From: jk7744.park Date: Sat, 24 Oct 2015 07:30:32 +0000 (+0900) Subject: tizen 2.4 release X-Git-Tag: accepted/tizen/2.4/mobile/20151029.065732^0 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=2d1d5d9b670ac824765c75169c3faa0a5b41ed40;p=framework%2Fappfw%2Fdata-control.git tizen 2.4 release --- diff --git a/include/data-control-map.h b/include/data-control-map.h index 85b2075..1d38c0f 100755 --- a/include/data-control-map.h +++ b/include/data-control-map.h @@ -121,19 +121,19 @@ typedef struct * * result = datacontrol_map_create(&provider); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Creating data control provider is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Creating data control provider is failed with error: %d", result); * return result; * } * * result = datacontrol_map_set_provider_id(provider, provider_id); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Setting providerID is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Setting providerID is failed with error: %d", result); * return result; * } * * result = datacontrol_map_set_data_id(provider, data_id); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Setting dataID is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Setting dataID is failed with error: %d", result); * return result; * } * @@ -141,7 +141,7 @@ typedef struct * * result = datacontrol_map_destroy(provider); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Destorying data control provider is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Destorying data control provider is failed with error: %d", result); * } * * return result; @@ -252,10 +252,10 @@ EXPORT_API int datacontrol_map_unregister_response_cb(datacontrol_h provider); * char **result_value_list, int result_value_count, bool provider_result, const char *error) * { * if (provider_result) { - * LOGI("The get operation is successful"); + * dlog_print(DLOG_INFO, LOG_TAG, "The get operation is successful"); * } * else { - * LOGI("The get operation for the request %d is failed. error message: %s", request_id, error); + * dlog_print(DLOG_INFO, LOG_TAG, "The get operation for the request %d is failed. error message: %s", request_id, error); * } * } * @@ -270,16 +270,16 @@ EXPORT_API int datacontrol_map_unregister_response_cb(datacontrol_h provider); * map_callback.get = map_get_response_cb; * result = datacontrol_map_register_response_cb(provider, &map_callback); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Registering the callback function is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Registering the callback function is failed with error: %d", result); * return result; * } * * result = datacontrol_map_get(provider, key, &req_id); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Getting the value list of the key(%s) is failed with error: %d", key, result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Getting the value list of the key(%s) is failed with error: %d", key, result); * } * else { - * LOGI("req_id is %d", req_id); + * dlog_print(DLOG_INFO, LOG_TAG, "req_id is %d", req_id); * } * * return result; @@ -329,10 +329,10 @@ EXPORT_API int datacontrol_map_get_with_page(datacontrol_h provider, const char * void map_set_response_cb(int request_id, datacontrol_h provider, bool provider_result, const char *error) * { * if (provider_result) { - * LOGI("The set operation is successful"); + * dlog_print(DLOG_INFO, LOG_TAG, "The set operation is successful"); * } * else { - * LOGI("The set operation for the request %d is failed. error message: %s", request_id, error); + * dlog_print(DLOG_INFO, LOG_TAG, "The set operation for the request %d is failed. error message: %s", request_id, error); * } * } * @@ -349,16 +349,16 @@ EXPORT_API int datacontrol_map_get_with_page(datacontrol_h provider, const char * map_callback.set = map_set_response_cb; * result = datacontrol_map_register_response_cb(provider, &map_callback); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Registering the callback function is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Registering the callback function is failed with error: %d", result); * return result; * } * * result = datacontrol_map_set(provider, key, old_value, new_value, &req_id); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Replacing old_value(%s) with new_value(%s) is failed with error: %d", old_value, new_value, result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Replacing old_value(%s) with new_value(%s) is failed with error: %d", old_value, new_value, result); * } * else { - * LOGI("req_id is %d", req_id); + * dlog_print(DLOG_INFO, LOG_TAG, "req_id is %d", req_id); * } * * return result; @@ -388,10 +388,10 @@ EXPORT_API int datacontrol_map_set(datacontrol_h provider, const char *key, cons * * void map_add_response_cb(int request_id, datacontrol_h provider, bool provider_result, const char *error) { * if (provider_result) { - * LOGI("The add operation is successful"); + * dlog_print(DLOG_INFO, LOG_TAG, "The add operation is successful"); * } * else { - * LOGI("The add operation for the request %d is failed. error message: %s", request_id, error); + * dlog_print(DLOG_INFO, LOG_TAG, "The add operation for the request %d is failed. error message: %s", request_id, error); * } * } * @@ -407,16 +407,16 @@ EXPORT_API int datacontrol_map_set(datacontrol_h provider, const char *key, cons * map_callback.add = map_add_response_cb; * result = datacontrol_map_register_response_cb(provider, &map_callback); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Registering the callback function is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Registering the