Fix SVACE defects (DEREF_OF_NULL.RET.ALLOC)

[Version] 0.1.34
[Issue Type] Vulnerbility

Change-Id: Idaa9c9d1a06cb49ce2e8b20d46e8fd8cf0c46fcf

diff --git a/tizen-audio-impl-ctrl.c b/tizen-audio-impl-ctrl.c
index c52715a79b130d63b2382e10ee9c1083a219ec88..6d3ebb389e735cd2b96cb372f8c571fe47610144 100644 (file)
--- a/tizen-audio-impl-ctrl.c
+++ b/tizen-audio-impl-ctrl.c
@@ -82,6 +82,8 @@ audio_return_t _mixer_control_get_value(audio_hal_t *ah, const char *ctl_name, i
     int ret = 0, count = 0, i = 0;
 
     AUDIO_RETURN_VAL_IF_FAIL(ah, AUDIO_ERR_PARAMETER);
+    AUDIO_RETURN_VAL_IF_FAIL(ctl_name, AUDIO_ERR_PARAMETER);
+    AUDIO_RETURN_VAL_IF_FAIL(val, AUDIO_ERR_PARAMETER);
 
     pthread_mutex_lock(&(ah->mixer.mutex));
 

diff --git a/tizen-audio-impl-pcm.c b/tizen-audio-impl-pcm.c
index 1385f361c42b4e7460d9f52a5da13890b7603c16..f7da45069ac942190a81170261ca8f619c4e0259 100644 (file)
--- a/tizen-audio-impl-pcm.c
+++ b/tizen-audio-impl-pcm.c
@@ -24,7 +24,6 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <stdbool.h>
 
 #include "tizen-audio-internal.h"
 #include "tizen-audio-impl.h"

diff --git a/tizen-audio-impl-ucm.c b/tizen-audio-impl-ucm.c
index aa574d775c4435b591eef088a5c41ee08b9f1238..81a59833f95a266528787a45c5f2a79c5cea9196 100644 (file)
--- a/tizen-audio-impl-ucm.c
+++ b/tizen-audio-impl-ucm.c
@@ -24,6 +24,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <assert.h>
 #ifdef ALSA_UCM_DEBUG_TIME
 #include <sys/time.h>
 #include <time.h>
@@ -188,28 +189,20 @@ audio_return_t _ucm_set_use_case(audio_hal_t *ah, const char *verb, const char *
         AUDIO_LOG_DEBUG("current verb and new verb is same. No need to change verb, disable devices explicitely");
 
         if (old_dev_count > 0) {
-            dis_dev_list = (const char **)malloc(sizeof(const char *) * old_dev_count);
-            for (i = 0; i < old_dev_count; i++) {
-                dis_dev_list[i] = NULL;
-            }
+            dis_dev_list = (const char **)calloc(old_dev_count, sizeof(const char *));
+            assert(dis_dev_list);
         }
         if (dev_count > 0) {
-            ena_dev_list = (const char **)malloc(sizeof(const char *) * dev_count);
-            for (i = 0; i < dev_count; i++) {
-                ena_dev_list[i] = NULL;
-            }
+            ena_dev_list = (const char **)calloc(dev_count, sizeof(const char *));
+            assert(ena_dev_list);
         }
         if (old_mod_count > 0) {
-            dis_mod_list = (const char **)malloc(sizeof(const char *) * old_mod_count);
-            for (i = 0; i < old_mod_count; i++) {
-                dis_mod_list[i] = NULL;
-            }
+            dis_mod_list = (const char **)calloc(old_mod_count, sizeof(const char *));
+            assert(dis_mod_list);
         }
         if (mod_count > 0) {
-            ena_mod_list = (const char **)malloc(sizeof(const char *) * mod_count);
-            for (i = 0; i < mod_count; i++) {
-                ena_mod_list[i] = NULL;
-            }
+            ena_mod_list = (const char **)calloc(mod_count, sizeof(const char *));
+            assert(ena_mod_list);
         }
 
         /* update disable modifiers list which are not present in new modifier list */
@@ -408,16 +401,12 @@ audio_return_t _ucm_set_devices(audio_hal_t *ah, const char *verb, const char *d
         AUDIO_LOG_DEBUG("current verb and new verb is same. No need to change verb, disable devices explicitely");
 
         if (old_dev_count > 0) {
-            dis_dev_list = (const char **)malloc(sizeof(const char *) * old_dev_count);
-            for (i = 0; i < old_dev_count; i++) {
-                dis_dev_list[i] = NULL;
-            }
+            dis_dev_list = (const char **)calloc(old_dev_count, sizeof(const char *));
+            assert(dis_dev_list);
         }
         if (dev_count > 0) {
-            ena_dev_list = (const char **)malloc(sizeof(const char *) * dev_count);
-            for (i = 0; i < dev_count; i++) {
-                ena_dev_list[i] = NULL;
-            }
+            ena_dev_list = (const char **)calloc(dev_count, sizeof(const char *));
+            assert(ena_dev_list);
         }
 
         /* update disable devices list which are not present in new device list */
@@ -543,16 +532,12 @@ audio_return_t _ucm_set_modifiers(audio_hal_t *ah, const char *verb, const char
         AUDIO_LOG_DEBUG("current verb and new verb is same. No need to change verb, disable devices explicitely");
 
         if (old_mod_count > 0) {
-            dis_mod_list = (const char **)malloc(sizeof(const char *) * old_mod_count);
-            for (i = 0; i < old_mod_count; i++) {
-                dis_mod_list[i] = NULL;
-            }
+            dis_mod_list = (const char **)calloc(old_mod_count, sizeof(const char *));
+            assert(dis_mod_list);
         }
         if (mod_count > 0) {
-            ena_mod_list = (const char **)malloc(sizeof(const char *) * mod_count);
-            for (i = 0; i < mod_count; i++) {
-                ena_mod_list[i] = NULL;
-            }
+            ena_mod_list = (const char **)calloc(mod_count, sizeof(const char *));
+            assert(ena_mod_list);
         }
 
         /* update disable modifiers list which are not present in new modifier list */
@@ -678,4 +663,4 @@ audio_return_t _ucm_reset_use_case(audio_hal_t *ah)
     }
 
     return ret;
-}
\ No newline at end of file
+}

diff --git a/tizen-audio.c b/tizen-audio.c
index c61f0638e84f6a81396675c562ce8b6c99712de3..202399148d2ae8ee1e63df95580cb0247e6bd913 100644 (file)
--- a/tizen-audio.c
+++ b/tizen-audio.c
@@ -30,8 +30,8 @@ audio_return_t audio_init(void **audio_handle)
 
     AUDIO_RETURN_VAL_IF_FAIL(audio_handle, AUDIO_ERR_PARAMETER);
 
-    if (!(ah = malloc(sizeof(audio_hal_t)))) {
-        AUDIO_LOG_ERROR("failed to malloc()");
+    if (!(ah = calloc(1, sizeof(audio_hal_t)))) {
+        AUDIO_LOG_ERROR("failed to alloc errno(%d)", errno);
         return AUDIO_ERR_RESOURCE;
     }