[FIX] Svace issues

|-------------------------------------------------------|
| WGID  | Type                      | File              |
|-------------------------------------------------------|
| 84792 | TAINTED_INT.MIGHT         | ui_viewer_lib.c   |
| 84797 | TAINTED_INT.MIGHT         | ui_viewer_lib.c   |
|-------------------------------------------------------|

Change-Id: I04f1266b6dbd37d1b7a934df2b9354c44958503e
Signed-off-by: Vitaliy Cherepanov <v.cherepanov@samsung.com>

diff --git a/ui_viewer/ui_viewer_lib.c b/ui_viewer/ui_viewer_lib.c
index 0d13133..a5c9a25 100644 (file)
--- a/ui_viewer/ui_viewer_lib.c
+++ b/ui_viewer/ui_viewer_lib.c
@@ -150,6 +150,12 @@ static int createSocket(void)
                                if (recvlen > 0) {
                                        char *data_buf = NULL;
 
+                                       if (log.length < 0 ||
+                                           (unsigned int)log.length > sizeof(log.data)) {
+                                               PRINTERR("Too long message");
+                                               continue;
+                                       }
+
                                        data_buf = malloc(log.length);
 
                                        if (data_buf == NULL) {
@@ -276,7 +282,8 @@ static void *recvThread(void __unused *data)
                        if(recvlen > 0) // recv succeed
                        {
 
-                               if(log.length > 0) {
+                               if (log.length > 0 &&
+                                   (unsigned int)log.length <= sizeof(log.data)) {
                                        data_buf = malloc(log.length);
                                        if (data_buf == NULL) {
                                                PRINTERR("cannot allocate buf to recv msg");