Fix coverity issues

- Out-of-bounds access
- Dereference after null check
- Unused value
- Unchecked return value

Change-Id: I47c1548c16b7ecfa5fc964f8fcfe06053866b3c9
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>

diff --git a/packaging/org.tizen.privacy-setting.spec b/packaging/org.tizen.privacy-setting.spec
index b464c75e9bfa85d819bfaac445c107d1821ddd80..63fd9999638a1859c132ba00c4baeb4dcc28674b 100755 (executable)
--- a/packaging/org.tizen.privacy-setting.spec
+++ b/packaging/org.tizen.privacy-setting.spec
@@ -4,7 +4,7 @@
 
 Name:    org.tizen.privacy-setting-profile_wearable
 Summary: Privacy setting ui application
-Version: 2.0.3
+Version: 2.0.4
 Release: 1
 Provides: org.tizen.privacy-setting = %{version}-%{release}
 Group:   Applications/Other

diff --git a/ui-popup/src/app_main.c b/ui-popup/src/app_main.c
index 3968acebd213854609c31c4a66eb038befa60852..85c1cdf1c7a505dfb26cc67cf9a096b83c972baa 100644 (file)
--- a/ui-popup/src/app_main.c
+++ b/ui-popup/src/app_main.c
@@ -22,6 +22,7 @@
 #include <libintl.h>
 #include <efl_extension.h>
 #include <app_info.h>
+#include <app_manager.h>
 
 #include "common_utils.h"
 #include "view.h"
@@ -77,9 +78,10 @@ static void __app_control_clone(app_control_h *clone, app_control_h app_control)
        if (*clone)
                app_control_destroy(*clone);
        int ret = app_control_clone(clone, app_control);
-       if (ret != APP_CONTROL_ERROR_NONE)
-               LOGD("app_control_clone failed. ret = %d", ret);
-       else
+       if (ret != APP_CONTROL_ERROR_NONE) {
+               LOGD("app_control_clone() failed. ret = %d", ret);
+               ui_app_exit();
+       } else
                LOGD("app control cloned");
 
        return;
@@ -91,7 +93,7 @@ static bool __reply_requested(app_control_h caller)
 
        int ret = app_control_is_reply_requested(caller, &requested);
        if (ret != APP_CONTROL_ERROR_NONE)
-               LOGE("app_control_is_reply_requested failed. ret = %d", ret);
+               LOGE("app_control_is_reply_requested() failed. ret = %d", ret);
 
        return requested;
 }
@@ -100,9 +102,15 @@ static void __send_error_reply(app_control_h caller)
 {
        if (__reply_requested(caller)) {
                app_control_h reply;
-               app_control_create(&reply);
-               app_control_reply_to_launch_request(reply, caller, APP_CONTROL_RESULT_FAILED);
-               app_control_destroy(reply);
+               int ret = app_control_create(&reply);
+               if (ret != APP_CONTROL_ERROR_NONE) {
+                       LOGE("app_control_create() failed. ret = %d", ret);
+               } else {
+                       ret = app_control_reply_to_launch_request(reply, caller, APP_CONTROL_RESULT_FAILED);
+                       if (ret != APP_CONTROL_ERROR_NONE)
+                               LOGE("app_control_reply_to_launch_request() failed. ret = %d", ret);
+                       app_control_destroy(reply);
+               }
        }
        app_control_destroy(caller);
 }
@@ -121,10 +129,24 @@ static void app_control(app_control_h app_control, void *data)
 
        __app_control_clone(&(ad->caller), app_control);
 
-       app_control_get_caller(ad->caller, &caller_appid);
+       ret = app_control_get_caller(ad->caller, &caller_appid);
+       if (ret != APP_CONTROL_ERROR_NONE) {
+               LOGE("app_control_get_caller() failed. Can't get caller info. Terminate.");
+               ui_app_exit();
+       }
        app_info_h app_info;
-       app_info_create(caller_appid, &app_info);
-       app_info_get_package(app_info, &(ad->caller_pkgid));
+       ret = app_info_create(caller_appid, &app_info);
+       if (ret != APP_MANAGER_ERROR_NONE) {
+               LOGE("app_info_create() for caller app %s failed. ret = %d", caller_appid, ret);
+               free(caller_appid);
+               ui_app_exit();
+       }
+       ret = app_info_get_package(app_info, &(ad->caller_pkgid));
+       if (ret != APP_MANAGER_ERROR_NONE) {
+               LOGE("app_info_get_package() for caller app %s failed. ret = %d", caller_appid, ret);
+               free(caller_appid);
+               ui_app_exit();
+       }
        app_info_destroy(app_info);
        free(caller_appid);
 

diff --git a/ui-popup/src/popup.c b/ui-popup/src/popup.c
index 8d8398bb731eff2696618fccf61186a46d0e6133..74af91f47458990c4d2b490db731852f5eccabea 100644 (file)
--- a/ui-popup/src/popup.c
+++ b/ui-popup/src/popup.c
@@ -126,7 +126,7 @@ static char* __make_privacy_string(char** privileges, int length, const char* pa
                ret = privilege_info_get_privacy_by_privilege(privileges[i], &privacy);
                if (ret == PRVMGR_ERR_NONE && privacy != NULL && strcmp(privacy, "N/A")) {
                        ret = privilege_info_get_privacy_display(privacy, &privacy_display);
-                       if (!strstr(privacy_string, privacy_display) && (strlen(privacy_string) + strlen(padding) + strlen(privacy_display) < MAX_PRIVACY_STRING_LEN)) {
+                       if (ret == PRVMGR_ERR_NONE && !strstr(privacy_string, privacy_display) && (strlen(privacy_string) + strlen(padding) + strlen(privacy_display) < MAX_PRIVACY_STRING_LEN)) {
                                strcat(privacy_string, padding);
                                strcat(privacy_string, privacy_display);
                        }
@@ -171,9 +171,21 @@ static char* __get_pkg_label(const char* pkgid)
        pkgmgrinfo_pkginfo_h handle;
        char* label = NULL;
 
