[SATIZENVUL-1315,1316] Reinforced the missing code

Change-Id: Ia42ba6850a64b360e36b16c42df2d125772685c4
Signed-off-by: Minje Ahn <minje.ahn@samsung.com>

diff --git a/server/thumb-server-internal.c b/server/thumb-server-internal.c
index 9116c05e87a802744f009da63c4015f508bbd998..4217b2e12a2a4df471f42761ffc4fd0c1728507f 100755 (executable)
--- a/server/thumb-server-internal.c
+++ b/server/thumb-server-internal.c
@@ -117,7 +117,7 @@ gboolean _thumb_server_read_socket(GIOChannel *src, GIOCondition condition, gpoi
        SAFE_FREE(credentials.smack);
        SAFE_FREE(credentials.uid);
 
-       thumb_warn_slog("Received [%d] %s(%d) from PID(%d)", recv_msg.msg_type, recv_msg.org_path, strlen(recv_msg.org_path), recv_msg.pid);
+       thumb_warn_slog("Received [%d] %.*s(%d) from PID(%d)", recv_msg.msg_type, MAX_FILEPATH_LEN, recv_msg.org_path, strlen(recv_msg.org_path), recv_msg.pid);
 
        if (recv_msg.msg_type != THUMB_REQUEST_KILL_SERVER)
                _thumb_daemon_process_job(&recv_msg, &res_msg);

diff --git a/src/ipc/media-thumb-ipc.c b/src/ipc/media-thumb-ipc.c
index 4fb6cd847d476fd100c806fd3e326b544e42c3c9..9f652a20481748a12c10fa6c2ea134a8958b3c14 100755 (executable)
--- a/src/ipc/media-thumb-ipc.c
+++ b/src/ipc/media-thumb-ipc.c
@@ -270,7 +270,19 @@ int _media_thumb_recv_msg(int sock, int header_size, thumbMsg *msg)
        }
 
        memcpy(msg, buf, header_size);
-       //thumb_dbg("thumb_size : %d", msg->thumb_size);
+
+       if (strlen(msg->org_path) == 0 || strlen(msg->org_path) >= MAX_FILEPATH_LEN) {
+               thumb_err("org_path size is invalid %d", strlen(msg->org_path));
+
+               return MS_MEDIA_ERR_SOCKET_RECEIVE;
+       }
+
+       /* it can be empty string */
+       if (strlen(msg->dst_path) >= MAX_FILEPATH_LEN) {
+               thumb_err("dst_path size is invalid %d", strlen(msg->dst_path));
+
+               return MS_MEDIA_ERR_SOCKET_RECEIVE;
+       }
 
        SAFE_FREE(buf);
        if (msg->thumb_size < 0) {