projects / platform / core / pim / contacts-service.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b3d5a36)
fix security svace issues 36/149436/5 accepted/tizen/unified/20170918.153131 submit/tizen/20170915.044752 submit/tizen/20170918.022658
authorJongkyu Koo <jk.koo@samsung.com>
Tue, 12 Sep 2017 08:29:14 +0000 (17:29 +0900)
committerJongkyu Koo <jk.koo@samsung.com>
Thu, 14 Sep 2017 07:48:51 +0000 (16:48 +0900)
Change-Id: Ia3e8a28d1f1fb97ddf31e897ba420cb42740c2ce
Signed-off-by: Jongkyu Koo <jk.koo@samsung.com>
build-util/DB-schema-gen.c patch | blob | history
build-util/DB-schema-gen2.c patch | blob | history
common/ctsvc_vcard.c patch | blob | history
packaging/contacts-service.spec patch | blob | history
server/db/ctsvc_db_utils.c patch | blob | history

diff --git a/build-util/DB-schema-gen.c b/build-util/DB-schema-gen.c
index fa9b7c3..aacf67d 100644 (file)
--- a/build-util/DB-schema-gen.c
+++ b/build-util/DB-schema-gen.c
@@ -24,6 +24,9 @@ int main(int argc, char **argv)
        FILE *fp;
        int c;
 
+       if (argc < 2)
+               exit(EXIT_FAILURE);
+
        fp = fopen(argv[1], "r");
        if (fp == NULL)
                exit(EXIT_FAILURE);
diff --git a/build-util/DB-schema-gen2.c b/build-util/DB-schema-gen2.c
index 83456b5..57df876 100644 (file)
--- a/build-util/DB-schema-gen2.c
+++ b/build-util/DB-schema-gen2.c
@@ -24,6 +24,9 @@ int main(int argc, char **argv)
        FILE *fp;
        int c;
 
+       if (argc < 2)
+               exit(EXIT_FAILURE);
+
        fp = fopen(argv[1], "r");
        if (fp == NULL)
                exit(EXIT_FAILURE);
diff --git a/common/ctsvc_vcard.c b/common/ctsvc_vcard.c
index 34c3628..585d24a 100644 (file)
--- a/common/ctsvc_vcard.c
+++ b/common/ctsvc_vcard.c
@@ -1479,6 +1479,7 @@ static bool _ctsvc_vcard_image_util_supported_jpeg_colorspace_cb(
        int height = 0;
        int mimetype = 0;
        uint64_t size = 0;
+       unsigned int size_decode = 0;
        void *buffer = NULL;
        void *buffer_temp = NULL;
        int ret;
@@ -1491,11 +1492,12 @@ static bool _ctsvc_vcard_image_util_supported_jpeg_colorspace_cb(
        }
 
        ret = image_util_decode_jpeg(info->src, colorspace, (unsigned char **)&buffer,
-                       &width, &height, (unsigned int *)&size);
+                       &width, &height, &size_decode);
        if (IMAGE_UTIL_ERROR_NONE != ret) {
                info->ret = CONTACTS_ERROR_SYSTEM;
                return true;
        }
+       size = (uint64_t)size_decode;
 
        if (limit_size_of_photo < width || limit_size_of_photo < height) { /* need resize */
                int resized_width;
diff --git a/packaging/contacts-service.spec b/packaging/contacts-service.spec
index 7f16df3..4e3d195 100644 (file)
--- a/packaging/contacts-service.spec
+++ b/packaging/contacts-service.spec
@@ -1,6 +1,6 @@
 Name:       contacts-service
 Summary:    Contacts Service
-Version:    0.13.73
+Version:    0.13.74
 Release:    0
 Group:      Social & Content/Service
 License:    Apache-2.0
diff --git a/server/db/ctsvc_db_utils.c b/server/db/ctsvc_db_utils.c
index 3f749f7..575161f 100644 (file)
--- a/server/db/ctsvc_db_utils.c
+++ b/server/db/ctsvc_db_utils.c
@@ -301,6 +301,7 @@ static bool _ctsvc_image_util_supported_jpeg_colorspace_cb(
        int dest_fd = 0;
        int mimetype = 0;
        uint64_t size = 0;
+       unsigned int size_decode = 0;
        void *buffer = NULL;
        void *buffer_temp = NULL;
        int ret;
@@ -314,11 +315,12 @@ static bool _ctsvc_image_util_supported_jpeg_colorspace_cb(
        }
 
        ret = image_util_decode_jpeg(info->src, colorspace, (unsigned char **)&buffer,
-                       &width, &height, (unsigned int *)&size);
+                       &width, &height, &size_decode);
        if (IMAGE_UTIL_ERROR_NONE != ret) {
                info->ret = CONTACTS_ERROR_SYSTEM;
                return true;
        }
+       size = (uint64_t)size_decode;
 
        rotation = _ctsvc_image_get_rotation_info(info->src);
        if (IMAGE_UTIL_ROTATION_NONE != rotation) { /* need rotate */
Domain: Service Framework / PIMS;