From: greatim <jaewon81.lim@samsung.com>
Date: Wed, 30 Nov 2016 05:30:22 +0000 (+0900)
Subject: fix a bug that cause dynamic overflow
X-Git-Tag: accepted/tizen/3.0/common/20161130.133819~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=3126c861c0e2d0bdcefefb44bfd9a71a9623ea40;p=sdk%2Ftarget%2Fsdbd.git

fix a bug that cause dynamic overflow

fix a bug that cause dynamic overflow

Change-Id: I1cf2159915442a98257e06948bcb193886ccb547
Signed-off-by: greatim <jaewon81.lim@samsung.com>
---

diff --git a/src/plugin_encrypt.c b/src/plugin_encrypt.c
index 1c6b34a..e8a96a3 100644
--- a/src/plugin_encrypt.c
+++ b/src/plugin_encrypt.c
@@ -29,7 +29,7 @@ int security_init(const int nSessionID, const char* pUserID)
         in.array_of_parameter[0].v_int32 = nSessionID;
     } else {
         in.number_of_parameter = 2;
-        in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) );
+        in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter );
         in.array_of_parameter[0].type = type_int32;
         in.array_of_parameter[0].v_int32 = nSessionID;
         in.array_of_parameter[1].type = type_string;
@@ -79,7 +79,7 @@ int security_parse_server_hello(const int nSessionID, apacket* pApacket)
     parameters in, out;
 
     in.number_of_parameter = 2;
-    in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) );
+    in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter );
     in.array_of_parameter[0].type = type_int32;
     in.array_of_parameter[0].v_int32 = nSessionID;
     in.array_of_parameter[1].type = type_chunk;
@@ -132,7 +132,7 @@ int security_parse_server_ack(const int nSessionID, apacket* pApacket)
     parameters in, out;
 
     in.number_of_parameter = 2;
-    in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) );
+    in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter );
     in.array_of_parameter[0].type = type_int32;
     in.array_of_parameter[0].v_int32 = nSessionID;
     in.array_of_parameter[1].type = type_chunk;
@@ -185,7 +185,7 @@ int security_encrypt(const int nSessionID, apacket* pApacket)
     parameters in, out;
 
     in.number_of_parameter = 2;
-    in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) );
+    in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter );
     in.array_of_parameter[0].type = type_int32;
     in.array_of_parameter[0].v_int32 = nSessionID;
     in.array_of_parameter[1].type = type_chunk;
@@ -213,7 +213,7 @@ int security_decrypt(const int nSessionID, apacket* pApacket)
     parameters in, out;
 
     in.number_of_parameter = 2;
-    in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) );
+    in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter );
     in.array_of_parameter[0].type = type_int32;
     in.array_of_parameter[0].v_int32 = nSessionID;
     in.array_of_parameter[1].type = type_chunk;