double value_dbl = 0;
char file_buf[BUF_LEN] = {0,};
char *value_str = NULL;
- int value_size = 0;
+ size_t value_size = 0;
+ size_t diff;
+ size_t file_buf_size;
+ char *new_value_str;
fp = fopen(path, "r");
if (fp == NULL) {
case PREFERENCE_TYPE_STRING:
while (fgets(file_buf, sizeof(file_buf), fp)) {
if (value_str) {
- value_size += strlen(file_buf);
- value_str = (char *)realloc(value_str,
+ file_buf_size = strlen(file_buf);
+ diff = INT_MAX - file_buf_size;
+ if (value_size > diff) {
+ printf("Integer overflow\n");
+ break;
+ }
+
+ value_size += file_buf_size;
+ new_value_str = (char *)realloc(value_str,
value_size);
- if (value_str == NULL)
+ if (new_value_str == NULL)
break;
+ value_str = new_value_str;
strncat(value_str, file_buf, strlen(file_buf));
} else {
value_size = strlen(file_buf) + 1;
if (ret < 0) {
printf("create new prefer key failed (%d)\n",
ret);
+ sqlite3_finalize(stmt);
return -1;
}
} else {
break;
}
}
+ sqlite3_finalize(stmt);
return 0;
}
projects / platform / core / api / preference.git / commitdiff