projects / platform / core / api / media-controller.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f87293d)
Bug fix. insecure strncmp 06/316806/1 accepted/tizen/unified/20241219.032735 accepted/tizen/unified/x/20241219.100942
authorJiyong <jiyong.min@samsung.com>
Wed, 18 Dec 2024 06:45:43 +0000 (15:45 +0900)
committerJiyong <jiyong.min@samsung.com>
Wed, 18 Dec 2024 06:45:43 +0000 (15:45 +0900)
 - fix svace issue (LIB.INSECURE_STRNCMP)

The problem that such using checks only prefix of string because null-terminator is not checked.
It may be source of vulnarability when using for compariso passwords.
Correct pattern should use strlen(arg) + 1.

Change-Id: Ic9ac12468a6c81901e1c169097109e47a4c496fa

packaging/capi-media-controller.spec patch | blob | history
svc/media_controller_db_util.c patch | blob | history

diff --git a/packaging/capi-media-controller.spec b/packaging/capi-media-controller.spec
index 131f05634f219f45ad5c7108026f95a02314cb87..ba2b29b701ef7de625ddf89d9b1c089774033da7 100644 (file)
--- a/packaging/capi-media-controller.spec
+++ b/packaging/capi-media-controller.spec
@@ -1,6 +1,6 @@
 Name:       capi-media-controller
 Summary:    A media controller library in Tizen Native API
-Version:    1.0.7
+Version:    1.0.8
 Release:    0
 Group:      Multimedia/API
 License:    Apache-2.0
diff --git a/svc/media_controller_db_util.c b/svc/media_controller_db_util.c
index dcf9ca32de62a57e4f246a81e8f7666c7eb37a12..15fca1c7a293abf16529bbbd11dee3aed9127756 100644 (file)
--- a/svc/media_controller_db_util.c
+++ b/svc/media_controller_db_util.c
@@ -631,7 +631,7 @@ static int __parse_db_request(gchar **params, char **sql_str)
                                MC_DB_TABLE_SERVER_INFO, i_value, llu_value, i_value_1, i_value_2, params[1]);
                }
 
-       } else if (strncmp(MC_DB_CMD_UPDATE_META, params[0], strlen(MC_DB_CMD_UPDATE_META)) == 0) {
+       } else if (strncmp(MC_DB_CMD_UPDATE_META, params[0], strlen(MC_DB_CMD_UPDATE_META) + 1) == 0) {
                gchar *message = NULL;
                size_t message_size = 0;
                g_auto(GStrv) meta_params = NULL;
@@ -774,10 +774,10 @@ static int __update_db_request(uid_t uid, gchar **params, const char *sql_str)
                mc_error("mc_db_util_update_db error : %d", ret);
 
        /* Update vconf */
-       if (strncmp(MC_DB_CMD_UPDATE_LATEST, params[0], strlen(MC_DB_CMD_UPDATE_LATEST)) == 0) {
+       if (strncmp(MC_DB_CMD_UPDATE_LATEST, params[0], strlen(MC_DB_CMD_UPDATE_LATEST) + 1) == 0) {
                ret = __mc_update_latest_server_info_to_vconf(params[1], MC_SERVER_STATE_ACTIVATE, MC_PLAYBACK_STATE_PLAYING);
 
-       } else if (strncmp(MC_DB_CMD_UPDATE_PLAYBACK, params[0], strlen(MC_DB_CMD_UPDATE_PLAYBACK)) == 0) {
+       } else if (strncmp(MC_DB_CMD_UPDATE_PLAYBACK, params[0], strlen(MC_DB_CMD_UPDATE_PLAYBACK) + 1) == 0) {
                mc_retvm_if(!params[2], MEDIA_CONTROLLER_ERROR_INVALID_OPERATION, "invalid query");
 
                if (__mc_db_is_latest(db_handle, params[1])) {
Domain: Multimedia / Media Content;