[IOT-1129]Crash when received invalild type in security resouces

author js126.lee <js126.lee@samsung.com>

Thu, 16 Jun 2016 09:53:41 +0000 (18:53 +0900)

committer Randeep Singh <randeep.s@samsung.com>

Tue, 21 Jun 2016 04:45:45 +0000 (04:45 +0000)
author js126.lee <js126.lee@samsung.com>
Thu, 16 Jun 2016 09:53:41 +0000 (18:53 +0900)
committer Randeep Singh <randeep.s@samsung.com>
Tue, 21 Jun 2016 04:45:45 +0000 (04:45 +0000)
diff --git a/resource/csdk/security/src/aclresource.c b/resource/csdk/security/src/aclresource.c

index c189447..3fdba70 100644 (file)
--- a/resource/csdk/security/src/aclresource.c
+++ b/resource/csdk/security/src/aclresource.c
@@ -422,7 +422,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
          char* tagName = NULL;
          size_t len = 0;
          CborType type = cbor_value_get_type(&aclMap);
-        if (type == CborTextStringType)
+        if (type == CborTextStringType && cbor_value_is_text_string(&aclMap))
          {
              cborFindResult = cbor_value_dup_text_string(&aclMap, &tagName, &len, NULL);
              VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACL Map.");
@@ -444,7 +444,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                      char* acName = NULL;
                      size_t acLen = 0;
                      CborType acType = cbor_value_get_type(&aclistMap);
-                    if (acType == CborTextStringType)
+                    if (acType == CborTextStringType && cbor_value_is_text_string(&aclistMap))
                      {
                          cborFindResult = cbor_value_dup_text_string(&aclistMap, &acName, &acLen, NULL);
                          VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACLIST Map.");
@@ -492,7 +492,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                                      char* name = NULL;
                                      size_t len = 0;
                                      CborType type = cbor_value_get_type(&aclMap);
-                                    if (type == CborTextStringType)
+                                    if (type == CborTextStringType && cbor_value_is_text_string(&aclMap))
                                      {
                                          cborFindResult = cbor_value_dup_text_string(&aclMap, &name, &len, NULL);
                                          VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACL Map.");
@@ -502,7 +502,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                                      if (name)
                                      {
                                          // Subject -- Mandatory
-                                        if (strcmp(name, OIC_JSON_SUBJECTID_NAME)  == 0)
+                                        if (strcmp(name, OIC_JSON_SUBJECTID_NAME)  == 0 && cbor_value_is_text_string(&aclMap))
                                          {
                                              char *subject = NULL;
                                              cborFindResult = cbor_value_dup_text_string(&aclMap, &subject, &len, NULL);
@@ -539,7 +539,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                                                  VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Resource Map");
  
  
-                                                while(cbor_value_is_valid(&rMap))
+                                                while(cbor_value_is_valid(&rMap) && cbor_value_is_text_string(&rMap))
                                                  {
                                                      char *rMapName = NULL;
                                                      size_t rMapNameLen = 0;
@@ -608,7 +608,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                                          }
  
                                          // Period -- Not mandatory
-                                        if (strcmp(name, OIC_JSON_PERIOD_NAME) == 0)
+                                        if (strcmp(name, OIC_JSON_PERIOD_NAME) == 0 && cbor_value_is_array(&aclMap))
                                          {
                                              CborValue period = { .parser = NULL };
                                              cborFindResult = cbor_value_get_array_length(&aclMap, &acl->prdRecrLen);
@@ -618,7 +618,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                                              acl->periods = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*));
                                              VERIFY_NON_NULL(TAG, acl->periods, ERROR);
                                              int i = 0;
-                                            while (cbor_value_is_text_string(&period))
+                                            while (cbor_value_is_text_string(&period) && cbor_value_is_text_string(&period))
                                              {
                                                  cborFindResult = cbor_value_dup_text_string(&period, &acl->periods[i++],
                                                      &len, NULL);
@@ -637,7 +637,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                                              acl->recurrences = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*));
                                              VERIFY_NON_NULL(TAG, acl->recurrences, ERROR);
                                              int i = 0;
-                                            while (cbor_value_is_text_string(&recurrences))
+                                            while (cbor_value_is_text_string(&recurrences) && cbor_value_is_text_string(&recurrences))
                                              {
                                                  cborFindResult = cbor_value_dup_text_string(&recurrences,
                                                      &acl->recurrences[i++], &len, NULL);
@@ -678,7 +678,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
              }
  
