fix INTEGER OVERFLOW

author Bang Kwang min <justine.bang@samsung.com>

Wed, 29 Aug 2012 01:35:16 +0000 (10:35 +0900)

committer Bang Kwang min <justine.bang@samsung.com>

Mon, 3 Sep 2012 01:37:55 +0000 (10:37 +0900)
author Bang Kwang min <justine.bang@samsung.com>
Wed, 29 Aug 2012 01:35:16 +0000 (10:35 +0900)
committer Bang Kwang min <justine.bang@samsung.com>
Mon, 3 Sep 2012 01:37:55 +0000 (10:37 +0900)
diff --git a/src/download-provider-ipc.c b/src/download-provider-ipc.c

index 18627a824a26471a436b4debd24edfa6b2198e00..835c38736f6fda39f065896833b9ec09b6e2b615 100644 (file)
--- a/src/download-provider-ipc.c
+++ b/src/download-provider-ipc.c
@@ -143,7 +143,8 @@ int ipc_receive_request_msg(download_clientinfo *clientinfo)
                 TRACE_DEBUG_MSG("failed to read message header");
                 return -1;
         }
-       if (clientinfo->requestinfo->client_packagename.length > 1) {
+       if (clientinfo->requestinfo->client_packagename.length > 1
+               && clientinfo->requestinfo->client_packagename.length < DP_MAX_STR_LEN) {
                 clientinfo->requestinfo->client_packagename.str =
                         (char *)
                         calloc((clientinfo->requestinfo->client_packagename.length +
@@ -166,7 +167,8 @@ int ipc_receive_request_msg(download_clientinfo *clientinfo)
                                 clientinfo->requestinfo->client_packagename.
                                 str);
         }
-       if (clientinfo->requestinfo->url.length > 1) {
+       if (clientinfo->requestinfo->url.length > 1
+               && clientinfo->requestinfo->url.length < DP_MAX_URL_LEN) {
                 clientinfo->requestinfo->url.str =
                         (char *)calloc((clientinfo->requestinfo->url.length + 1),
                                         sizeof(char));
@@ -182,7 +184,8 @@ int ipc_receive_request_msg(download_clientinfo *clientinfo)
                 TRACE_DEBUG_INFO_MSG("request url [%s]",
                                 clientinfo->requestinfo->url.str);
         }
-       if (clientinfo->requestinfo->install_path.length > 1) {
+       if (clientinfo->requestinfo->install_path.length > 1
+               && clientinfo->requestinfo->install_path.length < DP_MAX_PATH_LEN) {
                 clientinfo->requestinfo->install_path.str =
                         (char *)
                         calloc((clientinfo->requestinfo->install_path.length + 1),
@@ -204,7 +207,8 @@ int ipc_receive_request_msg(download_clientinfo *clientinfo)
                 TRACE_DEBUG_INFO_MSG("request install_path [%s]",
                                 clientinfo->requestinfo->install_path.str);
         }
-       if (clientinfo->requestinfo->filename.length > 1) {
+       if (clientinfo->requestinfo->filename.length > 1
+               && clientinfo->requestinfo->filename.length < DP_MAX_STR_LEN) {
                 clientinfo->requestinfo->filename.str =
                         (char *)
                         calloc((clientinfo->requestinfo->filename.length + 1),
diff --git a/src/download-provider-notification.c b/src/download-provider-notification.c

index 1ce130d0fdec17eb41d19665fdb09be2d06f73c9..0bbc4de50aee1fb6e7a282896baa2c854a90b6c6 100644 (file)
--- a/src/download-provider-notification.c
+++ b/src/download-provider-notification.c
@@ -113,7 +113,7 @@ bool download_provider_appfw_notification_cb(ui_notification_h notification,
         TRACE_DEBUG_MSG("content [%s]", content);
  
         // relatively unique
-       if (title && clientinfo->downloadinfo->content_name) {
+       if (title) {
                 int title_length = strlen(title);
                 int content_name_length =
                         strlen(clientinfo->downloadinfo->content_name);
@@ -125,6 +125,7 @@ bool download_provider_appfw_notification_cb(ui_notification_h notification,
         }
         // Only when matched title.
         if (checkInfo && content) {
+               checkInfo = false;
                 char *failed_content =
                         __get_string_status(DOWNLOAD_STATE_FAILED);
                 if (failed_content) {
@@ -275,7 +276,7 @@ int create_appfw_notification(download_clientinfo *clientinfo, bool ongoing)
         if (!ongoing) {
                 // view the special viewer by contents
                 if (clientinfo->downloadinginfo
-                       && clientinfo->downloadinginfo->saved_path
+                       && sizeof(clientinfo->downloadinginfo->saved_path) > 0
                         && clientinfo->state == DOWNLOAD_STATE_FINISHED) {
                         if (service_set_operation
                                 (clientinfo->service_handle,
author	Bang Kwang min <justine.bang@samsung.com>
	Wed, 29 Aug 2012 01:35:16 +0000 (10:35 +0900)
committer	Bang Kwang min <justine.bang@samsung.com>
	Mon, 3 Sep 2012 01:37:55 +0000 (10:37 +0900)
src/download-provider-ipc.c		patch \| blob \| history
src/download-provider-notification.c		patch \| blob \| history