Fix svace defects

Don't use asctime because of thread-unsafe detection category.
Handle null dereferencing cases in cs-logic.

Change-Id: Icacb98014d5296f13470a07813c67bb8abb322a6
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>

diff --git a/engine/web-protection/sample-engine.cpp b/engine/web-protection/sample-engine.cpp
index 0b42233..b44fa3d 100644 (file)
--- a/engine/web-protection/sample-engine.cpp
+++ b/engine/web-protection/sample-engine.cpp
@@ -533,6 +533,7 @@ int csre_wp_get_error_string(int error_code, const char **string)
 
        case CSRET_WP_ERROR_SIGNATURE_FILE_FORMAT:
                *string = "CSRET_WP_ERROR_SIGNATURE_FILE_FORMAT";
+               break;
 
        case CSRET_WP_ERROR_FILE_IO:
                *string = "CSRET_WP_ERROR_FILE_IO";

diff --git a/src/framework/service/cs-logic.cpp b/src/framework/service/cs-logic.cpp
index 7400fb7..a77a056 100644 (file)
--- a/src/framework/service/cs-logic.cpp
+++ b/src/framework/service/cs-logic.cpp
@@ -234,6 +234,12 @@ RawBuffer CsLogic::scanApp(const CsContext &context, const std::string &path)
                        if (!worse || *worse < *row)
                                worse = std::move(row);
 
+               if (!worse) {
+                       INFO("No detected malware found in db.... Newly detected malware is removed by "
+                                "other client. Handle it as fully clean case.");
+                       return BinaryQueue::Serialize(CSR_ERROR_NONE).pop();
+               }
+
                if (*riskiest < *worse) {
                        INFO("worse case in db is worse than riskiest. on pkg[" << pkgPath << "]");
                        riskiestPath = worse->fileInAppPath;
@@ -261,12 +267,8 @@ RawBuffer CsLogic::scanApp(const CsContext &context, const std::string &path)
                }
        } else if (history && !after && !riskiest) {
                auto rows = this->m_db.getDetectedByFilepathOnDir(pkgPath);
-               if (rows.empty()) {
-                       INFO("worst case is deleted cascadingly and NO new detected and "
-                                "NO worse case. the pkg[" << pkgPath << "] is clean.");
-                       this->m_db.deleteDetectedByNameOnPath(pkgPath);
-                       return BinaryQueue::Serialize(CSR_ERROR_NONE).pop();
-               } else {
+
+               if (!rows.empty()) {
                        INFO("worst case is deleted cascadingly and NO new detected and "
                                 "worse case exist on pkg[" << pkgPath << "]. insert it to worst.");
                        Db::RowShPtr worse;
@@ -274,13 +276,21 @@ RawBuffer CsLogic::scanApp(const CsContext &context, const std::string &path)
                                if (!worse || *worse < *row)
                                        worse = std::move(row);
 
-                       this->m_db.insertWorst(pkgId, pkgPath, worse->fileInAppPath);
+                       if (worse) {
+                               this->m_db.insertWorst(pkgId, pkgPath, worse->fileInAppPath);
 
-                       if (worse->isIgnored)
-                               return BinaryQueue::Serialize(CSR_ERROR_NONE).pop();
+                               if (worse->isIgnored)
+                                       return BinaryQueue::Serialize(CSR_ERROR_NONE).pop();
 
-                       return this->handleAskUser(context, *worse);
+                               return this->handleAskUser(context, *worse);
+                       }
                }
+
+               INFO("worst case is deleted cascadingly and NO new detected and "
+                        "NO worse case. the pkg[" << pkgPath << "] is clean.");
+
+               this->m_db.deleteDetectedByNameOnPath(pkgPath);
+               return BinaryQueue::Serialize(CSR_ERROR_NONE).pop();
        } else if (!history && riskiest) {
                INFO("no history and new detected");
                this->m_db.insertWorst(pkgId, pkgPath, riskiestPath);

diff --git a/test/internals/test-api-engine-content-screening.cpp b/test/internals/test-api-engine-content-screening.cpp
index e7dc024..3980463 100644 (file)
--- a/test/internals/test-api-engine-content-screening.cpp
+++ b/test/internals/test-api-engine-content-screening.cpp
@@ -368,9 +368,6 @@ BOOST_AUTO_TEST_CASE(get_latest_update_time)
        ASSERT_IF(csre_cs_engine_get_latest_update_time(handle, &time),
                          CSRE_ERROR_NONE);
 
-       struct tm t;
-       BOOST_MESSAGE(asctime(gmtime_r(&time, &t)));
-
        EXCEPTION_GUARD_END
 }
 

diff --git a/test/internals/test-api-engine-web-protection.cpp b/test/internals/test-api-engine-web-protection.cpp
index 8b53b56..6026a93 100644 (file)
--- a/test/internals/test-api-engine-web-protection.cpp
+++ b/test/internals/test-api-engine-web-protection.cpp
@@ -196,9 +196,6 @@ BOOST_AUTO_TEST_CASE(get_latest_update_time)
        ASSERT_IF(csre_wp_engine_get_latest_update_time(handle, &time),
                          CSRE_ERROR_NONE);
 
-       struct tm t;
-       BOOST_MESSAGE(asctime(gmtime_r(&time, &t)));
-
        EXCEPTION_GUARD_END
 }
 

diff --git a/test/internals/test-cs-loader.cpp b/test/internals/test-cs-loader.cpp
index 7ce5552..263be57 100644 (file)
--- a/test/internals/test-cs-loader.cpp
+++ b/test/internals/test-cs-loader.cpp
@@ -378,9 +378,6 @@ BOOST_AUTO_TEST_CASE(get_latest_update_time)
        ASSERT_IF(h.loader.getEngineLatestUpdateTime(h.context, &time),
                          CSRE_ERROR_NONE);
 
-       struct tm t;
-       BOOST_MESSAGE(asctime(gmtime_r(&time, &t)));
-
        EXCEPTION_GUARD_END
 }
 

diff --git a/test/internals/test-wp-loader.cpp b/test/internals/test-wp-loader.cpp
index f345467..b4d270b 100755 (executable)
--- a/test/internals/test-wp-loader.cpp
+++ b/test/internals/test-wp-loader.cpp
@@ -243,9 +243,6 @@ BOOST_AUTO_TEST_CASE(get_latest_update_time)
        ASSERT_IF(h.loader.getEngineLatestUpdateTime(h.context, &time),
                          CSRE_ERROR_NONE);
 
-       struct tm t;
-       BOOST_MESSAGE(asctime(gmtime_r(&time, &t)));
-
        EXCEPTION_GUARD_END
 }