From: j-h.choi <j-h.choi@samsung.com>
Date: Wed, 18 Mar 2020 05:58:36 +0000 (+0900)
Subject: Fixed memory corruption. AddressSanitizer: heap-buffer-overflow
X-Git-Tag: accepted/tizen/5.5/unified/20200319.094222~4
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=094581ab80440c91fea5d100f83f719e4b69770c;p=platform%2Fcore%2Fdotnet%2Flauncher.git

Fixed memory corruption. AddressSanitizer: heap-buffer-overflow

Change-Id: Ie71f63fa076a11ac80166e0b11b4e6a6b178cf50
---

diff --git a/NativeLauncher/inc/db_manager.h b/NativeLauncher/inc/db_manager.h
index a9af787..1eb5b24 100644
--- a/NativeLauncher/inc/db_manager.h
+++ b/NativeLauncher/inc/db_manager.h
@@ -27,7 +27,6 @@
 			NUGET		TEXT,\
 			NAME		TEXT,\
 			VERSION		TEXT);"
-#define QUERY_MAX_LEN	4096
 
 sqlite3* dbCreate(std::string path, std::string query);
 sqlite3* dbOpen(std::string path);
diff --git a/NativeLauncher/util/db_manager.cc b/NativeLauncher/util/db_manager.cc
index 6edadfb..1cda879 100644
--- a/NativeLauncher/util/db_manager.cc
+++ b/NativeLauncher/util/db_manager.cc
@@ -137,7 +137,7 @@ bool dbUpdate(sqlite3 *sqlite, std::string path, std::string query)
 {
 	sqlite3_stmt *stmt = NULL;
 	int ret = sqlite3_exec(sqlite, "BEGIN;", NULL, NULL, NULL);
-	ret = sqlite3_prepare(sqlite, query.c_str(), QUERY_MAX_LEN , &stmt, NULL);
+	ret = sqlite3_prepare(sqlite, query.c_str(), query.size(), &stmt, NULL);
 	if (ret != SQLITE_OK) {
 		_ERR("Sqlite error : [%d, %s]", ret, sqlite3_errmsg(sqlite));
 		dbClose(sqlite);
@@ -158,7 +158,7 @@ bool dbInsert(sqlite3 *sqlite, std::string path, std::string query)
 {
 	sqlite3_stmt *stmt = NULL;
 	int ret = sqlite3_exec(sqlite, "BEGIN;", NULL, NULL, NULL);
-	ret = sqlite3_prepare(sqlite, query.c_str(), QUERY_MAX_LEN , &stmt, NULL);
+	ret = sqlite3_prepare(sqlite, query.c_str(), query.size(), &stmt, NULL);
 	if (ret != SQLITE_OK) {
 		_ERR("Sqlite error : [%d, %s]", ret, sqlite3_errmsg(sqlite));
 		dbClose(sqlite);
@@ -180,7 +180,7 @@ std::vector<std::string> dbSelect(sqlite3 *sqlite, std::string path, std::string
 	std::vector<std::string> updateDB;
 	sqlite3_stmt* stmt = NULL;
 	const char* str = NULL;
-	int ret = sqlite3_prepare_v2(sqlite, query.c_str(), strlen(query.c_str()), &stmt, NULL);
+	int ret = sqlite3_prepare_v2(sqlite, query.c_str(), query.size(), &stmt, NULL);
 	if (ret != SQLITE_OK) {
 		_ERR("Sqlite error : [%d, %s]", ret, sqlite3_errmsg(sqlite));
 		dbClose(sqlite);
@@ -198,7 +198,7 @@ bool dbDelete(sqlite3 *sqlite, std::string path, std::string query)
 {
 	sqlite3_stmt *stmt = NULL;
 	int ret = sqlite3_exec(sqlite, "BEGIN;", NULL, NULL, NULL);
-	ret = sqlite3_prepare(sqlite, query.c_str(), QUERY_MAX_LEN , &stmt, NULL);
+	ret = sqlite3_prepare(sqlite, query.c_str(), query.size(), &stmt, NULL);
 	if (ret != SQLITE_OK) {
 		_ERR("Sqlite error : [%d, %s]", ret, sqlite3_errmsg(sqlite));
 		dbClose(sqlite);