callback function is failed with error: %d", result); * return result; * } * * result = datacontrol_map_add(provider, key, value, &req_id); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Adding %s-%s pair is failed with error: %d", key, value, result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Adding %s-%s pair is failed with error: %d", key, value, result); * } * else { - * LOGI("req_id is %d", req_id); + * dlog_print(DLOG_INFO, LOG_TAG, "req_id is %d", req_id); * } * * return result; @@ -446,10 +446,10 @@ EXPORT_API int datacontrol_map_add(datacontrol_h provider, const char *key, cons * * void map_remove_response_cb(int request_id, datacontrol_h provider, bool provider_result, const char *error) { * if (provider_result) { - * LOGI("The remove operation is successful"); + * dlog_print(DLOG_INFO, LOG_TAG, "The remove operation is successful"); * } * else { - * LOGI("The remove operation for the request %d is failed. error message: %s", request_id, error); + * dlog_print(DLOG_INFO, LOG_TAG, "The remove operation for the request %d is failed. error message: %s", request_id, error); * } * } * @@ -467,16 +467,16 @@ EXPORT_API int datacontrol_map_add(datacontrol_h provider, const char *key, cons * map_callback.remove = map_remove_response_cb; * result = datacontrol_map_register_response_cb(provider, &map_callback); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Registering the callback function is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Registering the callback function is failed with error: %d", result); * return result; * } * * result = datacontrol_map_remove(provider, key, value, &req_id); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Removing %s-%s pair is failed with error: %d", key, value, result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Removing %s-%s pair is failed with error: %d", key, value, result); * } * else { - * LOGI("req_id is %d", req_id); + * dlog_print(DLOG_INFO, LOG_TAG, "req_id is %d", req_id); * } * * return result; diff --git a/include/data-control-sql.h b/include/data-control-sql.h index bc9d691..593e1ae 100644 --- a/include/data-control-sql.h +++ b/include/data-control-sql.h @@ -121,19 +121,19 @@ typedef struct * * result = datacontrol_sql_create(&provider); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Creating data control provider is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Creating data control provider is failed with error: %d", result); * return result; * } * * result = datacontrol_sql_set_provider_id(provider, provider_id); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Setting providerID is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Setting providerID is failed with error: %d", result); * return result; * } * * result = datacontrol_sql_set_data_id(provider, data_id); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Setting dataID is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Setting dataID is failed with error: %d", result); * return result; * } * @@ -141,7 +141,7 @@ typedef struct * * result = datacontrol_sql_destroy(provider); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Destorying data control provider is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Destorying data control provider is failed with error: %d", result); * } * * return result; @@ -251,10 +251,10 @@ EXPORT_API int datacontrol_sql_unregister_response_cb(datacontrol_h provider); * * void sql_delete_response_cb(int request_id, datacontrol_h provider, bool provider_result, const char *error) { * if (provider_result) { - * LOGI("The delete operation is successful"); + * dlog_print(DLOG_INFO, LOG_TAG, "The delete operation is successful"); * } * else { - * LOGI("The delete operation for the request %d is failed. error message: %s", request_id, error); + * dlog_print(DLOG_INFO, LOG_TAG, "The delete operation for the request %d is failed. error message: %s", request_id, error); * } * } * @@ -269,16 +269,16 @@ EXPORT_API int datacontrol_sql_unregister_response_cb(datacontrol_h provider); * sql_callback.delete = sql_delete_response_cb; * result = datacontrol_sql_register_response_cb(provider, &sql_callback); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Registering the callback function is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Registering the callback function is failed with error: %d", result); * return result; * } * * result = datacontrol_sql_delete(provider, where, &req_id); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Deleting is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Deleting is failed with error: %d", result); * } * else { - * LOGI("req_id is %d", req_id); + * dlog_print(DLOG_INFO, LOG_TAG, "req_id is %d", req_id); * } * * return result; @@ -309,10 +309,10 @@ EXPORT_API int datacontrol_sql_delete(datacontrol_h provider, const char *where, * * void sql_insert_response_cb(int request_id, datacontrol_h provider, long long inserted_row_id, bool provider_result, const char *error) { * if (provider_result) { - * LOGI("The insert operation is successful"); + * dlog_print(DLOG_INFO, LOG_TAG, "The insert operation is successful"); * } * else { - * LOGI("The insert operation for the request %d is failed. error message: %s", request_id, error); + * dlog_print(DLOG_INFO, LOG_TAG, "The insert operation for the request %d is failed. error message: %s", request_id, error); * } * } * @@ -327,7 +327,7 @@ EXPORT_API int datacontrol_sql_delete(datacontrol_h provider, const char *where, * sql_callback.insert = sql_insert_response_cb; * result = datacontrol_sql_register_response_cb(provider, &sql_callback); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Registering