              // TODO : Need to modify headAcl->owners[0].id to headAcl->rowner based on RAML spec.
-            if (strcmp(tagName, OIC_JSON_ROWNERID_NAME)  == 0)
+            if (strcmp(tagName, OIC_JSON_ROWNERID_NAME)  == 0 && cbor_value_is_text_string(&aclMap))
              {
                  char *stRowner = NULL;
                  cborFindResult = cbor_value_dup_text_string(&aclMap, &stRowner, &len, NULL);
diff --git a/resource/csdk/security/src/amaclresource.c b/resource/csdk/security/src/amaclresource.c

index be21257..eb2afed 100644 (file)
--- a/resource/csdk/security/src/amaclresource.c
+++ b/resource/csdk/security/src/amaclresource.c
@@ -269,7 +269,7 @@ OCStackResult CBORPayloadToAmacl(const uint8_t *cborPayload, size_t size,
      cborFindResult = cbor_value_enter_container(&amaclCbor, &amaclMap);
      VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Amacl Map.");
  
-    while(cbor_value_is_valid(&amaclMap))
+    while(cbor_value_is_valid(&amaclMap) && cbor_value_is_text_string(&amaclMap))
      {
          char *name = NULL;
          size_t len = 0;
@@ -288,7 +288,7 @@ OCStackResult CBORPayloadToAmacl(const uint8_t *cborPayload, size_t size,
              cborFindResult = cbor_value_enter_container(&amaclMap, &rsrcMap);
              VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Resource Map");
  
-            while(cbor_value_is_valid(&rsrcMap))
+            while(cbor_value_is_valid(&rsrcMap) && cbor_value_is_text_string(&rsrcMap))
              {
                  // resource name
                  char *rsrcName = NULL;
@@ -323,7 +323,7 @@ OCStackResult CBORPayloadToAmacl(const uint8_t *cborPayload, size_t size,
                          cborFindResult = cbor_value_enter_container(&rsrcArray, &rMap);
                          VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Rlist Map");
  
-                        while(cbor_value_is_valid(&rMap))
+                        while(cbor_value_is_valid(&rMap) && cbor_value_is_text_string(&rMap))
                          {
                              char *rMapName = NULL;
                              size_t rMapNameLen = 0;
@@ -398,7 +398,7 @@ OCStackResult CBORPayloadToAmacl(const uint8_t *cborPayload, size_t size,
              VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering AMS Array Container.");
              headAmacl->amss = (OicUuid_t *)OICCalloc(headAmacl->amssLen, sizeof(*headAmacl->amss));
              VERIFY_NON_NULL(TAG, headAmacl->amss, ERROR);
-            while (cbor_value_is_valid(&amsArray))
+            while (cbor_value_is_valid(&amsArray) && cbor_value_is_text_string(&amsArray))
              {
                  char *amssId = NULL;
                  cborFindResult = cbor_value_dup_text_string(&amsArray, &amssId, &len, NULL);
@@ -411,7 +411,7 @@ OCStackResult CBORPayloadToAmacl(const uint8_t *cborPayload, size_t size,
          }
  
          // Rowner -- Mandatory
-        if (0 == strcmp(OIC_JSON_ROWNERID_NAME, name))
+        if (0 == strcmp(OIC_JSON_ROWNERID_NAME, name) && cbor_value_is_text_string(&amaclMap))
          {
              char *stRowner = NULL;
              cborFindResult = cbor_value_dup_text_string(&amaclMap, &stRowner, &len, NULL);
diff --git a/resource/csdk/security/src/credresource.c b/resource/csdk/security/src/credresource.c

index f73e4d6..5b24d66 100644 (file)
--- a/resource/csdk/security/src/credresource.c
+++ b/resource/csdk/security/src/credresource.c
@@ -375,7 +375,7 @@ OCStackResult CBORPayloadToCred(const uint8_t *cborPayload, size_t size,
          char* tagName = NULL;
          size_t len = 0;
          CborType type = cbor_value_get_type(&CredRootMap);
-        if (type == CborTextStringType)
+        if (type == CborTextStringType && cbor_value_is_text_string(&CredRootMap))
          {
              cborFindResult = cbor_value_dup_text_string(&CredRootMap, &tagName, &len, NULL);
              VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in CRED Root Map.");
@@ -419,7 +419,7 @@ OCStackResult CBORPayloadToCred(const uint8_t *cborPayload, size_t size,
  
