From: Seongil Hahm <seongil.hahm@samsung.com>
Date: Sat, 16 Sep 2017 08:01:53 +0000 (-0700)
Subject: Fix Svace issues in webclient/webserver/websocket examples.
X-Git-Tag: 1.1_Public_Release~205^2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=5a892e759ae98790d7503b52e9b8ef676bd680e6;p=rtos%2Ftinyara.git

Fix Svace issues in webclient/webserver/websocket examples.

1. Use strncmp instead of strcmp
2. Delete duplicated usage print webclient example
3. Free malloced variables before a function returns
---

diff --git a/apps/examples/webclient/webclient_main.c b/apps/examples/webclient/webclient_main.c
index 9647b24..c3d1661 100644
--- a/apps/examples/webclient/webclient_main.c
+++ b/apps/examples/webclient/webclient_main.c
@@ -253,16 +253,15 @@ int webclient_init_request(void *arg, struct http_client_request_t *request)
 		goto exit;
 	}
 
-	if (!strcmp(argv[1], "GET")) {
+	if (!strncmp(argv[1], "GET", 4)) {
 		request->method = WGET_MODE_GET;
-	} else if (!strcmp(argv[1], "POST")) {
+	} else if (!strncmp(argv[1], "PUT", 4)) {
+			request->method = WGET_MODE_PUT;
+	} else if (!strncmp(argv[1], "POST", 5)) {
 		request->method = WGET_MODE_POST;
-	} else if (!strcmp(argv[1], "PUT")) {
-		request->method = WGET_MODE_PUT;
-	} else if (!strcmp(argv[1], "DELETE")) {
+	} else if (!strncmp(argv[1], "DELETE", 7)) {
 		request->method = WGET_MODE_DELETE;
 	} else {
-		dump_webclient_usage();
 		goto exit;
 	}
 
@@ -271,7 +270,7 @@ int webclient_init_request(void *arg, struct http_client_request_t *request)
 	if (!request->url) {
 		goto exit;
 	}
-	strcpy(request->url, argv[2]);
+	strncpy(request->url, argv[2], strlen(argv[2]));
 	request->url[strlen(argv[2])] = '\0';
 
 #ifdef CONFIG_NET_SECURITY_TLS
@@ -292,13 +291,13 @@ int webclient_init_request(void *arg, struct http_client_request_t *request)
 		}
 		*q++ = '\0';
 
-		if (strcmp(p, "async") == 0) {
+		if (strncmp(p, "async", 5) == 0) {
 			g_async = atoi(q);
-		} else if (strcmp(p, "chunked") == 0) {
+		} else if (strncmp(p, "entity", 6) == 0) {
+				request->entity = q;
+		} else if (strncmp(p, "chunked", 7) == 0) {
 			request->encoding = atoi(q);
-		} else if (strcmp(p, "entity") == 0) {
-			request->entity = q;
-		} else if (strcmp(p, "test_entity") == 0) {
+		} else if (strncmp(p, "test_entity", 11) == 0) {
 			int t = atoi(q);
 			if (t > 0 && t <= WEBCLIENT_CONF_MAX_ENTITY_SIZE) {
 				request->entity = (char *)malloc(t);
@@ -331,7 +330,7 @@ pthread_addr_t webclient_cb(void *arg)
 	struct http_client_response_t response;
 	struct http_client_ssl_config_t *ssl_config = NULL;
 
-	if (webclient_init_request(arg, &request)) {
+	if (webclient_init_request(arg, &request) != 0) {
 		dump_webclient_usage();
 		if (g_testentity && request.entity) {
 			free(request.entity);
@@ -446,7 +445,7 @@ int webclient_main(int argc, char *argv[])
 			WEBCLIENT_FREE_INPUT(input, i);
 			return -1;
 		}
-		strcpy(input->argv[i], argv[i]);
+		strncpy(input->argv[i], argv[i], strlen(argv[i]));
 	}
 
