Fix a defect detected by static code analyzer.

Add null check and remove strcpy in
oic_malloc_tests.cpp, ocstack.c, oickeepalive.c

Change-Id: I7303374ce2ff6ee68ab01e844dbef4dd46a4cf1a
Signed-off-by: Jaehong Jo <jaehong.jo@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/18953
Tested-by: jenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: Dan Mihai <Daniel.Mihai@microsoft.com>

diff --git a/resource/c_common/oic_malloc/test/linux/oic_malloc_tests.cpp b/resource/c_common/oic_malloc/test/linux/oic_malloc_tests.cpp
index cead86b..e07ca0c 100644 (file)
--- a/resource/c_common/oic_malloc/test/linux/oic_malloc_tests.cpp
+++ b/resource/c_common/oic_malloc/test/linux/oic_malloc_tests.cpp
@@ -63,6 +63,7 @@ class OICAllocTestsBase : public testing::Test
 {
 public:
     OICAllocTestsBase() :
+        m_allocatedSize(0),
         m_pBuffer(NULL)
     {}
 

diff --git a/resource/csdk/stack/src/ocstack.c b/resource/csdk/stack/src/ocstack.c
index 68d5436..32931f8 100644 (file)
--- a/resource/csdk/stack/src/ocstack.c
+++ b/resource/csdk/stack/src/ocstack.c
@@ -1092,8 +1092,8 @@ OCStackResult OCEncodeAddressForRFC6874(char *outputAddress,
 
     // Restore the null terminator with an escaped '%' character, per RFC 6874
     OICStrcpy(outputAddress, scopeIdPart - addressPart, addressPart);
-    strcat(outputAddress, "%25");
-    strcat(outputAddress, scopeIdPart);
+    OICStrcat(outputAddress, outputSize, "%25");
+    OICStrcat(outputAddress, outputSize, scopeIdPart);
 
     return OC_STACK_OK;
 }
@@ -3011,7 +3011,7 @@ static OCStackResult ParseRequestUri(const char *fullUri,
                 result = OC_STACK_NO_MEMORY;
                 goto error;
             }
-            strcpy(*resourceUri, slash);
+            OICStrcpy(*resourceUri, (ulen + 1), slash);
         }
         // resource type
         if (type && resourceType)
@@ -3023,7 +3023,7 @@ static OCStackResult ParseRequestUri(const char *fullUri,
                 goto error;
             }
 
-            OICStrcpy(*resourceType, (tlen+1), type);
+            OICStrcpy(*resourceType, (tlen + 1), type);
         }
     }
 

diff --git a/resource/csdk/stack/src/oickeepalive.c b/resource/csdk/stack/src/oickeepalive.c
index 57ec5b7..b07b88d 100644 (file)
--- a/resource/csdk/stack/src/oickeepalive.c
+++ b/resource/csdk/stack/src/oickeepalive.c
@@ -870,6 +870,11 @@ OCStackResult AddResourceTypeNameToPayload(OCRepPayload *payload)
     {
         size_t rtDim[MAX_REP_ARRAY_DEPTH] = {numElement, 0, 0};
         char **rt = (char **)OICMalloc(sizeof(char *) * numElement);
+        if (!rt)
+        {
+            OIC_LOG(ERROR, TAG, "Could not allocate memory for rf");
+            return OC_STACK_NO_MEMORY;
+        }
         for (uint8_t i = 0; i < numElement; ++i)
         {
             const char *value = OCGetResourceTypeName(g_keepAliveHandle, i);