Fix SVACE defects: unsafe functions and dead code

Change-Id: I1f670628bc6636e89ca9a7d9eae72922f062fd22
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>

diff --git a/src/manager/client-capi/ckmc-type.cpp b/src/manager/client-capi/ckmc-type.cpp
index a80b8b2..8ac6a2b 100644 (file)
--- a/src/manager/client-capi/ckmc-type.cpp
+++ b/src/manager/client-capi/ckmc-type.cpp
@@ -83,9 +83,9 @@ int ckmc_alias_new(const char *owner_id, const char *alias, char **full_alias)
        if (_full_alias == NULL)
                return CKMC_ERROR_OUT_OF_MEMORY;
 
-       strcpy(_full_alias, owner_id);
-       strcat(_full_alias, ckmc_owner_id_separator);
-       strcat(_full_alias, alias);
+       strncpy(_full_alias, owner_id, len + 1);
+       strncat(_full_alias, ckmc_owner_id_separator, len - strlen(_full_alias) + 1);
+       strncat(_full_alias, alias, len - strlen(_full_alias) + 1);
 
        *full_alias = _full_alias;
 

diff --git a/src/manager/service/access-control.cpp b/src/manager/service/access-control.cpp
index 8faf36d..95cd3a3 100644 (file)
--- a/src/manager/service/access-control.cpp
+++ b/src/manager/service/access-control.cpp
@@ -34,19 +34,17 @@ namespace CKM {
 void AccessControl::updateCCMode()
 {
        /* newMode should be extracted from global property like buxton in product */
-       bool newMode = false;
+       int newMode = 0;
 
-       if (newMode == m_ccMode)
+       if ((newMode == 1) == m_ccMode)
                return;
 
-       int iNewMode = newMode ? 1 : 0;
-
-       if (FIPS_mode_set(iNewMode) == 0) {
-               LogError("Error to FIPS_mode_set with param " << iNewMode);
+       if (FIPS_mode_set(newMode) == 0) {
+               LogError("Error to FIPS_mode_set with param " << newMode);
                return;
        }
 
-       m_ccMode = newMode;
+       m_ccMode = (newMode == 1);
 }
 
 bool AccessControl::isCCMode() const

diff --git a/src/pam_plugin/pam-key-manager-plugin.cpp b/src/pam_plugin/pam-key-manager-plugin.cpp
index 74a1d25..8b401b2 100644 (file)
--- a/src/pam_plugin/pam-key-manager-plugin.cpp
+++ b/src/pam_plugin/pam-key-manager-plugin.cpp
@@ -48,23 +48,37 @@ bool identify_user_pwd(pam_handle_t *pamh, uid_t &uid, std::string &passwd)
        if ((pam_err = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS)
                return true;
 
-       struct passwd *pwd;
+       struct passwd pwd;
+       struct passwd *result = nullptr;
+       int bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
 
-       if ((pwd = getpwnam(user)) == NULL)
+       if (bufsize <= 0)
+               bufsize = 16384; /* should be more than enough */
+
+       memset(&pwd, 0x00, sizeof(pwd));
+       std::vector<char> buf(bufsize, 0);
+
+       int ret = getpwnam_r(user, &pwd, buf.data(), bufsize, &result);
+       if (ret != 0 || result == nullptr)
                return true;
 
-       if (strcmp(pwd->pw_passwd, PASSWORD_SHADOWED) == 0) {
-               struct spwd *pwd_sh;
+       if (strcmp(pwd.pw_passwd, PASSWORD_SHADOWED) == 0) {
+               struct spwd pwd_sh;
+               struct spwd *result_sh = nullptr;
+
+               memset(&pwd_sh, 0x00, sizeof(pwd_sh));
+               std::vector<char> buf_sh(bufsize, 0);
 
-               if ((pwd_sh = getspnam(user)) == NULL)
+               ret = getspnam_r(user, &pwd_sh, buf_sh.data(), bufsize, &result_sh);
+               if (ret != 0 || result_sh == nullptr)
                        return true;
 
-               passwd = std::string(pwd_sh->sp_pwdp);
+               passwd = std::string(pwd_sh.sp_pwdp);
        } else {
-               passwd = std::string(pwd->pw_passwd);
+               passwd = std::string(pwd.pw_passwd);
        }
 
-       uid = pwd->pw_uid;
+       uid = pwd.pw_uid;
        return false;
 }
 }