sql_query_string, (char*)input_conditional_clause);
+       EM_SAFE_STRNCAT(sql_query_string, (char*)input_conditional_clause, query_size - EM_SAFE_STRLEN(sql_query_string) - 1);
 
        if (output_total_mail_count) {
                EMSTORAGE_PROTECTED_FUNC_CALL(sqlite3_prepare_v2(local_db_handle, sql_query_string, EM_SAFE_STRLEN(sql_query_string), &hStmt, NULL), rc);
@@ -2712,7 +2712,7 @@ INTERNAL_FUNC int emstorage_query_mail_count(char *multi_user_name, const char *
        }
 
        if (output_unseen_mail_count) {
-               EM_SAFE_STRCAT(sql_query_string, " AND flags_seen_field = 0 ");
+               EM_SAFE_STRNCAT(sql_query_string, " AND flags_seen_field = 0 ", query_size - EM_SAFE_STRLEN(sql_query_string) - 1);
 
                EMSTORAGE_PROTECTED_FUNC_CALL(sqlite3_get_table(local_db_handle, sql_query_string, &result, NULL, NULL, NULL), rc);
                EM_DEBUG_DB_EXEC(SQLITE_OK != rc, {error = EMAIL_ERROR_DB_FAILURE; sqlite3_free_table(result); goto FINISH_OFF; },
@@ -2772,7 +2772,7 @@ INTERNAL_FUNC int emstorage_query_mail_id_list(char *multi_user_name, const char
 
        /* Composing query */
        SNPRINTF_OFFSET(sql_query_string, cur_query, query_size, "SELECT mail_id FROM mail_tbl ");
-       EM_SAFE_STRCAT(sql_query_string, (char*)input_conditional_clause);
+       EM_SAFE_STRNCAT(sql_query_string, (char*)input_conditional_clause, query_size - EM_SAFE_STRLEN(sql_query_string) - 1);
 
        EM_DEBUG_LOG_SEC("query[%s].", sql_query_string);
 
@@ -12951,7 +12951,7 @@ INTERNAL_FUNC int emstorage_get_thread_id_of_thread_mails(char *multi_user_name,
        sqlite3_snprintf(query_size, sql_query_string, sql_format, stripped_subject, mail_tbl->mailbox_id);
 
        if (account_id > 0)
-               strcat(sql_query_string, sql_account);
+               EM_SAFE_STRNCAT(sql_query_string, sql_account, query_size - EM_SAFE_STRLEN(sql_query_string) - 1);
 
        strcat(sql_query_string, sql_format_order_by);
        strcat(sql_query_string, ";");
@@ -16320,19 +16320,19 @@ static int _make_order_rule_string(char *multi_user_name, email_list_sorting_rul
 
        switch (input_sorting_rule->sort_order) {
                case EMAIL_SORT_ORDER_ASCEND:
-                       EM_SAFE_STRCAT(result_rule_string, " ASC ");
+                       EM_SAFE_STRNCAT(result_rule_string, " ASC ", QUERY_SIZE - EM_SAFE_STRLEN(result_rule_string) - 1);
                        break;
 
                case EMAIL_SORT_ORDER_DESCEND:
-                       EM_SAFE_STRCAT(result_rule_string, " DESC ");
+                       EM_SAFE_STRNCAT(result_rule_string, " DESC ", QUERY_SIZE - EM_SAFE_STRLEN(result_rule_string) - 1);
                        break;
 
                case EMAIL_SORT_ORDER_NOCASE_ASCEND:
-                       EM_SAFE_STRCAT(result_rule_string, " COLLATE NOCASE ASC ");
+                       EM_SAFE_STRNCAT(result_rule_string, " COLLATE NOCASE ASC ", QUERY_SIZE - EM_SAFE_STRLEN(result_rule_string) - 1);
                        break;
 
                case EMAIL_SORT_ORDER_NOCASE_DESCEND:
-                       EM_SAFE_STRCAT(result_rule_string, " COLLATE NOCASE DESC ");
+                       EM_SAFE_STRNCAT(result_rule_string, " COLLATE NOCASE DESC ", QUERY_SIZE - EM_SAFE_STRLEN(result_rule_string) - 1);
                        break;
 
                case EMAIL_SORT_ORDER_TO_CCBCC: