[IOT-1643] Fix illegal memory access - Don't return local string

the std::string ret  is a local varaible and is destroyed when the
what() member function returns.

Put the return string into the m_whatMessage variable. Since
'what()' member function is a const function it can not modify the
member variable m_whatMessage so it is generated in the
ResourceInitException constructor.

Issue found using static analysis tool.

Change-Id: I907b984f35dee59b2f300afe6a640b15a26f020f
Signed-off-by: George Nash <george.nash@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/15035
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Larry Sachs <larry.j.sachs@intel.com>
Reviewed-by: Habib Virji <habib.virji@samsung.com>
Reviewed-by: Dan Mihai <Daniel.Mihai@microsoft.com>

diff --git a/resource/include/ResourceInitException.h b/resource/include/ResourceInitException.h
index e700739..b15134a 100644 (file)
--- a/resource/include/ResourceInitException.h
+++ b/resource/include/ResourceInitException.h
@@ -36,15 +36,47 @@ namespace OC
                 bool missingClientWrapper,
                 bool invalidPort,
                 bool invalidIp)
-        : m_missingUri(missingUri),
+        : m_whatMessage(),
+          m_missingUri(missingUri),
           m_missingType(missingType),
           m_missingInterface(missingInterface),
           m_missingClientWrapper(missingClientWrapper),
           m_invalidPort(invalidPort),
           m_invalidIp(invalidIp)
         {
+            if(isUriMissing())
+            {
+                m_whatMessage += OC::InitException::MISSING_URI;
+            }
+
+            if(isTypeMissing())
+            {
+                m_whatMessage += OC::InitException::MISSING_TYPE;
+            }
+
+            if(isInterfaceMissing())
+            {
+                m_whatMessage += OC::InitException::MISSING_INTERFACE;
+            }
+
+            if(isClientWrapperMissing())
+            {
+                m_whatMessage += OC::InitException::MISSING_CLIENT_WRAPPER;
+            }
+
+            if(isInvalidPort())
+            {
+                m_whatMessage += OC::InitException::INVALID_PORT;
+            }
+
+            if(isInvalidIp())
+            {
+                m_whatMessage += OC::InitException::INVALID_IP;
+            }
         }
 
+        virtual ~ResourceInitException() throw() {}
+
         bool isInvalidPort() const
         {
             return m_invalidPort;
@@ -77,43 +109,11 @@ namespace OC
 
         virtual const char* what() const BOOST_NOEXCEPT
         {
-            std::string ret;
-
-            if(isUriMissing())
-            {
-                ret += OC::InitException::MISSING_URI;
-            }
-
-            if(isTypeMissing())
-            {
-                ret += OC::InitException::MISSING_TYPE;
-            }
-
-            if(isInterfaceMissing())
-            {
-                ret += OC::InitException::MISSING_INTERFACE;
-            }
-
-            if(isClientWrapperMissing())
-            {
-                ret += OC::InitException::MISSING_CLIENT_WRAPPER;
-            }
-
-            if(isInvalidPort())
-            {
-                ret += OC::InitException::INVALID_PORT;
-            }
-
-            if(isInvalidIp())
-            {
-                ret += OC::InitException::INVALID_IP;
-            }
-
-            return ret.c_str();
+            return m_whatMessage.c_str();
         }
 
     private:
-
+        std::string m_whatMessage;
         bool m_missingUri;
         bool m_missingType;
         bool m_missingInterface;