Fix svace issue (378706, 410179, 410180)

 - missing null termination on string copy
 - incorrect base type on string memset

Change-Id: Id06ae16cd22f57b52211ec89b418d887d356166c
Signed-off-by: sinikang <sinikang@samsung.com>

diff --git a/packaging/org.tizen.w-ciss.spec b/packaging/org.tizen.w-ciss.spec
index e2c23e6fe7914b464155bfa8d49cbe6860ffa847..fd0d2f80c2147d757a56f4e7d757bb905932a7e5 100644 (file)
--- a/packaging/org.tizen.w-ciss.spec
+++ b/packaging/org.tizen.w-ciss.spec
@@ -1,6 +1,6 @@
 %define major 0
 %define minor 1
-%define patchlevel 7
+%define patchlevel 8
 
 Name:       org.tizen.w-ciss
 Summary:    CISS-MMI application

diff --git a/src/ciss-parser.c b/src/ciss-parser.c
index b1f85d1abd47b1d6713977e963da7d9ca265fc88..62aad300bc66376ca6c4a1b25a7dbdce715aa944 100644 (file)
--- a/src/ciss-parser.c
+++ b/src/ciss-parser.c
@@ -236,8 +236,7 @@ static unsigned char __ciss_parse_mmi_string(ciss_mmi_context_t *mmi_ctx, int *e
                if (ss_type == CISS_SERVICE_FORWARDING) {
                        if (sia[0] != '\0') {
                                memset(mmi_ctx->forward_number, 0, CISS_NUMBER_LEN_MAX+1);
-                               strncpy(mmi_ctx->forward_number, sia, strlen(sia));
-                               mmi_ctx->forward_number[strlen(sia)] = '\0';
+                               strncpy(mmi_ctx->forward_number, sia, CISS_NUMBER_LEN_MAX);
                        }
                }
        }

diff --git a/src/ciss-util.c b/src/ciss-util.c
index 522d8c1bcd6a655bd8d75406f7dc4381bba3bfe9..3b29406a9525834903f85199c5304946a9873285 100644 (file)
--- a/src/ciss-util.c
+++ b/src/ciss-util.c
@@ -26,7 +26,7 @@
 char *_ciss_strcpy(char *pBuffer, int nBufCount, const char *pszString)
 {
        retv_if(pBuffer == NULL, NULL);
-       memset(pBuffer, 0, sizeof(pBuffer));
+       memset(pBuffer, 0, nBufCount * sizeof(char));
 
        if ((nBufCount - 1) >= (int)strlen(pszString)) {
                strncpy(pBuffer, pszString, (int)strlen(pszString));