From: Hyotaek Shim <hyotaek.shim@samsung.com>
Date: Fri, 10 Dec 2021 10:47:52 +0000 (+0900)
Subject: Fix ASAN issue
X-Git-Tag: submit/tizen_6.5/20211210.105107^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=02660c9877d7bbaebb6073965015e5487e5334aa;p=platform%2Fcore%2Fapi%2Fsystem-info.git

Fix ASAN issue

stack-buffer-overflow on address 0xbed7cb70 at pc 0xb6a2c22b bp 0xbed7c90c sp 0xbed7c4d8
READ of size 29 at 0xbed7cb70 thread T0
    #0 0xb6a2c228 in strdup (/usr/lib/libasan.so+0x35228)
    #1 0xb4da64d8  (/lib/libcapi-system-info.so.0+0x24d8)
    #2 0xb4da66fe  (/lib/libcapi-system-info.so.0+0x26fe)
    #3 0xb65a096a  (/lib/libcapi-system-device.so.0+0x496a)
    #4 0xb6f601b8 in call_init /usr/src/debug/glibc-2.30-2.9.arm/elf/dl-init.c:72
    #5 0xbed7cfb4  ([stack]+0x20fb4)

Address 0xbed7cb70 is located in stack of thread T0 at offset 80 in frame
    #0 0xb4da6664  (/lib/libcapi-system-info.so.0+0x2664)

  This frame has 2 object(s):
    [48, 52) 'valp' (line 271)
    [64, 80) 'val' (line 270) <== Memory access at offset 80 overflows this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)

Change-Id: I122980ff762983bc9646afd84d9e659766edf9a9
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
(cherry picked from commit 95b106c07f4e8a8478895f22031bb757940bf5f3)
---

diff --git a/src/system_info.c b/src/system_info.c
index fdcb043..a5eb217 100644
--- a/src/system_info.c
+++ b/src/system_info.c
@@ -227,7 +227,7 @@ static int db_get_value(enum tag_type tag, const char *key,
 	free(buffer2);
 
 	if (ret == SYSTEM_INFO_ERROR_NONE)
-		g_hash_table_insert(hashtable, strdup(key_internal), strdup(value));
+		g_hash_table_insert(hashtable, strdup(key_internal), strndup(value, len));
 
 	pthread_mutex_unlock(&fmutex);