fix svace issue

cal_vcalendar: add overflow checking function
cal_client_dbus: free owner name

Change-Id: I7bc9938f24694a393580a50e3410188e400efbd6

diff --git a/client/cal_client_dbus.c b/client/cal_client_dbus.c
index 1ccc010..1bc02cc 100644 (file)
--- a/client/cal_client_dbus.c
+++ b/client/cal_client_dbus.c
@@ -91,10 +91,12 @@ static void _cal_dbus_name_owner_notify(GObject *object, GParamSpec *pspec, gpoi
 
        if (name_owner) {
                DBG("name_owner[%s]", name_owner);
+               g_free(name_owner);
                return;
        }
 
        _cal_dbus_cleanup();
+       g_free(name_owner);
 }
 /* LCOV_EXCL_STOP */
 

diff --git a/common/cal_utils.c b/common/cal_utils.c
index f244cd6..53cb573 100644 (file)
--- a/common/cal_utils.c
+++ b/common/cal_utils.c
@@ -20,6 +20,7 @@
 #include <stdlib.h>
 #include <glib.h>
 #include <glib/gprintf.h>
+#include <stdbool.h>
 #include "cal_internal.h"
 
 char* cal_strdup(const char *src)
@@ -103,3 +104,10 @@ char* cal_strdup_with_sort(const char *src)
 
        return out_str;
 }
+
+int cal_add_safe(int a, int b)
+{
+       long long _a = (long long)a;
+       long long _b = (long long)b;
+       return _a + _b == (long long)(a + b) ? a + b : -1;
+}

diff --git a/common/cal_utils.h b/common/cal_utils.h
index b43eaa3..c241e25 100644 (file)
--- a/common/cal_utils.h
+++ b/common/cal_utils.h
@@ -27,6 +27,7 @@ extern "C" {
 
 char* cal_strdup(const char *src);
 char* cal_strdup_with_sort(const char *src);
+int cal_add_safe(int a, int b);
 
 #ifdef __cplusplus
 }

diff --git a/common/cal_vcalendar.c b/common/cal_vcalendar.c
index 88d5397..65fa94d 100644 (file)
--- a/common/cal_vcalendar.c
+++ b/common/cal_vcalendar.c
@@ -29,6 +29,7 @@
 #include "cal_vcalendar.h"
 #include "cal_vcalendar_make.h"
 #include "cal_vcalendar_parse.h"
+#include "cal_utils.h"
 
 #define ICALENAR_BUFFER_MAX (1024*1024)
 
@@ -235,43 +236,57 @@ EXPORT_API int calendar_vcalendar_parse_to_calendar_foreach(const char *vcalenda
        foreach_data->user_data = user_data;
        foreach_data->ret = true;
 
+       int error = CALENDAR_ERROR_NONE;
+
        while (fgets(buf, sizeof(buf), file)) {
-               if (len + sizeof(buf) < buf_size) {
-                       len += snprintf(stream + len, strlen(buf) +1, "%s", buf);
-               } else {
+               int added_len = cal_add_safe(len, strlen(buf));
+               if (added_len < 0) {
+                       ERR("cal_add_safe() Fail");
+                       error = CALENDAR_ERROR_SYSTEM;
+                       break;
+               }
+               if (buf_size <= added_len) {
                        char *new_stream;
                        buf_size *= 2;
                        new_stream = realloc(stream, buf_size);
-                       if (new_stream) {
-                               stream = new_stream;
-                       } else {
+                       if (NULL == new_stream) {
                                /* LCOV_EXCL_START */
                                ERR("out of memory");
-                               free(stream);
-                               fclose(file);
-                               free(foreach_data);
-                               calendar_list_destroy(list, true);
-                               return CALENDAR_ERROR_OUT_OF_MEMORY;
+                               error = CALENDAR_ERROR_OUT_OF_MEMORY;
+                               break;
                                /* LCOV_EXCL_STOP */
                        }
-                       len += snprintf(stream + len, strlen(buf) +1, "%s", buf);
+                       stream = new_stream;
+               }
+
+               int copyed_len = snprintf(stream + len, strlen(buf) +1, "%s", buf);
+               len = cal_add_safe(copyed_len, len);
+               if (len < 0) {
+                       /* LCOV_EXCL_START */
+                       ERR("cal_add_safe() Fail");
+                       error = CALENDAR_ERROR_SYSTEM;
+                       break;
+                       /* LCOV_EXCL_STOP */
                }
 
                if (CAL_STRING_EQUAL == strncmp(buf, "END:VCALENDAR", strlen("END:VCALENDAR"))) {
                        DBG("end vcalendar");
-                       int err;
                        char *vcalendar_object = NULL;
                        __calendar_vcalendar_get_vcalendar_object(stream, &vcalendar_object);
-                       err = cal_vcalendar_parse_vcalendar_object(vcalendar_object, list, foreach_data);
-                       if (CALENDAR_ERROR_NONE != err || false == foreach_data->ret) {
+                       error = cal_vcalendar_parse_vcalendar_object(vcalendar_object, list, foreach_data);
+                       if (CALENDAR_ERROR_NONE != error) {
+                               /* LCOV_EXCL_START */
+                               ERR("cal_vcalendar_parse_vcalendar_object() failed(%d)", error);
+                               free(vcalendar_object);
+                               break;
+                               /* LCOV_EXCL_STOP */
+                       }
+                       if (false == foreach_data->ret) {
                                /* LCOV_EXCL_START */
-                               ERR("cal_vcalendar_parse_vcalendar_object() failed(%d)", err);
-                               calendar_list_destroy(list, true);
+                               ERR("foreach_data->ret is NULL");
                                free(vcalendar_object);
-                               free(stream);
-                               free(foreach_data);
-                               fclose(file);
-                               return err;
+                               error = CALENDAR_ERROR_SYSTEM;
+                               break;
                                /* LCOV_EXCL_STOP */
                        }
                        free(vcalendar_object);
@@ -284,5 +299,5 @@ EXPORT_API int calendar_vcalendar_parse_to_calendar_foreach(const char *vcalenda
        free(foreach_data);
        fclose(file);
 
-       return CALENDAR_ERROR_NONE;
+       return error;
 }