projects / platform / core / api / wav-player.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 24bb6d2)
Fix possible buffer overflow using strncat 41/139341/3 accepted/tizen/4.0/unified/20170816.013434 accepted/tizen/4.0/unified/20170828.223848 accepted/tizen/unified/20170724.020325 submit/tizen/20170721.115102 submit/tizen_4.0/20170811.094300 submit/tizen_4.0/20170828.100002 tizen_4.0.IoT.p1_release tizen_4.0.IoT.p2_release tizen_4.0.m2_release
authorSeungbae Shin <seungbae.shin@samsung.com>
Tue, 18 Jul 2017 11:16:42 +0000 (20:16 +0900)
committerSeungbae Shin <seungbae.shin@samsung.com>
Fri, 21 Jul 2017 11:43:53 +0000 (11:43 +0000)
 + Fix svace detected issue of checking range of enum value

[Version] 0.1.26
[Profile] Common
[Issue Type] Security

Change-Id: If9781777feb3d63a681a17ca6dc7eb31b9864a67

packaging/capi-media-wav-player.spec patch | blob | history
src/wav_player.c patch | blob | history
src/wav_player_private.c patch | blob | history

diff --git a/packaging/capi-media-wav-player.spec b/packaging/capi-media-wav-player.spec
index 2e600eb..019f1a2 100755 (executable)
--- a/packaging/capi-media-wav-player.spec
+++ b/packaging/capi-media-wav-player.spec
@@ -1,6 +1,6 @@
 Name:       capi-media-wav-player
 Summary:    A wav player library in Tizen C API
-Version:    0.1.25
+Version:    0.1.26
 Release:    0
 Group:      Multimedia/API
 License:    Apache-2.0
diff --git a/src/wav_player.c b/src/wav_player.c
index a8f3049..5ef7529 100755 (executable)
--- a/src/wav_player.c
+++ b/src/wav_player.c
@@ -47,15 +47,15 @@ int wav_player_start(const char *path, sound_type_e type, wav_player_playback_co
        if (path == NULL)
                return _convert_wav_player_error_code(__func__, WAV_PLAYER_ERROR_INVALID_PARAMETER);
 
-       if (type < SOUND_TYPE_SYSTEM || type >= SOUND_TYPE_NUM)
+       if (type >= SOUND_TYPE_NUM)
                return _convert_wav_player_error_code(__func__, WAV_PLAYER_ERROR_INVALID_PARAMETER);
 
        m_path[0] = '\0';
        if (path[0] != '/') {
                if (getcwd(m_path, PATH_MAX) != NULL)
-                       strncat(m_path, "/", PATH_MAX-strlen(m_path));
+                       strncat(m_path, "/", PATH_MAX - strlen(m_path) - 1);
        }
-       strncat(m_path, path, PATH_MAX-strlen(m_path));
+       strncat(m_path, path, PATH_MAX - strlen(m_path) - 1);
 
        if (cb) {
                _completed_cb = _internal_complete_cb;
diff --git a/src/wav_player_private.c b/src/wav_player_private.c
index 4a0e649..ee918db 100755 (executable)
--- a/src/wav_player_private.c
+++ b/src/wav_player_private.c
@@ -105,9 +105,9 @@ int _start_with_stream_info(const char *path, sound_stream_info_h stream_info, u
        if (path[0] != '/') {
 
                if (getcwd(m_path, PATH_MAX) != NULL)
-                       strncat(m_path, "/", PATH_MAX-strlen(m_path));
+                       strncat(m_path, "/", PATH_MAX - strlen(m_path) - 1);
        }
-       strncat(m_path, path, PATH_MAX-strlen(m_path));
+       strncat(m_path, path, PATH_MAX - strlen(m_path) - 1);
 
        if (callback) {
                _completed_cb = _internal_complete_cb;
Domain: Multimedia / Audio FW;