                      VERIFY_NON_NULL(TAG, cred, ERROR);
  
-                    while(cbor_value_is_valid(&credMap))
+                    while(cbor_value_is_valid(&credMap) && cbor_value_is_text_string(&credMap))
                      {
                          char* name = NULL;
                          CborType type = cbor_value_get_type(&credMap);
@@ -464,7 +464,7 @@ OCStackResult CBORPayloadToCred(const uint8_t *cborPayload, size_t size,
                                  {
                                      char* privname = NULL;
                                      CborType type = cbor_value_get_type(&privateMap);
-                                    if (type == CborTextStringType)
+                                    if (type == CborTextStringType && cbor_value_is_text_string(&privateMap))
                                      {
                                          cborFindResult = cbor_value_dup_text_string(&privateMap, &privname,
                                                  &len, NULL);
@@ -475,7 +475,7 @@ OCStackResult CBORPayloadToCred(const uint8_t *cborPayload, size_t size,
                                      if (privname)
                                      {
                                          // PrivateData::privdata -- Mandatory
-                                        if (strcmp(privname, OIC_JSON_DATA_NAME) == 0)
+                                        if (strcmp(privname, OIC_JSON_DATA_NAME) == 0 && cbor_value_is_byte_string(&privateMap))
                                          {
                                              cborFindResult = cbor_value_dup_byte_string(&privateMap, &cred->privateData.data,
                                                  &cred->privateData.len, NULL);
@@ -506,7 +506,7 @@ OCStackResult CBORPayloadToCred(const uint8_t *cborPayload, size_t size,
                                  {
                                      char* pubname = NULL;
                                      CborType type = cbor_value_get_type(&pubMap);
-                                    if (type == CborTextStringType)
+                                    if (type == CborTextStringType && cbor_value_is_text_string(&pubMap))
                                      {
                                          cborFindResult = cbor_value_dup_text_string(&pubMap, &pubname,
                                                  &len, NULL);
@@ -517,7 +517,7 @@ OCStackResult CBORPayloadToCred(const uint8_t *cborPayload, size_t size,
                                      if (pubname)
                                      {
                                          // PrivateData::privdata -- Mandatory
-                                        if (strcmp(pubname, OIC_JSON_DATA_NAME) == 0)
+                                        if (strcmp(pubname, OIC_JSON_DATA_NAME) == 0 && cbor_value_is_byte_string(&pubMap))
                                          {
                                              cborFindResult = cbor_value_dup_byte_string(&pubMap, &cred->publicData.data,
                                                  &cred->publicData.len, NULL);
@@ -563,7 +563,7 @@ OCStackResult CBORPayloadToCred(const uint8_t *cborPayload, size_t size,
              }
  
              //ROwner -- Mandatory
-            if (strcmp(tagName, OIC_JSON_ROWNERID_NAME)  == 0)
+            if (strcmp(tagName, OIC_JSON_ROWNERID_NAME)  == 0 && cbor_value_is_text_string(&CredRootMap))
              {
                  char *stRowner = NULL;
                  cborFindResult = cbor_value_dup_text_string(&CredRootMap, &stRowner, &len, NULL);
diff --git a/resource/csdk/security/src/doxmresource.c b/resource/csdk/security/src/doxmresource.c

index ccdfbc8..57280f3 100644 (file)
--- a/resource/csdk/security/src/doxmresource.c
+++ b/resource/csdk/security/src/doxmresource.c
@@ -313,7 +313,7 @@ OCStackResult CBORPayloadToDoxm(const uint8_t *cborPayload, size_t size,
  
          int i = 0;
          size_t len = 0;
-        while (cbor_value_is_valid(&oxmType))
+        while (cbor_value_is_valid(&oxmType) && cbor_value_is_text_string(&oxmType))
          {
              cborFindResult = cbor_value_dup_text_string(&oxmType, &doxm->oxmType[i++],
                                                          &len, NULL);
@@ -339,7 +339,7 @@ OCStackResult CBORPayloadToDoxm(const uint8_t *cborPayload, size_t size,
          VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering oxmName Array.")
  
