diagnostics: Fix errors found via static analysis

author Karol Lewandowski <k.lewandowsk@samsung.com>

Wed, 16 Aug 2023 12:23:04 +0000 (14:23 +0200)

committer Karol Lewandowski <k.lewandowsk@samsung.com>

Thu, 17 Aug 2023 09:22:37 +0000 (11:22 +0200)
author Karol Lewandowski <k.lewandowsk@samsung.com>
Wed, 16 Aug 2023 12:23:04 +0000 (14:23 +0200)
committer Karol Lewandowski <k.lewandowsk@samsung.com>
Thu, 17 Aug 2023 09:22:37 +0000 (11:22 +0200)
diff --git a/packaging/crash-worker.spec b/packaging/crash-worker.spec

index dabd8f3..a3376c7 100644 (file)
--- a/packaging/crash-worker.spec
+++ b/packaging/crash-worker.spec
@@ -16,7 +16,7 @@
  
  Name:           crash-worker
  Summary:        Coredump handler and report generator for Tizen
-Version:        8.0.0
+Version:        8.0.1
  Release:        1
  Group:          Framework/system
  License:        MIT
diff --git a/src/bugreport-service/diagnostics/diagnostics_dump.c b/src/bugreport-service/diagnostics/diagnostics_dump.c

index 0be6237..93258e3 100644 (file)
--- a/src/bugreport-service/diagnostics/diagnostics_dump.c
+++ b/src/bugreport-service/diagnostics/diagnostics_dump.c
@@ -300,14 +300,15 @@ static struct report_file *find_report_file(const char *ident, struct report_fil
         return NULL;
  }
  
-static bool parse_pid_from_report_file(int report_fd, char *str)
+static bool parse_pid_from_report_file(int report_fd, char *str, size_t strsize)
  {
-       FILE *fp;
+       assert(str);
+       assert(strsize > 0);
+
+       FILE *fp = NULL;
         char buff[1024];
         int pid = -1;
-
-       if (!str)
-               return false;
+       bool ret = false;
  
         fp = fdopen(report_fd, "r");
         if (!fp) {
@@ -321,19 +322,29 @@ static bool parse_pid_from_report_file(int report_fd, char *str)
         }
         if (pid < 0) {
                 _E("There is no PID information in the report file");
-               return false;
+               goto out;
+       }
+
+       int r = snprintf(str, strsize, "%d", pid);
+       if (r < 0 || r >= strsize) {
+               _E("Internal error: Unable to store PID parsed from report file - increase pid[n] size");
+               goto out;
         }
  
-       sprintf(str, "%d", pid);
+       ret = true;
  
-       return true;
+out:
+       if (fp)
+               fclose(fp);
+
+       return ret;
  }
  
  static bool write_pid(int fd, int in_fd)
  {
         char pid[10];
  
-       if (!parse_pid_from_report_file(in_fd, pid)) {
+       if (!parse_pid_from_report_file(in_fd, pid, sizeof(pid))) {
                 dprintf(fd, "Internal error\n");
                 return false;
         }
author	Karol Lewandowski <k.lewandowsk@samsung.com>
	Wed, 16 Aug 2023 12:23:04 +0000 (14:23 +0200)
committer	Karol Lewandowski <k.lewandowsk@samsung.com>
	Thu, 17 Aug 2023 09:22:37 +0000 (11:22 +0200)
packaging/crash-worker.spec		patch \| blob \| history
src/bugreport-service/diagnostics/diagnostics_dump.c		patch \| blob \| history