Fixed codes which may occur buffer overflow or resource leak

Change-Id: Ia516982e5de0d41e6b141845d2fef96892a0afaf
Signed-off-by: shingil.kang <shingil.kang@samsung.com>

diff --git a/src/properties.c b/src/properties.c
index 427cfe4..13e45cf 100644 (file)
--- a/src/properties.c
+++ b/src/properties.c
@@ -67,7 +67,8 @@ static void property_init(void)
         if(read_line(fd, buffer, PROPERTY_KEY_MAX+PROPERTY_VALUE_MAX+1) < 0)
             break;
         tok = strtok(buffer, PROPERTY_SEPARATOR);
-        for (i = 0; sdbd_config[i].key; i++) {
+        int array_element_cnt = sizeof(sdbd_config) / sizeof(sdbd_config[0]);
+        for (i = 0; i < array_element_cnt && sdbd_config[i].key ; i++) {
             if (!strcmp(tok, sdbd_config[i].key)) {
                 tok = strtok(NULL, PROPERTY_SEPARATOR);
                 strncpy(sdbd_config[i].value, tok, PROPERTY_VALUE_MAX);

diff --git a/src/sdktools.c b/src/sdktools.c
index ae160e8..d1cd388 100644 (file)
--- a/src/sdktools.c
+++ b/src/sdktools.c
@@ -212,7 +212,7 @@ int exec_app_standalone(const char* path) {
     for (i=0; i<cnt; i++) {
         D("tokenize: %dth: %s\n", i, tokens[i]);
 
-        if (!strncmp(tokens[i], "export", sizeof("export"))) {
+        if (!strcmp("export", tokens[i])) {
             flag = 0;
             i++;
             if (i>=cnt) break;
@@ -221,7 +221,7 @@ int exec_app_standalone(const char* path) {
             }
             i++;
             if (i>=cnt) break;
-            if (!strncmp(tokens[i], "&&", sizeof("&&"))) {
+            if (!strcmp("&&", tokens[i])) {
                 continue;
             }
         }
@@ -229,14 +229,14 @@ int exec_app_standalone(const char* path) {
             // TODO: check evn setting
         }
 
-        if(!strncmp(tokens[i], SDK_LAUNCH_PATH, sizeof(SDK_LAUNCH_PATH))) {
+        if(!strcmp(tokens[i], SDK_LAUNCH_PATH)) {
             int debug = 0;
             int pid = 0;
             char* pkg_id = NULL;
             char* executable = NULL;
             ++i;
             while( i < cnt ) {
-                if(!strncmp(tokens[i], "-attach", sizeof("-attach"))) {
+                if(!strcmp(tokens[i], "-attach")) {
                     if(++i < cnt) {
                         char* pid_pattern = "[1-9][0-9]{2,5}";
                         if (regcmp(pid_pattern, tokens[i])) {
@@ -244,12 +244,12 @@ int exec_app_standalone(const char* path) {
                         }
                     }
                 }
-                else if(!strncmp(tokens[i], "-p", sizeof("-p"))) {
+                else if(!strcmp(tokens[i], "-p")) {
                     if(++i < cnt) {
                         pkg_id = tokens[i];
                     }
                 }
-                else if(!strncmp(tokens[i], "-e", sizeof("-e"))) {
+                else if(!strcmp(tokens[i], "-e")) {
                     if(++i < cnt) {
                         executable = tokens[i];
                     }

diff --git a/src/usb_funcfs_client.c b/src/usb_funcfs_client.c
index 02c4fd1..0237e5a 100644 (file)
--- a/src/usb_funcfs_client.c
+++ b/src/usb_funcfs_client.c
@@ -178,7 +178,6 @@ static void init_functionfs(struct usb_handle *h)
     ret = sdb_write(h->control, &descriptors, sizeof(descriptors));
     if (ret < 0) {
         D("[ %s: cannot write descriptors ]\n", h->EP0_NAME);
-        h->control = -errno;
         sdb_mutex_unlock(&h->control_lock);
         goto error;
     }
@@ -188,7 +187,6 @@ static void init_functionfs(struct usb_handle *h)
     ret = sdb_write(h->control, &strings, sizeof(strings));
     if(ret < 0) {
         D("[ %s: cannot write strings ]\n", h->EP0_NAME);
-        h->control = -errno;
         sdb_mutex_unlock(&h->control_lock);
         goto error;
     }