          int i = 0;
-        while (cbor_value_is_valid(&oxm))
+        while (cbor_value_is_valid(&oxm) && cbor_value_is_integer(&oxm))
          {
              cborFindResult = cbor_value_get_int(&oxm, (int *) &doxm->oxm[i++]);
              VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding oxmName Value")
diff --git a/resource/csdk/security/src/dpairingresource.c b/resource/csdk/security/src/dpairingresource.c

old mode 100755 (executable)

new mode 100644 (file)

index 0c5c03f..f9c9897
--- a/resource/csdk/security/src/dpairingresource.c
+++ b/resource/csdk/security/src/dpairingresource.c
@@ -297,7 +297,7 @@ OCStackResult CBORPayloadToDpair(const uint8_t *cborPayload, size_t size,
      dpair = (OicSecDpairing_t *)OICCalloc(1, sizeof(*dpair));
      VERIFY_NON_NULL(TAG, dpair, ERROR);
  
-    while (cbor_value_is_valid(&dpairMap))
+    while (cbor_value_is_valid(&dpairMap) && cbor_value_is_text_string(&dpairMap))
      {
          char *name = NULL;
          size_t len = 0;
@@ -308,7 +308,7 @@ OCStackResult CBORPayloadToDpair(const uint8_t *cborPayload, size_t size,
          VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing a value in DPair map");
  
          type = cbor_value_get_type(&dpairMap);
-        if (0 == strcmp(OIC_JSON_SPM_NAME, name))
+        if (0 == strcmp(OIC_JSON_SPM_NAME, name) && cbor_value_is_integer(&dpairMap))
          {
              cborFindResult = cbor_value_get_int(&dpairMap, (int *) &dpair->spm);
              VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding SPM Value");
diff --git a/resource/csdk/security/src/pconfresource.c b/resource/csdk/security/src/pconfresource.c

index 921b249..19586fb 100644 (file)
--- a/resource/csdk/security/src/pconfresource.c
+++ b/resource/csdk/security/src/pconfresource.c
@@ -476,7 +476,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
          char *name = NULL;
          size_t len = 0;
          CborType type = cbor_value_get_type(&pconfMap);
-        if (type == CborTextStringType)
+        if (type == CborTextStringType && cbor_value_is_text_string(&pconfMap))
          {
              cborFindResult = cbor_value_dup_text_string(&pconfMap, &name, &len, NULL);
              VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value");
@@ -487,7 +487,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
          if (name)
          {
              //EDP -- Mandatory
-            if(0 == strcmp(OIC_JSON_EDP_NAME, name))
+            if(0 == strcmp(OIC_JSON_EDP_NAME, name) && cbor_value_is_boolean(&pconfMap))
              {
                  cborFindResult = cbor_value_get_boolean(&pconfMap, &pconf->edp);
                  VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value");
@@ -505,7 +505,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
                  cborFindResult = cbor_value_enter_container(&pconfMap, &prm);
                  VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to eneter array");
  
-                while (cbor_value_is_valid(&prm))
+                while (cbor_value_is_valid(&prm) && cbor_value_is_integer(&prm))
                  {
                      cborFindResult = cbor_value_get_int(&prm, (int *)&pconf->prm[i++]);
                      VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value");
@@ -514,7 +514,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
                  }
              }
              //PIN -- Mandatory
-            if (0 == strcmp(OIC_JSON_PIN_NAME, name))
+            if (0 == strcmp(OIC_JSON_PIN_NAME, name) && cbor_value_is_byte_string(&pconfMap))
              {
                  uint8_t *pin = NULL;
                  cborFindResult = cbor_value_dup_byte_string(&pconfMap, &pin, &len, NULL);
@@ -546,7 +546,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
                          char* name = NULL;
                          size_t len = 0;
                          CborType type = cbor_value_get_type(&pdAclMap);
-                        if (type == CborTextStringType)
+                        if (type == CborTextStringType && cbor_value_is_text_string(&pdAclMap))
                          {
                              cborFindResult = cbor_value_dup_text_string(&pdAclMap, &name,
                                      &len, NULL);
@@ -557,7 +557,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
                          if (name)
                          {
                              // Resources -- Mandatory
-                            if (strcmp(name, OIC_JSON_RESOURCES_NAME) == 0)
+                            if (strcmp(name, OIC_JSON_RESOURCES_NAME) == 0 && cbor_value_is_array(&pdAclMap))
                              {
                                  int i = 0;
                                  CborValue resources = { .parser = NULL };
@@ -576,7 +576,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
                                      cborFindResult = cbor_value_enter_container(&resources, &rMap);
                                      VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Resource Map");
  
