Empty string password bug fixed.

[Issue#]        SSDWSSP-422
[Bug/Feature]   Empty password should not be set.
[Cause]         N/A
[Solution]      N/A
[Verification]  Running ss-pasword tests from http://slp-info.sec.samsung.net/gerrit/#/c/259674/ commit.

Change-Id: I0063f8b315e0f0be2631a9d51d3834f070f3eb2c

diff --git a/src/client/security-server-client.c b/src/client/security-server-client.c
index 5cea695..f10c78b 100644 (file)
--- a/src/client/security-server-client.c
+++ b/src/client/security-server-client.c
@@ -590,7 +590,7 @@ int security_server_set_pwd(const char *cur_pwd,
     int sockfd = -1, retval;
     response_header hdr;
 
-    if (new_pwd == NULL || strlen(new_pwd) > SECURITY_SERVER_MAX_PASSWORD_LEN)
+    if (new_pwd == NULL || strlen(new_pwd) > SECURITY_SERVER_MAX_PASSWORD_LEN || strlen(new_pwd) == 0)
     {
         retval = SECURITY_SERVER_ERROR_INPUT_PARAM;
         goto error;
@@ -749,7 +749,7 @@ int security_server_reset_pwd(const char *new_pwd,
     int sockfd = -1, retval;
     response_header hdr;
 
-    if (new_pwd == NULL || strlen(new_pwd) > SECURITY_SERVER_MAX_PASSWORD_LEN)
+    if (new_pwd == NULL || strlen(new_pwd) > SECURITY_SERVER_MAX_PASSWORD_LEN || strlen(new_pwd) == 0)
     {
         retval = SECURITY_SERVER_ERROR_INPUT_PARAM;
         goto error;
@@ -813,7 +813,8 @@ int security_server_chk_pwd(const char *challenge,
     response_header hdr;
 
     if (challenge == NULL || strlen(challenge) > SECURITY_SERVER_MAX_PASSWORD_LEN
-        || current_attempt == NULL || max_attempts == NULL || valid_secs == NULL)
+        || strlen(challenge) == 0  || current_attempt == NULL
+        || max_attempts == NULL || valid_secs == NULL)
     {
         retval = SECURITY_SERVER_ERROR_INPUT_PARAM;
         goto error;

diff --git a/src/include/security-server.h b/src/include/security-server.h
index e885b6f..71e62b3 100644 (file)
--- a/src/include/security-server.h
+++ b/src/include/security-server.h
@@ -126,9 +126,6 @@
 /*! \brief   indicating password retry timeout is not occurred yet  */
 #define SECURITY_SERVER_API_ERROR_PASSWORD_REUSED -20
 
-/*! \brief   indicating password is empty  */
-#define SECURITY_SERVER_API_ERROR_PASSWORD_EMPTY -21
-
 /*! \brief   indicating the error with unknown reason */
 #define SECURITY_SERVER_API_ERROR_UNKNOWN -255
 /** @}*/

diff --git a/src/server/security-server-password.c b/src/server/security-server-password.c
index 9680c6b..14a1ad0 100644 (file)
--- a/src/server/security-server-password.c
+++ b/src/server/security-server-password.c
@@ -763,6 +763,18 @@ int process_set_pwd_request(int sockfd)
         }
         goto error;
     }
+    else if (new_pwd_len <= 0)
+    {
+        SECURE_SLOGE("Error: Password length too short: %d", new_pwd_len);
+        retval = send_generic_response(sockfd,
+            SECURITY_SERVER_MSG_TYPE_CHK_PWD_RESPONSE,
+            SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
+        if (retval != SECURITY_SERVER_SUCCESS)
+        {
+            SEC_SVR_ERR("Server ERROR: Cannot send generic response: %d", retval);
+        }
+        goto error;
+    }
 
     /* Receive current password */
     if (cur_pwd_len > 0)
@@ -1029,6 +1041,18 @@ int process_reset_pwd_request(int sockfd)
         }
         goto error;
     }
+    else if (new_pwd_len <= 0)
+    {
+        SECURE_SLOGE("Error: Password length too short: %d", new_pwd_len);
+        retval = send_generic_response(sockfd,
+            SECURITY_SERVER_MSG_TYPE_CHK_PWD_RESPONSE,
+            SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
+        if (retval != SECURITY_SERVER_SUCCESS)
+        {
+            SEC_SVR_ERR("Server ERROR: Cannot send generic response: %d", retval);
+        }
+        goto error;
+    }
 
     /* Receive new password */
     retval = TEMP_FAILURE_RETRY(read(sockfd, requested_new_pwd, new_pwd_len));