Fix internal API(security) bugs

author sung.goo.kim <sung.goo.kim@samsung.com>

Fri, 24 Jun 2016 06:28:43 +0000 (15:28 +0900)

committer sung.goo.kim <sung.goo.kim@samsung.com>

Fri, 24 Jun 2016 06:28:43 +0000 (15:28 +0900)
author sung.goo.kim <sung.goo.kim@samsung.com>
Fri, 24 Jun 2016 06:28:43 +0000 (15:28 +0900)
committer sung.goo.kim <sung.goo.kim@samsung.com>
Fri, 24 Jun 2016 06:28:43 +0000 (15:28 +0900)
diff --git a/lib/icl-provisioning-struct.c b/lib/icl-provisioning-struct.c

index 665c2a3109eaf26b7ee603ce448cfa9c149344a9..5bc56efa5b8c30a3faa76037451eb860ad349ccb 100644 (file)
--- a/lib/icl-provisioning-struct.c
+++ b/lib/icl-provisioning-struct.c
@@ -76,6 +76,8 @@ static OCProvisionDev_t* _provisioning_device_clone(OCProvisionDev_t *src)
  
         OCProvisionDev_t *clone;
  
+       RETV_IF(NULL == src, NULL);
+
         clone = PMCloneOCProvisionDev(src);
         if (NULL == clone) {
                 ERR("PMCloneOCProvisionDev() Fail");
@@ -604,9 +606,13 @@ API int iotcon_provisioning_devices_add_device(iotcon_provisioning_devices_h dev
  {
         FN_CALL;
         OCProvisionDev_t *current;
-       OCProvisionDev_t *dev_list = devices->dev_list;
+       OCProvisionDev_t *dev_list;
  
         RETV_IF(false == ic_utils_check_ocf_feature(), IOTCON_ERROR_NOT_SUPPORTED);
+       RETV_IF(NULL == devices, IOTCON_ERROR_INVALID_PARAMETER);
+       RETV_IF(NULL == device, IOTCON_ERROR_INVALID_PARAMETER);
+
+       dev_list = devices->dev_list;
  
         current = icl_provisioning_devices_get_devices(devices);
         for (; current; current = current->next) {
@@ -623,10 +629,13 @@ API int iotcon_provisioning_devices_add_device(iotcon_provisioning_devices_h dev
                 return IOTCON_ERROR_OUT_OF_MEMORY;
         }
  
-       while (dev_list->next)
-               dev_list = dev_list->next;
-
-       dev_list->next = current;
+       if (NULL == dev_list)
+               dev_list = current;
+       else {
+               while (dev_list->next)
+                       dev_list = dev_list->next;
+               dev_list->next = current;
+       }
  
         return IOTCON_ERROR_NONE;
  }
diff --git a/lib/icl-provisioning.c b/lib/icl-provisioning.c

index e6c8e4136aff0c94810c066a27d204d6bca8d0b4..985cc022cb2a6e265489103ee23aa3714e0c3166 100644 (file)
--- a/lib/icl-provisioning.c
+++ b/lib/icl-provisioning.c
@@ -222,6 +222,9 @@ API int iotcon_provisioning_get_devices(iotcon_provisioning_devices_h *owned_dev
  {
         FN_CALL;
  
+       RETV_IF(NULL == owned_devices && NULL == unowned_devices,
+                       IOTCON_ERROR_INVALID_PARAMETER);
+
         if (owned_devices)
                 *owned_devices = icl_owned_devices;
author	sung.goo.kim <sung.goo.kim@samsung.com>
	Fri, 24 Jun 2016 06:28:43 +0000 (15:28 +0900)
committer	sung.goo.kim <sung.goo.kim@samsung.com>
	Fri, 24 Jun 2016 06:28:43 +0000 (15:28 +0900)
lib/icl-provisioning-struct.c		patch \| blob \| history
lib/icl-provisioning.c		patch \| blob \| history