Fix defects detected by SVACE

Fix SVACE warnings in the following directories:
- /resource/csdk/security/provisioning
- /resource/provisioning

Implemented:
- use snprintf instead of sprintf
- null pointer checks
- fclose added to remove lost handles

Change-Id: I31d6765df649e30c24c931932eb68bc35b7e6cef
Signed-off-by: Oleksandr Moliavko <o.moliavko@samsung.com>
Signed-off-by: Oleg Kopysov <o.kopysov@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/20049
Tested-by: jenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: dongik Lee <dongik.lee@samsung.com>
Reviewed-by: Dmitriy Zhuravlev <d.zhuravlev@samsung.com>

diff --git a/resource/csdk/security/provisioning/sample/certgenerator.cpp b/resource/csdk/security/provisioning/sample/certgenerator.cpp
index 8bd4c96da60ce6a2fb5c6eb56c02a953fb1d1d98..7d97f15ec5d75d7bf1ae5ea4c7a3a7290f9bd102 100644 (file)
--- a/resource/csdk/security/provisioning/sample/certgenerator.cpp
+++ b/resource/csdk/security/provisioning/sample/certgenerator.cpp
@@ -388,13 +388,6 @@ exit:
 
     OICFree(serial);
     OICFree(certificate);
-    if (NULL != f)
-    {
-        if (0 != fclose(f))
-        {
-            printf("Warning: failed to fclose\n");
-        }
-    }
 }
 
 static void DoGenKeyPair()
@@ -532,4 +525,4 @@ int main()
             break;
         }
     }
-}
\ No newline at end of file
+}

diff --git a/resource/csdk/security/provisioning/src/cloud/aclid.c b/resource/csdk/security/provisioning/src/cloud/aclid.c
index eaac70e687099817d63f9861f1997ab39d8df012..03881488a750214fd8402fd2d3e8b8216c2a2d69 100644 (file)
--- a/resource/csdk/security/provisioning/src/cloud/aclid.c
+++ b/resource/csdk/security/provisioning/src/cloud/aclid.c
@@ -254,7 +254,7 @@ OCStackResult OCCloudAclIndividualAclUpdate(void* ctx,
         goto no_memory;
     }
 
-    int acllist_count = 0;
+    size_t acllist_count = 0;
     //code below duplicates LL_COUNT, implemented in newer version of utlist.h
     {
         cloudAce_t *ace = (cloudAce_t*)aces;
@@ -297,7 +297,7 @@ OCStackResult OCCloudAclIndividualAclUpdate(void* ctx,
 
         OICFree(uuid);
 
-        int reslist_count = 0;
+        size_t reslist_count = 0;
         //code below duplicates LL_COUNT, implemented in newer version of utlist.h
         {
             OicSecRsrc_t *res = ace->resources;
@@ -399,7 +399,7 @@ OCStackResult OCCloudAclIndividualAceUpdate(void* ctx,
         goto no_memory;
     }
 
-    int acllist_count = 1;
+    size_t acllist_count = 1;
 
     helperPayload = OICCalloc(acllist_count, sizeof(OCRepPayload *));
     if (!helperPayload)
@@ -433,7 +433,7 @@ OCStackResult OCCloudAclIndividualAceUpdate(void* ctx,
 
         OICFree(uuid);
 
-        int reslist_count = 0;
+        size_t reslist_count = 0;
         //code below duplicates LL_COUNT, implemented in newer version of utlist.h
         {
             OicSecRsrc_t *res = ace->resources;

diff --git a/resource/provisioning/examples/cloudClient.cpp b/resource/provisioning/examples/cloudClient.cpp
index 585ecb9c165b6141b84b75f4e6590896ca94a8ed..02ee44338d620c28c1ade39e75d39dcf9f452a7b 100644 (file)
--- a/resource/provisioning/examples/cloudClient.cpp
+++ b/resource/provisioning/examples/cloudClient.cpp
@@ -225,8 +225,8 @@ static int saveTrustCert(void)
             {
                 OIC_LOG(ERROR, TAG, "Certiface not read completely");
             }
-            fclose(fp);
         }
+        fclose(fp);
     }
     OIC_LOG_BUFFER(DEBUG, TAG, trustCertChainArray.data, trustCertChainArray.len);
 

diff --git a/resource/provisioning/examples/provisioningclient.cpp b/resource/provisioning/examples/provisioningclient.cpp
index e786e353802a38b53a5e32c916b6fde0f55d5ea7..5c3ea1ab407f6ccd2a75da58d64fc6d3a8807a7d 100644 (file)
--- a/resource/provisioning/examples/provisioningclient.cpp
+++ b/resource/provisioning/examples/provisioningclient.cpp
@@ -886,8 +886,8 @@ static int saveTrustCert(void)
             {
                 OIC_LOG(ERROR,TAG,"Read error");
             }
-            fclose(fp);
         }
+        fclose(fp);
     }
     OIC_LOG_BUFFER(DEBUG, TAG, trustCertChainArray.data, trustCertChainArray.len);
 

diff --git a/resource/provisioning/src/OCProvisioningManager.cpp b/resource/provisioning/src/OCProvisioningManager.cpp
index 4e135d4a4bb32e4340c53e35e75d248ae95daa1c..5711c91fc8bdee2cc071513ccede9382845767e4 100644 (file)
--- a/resource/provisioning/src/OCProvisioningManager.cpp
+++ b/resource/provisioning/src/OCProvisioningManager.cpp
@@ -812,7 +812,9 @@ namespace OC
             memcpy(number, verifNum, MUTUAL_VERIF_NUM_LEN);
         }
 
-        return context->callback(number);
+        OCStackResult res = context->callback(number);
+        delete context;
+        return res;
     }
 
     OCStackResult OCSecure::registerDisplayNumCallback(DisplayNumCB displayNumCB)
@@ -879,7 +881,9 @@ namespace OC
             return OC_STACK_INVALID_PARAM;
         }
 
-        return context->callback();
+        OCStackResult res = context->callback();
+        delete context;
+        return res;
     }
 
     OCStackResult OCSecure::registerUserConfirmCallback(UserConfirmNumCB userConfirmCB)