sound: Replace insecure string comparison macro to strncmp

The MATCH macro from the libsyscommon was omitted secure string length comparison.
When comparing strings with the strncmp function,
it is safer to use a parameter length of strlen + 1.
For clear comparison, strings are compared by the length of the literal string.

Change-Id: I014c7a2d97a97584ba7f1f0c4a4b7b6681a69048
Signed-off-by: Yunhee Seo <yuni.seo@samsung.com>

diff --git a/src/sound-parser.c b/src/sound-parser.c
index 4c43a98f1ce6dc115dcf1f0f2d0bf89543d9f768..e792bef7a3ad3b2a11058f6773764bc824899cc5 100644 (file)
--- a/src/sound-parser.c
+++ b/src/sound-parser.c
@@ -76,17 +76,17 @@ static int parse_sound_theme_property(gpointer data, gpointer user_data)
        if (!prop || !sound_theme_elem)
                return 0;
 
-       if (MATCH(prop->key, "SoundThemeId")) {
+       if (!strncmp(prop->key, "SoundThemeId", strlen("SoundThemeId") + 1)) {
                sscanf(prop->value, "%d", (&sound_theme_elem->id));
                if (sound_theme_elem->id < 0)
                        return -EPERM;
-       } else if (MATCH(prop->key, "SoundThemePath")) {
+       } else if (!strncmp(prop->key, "SoundThemePath", strlen("SoundThemePath") + 1)) {
                int str_len = sizeof(prop->value);
                sound_theme_elem->conf_file_path = strndup(prop->value, str_len);
-       } else if (MATCH(prop->key, "SoundThemeDefault")) {
-               if (MATCH(prop->value, "yes"))
+       } else if (!strncmp(prop->key, "SoundThemeDefault", strlen("SoundThemeDefault") + 1)) {
+               if (!strncmp(prop->value, "yes", strlen("yes") + 1))
                        sound_theme_elem->is_default = 1;
-               else if (MATCH(prop->value, "no"))
+               else if (!strncmp(prop->value, "no", strlen("no") + 1))
                        sound_theme_elem->is_default = 0;
                else
                        return -EPERM;
@@ -109,7 +109,7 @@ static int parse_sound_theme_section(const struct parse_result *result, void *da
        if (!result || !result->props)
                return 0;
 
-       if (!MATCH("SoundTheme", result->section))
+       if (strncmp("SoundTheme", result->section, strlen("SoundTheme") + 1))
                return 0;
 
        SYS_G_LIST_FOREACH(result->props, temp_glist, extracted_section_prop) {
@@ -151,7 +151,7 @@ static int parse_sound_section(const struct parse_result *result, void *data)
        if (!result || !result->props)
                return 0;
 
-       if (MATCH(result->section, "Sound")) {
+       if (!strncmp(result->section, "Sound", strlen("Sound") + 1)) {
                if (is_default_theme_id_set()) {
                        _E("Failed to parse sound conf file, please check conf file description and follow the rules");
                        return -EINVAL;
@@ -217,7 +217,7 @@ static int parse_sound_property(const struct parse_result *result, void *data)
        if (!data)
                return -EINVAL;
 
-       if (!MATCH(result->section, "Sound"))
+       if (strncmp(result->section, "Sound", strlen("Sound") + 1))
                return 0;
 
        sound_config_info = (GHashTable*)data;
@@ -269,7 +269,7 @@ static int parse_sound_pattern_priority_property(const struct parse_result *resu
        if (!data)
                return -EINVAL;
 
-       if (!MATCH("SoundPatternPriority", result->section))
+       if (strncmp("SoundPatternPriority", result->section, strlen("SoundPatternPriority") + 1))
                return 0;
 
        sound_config_info = (GHashTable*)data;