From: saerome.kim <saerome.kim@samsung.com>
Date: Tue, 6 Aug 2019 00:52:44 +0000 (+0900)
Subject: Fixed vulnerability issues.
X-Git-Tag: accepted/tizen/unified/20190816.112354~6
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=0b3693a4a0f6d7f8dce386562f22969bfe45839b;p=platform%2Fcore%2Fconnectivity%2Fua-manager.git

Fixed vulnerability issues.
Added out-of-memory error code.

Change-Id: I3efc6f1dd82b81f4d05646e36325bb5f5d9330b0
Signed-off-by: saerome.kim <saerome.kim@samsung.com>
---

diff --git a/include/ua-api.h b/include/ua-api.h
index 92fa95a..5c38b3b 100644
--- a/include/ua-api.h
+++ b/include/ua-api.h
@@ -141,6 +141,7 @@ typedef enum {
 typedef enum {
 	UAM_ERROR_NONE = TIZEN_ERROR_NONE, /**< Succsssful */
 	UAM_ERROR_INVALID_PARAMETER = TIZEN_ERROR_INVALID_PARAMETER, /**< Invalid parameter */
+	UAM_ERROR_OUT_OF_MEMORY = TIZEN_ERROR_OUT_OF_MEMORY, /**< Out of memory */
 	UAM_ERROR_PERMISSION_DENIED = TIZEN_ERROR_PERMISSION_DENIED, /**< Permission denied */
 	UAM_ERROR_TIMED_OUT = TIZEN_ERROR_TIMED_OUT, /**< Time out */
 	UAM_ERROR_NOW_IN_PROGRESS = TIZEN_ERROR_NOW_IN_PROGRESS, /**< Now in progress */
diff --git a/packaging/ua-manager.spec b/packaging/ua-manager.spec
index 100fd57..cae5fba 100644
--- a/packaging/ua-manager.spec
+++ b/packaging/ua-manager.spec
@@ -1,6 +1,6 @@
 Name:       ua-manager
 Summary:    User awareness manager
-Version:    0.6.0
+Version:    0.6.1
 Release:    1
 License:    Apache-2.0
 Source0:    %{name}-%{version}.tar.gz
diff --git a/ua-daemon/src/ua-manager-common.c b/ua-daemon/src/ua-manager-common.c
index 9d74a01..6ee377c 100644
--- a/ua-daemon/src/ua-manager-common.c
+++ b/ua-daemon/src/ua-manager-common.c
@@ -123,6 +123,7 @@ const char *_uam_manager_error_to_str(int error)
 	/* CHECK: List all enum values here */
 	CASE_TO_STR(UAM_ERROR_NONE)
 	CASE_TO_STR(UAM_ERROR_INVALID_PARAMETER)
+	CASE_TO_STR(UAM_ERROR_OUT_OF_MEMORY)
 	CASE_TO_STR(UAM_ERROR_PERMISSION_DENIED)
 	CASE_TO_STR(UAM_ERROR_TIMED_OUT)
 	CASE_TO_STR(UAM_ERROR_NOW_IN_PROGRESS)
diff --git a/ua-daemon/src/ua-manager-event-sender.c b/ua-daemon/src/ua-manager-event-sender.c
index ee1529d..a29f72d 100644
--- a/ua-daemon/src/ua-manager-event-sender.c
+++ b/ua-daemon/src/ua-manager-event-sender.c
@@ -245,7 +245,15 @@ int _uam_register_app_info(char *sender, uam_app_info_s app_info)
 	}
 
 	app = g_malloc0(sizeof(uam_app_info_s));
+	if (!app) {
+		UAM_ERR("Failed allocated memory");
+		return UAM_ERROR_OUT_OF_MEMORY;
+	}
 	app->sender = g_strdup(sender);
+	if (!app->sender) {
+		UAM_ERR("Failed allocated memory");
+		return UAM_ERROR_OUT_OF_MEMORY;
+	}
 	g_strlcpy(app->app_id, app_info.app_id, UAM_APP_ID_MAX_STRING_LEN);
 	app->uid = app_info.uid;
 
diff --git a/ua-daemon/src/ua-manager-request-handler.c b/ua-daemon/src/ua-manager-request-handler.c
index 827551f..7b34b4f 100644
--- a/ua-daemon/src/ua-manager-request-handler.c
+++ b/ua-daemon/src/ua-manager-request-handler.c
@@ -73,7 +73,7 @@ static void __uam_manager_copy_params(
 	void *buf = NULL;
 
 	buf = (void *)g_variant_get_data(in_param);
-	memcpy(value, buf, size);
+	memcpy(value, buf, sizeof(memcpy) >= size ? sizeof(value) : size);
 
 	FUNC_EXIT;
 }
@@ -653,9 +653,19 @@ static void __uam_manager_save_request_context(
 			_uam_manager_request_to_str(function), function);
 
 	info = g_malloc0(sizeof(uam_request_context_t));
+	if (!info) {
+		UAM_ERR("Failed to allocated memory [%s][%d]", sender, function);
+		return;
+	}
 	info->context = context;
 	info->result = result;
 	info->sender = g_strdup(sender);
+	if (!info->sender) {
+		g_free(info);
+		info = NULL;
+		UAM_ERR("Failed to allocated memory [%s][%d]", sender, function);
+		return;
+	}
 	info->function = function;
 	info->data = data;
 	request_list = g_slist_append(request_list, info);