-                                    while(cbor_value_is_valid(&rMap))
+                                    while(cbor_value_is_valid(&rMap) && cbor_value_is_text_string(&rMap))
                                      {
                                          char *rMapName = NULL;
                                          size_t rMapNameLen = 0;
@@ -640,7 +640,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
                              }
  
                              // Permissions -- Mandatory
-                            if (strcmp(name, OIC_JSON_PERMISSION_NAME) == 0)
+                            if (strcmp(name, OIC_JSON_PERMISSION_NAME) == 0 && cbor_value_is_unsigned_integer(&pdAclMap))
                              {
                                  cborFindResult = cbor_value_get_uint64(&pdAclMap,
                                          (uint64_t *) &pdacl->permission);
@@ -648,7 +648,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
                              }
  
                              // Period -- Not mandatory
-                            if (strcmp(name, OIC_JSON_PERIODS_NAME) == 0)
+                            if (strcmp(name, OIC_JSON_PERIODS_NAME) == 0 && cbor_value_is_array(&pdAclMap))
                              {
                                  int i = 0;
                                  CborValue period = { .parser = NULL };
@@ -660,7 +660,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
                                  pdacl->periods = (char **) OICCalloc(pdacl->prdRecrLen, sizeof(char*));
                                  VERIFY_NON_NULL(TAG, pdacl->periods, ERROR);
  
-                                while (cbor_value_is_text_string(&period))
+                                while (cbor_value_is_text_string(&period) && cbor_value_is_text_string(&period))
                                  {
                                      cborFindResult = cbor_value_dup_text_string(&period,
                                              &pdacl->periods[i++], &len, NULL);
@@ -672,7 +672,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
                              }
  
                              // Recurrence -- Not mandatory
-                            if (strcmp(name, OIC_JSON_RECURRENCES_NAME) == 0)
+                            if (strcmp(name, OIC_JSON_RECURRENCES_NAME) == 0 && cbor_value_is_array(&pdAclMap))
                              {
                                  int i = 0;
                                  CborValue recurrences = { .parser = NULL };
@@ -683,7 +683,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
                                  pdacl->recurrences = (char **) OICCalloc(pdacl->prdRecrLen, sizeof(char*));
                                  VERIFY_NON_NULL(TAG, pdacl->recurrences, ERROR);
  
-                                while (cbor_value_is_text_string(&recurrences))
+                                while (cbor_value_is_text_string(&recurrences) && cbor_value_is_text_string(&recurrences))
                                  {
                                      cborFindResult = cbor_value_dup_text_string(&recurrences,
                                              &pdacl->recurrences[i++], &len, NULL);
@@ -725,7 +725,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
              }
  
              //PDDev -- Mandatory
-            if (strcmp(name, OIC_JSON_PDDEV_LIST_NAME) == 0)
+            if (strcmp(name, OIC_JSON_PDDEV_LIST_NAME) == 0 && cbor_value_is_array(&pconfMap))
              {
                  int i = 0;
                  CborValue pddevs = { .parser = NULL };
@@ -736,7 +736,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
  
                  pconf->pddevs = (OicUuid_t *)OICMalloc(pconf->pddevLen * sizeof(OicUuid_t));
                  VERIFY_NON_NULL(TAG, pconf->pddevs, ERROR);
-                while (cbor_value_is_valid(&pddevs))
+                while (cbor_value_is_valid(&pddevs) && cbor_value_is_text_string(&pddevs))
                  {
                      char *pddev = NULL;
                      cborFindResult = cbor_value_dup_text_string(&pddevs, &pddev, &len, NULL);
@@ -750,7 +750,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
              }
  
