projects / platform / core / security / device-certificate-manager.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 78b70d2)
SVACE fix for strerror 74/173174/1 accepted/tizen/unified/20180403.182342 submit/tizen/20180320.034537 submit/tizen/20180401.232214
authorJaroslaw Pelczar <j.pelczar@samsung.com>
Mon, 18 Dec 2017 05:33:16 +0000 (06:33 +0100)
committerDong Sun Lee <ds73.lee@samsung.com>
Tue, 20 Mar 2018 02:26:11 +0000 (02:26 +0000)
WID:39508479 Use of vulnerable function 'strerror' at
serviceadapter.cpp:99. strerror makes no guaranteee of thread safety.
Use strerror_r function instead.

Change-Id: I050aea535c0caddc4baebb945d70b29766255fe9
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
(cherry picked from commit 80a151491507a7dd8ffa4dca1064581026ba710f)

dcm-daemon/serviceadapter.cpp patch | blob | history

diff --git a/dcm-daemon/serviceadapter.cpp b/dcm-daemon/serviceadapter.cpp
index c7df4aa..11b990d 100644 (file)
--- a/dcm-daemon/serviceadapter.cpp
+++ b/dcm-daemon/serviceadapter.cpp
@@ -96,7 +96,10 @@ void service_adapter::notify_start_failure(int error)
 
 #ifdef USE_SYSTEMD_API
        if(!fStartCompleteNotified) {
-               sd_notifyf(0, "STATUS=Failed to start up: %s\nERRNO=%d", strerror(error), error);
+               char buffer[512];
+               buffer[0] = '\0';
+               strerror_r(error, buffer, sizeof(buffer));
+               sd_notifyf(0, "STATUS=Failed to start up: %s\nERRNO=%d", buffer, error);
        }
 #endif
 }
Domain: Security / Authentication;