Resolve svace defect related to provisioningclient.c and pbkdf2.c

Patch 1 : fix defect on provisioningclient.c
Patch 2,3 : fix defect on pbkdf2.c
Patch 4 : Retrigger Jenkins

Change-Id: I8fb6993639efca6fa8f7bfd861a46fe26b3d6269
Signed-off-by: js126.lee <js126.lee@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/14023
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: dongik Lee <dongik.lee@samsung.com>
Reviewed-by: Chul Lee <chuls.lee@samsung.com>
Reviewed-by: Randeep Singh <randeep.s@samsung.com>

diff --git a/resource/csdk/security/provisioning/sample/provisioningclient.c b/resource/csdk/security/provisioning/sample/provisioningclient.c
index e8c50cb..1ae6c1d 100644 (file)
--- a/resource/csdk/security/provisioning/sample/provisioningclient.c
+++ b/resource/csdk/security/provisioning/sample/provisioningclient.c
@@ -1722,9 +1722,22 @@ static OicSecAcl_t* createSimpleAcl(const OicUuid_t uuid)
     size_t arrLen = 1;
     rsrc->typeLen = arrLen;
     rsrc->types = (char**)OICCalloc(arrLen, sizeof(char*));
+    if(!rsrc->types)
+    {
+        OIC_LOG(DEBUG, TAG,  "OICCalloc error return");
+        OCDeleteACLList(acl);
+        return NULL;
+    }
+    rsrc->types[0] = OICStrdup("");   // ignore
+
     rsrc->interfaceLen = 1;
     rsrc->interfaces = (char**)OICCalloc(arrLen, sizeof(char*));
-    rsrc->types[0] = OICStrdup("");   // ignore
+    if(!rsrc->interfaces)
+    {
+        OIC_LOG(DEBUG, TAG,  "OICCalloc error return");
+        OCDeleteACLList(acl);
+        return NULL;
+    }
     rsrc->interfaces[0] = OICStrdup("oic.if.baseline");  // ignore
 
     LL_APPEND(ace->resources, rsrc);

diff --git a/resource/csdk/security/src/pbkdf2.c b/resource/csdk/security/src/pbkdf2.c
index 785234a..b98c51b 100644 (file)
--- a/resource/csdk/security/src/pbkdf2.c
+++ b/resource/csdk/security/src/pbkdf2.c
@@ -75,8 +75,8 @@ int DeriveCryptoKeyFromPassword(const unsigned char *passwd, size_t pLen,
                                 const size_t keyLen, uint8_t *derivedKey)
 {
     int res = 0;
-    uint8_t buf[DTLS_HMAC_DIGEST_SIZE];
-    uint8_t uBuf[DTLS_HMAC_DIGEST_SIZE];
+    uint8_t buf[DTLS_HMAC_DIGEST_SIZE] = {0,};
+    uint8_t uBuf[DTLS_HMAC_DIGEST_SIZE] = {0,};
 
     size_t nBlocks = 0;
     size_t nOctetInLastBlock = 0;