-       pkgmgrinfo_pkginfo_get_pkginfo(pkgid, &handle);
-       pkgmgrinfo_pkginfo_get_label(handle, &label);
+       int ret = pkgmgrinfo_pkginfo_get_pkginfo(pkgid, &handle);
+       if (ret != PMINFO_R_OK) {
+               LOGE("pkgmgrinfo_pkginfo_get_pkginfo() failed. ret = %d, pkgid = %s", ret, pkgid);
+               return "";
+       }
+       ret = pkgmgrinfo_pkginfo_get_label(handle, &label);
+       if (ret != PMINFO_R_OK) {
+               LOGE("pkgmgrinfo_pkginfo_get_label() failed. ret = %d, pkgid = %s", ret, pkgid);
+               return "";
+       }
        char* pkg_label = strdup(label);
+       if (pkg_label == NULL) {
+               LOGE("strdup() of pkg_label failed. pkgid = %s", pkgid);
+               return "";
+       }
        pkgmgrinfo_pkginfo_destroy_pkginfo(handle);
 
        return pkg_label;
@@ -181,14 +193,20 @@ static char* __get_pkg_label(const char* pkgid)
 
 static char* __get_message(const char* padding, papp_data_s *ad)
 {
+       char* label = __get_pkg_label(ad->caller_pkgid);
+       char* privacy_string = __make_privacy_string(ad->privileges, ad->length, padding);
+       char* message = NULL;
        if (!strcmp(ad->launch_type, "use")) { /* use */
                if (ad->feature)
-                       return __make_message(MSG_POPUP_USE, ad->feature, __get_pkg_label(ad->caller_pkgid), __make_privacy_string(ad->privileges, ad->length, padding), padding);
+                       message = __make_message(MSG_POPUP_USE, ad->feature, label, privacy_string, padding);
                else
-                       return __make_message(MSG_POPUP_USE, __get_pkg_label(ad->caller_pkgid), __get_pkg_label(ad->caller_pkgid), __make_privacy_string(ad->privileges, ad->length, padding), padding);
+                       message = __make_message(MSG_POPUP_USE, label, label, privacy_string, padding);
        } else { /* open */
-               return __make_message(MSG_POPUP_OPEN, __get_pkg_label(ad->caller_pkgid), __get_pkg_label(ad->caller_pkgid), __make_privacy_string(ad->privileges, ad->length, padding), padding);
+               message = __make_message(MSG_POPUP_OPEN, label, label, privacy_string, padding);
        }
+       free(label);
+       free(privacy_string);
+       return message;
 }
 
 /*Privacy List*/

diff --git a/ui/src/package_list_view.c b/ui/src/package_list_view.c
index f48b182964fd2f1f409f8657eceebbed51584159..b73d5b7b087066814f6c20172f9c7746e67370f3 100644 (file)
--- a/ui/src/package_list_view.c
+++ b/ui/src/package_list_view.c
@@ -31,6 +31,8 @@
 #include <pkgmgr-info.h>
 #include <string.h>
 
+#define PRIVACY_LIST_LEN 512
+
 static void gl_realized_cb(void *data, Evas_Object *obj, void *event_info)
 {
        app_data_s* ad = data;
@@ -46,8 +48,8 @@ static char* gl_text_get_cb(void *data, Evas_Object *obj, const char *part)
        if (!strcmp(part, "elm.text")) {
                return strdup(apd->pkg_label);
        } else if (!strcmp(part, "elm.text.1")) {
-               char privacy_list_string[512];
-               memset(privacy_list_string, 0x00, 512);
+               char privacy_list_string[PRIVACY_LIST_LEN];
+               memset(privacy_list_string, 0x00, PRIVACY_LIST_LEN);
                int len = 0;
                GList* l;
                for (l = apd->pd_list; l != NULL; l = l->next) {
@@ -59,9 +61,9 @@ static char* gl_text_get_cb(void *data, Evas_Object *obj, const char *part)
                                        LOGE("file to get privacy display for %s", pd->privacy);
 
                                if (len == 0) {
-                                       len += snprintf(privacy_list_string, 512, "%s", privacy_display);;
-                               } else {
-                                       len += snprintf(privacy_list_string+len, 512, ", %s", privacy_display);
+                                       len += snprintf(privacy_list_string, PRIVACY_LIST_LEN, "%s", privacy_display);;
+                               } else if (len > 0 && len < PRIVACY_LIST_LEN) {
+                                       len += snprintf(privacy_list_string + len, PRIVACY_LIST_LEN - len, ", %s", privacy_display);
                                }
                        }
                }
@@ -81,9 +83,8 @@ static char* gl_title_text_get_cb(void *data, Evas_Object *obj, const char *part
 static void gl_del_cb(void *data, Evas_Object *obj)
 {
        app_data_s* ad = (app_data_s*)data;
-       if (ad == NULL)
-               LOGE("ad is null. can not free null.");
-       free_app_data(ad);
+       if (ad != NULL)
+               free_app_data(ad);
        ui_app_exit();
 }