Reinforce string valid

Change-Id: I0243494001a72d158a8674308b06ed69272ce80f
Signed-off-by: Minje Ahn <minje.ahn@samsung.com>

diff --git a/packaging/media-server.spec b/packaging/media-server.spec
index d7c6bd4..c03b189 100755 (executable)
--- a/packaging/media-server.spec
+++ b/packaging/media-server.spec
@@ -1,6 +1,6 @@
 Name:       media-server
 Summary:    A server for media content management
-Version:    0.3.42
+Version:    0.3.43
 Release:    0
 Group:      Multimedia/Service
 License:    Apache-2.0

diff --git a/src/server/media-server-main.c b/src/server/media-server-main.c
index d4f2b93..da5b934 100755 (executable)
--- a/src/server/media-server-main.c
+++ b/src/server/media-server-main.c
@@ -785,7 +785,6 @@ END:
        MS_SAFE_FREE(disc_path);
        MS_SAFE_FREE(storage_path);
 
-
        return MS_MEDIA_ERR_NONE;
 }
 #endif

diff --git a/src/server/media-server-socket.c b/src/server/media-server-socket.c
index 05d386b..2ba73b2 100755 (executable)
--- a/src/server/media-server-socket.c
+++ b/src/server/media-server-socket.c
@@ -60,6 +60,9 @@ typedef struct ms_req_owner_data {
 
 static int __ms_add_owner(int pid, int client_sock, char *path)
 {
+       if (!MS_STRING_VALID(path))
+               return MS_MEDIA_ERR_INVALID_PATH;
+
        if (pid != 0) {
                ms_req_owner_data *owner_data = NULL;
                int len = strlen(path);
@@ -178,7 +181,12 @@ int ms_reset_ownerlist()
 
 static int __ms_send_result_to_client(int pid, ms_comm_msg_s *recv_msg)
 {
-       if (strlen(recv_msg->msg) == 0) {
+       if (recv_msg == NULL) {
+               MS_DBG_ERR("recv_msg is NULL");
+               return MS_MEDIA_ERR_INVALID_PARAMETER;
+       }
+
+       if (!MS_STRING_VALID(recv_msg->msg)) {
                MS_DBG_ERR("msg is NULL");
                return MS_MEDIA_ERR_INVALID_PARAMETER;
        }
@@ -616,16 +624,20 @@ gboolean ms_read_db_tcp_socket(GIOChannel *src, GIOCondition condition, gpointer
                goto ERROR;
        }
 
-       sql_query = strndup(recv_msg.msg, recv_msg.msg_size);
-       if (sql_query != NULL) {
-               ret = media_db_update_db(db_handle, sql_query);
-               if (ret != MS_MEDIA_ERR_NONE)
-                       MS_DBG_ERR("media_db_update_db error : %d", ret);
+       if (MS_STRING_VALID(recv_msg.msg)) {
+               sql_query = strndup(recv_msg.msg, recv_msg.msg_size);
+               if (sql_query != NULL) {
+                       ret = media_db_update_db(db_handle, sql_query);
+                       if (ret != MS_MEDIA_ERR_NONE)
+                               MS_DBG_ERR("media_db_update_db error : %d", ret);
 
-               send_msg = ret;
-               MS_SAFE_FREE(sql_query);
+                       send_msg = ret;
+                       MS_SAFE_FREE(sql_query);
+               } else {
+                       send_msg = MS_MEDIA_ERR_OUT_OF_MEMORY;
+               }
        } else {
-               send_msg = MS_MEDIA_ERR_OUT_OF_MEMORY;
+               send_msg = MS_MEDIA_ERR_INVALID_PARAMETER;
        }
 
        media_db_disconnect(db_handle);
@@ -679,6 +691,11 @@ void _ms_process_tcp_message(gpointer data, gpointer user_data)
                        }
                }
 
+               if (!MS_STRING_VALID(recv_msg.msg)) {
+                       send_msg = MS_MEDIA_ERR_INVALID_PARAMETER;
+                       goto ERROR;
+               }
+
                sql_query = strndup(recv_msg.msg, recv_msg.msg_size);
                if (sql_query != NULL) {
                        if (recv_msg.msg_type == MS_MSG_DB_UPDATE_BATCH_START) {