              //Mandatory - Device Id
-            if (0 == strcmp(OIC_JSON_DEVICE_ID_NAME, name))
+            if (0 == strcmp(OIC_JSON_DEVICE_ID_NAME, name) && cbor_value_is_text_string(&pconfMap))
              {
                  char *deviceId = NULL;
                  cborFindResult = cbor_value_dup_text_string(&pconfMap, &deviceId, &len, NULL);
@@ -761,7 +761,7 @@ OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSec
              }
  
              // ROwner -- Mandatory
-            if (0 == strcmp(OIC_JSON_ROWNERID_NAME, name))
+            if (0 == strcmp(OIC_JSON_ROWNERID_NAME, name) && cbor_value_is_text_string(&pconfMap))
              {
                  char *rowner = NULL;
                  cborFindResult = cbor_value_dup_text_string(&pconfMap, &rowner, &len, NULL);
diff --git a/resource/csdk/security/src/svcresource.c b/resource/csdk/security/src/svcresource.c

index a1175aa..e927c94 100644 (file)
--- a/resource/csdk/security/src/svcresource.c
+++ b/resource/csdk/security/src/svcresource.c
@@ -230,7 +230,7 @@ OCStackResult CBORPayloadToSVC(const uint8_t *cborPayload, size_t size,
  
              type = cbor_value_get_type(&svcMap);
              // Service Device Identity
-            if (0 == strcmp(OIC_JSON_SERVICE_DEVICE_ID, name))
+            if (0 == strcmp(OIC_JSON_SERVICE_DEVICE_ID, name) && cbor_value_is_byte_string(&svcMap))
              {
                  uint8_t *subjectId = NULL;
                  cborFindResult = cbor_value_dup_byte_string(&svcMap, &subjectId, &len, NULL);
@@ -239,14 +239,14 @@ OCStackResult CBORPayloadToSVC(const uint8_t *cborPayload, size_t size,
                  OICFree(subjectId);
              }
              // Service Type
-            if (0 == strcmp(OIC_JSON_SERVICE_TYPE, name))
+            if (0 == strcmp(OIC_JSON_SERVICE_TYPE, name) && cbor_value_is_integer(&svcMap))
              {
                  cborFindResult = cbor_value_get_int(&svcMap, (int *) &svc->svct);
                  VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to Find SVCT.");
              }
  
              // Owners -- Mandatory
-            if (0 == strcmp(OIC_JSON_OWNERS_NAME, name))
+            if (0 == strcmp(OIC_JSON_OWNERS_NAME, name) && cbor_value_is_array(&svcMap))
              {
                  int i = 0;
                  CborValue owners = { .parser = NULL };
@@ -258,7 +258,7 @@ OCStackResult CBORPayloadToSVC(const uint8_t *cborPayload, size_t size,
                  svc->owners = (OicUuid_t *)OICCalloc(svc->ownersLen, sizeof(*svc->owners));
                  VERIFY_NON_NULL(TAG, svc->owners, ERROR);
  
-                while (cbor_value_is_valid(&owners))
+                while (cbor_value_is_valid(&owners) && cbor_value_is_byte_string(&owners))
                  {
                      uint8_t *owner = NULL;
                      cborFindResult = cbor_value_dup_byte_string(&owners, &owner, &len, NULL);
author	js126.lee <js126.lee@samsung.com>
	Thu, 16 Jun 2016 09:53:41 +0000 (18:53 +0900)
committer	Randeep Singh <randeep.s@samsung.com>
	Tue, 21 Jun 2016 04:45:45 +0000 (04:45 +0000)
resource/csdk/security/src/aclresource.c		patch \| blob \| history
resource/csdk/security/src/amaclresource.c		patch \| blob \| history
resource/csdk/security/src/credresource.c		patch \| blob \| history
resource/csdk/security/src/doxmresource.c		patch \| blob \| history
resource/csdk/security/src/dpairingresource.c	[changed mode: 0755->0644]	patch \| blob \| history
resource/csdk/security/src/pconfresource.c		patch \| blob \| history
resource/csdk/security/src/svcresource.c		patch \| blob \| history