the callback function is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Registering the callback function is failed with error: %d", result); * return result; * } * @@ -337,10 +337,10 @@ EXPORT_API int datacontrol_sql_delete(datacontrol_h provider, const char *where, * * result = datacontrol_sql_insert(provider, b, &req_id); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Inserting is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Inserting is failed with error: %d", result); * } * else { - * LOGI("req_id is %d", req_id); + * dlog_print(DLOG_INFO, LOG_TAG, "req_id is %d", req_id); * } * * bundle_free(b); @@ -374,10 +374,10 @@ EXPORT_API int datacontrol_sql_insert(datacontrol_h provider, const bundle* inse * * void sql_select_response_cb(int request_id, datacontrol_h provider, resultset_cursor *enumerator, bool provider_result, const char *error) { * if (provider_result) { - * LOGI("The select operation is successful"); + * dlog_print(DLOG_INFO, LOG_TAG, "The select operation is successful"); * } * else { - * LOGI("The select operation for the request %d is failed. error message: %s", request_id, error); + * dlog_print(DLOG_INFO, LOG_TAG, "The select operation for the request %d is failed. error message: %s", request_id, error); * } * } * @@ -396,16 +396,16 @@ EXPORT_API int datacontrol_sql_insert(datacontrol_h provider, const bundle* inse * sql_callback.select = sql_select_response_cb; * result = datacontrol_sql_register_response_cb(provider, &sql_callback); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Registering the callback function is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Registering the callback function is failed with error: %d", result); * return result; * } * * result = datacontrol_sql_select(provider, column_list, 2, where, order, &req_id); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Selecting is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Selecting is failed with error: %d", result); * } * else { - * LOGI("req_id is %d", req_id); + * dlog_print(DLOG_INFO, LOG_TAG, "req_id is %d", req_id); * } * * return result; @@ -461,10 +461,10 @@ EXPORT_API int datacontrol_sql_select_with_page(datacontrol_h provider, char **c * * void sql_update_response_cb(int request_id, datacontrol_h provider, bool provider_result, const char *error) { * if (provider_result) { - * LOGI("The update operation is successful"); + * dlog_print(DLOG_INFO, LOG_TAG, "The update operation is successful"); * } * else { - * LOGI("The update operation for the request %d is failed. error message: %s", request_id, error); + * dlog_print(DLOG_INFO, LOG_TAG, "The update operation for the request %d is failed. error message: %s", request_id, error); * } * } * @@ -480,7 +480,7 @@ EXPORT_API int datacontrol_sql_select_with_page(datacontrol_h provider, char **c * sql_callback.update = sql_update_response_cb; * result = datacontrol_sql_register_response_cb(provider, &sql_callback); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Registering the callback function is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Registering the callback function is failed with error: %d", result); * return result; * } * @@ -489,10 +489,10 @@ EXPORT_API int datacontrol_sql_select_with_page(datacontrol_h provider, char **c * * result = datacontrol_sql_update(provider, b, where, &req_id); * if (result != DATACONTROL_ERROR_NONE) { - * LOGE("Updating is failed with error: %d", result); + * dlog_print(DLOG_ERROR, LOG_TAG, "Updating is failed with error: %d", result); * } * else { - * LOGI("req_id is %d", req_id); + * dlog_print(DLOG_INFO, LOG_TAG, "req_id is %d", req_id); * } * * bundle_free(b); diff --git a/src/data-control-internal.c b/src/data-control-internal.c index 6fd946d..9c42848 100644 --- a/src/data-control-internal.c +++ b/src/data-control-internal.c @@ -23,6 +23,7 @@ _datacontrol_sql_get_cursor(const char *path) return 0; } + int _datacontrol_create_request_id(void) { diff --git a/src/data-control-map.c b/src/data-control-map.c index e65eb8f..9bfedb2 100755 --- a/src/data-control-map.c +++ b/src/data-control-map.c @@ -185,10 +185,6 @@ datacontrol_map_get_value_list(const char *path, int count) } value_list[i] = (char *) calloc(length + 1, sizeof(char)); - if (value_list[i] == NULL) { - SECURE_LOGE("out of memory"); - goto ERROR; - } size = read(fd, value_list[i], length); if (size <= 0) @@ -480,7 +476,8 @@ datacontrol_map_request_provider(datacontrol_h provider, datacontrol_request_typ pid = -1; int count = 0; const int TRY_COUNT = 4; - const int TRY_SLEEP_TIME = 65000; + const struct timespec TRY_SLEEP_TIME = { 0, 1000 * 1000 * 1000 }; + do { pid = appsvc_run_service(arg_list, request_id, app_svc_res_cb_map, data); @@ -497,7 +494,7 @@ datacontrol_map_request_provider(datacontrol_h provider, datacontrol_request_typ count++; - usleep(TRY_SLEEP_TIME); + nanosleep(&TRY_SLEEP_TIME, 0); } while (count < TRY_COUNT); @@ -776,7 +773,7 @@ datacontrol_map_get_with_page(datacontrol_h provider, const char *key, int *requ char* access = NULL; char *provider_appid = NULL; - if (provider == NULL || provider->provider_id == NULL || provider->data_id == NULL || key == NULL) + if (provider == NULL || provider->provider_id == NULL || provider->data_id == NULL || key == NULL || page_number <= 0 || count_per_page <= 0) { LOGE("Invalid parameter"); return DATACONTROL_ERROR_INVALID_PARAMETER; diff --git a/src/data-control-provider.c b/src/data-control-provider.c index 5852649..090f7f9 100644 --- a/src/data-control-provider.c +++ b/src/data-control-provider.c @@ -13,6 +13,7 @@ #include #include #include +#include #include #include @@ -48,6 +49,8 @@ #define PACKET_INDEX_MAP_PAGE_NO 2 #define PACKET_INDEX_MAP_COUNT_PER_PAGE 3 +#define ERR_LEN 128 + static const int MAX_ARGUMENT_SIZE = 16384; // 16KB static GHashTable *request_table = NULL; @@ -97,14 +100,34 @@ __get_client_pkgid(bundle *b) { const char *caller_appid = NULL; char *caller_pkgid = NULL; + char *pkgid_dup = NULL; pkgmgrinfo_appinfo_h app_info_handle = NULL; + if (b == NULL) { + LOGE("Bundle passed is NULL"); + return NULL; + } + caller_appid = bundle_get_val(b, AUL_K_CALLER_APPID); - pkgmgrinfo_appinfo_get_appinfo(caller_appid, &app_info_handle); - pkgmgrinfo_appinfo_get_pkgname(app_info_handle, &caller_pkgid); - SECURE_LOGI("client pkg id : %s", caller_pkgid); + if (caller_appid == NULL) { + LOGE("caller_appid is NULL"); + return NULL; + } - return caller_pkgid ? strdup(caller_pkgid) : NULL; + if (pkgmgrinfo_appinfo_get_appinfo(caller_appid, &app_info_handle) != PMINFO_R_OK) { + SECURE_LOGE("unable to get appinfo of provider_appid: %s", caller_appid); + } else { + if (pkgmgrinfo_appinfo_get_pkgname(app_info_handle, &caller_pkgid) != PMINFO_R_OK) { + SECURE_LOGE("unable to get pkgname of provider_appid: %s", caller_appid); + } else { + SECURE_LOGI("provider pkg id : %s", caller_pkgid); + pkgid_dup = strdup(caller_pkgid); + if (pkgid_dup == NULL) + SECURE_LOGE("OOM error"); + } + pkgmgrinfo_appinfo_destroy_appinfo(app_info_handle); + } + return pkgid_dup; } static bundle* @@ -119,6 +142,7 @@ __get_data_map(const char *path, int column_count) char *value = NULL; int fd = 0; int ret = 0; + char err_buf[ERR_LEN] = { 0, }; SECURE_LOGI("The request file of INSERT/UPDATE: %s", path); ret = security_server_shared_file_reopen(path, &fd); @@ -133,54 +157,69 @@ __get_data_map(const char *path, int column_count) size = read(fd, &len, sizeof(int)); if ((unsigned int)size < sizeof(int) || len < 0 || len > MAX_ARGUMENT_SIZE) { - SECURE_LOGE("key length:%d, read():%s, returned:%d", len, strerror(errno), size); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("key length:%d, read():%s, returned:%d", len, err_buf, size); break; } key = calloc(len + 1, sizeof(char)); if (key == NULL) { - SECURE_LOGE("out of memory"); + LOGE("OOM error"); break; } - - size = read(fd, key, len); // key + size = read(fd, key, len); // key + key[len] = '\0'; if (size < 0) { - SECURE_LOGE("key length:%d, read():%s, returned:%d", len, strerror(errno), size); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("key length:%d, read():%s, returned:%d", len, err_buf, size); free(key); + key = NULL; break; } size = read(fd, &len, sizeof(int)); if ((unsigned int)size < sizeof(int) || len < 0 || len > MAX_ARGUMENT_SIZE) { - SECURE_LOGE("value length:%d, read():%s, returned:%d", len, strerror(errno), size); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("value length:%d, read():%s, returned:%d", len, err_buf, size); free(key); + key = NULL; break; } value = calloc(len + 1, sizeof(char)); if (value == NULL) { - SECURE_LOGE("out of memory"); + LOGE("OOM error"); free(key); + key = NULL; break; } size = read(fd, value, len); // value if (size < 0) { - SECURE_LOGE("value length:%d, read():%s, returned:%d", len, strerror(errno), size); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("value length:%d, read():%s, returned:%d", len, err_buf, size); free(key); + key = NULL; free(value); + value = NULL; break; } - LOGI("key: %s, value: %s", key, value); + SECURE_LOGI("key: %s, value: %s", key, value); bundle_add_str(b, key, value); - free(key); - free(value); + if (key != NULL) { + free(key); + key = NULL; + } + if (value != NULL) { + free(value); + value = NULL; + } } fsync(fd); @@ -246,6 +285,11 @@ __set_select_result(bundle* b, const char* path, void* data) } client_pkgid = __get_client_pkgid(b); + if (client_pkgid == NULL) { + LOGE("could not get client package id"); + return DATACONTROL_ERROR_IO_ERROR; + } + ret = security_server_shared_file_open(path, client_pkgid, &fd); if (ret == SECURITY_SERVER_API_ERROR_FILE_EXIST) { SECURE_LOGE("The file(%s) already exist, delete and retry to open", path); @@ -303,7 +347,7 @@ __set_select_result(bundle* b, const char* path, void* data) if (column_name == NULL) { LOGE("sqlite3_column_name is failed. errno = %d", errno); } else { - column_name = strcat(column_name, "\n"); + column_name = strncat(column_name, "\n", 1); if (write(fd, column_name, strlen(column_name)) == -1) { LOGE("Writing a column_name to a file descriptor is failed. errno = %d", errno); @@ -424,8 +468,6 @@ __set_select_result(bundle* b, const char* path, void* data) LOGE("Writing a row_count to a file descriptor is failed. errno = %d", errno); } close(fd); - - return DATACONTROL_ERROR_NONE; } @@ -466,6 +508,11 @@ __set_get_value_result(bundle *b, const char* path, char **value_list) } client_pkgid = __get_client_pkgid(b); + if (client_pkgid == NULL) { + LOGE("could not get client package id"); + return DATACONTROL_ERROR_IO_ERROR; + } + ret = security_server_shared_file_open(path, client_pkgid, &fd); if (ret == SECURITY_SERVER_API_ERROR_FILE_EXIST) { SECURE_LOGE("The file(%s) already exist, delete and retry to open", path); @@ -488,6 +535,12 @@ __set_get_value_result(bundle *b, const char* path, char **value_list) for (i = 0; i < add_value_count; ++i) { int length = strlen(value_list[current_offset + i]); + if (length >= INT_MAX) { + LOGE("Integer overflow. value_list[%d]", current_offset + i); + fsync(fd); + close(fd); + return DATACONTROL_ERROR_MAX_EXCEEDED; + } if (write(fd, &length, sizeof(int)) == -1) { LOGE("Writing a length to a file descriptor is failed. errno = %d", errno); @@ -515,7 +568,10 @@ __get_result_file_path(bundle *b) } const char *caller_req_id = bundle_get_val(b, OSP_K_REQUEST_ID); - + if (caller_req_id == NULL) { + LOGE("caller req_id is NULL."); + return NULL; + } char *result_path = calloc(RESULT_PATH_MAX, sizeof(char)); if (!result_path) @@ -578,7 +634,7 @@ __set_result(bundle* b, datacontrol_request_type type, void* data) if (ret < 0) { memset(path, 0, RESULT_PATH_MAX); - strcpy(path, "NoResultSet"); + strncpy(path, "NoResultSet", RESULT_PATH_MAX); LOGI("Empty ResultSet"); } list[PACKET_INDEX_SELECT_RESULT_FILE] = path; @@ -631,19 +687,18 @@ __set_result(bundle* b, datacontrol_request_type type, void* data) list[PACKET_INDEX_REQUEST_RESULT] = "1"; // request result list[PACKET_INDEX_ERROR_MSG] = DATACONTROL_EMPTY; + list[PACKET_INDEX_VALUE_COUNT] = "0"; // value count + list[PACKET_INDEX_GET_RESULT_FILE] = DATACONTROL_EMPTY; char *path = __get_result_file_path(b); if (path != NULL) { char **value_list = (char **)data; - __set_get_value_result(b, path, value_list); - list[PACKET_INDEX_VALUE_COUNT] = bundle_get_val(b, RESULT_VALUE_COUNT); // value count - list[PACKET_INDEX_GET_RESULT_FILE] = path; - } - else - { - list[PACKET_INDEX_VALUE_COUNT] = 0; // value count - list[PACKET_INDEX_GET_RESULT_FILE] = DATACONTROL_EMPTY; + if (__set_get_value_result(b, path, value_list) == DATACONTROL_ERROR_NONE) + { + list[PACKET_INDEX_VALUE_COUNT] = bundle_get_val(b, RESULT_VALUE_COUNT); // value count + list[PACKET_INDEX_GET_RESULT_FILE] = path; + } } bundle_add_str_array(res, OSP_K_ARG, list, 4); @@ -652,7 +707,6 @@ __set_result(bundle* b, datacontrol_request_type type, void* data) { free(path); } - break; } case DATACONTROL_TYPE_UNDEFINED: // DATACONTROL_TYPE_MAP_SET || ADD || REMOVE @@ -762,19 +816,20 @@ __datacontrol_handler_cb(bundle *b, int request_id, void* data) } int len = 0; + int ret = DATACONTROL_ERROR_NONE; const char **arg_list = bundle_get_str_array(b, OSP_K_ARG, &len); - datacontrol_h provider = malloc(sizeof(struct datacontrol_s)); + datacontrol_h provider = calloc(1, sizeof(struct datacontrol_s)); if (provider == NULL) { LOGE("Fail to alloc provider"); return DATACONTROL_ERROR_OUT_OF_MEMORY; } // Set the provider ID - provider->provider_id = (char*)bundle_get_val(b, OSP_K_DATACONTROL_PROVIDER); + provider->provider_id = strdup((char*)bundle_get_val(b, OSP_K_DATACONTROL_PROVIDER)); // Set the data ID - provider->data_id = (char*)arg_list[PACKET_INDEX_DATAID]; + provider->data_id = strdup((char*)arg_list[PACKET_INDEX_DATAID]); // Set the request ID int provider_req_id = __provider_new_request_id(); @@ -784,9 +839,9 @@ __datacontrol_handler_cb(bundle *b, int request_id, void* data) // Add the data to the table int *key = malloc(sizeof(int)); if (key == NULL) { - free(provider); - LOGE("Fail to alloc key"); - return DATACONTROL_ERROR_OUT_OF_MEMORY; + LOGE("OOM error"); + ret = DATACONTROL_ERROR_OUT_OF_MEMORY; + goto EXCEPTION; } *key = provider_req_id; @@ -801,7 +856,7 @@ __datacontrol_handler_cb(bundle *b, int request_id, void* data) int current = 0; int column_count = atoi(arg_list[i++]); // Column count - LOGI("SELECT column count: %d", column_count); + SECURE_LOGI("SELECT column count: %d", column_count); const char** column_list = (const char**)malloc(column_count * (sizeof(char *))); if (column_list == NULL) { @@ -813,14 +868,13 @@ __datacontrol_handler_cb(bundle *b, int request_id, void* data) while (current < column_count) { column_list[current++] = arg_list[i++]; // Column data - - LOGI("Column %d: %s", current, column_list[current-1]); + SECURE_LOGI("Column %d: %s", current, column_list[current-1]); } const char *where = arg_list[i++]; // where const char *order = arg_list[i++]; // order - LOGI("where: %s, order: %s", where, order); + SECURE_LOGI("where: %s, order: %s", where, order); if (strncmp(where, DATACONTROL_EMPTY, strlen(DATACONTROL_EMPTY)) == 0) { @@ -839,7 +893,6 @@ __datacontrol_handler_cb(bundle *b, int request_id, void* data) bundle_add_str(value, MAX_COUNT_PER_PAGE, per_page); provider_sql_cb->select(provider_req_id, provider, column_list, column_count, where, order, provider_sql_user_data); - free(column_list); break; @@ -863,7 +916,7 @@ __datacontrol_handler_cb(bundle *b, int request_id, void* data) else { const char *where = arg_list[PACKET_INDEX_UPDATEWHERE]; - LOGI("UPDATE from where: %s", where); + SECURE_LOGI("UPDATE from where: %s", where); if (strncmp(where, DATACONTROL_EMPTY, strlen(DATACONTROL_EMPTY)) == 0) { @@ -879,7 +932,7 @@ __datacontrol_handler_cb(bundle *b, int request_id, void* data) { const char *where = arg_list[PACKET_INDEX_DELETEWHERE]; - LOGI("DELETE from where: %s", where); + SECURE_LOGI("DELETE from where: %s", where); if (strncmp(where, DATACONTROL_EMPTY, strlen(DATACONTROL_EMPTY)) == 0) { where = NULL; @@ -895,7 +948,7 @@ __datacontrol_handler_cb(bundle *b, int request_id, void* data) bundle_add_str(value, RESULT_PAGE_NUMBER, page_number); bundle_add_str(value, MAX_COUNT_PER_PAGE, count_per_page); - LOGI("Gets the value list related with the key(%s) from Map datacontrol. ", map_key); + SECURE_LOGI("Gets the value list related with the key(%s) from Map datacontrol. ", map_key); provider_map_cb->get(provider_req_id, provider, map_key, provider_map_user_data); break; @@ -906,7 +959,7 @@ __datacontrol_handler_cb(bundle *b, int request_id, void* data) const char *old_value = arg_list[PACKET_INDEX_MAP_VALUE_1ST]; const char *new_value = arg_list[PACKET_INDEX_MAP_VALUE_2ND]; - LOGI("Sets the old value(%s) of the key(%s) to the new value(%s) in Map datacontrol.", old_value, map_key, new_value); + SECURE_LOGI("Sets the old value(%s) of the key(%s) to the new value(%s) in Map