Fix [ASAN][BUG] heap-buffer-overflow in sdbd

Change-Id: I233898809080cce9915418a586873d9d65c7ea2b
Signed-off-by: Sungguk Na <sungguk.na@samsung.com>y
Signed-off-by: Dongkyun Son <dongkyun.s@samsung.com>

diff --git a/src/default_plugin_basic.c b/src/default_plugin_basic.c
index 8d6a1f4f86f9e04724fa4c58f05f417d3398e011..b311a455c78cfe084d1b712440552fb787407631 100755 (executable)
--- a/src/default_plugin_basic.c
+++ b/src/default_plugin_basic.c
@@ -383,7 +383,9 @@ int verify_handle_by_plugin ( parameters* in, parameters* out )
     }
 
     //the data contains the string sample-echo followed by space and then the user string, hence checking for space.
-    if((in->array_of_parameter[0].v_string.data[11] == ' ')&&(!strncmp(in->array_of_parameter[0].v_string.data, "sample-echo", strlen("sample-echo")))) {
+    if((in->array_of_parameter[0].v_string.length >= 12) &&
+            (in->array_of_parameter[0].v_string.data[11] == ' ') &&
+            (!strncmp(in->array_of_parameter[0].v_string.data, "sample-echo", strlen("sample-echo")))) {
        out->array_of_parameter[0].type = type_int32;
        out->array_of_parameter[0].v_int32 = PLUGIN_RET_HANDLE;
     }