make code more stable by change strcpy to strncpy

and prevent memory leak by dereferencing allocated object.

Change-Id: Ief21c5a5f9e6f016a9a88948729d636bff3d7650
Signed-off-by: jinhyuck83.park <jinhyuck83.park@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/18881
Tested-by: jenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: Dan Mihai <Daniel.Mihai@microsoft.com>

diff --git a/resource/src/InProcClientWrapper.cpp b/resource/src/InProcClientWrapper.cpp
index be36651..f4d5ea8 100644 (file)
--- a/resource/src/InProcClientWrapper.cpp
+++ b/resource/src/InProcClientWrapper.cpp
@@ -1477,7 +1477,9 @@ namespace OC
             options[i].protocolID = OC_COAP_ID;
             options[i].optionID = it->getOptionID();
             options[i].optionLength = it->getOptionData().length() + 1;
-            strcpy((char*)options[i].optionData, (it->getOptionData().c_str()));
+            strncpy((char*)options[i].optionData, it->getOptionData().c_str(),
+                sizeof(options[i].optionLength) -1 );
+            options[i].optionData[sizeof(options[i].optionLength) - 1] = 0;
             i++;
         }
 
@@ -1617,6 +1619,7 @@ namespace OC
             std::lock_guard<std::recursive_mutex> lock(*cLock);
             result = OCDoDirectPairing(static_cast<void*>(context), peer->getDev(),
                     pmSel, const_cast<char*>(pinNumber.c_str()), directPairingCallback);
+            delete context;
         }
         else
         {