datacontrol.", old_value, map_key, new_value); provider_map_cb->set(provider_req_id, provider, map_key, old_value, new_value, provider_map_user_data); break; @@ -916,7 +969,7 @@ __datacontrol_handler_cb(bundle *b, int request_id, void* data) const char *map_key = arg_list[PACKET_INDEX_MAP_KEY]; const char *map_value = arg_list[PACKET_INDEX_MAP_VALUE_1ST]; - LOGI("Adds the %s-%s in Map datacontrol.", map_key, map_value); + SECURE_LOGI("Adds the %s-%s in Map datacontrol.", map_key, map_value); provider_map_cb->add(provider_req_id, provider, map_key, map_value, provider_map_user_data); break; @@ -926,7 +979,7 @@ __datacontrol_handler_cb(bundle *b, int request_id, void* data) const char *map_key = arg_list[PACKET_INDEX_MAP_KEY]; const char *map_value = arg_list[PACKET_INDEX_MAP_VALUE_1ST]; - LOGI("Removes the %s-%s in Map datacontrol.", map_key, map_value); + SECURE_LOGI("Removes the %s-%s in Map datacontrol.", map_key, map_value); provider_map_cb->remove(provider_req_id, provider, map_key, map_value, provider_map_user_data); break; @@ -935,9 +988,17 @@ __datacontrol_handler_cb(bundle *b, int request_id, void* data) break; } - free(provider); +EXCEPTION: + if(provider && provider->provider_id) + free(provider->provider_id); - return DATACONTROL_ERROR_NONE; + if(provider && provider->data_id) + free(provider->data_id); + + if(provider) + free(provider); + + return ret; } int diff --git a/src/data-control-sql-cursor.c b/src/data-control-sql-cursor.c index 6e0ed8e..b9c3bb3 100644 --- a/src/data-control-sql-cursor.c +++ b/src/data-control-sql-cursor.c @@ -5,6 +5,7 @@ #include #include #include +#include #include "data-control-sql-cursor.h" @@ -14,6 +15,8 @@ #endif #define MAX_ROW_COUNT 1024 +#define MAX_COLUMN_NAME_LEN 4096 +#define ERR_LEN 128 static int *row_offset_list = NULL; @@ -267,46 +270,60 @@ int datacontrol_sql_get_column_count(resultset_cursor *cursor) int datacontrol_sql_get_column_name(resultset_cursor *cursor, int column_index, char *name) { - char col_name[4096] = {0, }; + char col_name[MAX_COLUMN_NAME_LEN] = {0, }; int i = 0; int ret = 0; FILE *fp = NULL; int resultset_fd = 0; + int col_name_len = 0; + char err_buf[ERR_LEN] = { 0, }; resultset_fd = dup(cursor->resultset_fd); if (resultset_fd < 0) { - LOGE("unable to dup resultset_fd: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to dup resultset_fd: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } fp = fdopen(resultset_fd, "r"); if (fp == NULL) { - LOGE("unable to open resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to open resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = fseek(fp, cursor->resultset_col_name_offset, SEEK_SET); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); fclose(fp); return DATACONTROL_ERROR_IO_ERROR; } for (i = 0; i < column_index + 1; i++) { - if (!(fgets(col_name, 4096, fp))) + if (!(fgets(col_name, MAX_COLUMN_NAME_LEN, fp))) { - LOGE("unable to read a line in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read a line in the resultset file: %s", err_buf); fclose(fp); return DATACONTROL_ERROR_IO_ERROR; } } - memset(name, 0, strlen(col_name)); // To avoid copying newline - memcpy(name, col_name, strlen(col_name) - 1); + col_name_len = strlen(col_name); + + if (col_name_len > 0) { + memset(name, 0, strlen(col_name)); // To avoid copying newline + memcpy(name, col_name, strlen(col_name) - 1); + } else { + LOGE("col_name length is less than 1"); + fclose(fp); + return DATACONTROL_ERROR_IO_ERROR; + } LOGI("The column name is %s", name); @@ -322,12 +339,14 @@ int datacontrol_sql_get_column_item_size(resultset_cursor *cursor, int column_in int i = 0; int ret = 0; + char err_buf[ERR_LEN] = { 0, }; int fd = cursor->resultset_fd; ret = lseek(fd, cursor->resultset_current_offset, SEEK_SET); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -336,21 +355,24 @@ int datacontrol_sql_get_column_item_size(resultset_cursor *cursor, int column_in ret = read(fd, &type, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = read(fd, &size, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = lseek(fd, size, SEEK_CUR); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } } @@ -358,14 +380,16 @@ int datacontrol_sql_get_column_item_size(resultset_cursor *cursor, int column_in ret = read(fd, &type, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = read(fd, &size, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -379,13 +403,14 @@ int datacontrol_sql_get_column_item_type(resultset_cursor *cursor, int column_in int i = 0; int size = 0; int ret = 0; - + char err_buf[ERR_LEN] = { 0, }; int fd = cursor->resultset_fd; ret = lseek(fd, cursor->resultset_current_offset, SEEK_SET); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -394,21 +419,24 @@ int datacontrol_sql_get_column_item_type(resultset_cursor *cursor, int column_in ret = read(fd, &type, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = read(fd, &size, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = lseek(fd, size, SEEK_CUR); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } } @@ -416,7 +444,8 @@ int datacontrol_sql_get_column_item_type(resultset_cursor *cursor, int column_in ret = read(fd, &type, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -457,13 +486,14 @@ int datacontrol_sql_get_blob_data(resultset_cursor *cursor, int column_index, vo int size = 0; int i = 0; int ret = 0; - + char err_buf[ERR_LEN] = { 0, }; int fd = cursor->resultset_fd; ret = lseek(fd, cursor->resultset_current_offset, SEEK_SET); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -472,21 +502,24 @@ int datacontrol_sql_get_blob_data(resultset_cursor *cursor, int column_index, vo ret = read(fd, &type, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = read(fd, &size, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = lseek(fd, size, SEEK_CUR); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } } @@ -494,7 +527,8 @@ int datacontrol_sql_get_blob_data(resultset_cursor *cursor, int column_index, vo ret = read(fd, &type, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -511,26 +545,19 @@ int datacontrol_sql_get_blob_data(resultset_cursor *cursor, int column_index, vo return DATACONTROL_ERROR_MAX_EXCEEDED; //overflow } - if (size > 0) + if (size > 0 && size < INT_MAX) { - char *data = (char*)malloc((size + 1) * (sizeof(char))); - if (data == NULL) { - LOGE("out of memory"); - return DATACONTROL_ERROR_OUT_OF_MEMORY; + if (memset(buffer, 0, size + 1) == NULL) { + return DATACONTROL_ERROR_IO_ERROR; } - memset(data, 0, size + 1); - - ret = read(fd, data, size); - if (ret < size) - { - LOGE("unable to read in the resultset file: %s", strerror(errno)); - free(data); + ret = read(fd, buffer, size); + if (ret < size) { + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } - memcpy(buffer, data, size + 1); - free(data); } return DATACONTROL_ERROR_NONE; } @@ -557,13 +584,14 @@ int datacontrol_sql_get_int64_data(resultset_cursor *cursor, int column_index, l int size = 0; int i = 0; int ret = 0; - + char err_buf[ERR_LEN] = { 0, }; int fd = cursor->resultset_fd; ret = lseek(fd, cursor->resultset_current_offset, SEEK_SET); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -572,21 +600,24 @@ int datacontrol_sql_get_int64_data(resultset_cursor *cursor, int column_index, l ret = read(fd, &type, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = read(fd, &size, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = lseek(fd, size, SEEK_CUR); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } } @@ -594,7 +625,8 @@ int datacontrol_sql_get_int64_data(resultset_cursor *cursor, int column_index, l ret = read(fd, &type, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -607,14 +639,16 @@ int datacontrol_sql_get_int64_data(resultset_cursor *cursor, int column_index, l ret = read(fd, &size, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = read(fd, data, size); if (ret < size) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -627,13 +661,14 @@ int datacontrol_sql_get_double_data(resultset_cursor *cursor, int column_index, int size = 0; int i = 0; int ret = 0; - + char err_buf[ERR_LEN] = { 0, }; int fd = cursor->resultset_fd; ret = lseek(fd, cursor->resultset_current_offset, SEEK_SET); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -642,21 +677,24 @@ int datacontrol_sql_get_double_data(resultset_cursor *cursor, int column_index, ret = read(fd, &type, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = read(fd, &size, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = lseek(fd, size, SEEK_CUR); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } } @@ -664,7 +702,8 @@ int datacontrol_sql_get_double_data(resultset_cursor *cursor, int column_index, ret = read(fd, &type, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -677,14 +716,16 @@ int datacontrol_sql_get_double_data(resultset_cursor *cursor, int column_index, ret = read(fd, &size, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = read(fd, data, size); if (ret < size) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -698,13 +739,14 @@ int datacontrol_sql_get_text_data(resultset_cursor *cursor, int column_index, ch int size = 0; int i = 0; int ret = 0; - + char err_buf[ERR_LEN] = { 0, }; int fd = cursor->resultset_fd; ret = lseek(fd, cursor->resultset_current_offset, SEEK_SET); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -713,21 +755,24 @@ int datacontrol_sql_get_text_data(resultset_cursor *cursor, int column_index, ch ret = read(fd, &type, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = read(fd, &size, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } ret = lseek(fd, size, SEEK_CUR); if (ret < 0) { - LOGE("unable to seek in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to seek in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } } @@ -735,7 +780,8 @@ int datacontrol_sql_get_text_data(resultset_cursor *cursor, int column_index, ch ret = read(fd, &type, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } @@ -748,11 +794,12 @@ int datacontrol_sql_get_text_data(resultset_cursor *cursor, int column_index, ch ret = read(fd, &size, sizeof(int)); if (ret == 0) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); return DATACONTROL_ERROR_IO_ERROR; } - if (size > 0) + if (size > 0 && size < INT_MAX) { char *data = (char*)malloc((size + 1) * (sizeof(char))); if(!data) @@ -765,7 +812,8 @@ int datacontrol_sql_get_text_data(resultset_cursor *cursor, int column_index, ch ret = read(fd, data, size); if (ret < size) { - LOGE("unable to read in the resultset file: %s", strerror(errno)); + strerror_r(errno, err_buf, sizeof(err_buf)); + LOGE("unable to read in the resultset file: %s", err_buf); free(data); return DATACONTROL_ERROR_IO_ERROR; } diff --git a/src/data-control-sql.c b/src/data-control-sql.c index 51c479a..558f0b9 100755 --- a/src/data-control-sql.c +++ b/src/data-control-sql.c @@ -7,6 +7,7 @@ #include #include #include +#include #include #include @@ -436,7 +437,8 @@ datacontrol_sql_request_provider(datacontrol_h provider, datacontrol_request_typ pid = -1; int count = 0; const int TRY_COUNT = 4; - const int TRY_SLEEP_TIME = 65000; + const struct timespec TRY_SLEEP_TIME = { 0, 1000 * 1000 * 1000 }; + do { pid = appsvc_run_service(arg_list, request_id, app_svc_res_cb_sql, data); @@ -453,7 +455,7 @@ datacontrol_sql_request_provider(datacontrol_h provider, datacontrol_request_typ count++; - usleep(TRY_SLEEP_TIME); + nanosleep(&TRY_SLEEP_TIME, 0); } while (count < TRY_COUNT); @@ -772,6 +774,7 @@ char * __get_provider_pkgid(char* provider_id) { char* access = NULL; + char *pkgid_dup = NULL; char *provider_appid = NULL; char *provider_pkgid = NULL; pkgmgrinfo_appinfo_h app_info_handle = NULL; @@ -782,20 +785,31 @@ __get_provider_pkgid(char* provider_id) LOGE("unable to get sql data control information: %d", ret); return NULL; } + if (provider_appid == NULL) { + LOGE("provider_appid is NULL"); + if (access) + free(access); + return NULL; + } - pkgmgrinfo_appinfo_get_appinfo(provider_appid, &app_info_handle); - pkgmgrinfo_appinfo_get_pkgname(app_info_handle, &provider_pkgid); - SECURE_LOGI("provider pkg id : %s", provider_pkgid); + if (pkgmgrinfo_appinfo_get_appinfo(provider_appid, &app_info_handle) != PMINFO_R_OK) { + SECURE_LOGE("unable to get appinfo of provider_appid: %s", provider_appid); + } else { + if (pkgmgrinfo_appinfo_get_pkgname(app_info_handle, &provider_pkgid) != PMINFO_R_OK) { + SECURE_LOGE("unable to get pkgname of provider_appid: %s", provider_appid); + } else { + SECURE_LOGI("provider pkg id : %s", provider_pkgid); + pkgid_dup = strdup(provider_pkgid); + if (pkgid_dup == NULL) + SECURE_LOGE("OOM error"); + } + pkgmgrinfo_appinfo_destroy_appinfo(app_info_handle); + } if (access) - { free(access); - } - if (provider_appid) - { - free(provider_appid); - } - return provider_pkgid ? strdup(provider_pkgid) : NULL; + free(provider_appid); + return pkgid_dup; } int @@ -863,6 +877,10 @@ datacontrol_sql_insert(datacontrol_h provider, const bundle* insert_data, int *r int fd = 0; char *provider_pkgid = __get_provider_pkgid(provider->provider_id); + if (provider_pkgid == NULL) { + LOGE("Unable to get the provider pkgid"); + return DATACONTROL_ERROR_IO_ERROR; + } ret = security_server_shared_file_open(insert_map_file, provider_pkgid, &fd); if (ret == SECURITY_SERVER_API_ERROR_FILE_EXIST) { @@ -885,7 +903,7 @@ datacontrol_sql_insert(datacontrol_h provider, const bundle* insert_data, int *r free(provider_pkgid); int count = bundle_get_count((bundle*)insert_data); - LOGI("Insert column counts: %d", count); + SECURE_LOGI("Insert column counts: %d", count); bundle_foreach((bundle*)insert_data, bundle_foreach_cb, &fd); @@ -1010,12 +1028,31 @@ datacontrol_sql_select_with_page(datacontrol_h provider, char **column_list, int char* access = NULL; char *provider_appid = NULL; - if (provider == NULL || provider->provider_id == NULL || provider->data_id == NULL) + if (provider == NULL || provider->provider_id == NULL || provider->data_id == NULL || page_number <= 0 || count_per_page <= 0) { LOGE("Invalid parameter"); return DATACONTROL_ERROR_INVALID_PARAMETER; } + SECURE_LOGI("SQL data control, select to provider_id: %s, data_id: %s, col_count: %d, where: %s, order: %s, page_number: %d, per_page: %d", provider->provider_id, provider->data_id, column_count, where, order, page_number, count_per_page); + + ret = pkgmgrinfo_appinfo_get_datacontrol_info(provider->provider_id, "Sql", &provider_appid, &access); + if (ret != PMINFO_R_OK) + { + LOGE("unable to get sql data control information: %d", ret); + return DATACONTROL_ERROR_IO_ERROR; + } + if (provider_appid) + free(provider_appid); + + if (NULL != access && !strcmp(access, WRITE_ONLY)) { + LOGE("Provider has given [%s] permission only", access); + free(access); + return DATACONTROL_ERROR_PERMISSION_DENIED; + } + if (access) + free(access); + if (count_per_page > MAX_ROW_COUNT) { LOGE("Exceeds max row count per page."); @@ -1079,37 +1116,34 @@ datacontrol_sql_select_with_page(datacontrol_h provider, char **column_list, int total_arg_count = column_count + DATACONTROL_SELECT_EXTRA_COUNT; const char** arg_list = (const char**)malloc(total_arg_count * (sizeof(char *))); - if (arg_list == NULL) { - LOGE("out of memory"); + if(arg_list == NULL) { + LOGE("OOM error"); bundle_free(b); return DATACONTROL_ERROR_OUT_OF_MEMORY; } - LOGI("total arg count %d", total_arg_count); + SECURE_LOGI("total arg count %d", total_arg_count); arg_list[0] = provider->data_id; // arg[0]: data ID int i = 1; - if (column_list) - { - char select_column_count[MAX_LEN_DATACONTROL_COLUMN_COUNT] = {0, }; - ret = snprintf(select_column_count, MAX_LEN_DATACONTROL_COLUMN_COUNT, "%d", column_count); - if(ret < 0) - { - LOGE("unable to convert select col count to string: %d", errno); - free(arg_list); - bundle_free(b); - return DATACONTROL_ERROR_IO_ERROR; - } + char select_column_count[MAX_LEN_DATACONTROL_COLUMN_COUNT] = {0, }; + ret = snprintf(select_column_count, MAX_LEN_DATACONTROL_COLUMN_COUNT, "%d", column_count); + if(ret < 0) + { + LOGE("unable to convert select col count to string: %d", errno); + free(arg_list); + bundle_free(b); + return DATACONTROL_ERROR_IO_ERROR; + } - arg_list[i] = select_column_count; // arg[1]: selected column count + arg_list[i] = select_column_count; // arg[1]: selected column count - ++i; - int select_col = 0; - while (select_col < column_count) - { - arg_list[i++] = column_list[select_col++]; - } + ++i; + int select_col = 0; + while (select_col < column_count) + { + arg_list[i++] = column_list[select_col++]; } if (where) // arg: where clause @@ -1210,6 +1244,10 @@ datacontrol_sql_update(datacontrol_h provider, const bundle* update_data, const int fd = 0; char *provider_pkgid = __get_provider_pkgid(provider->provider_id); + if (provider_pkgid == NULL) { + LOGE("Unable to get the provider pkgid"); + return DATACONTROL_ERROR_IO_ERROR; + } ret = security_server_shared_file_open(update_map_file, provider_pkgid, &fd); if (ret == SECURITY_SERVER_API_ERROR_FILE_EXIST) {