 	status = pthread_create(&tid, &attr, webclient_cb, input);
diff --git a/apps/examples/webserver/webserver_main.c b/apps/examples/webserver/webserver_main.c
index c170c4d..2f60982 100644
--- a/apps/examples/webserver/webserver_main.c
+++ b/apps/examples/webserver/webserver_main.c
@@ -395,25 +395,25 @@ pthread_addr_t httptest_cb(void *arg)
 	int auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED;
 #endif
 	struct webserver_input *input = arg;
-	if (!strcmp(input->argv[1], "start")) {
+	if (!strncmp(input->argv[1], "start", 5)) {
 #ifdef CONFIG_NET_SECURITY_TLS
 		if (input->argc != 3) {
 			print_webserver_usage();
 			goto release;
 		}
-		if (strcmp(input->argv[2], "required") == 0) {
+		if (strncmp(input->argv[2], "none", 4) == 0) {
+			auth_mode = MBEDTLS_SSL_VERIFY_NONE;
+		} else if (strncmp(input->argv[2], "required", 8) == 0) {
 			auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED;
-		} else if (strcmp(input->argv[2], "optional") == 0) {
+		} else if (strncmp(input->argv[2], "optional", 8) == 0) {
 			auth_mode = MBEDTLS_SSL_VERIFY_OPTIONAL;
-		} else if (strcmp(input->argv[2], "none") == 0) {
-			auth_mode = MBEDTLS_SSL_VERIFY_NONE;
 		} else {
 			print_webserver_usage();
 			goto release;
 		}
 #endif
 		goto start;
-	} else if (!strcmp(input->argv[1], "stop")) {
+	} else if (!strncmp(input->argv[1], "stop", 4)) {
 		if (input->argc != 2) {
 			print_webserver_usage();
 			goto release;
@@ -520,7 +520,7 @@ int webserver_main(int argc, char *argv[])
 			WEBSERVER_FREE_INPUT(input, i);
 			return -1;
 		}
-		strcpy(input->argv[i], argv[i]);
+		strncpy(input->argv[i], argv[i], strlen(argv[i]));
 	}
 	status = pthread_attr_init(&attr);
 	if (status != 0) {
diff --git a/apps/examples/websocket/websocket_main.c b/apps/examples/websocket/websocket_main.c
index 5b812e6..6cf9b2c 100644
--- a/apps/examples/websocket/websocket_main.c
+++ b/apps/examples/websocket/websocket_main.c
@@ -600,7 +600,7 @@ WEB_CLI_EXIT:
 
 	if (tls) {
 		websocket_tls_release(1, &conf, &cert, &pkey, &entropy, &ctr_drbg, &cache);
-		if (websocket_cli->tls_ssl) {
+		if (websocket_cli && websocket_cli->tls_ssl) {
 			mbedtls_ssl_free(websocket_cli->tls_ssl);
 			free(websocket_cli->tls_ssl);
 		}
@@ -723,7 +723,7 @@ int websocket_main(int argc, char *argv[])
 	int status;
 	pthread_attr_t attr;
 	pthread_t tid;
-	struct options_s *input;
+	struct options_s *input = NULL;
 	if (argc < 3) {
 		goto error_with_input;
 	}
@@ -747,9 +747,9 @@ int websocket_main(int argc, char *argv[])
 			goto error_with_input;
 		}
 
-		strncpy(input->server_ip, argv[2], 20);
-		strncpy(input->server_port, argv[3], 8);
-		strncpy(input->path, argv[4], 32);
+		strncpy(input->server_ip, argv[2], 19);
+		strncpy(input->server_port, argv[3], 7);
+		strncpy(input->path, argv[4], 31);
 		input->tls_mode = atoi(argv[5]);
 		input->size = atoi(argv[6]);
 		input->num = atoi(argv[7]);
@@ -759,7 +759,7 @@ int websocket_main(int argc, char *argv[])
 
 	if ((status = pthread_attr_init(&attr)) != 0) {
 		printf("fail to init thread\n");
-		return -1;
+		goto error_with_function_failure;
 	}
 
 	pthread_attr_setstacksize(&attr, WEBSOCKET_EXAMPLE_STACKSIZE);
@@ -768,24 +768,33 @@ int websocket_main(int argc, char *argv[])
 	if (memcmp(argv[1], "client", strlen("client")) == 0 && argc == 8) {
 		if ((status = pthread_create(&tid, &attr, (pthread_startroutine_t)websocket_client, (void *)input)) != 0) {
 			printf("fail to create thread\n");
-			return -1;
+			goto error_with_function_failure;
 		}
 		pthread_setname_np(tid, "websocket client");
 		pthread_detach(tid);
 	} else if (memcmp(argv[1], "server", strlen("server")) == 0 && argc == 3) {
 		if ((status = pthread_create(&tid, &attr, (pthread_startroutine_t)websocket_server, (void *)input)) != 0) {
 			printf("fail to create thread\n");
-			return -1;
+			goto error_with_function_failure;
 		}
 		pthread_setname_np(tid, "websocket server");
 		pthread_detach(tid);
 	} else {
 		printf("\nwrong input parameter !!!\n %s\n", WEBSOCKET_USAGE);
-		return -1;
+		goto error_with_function_failure;
+	}
+
+	if (input) {
+		free(input);
 	}
+
 	return 0;
 
 error_with_input:
 	printf("%s", WEBSOCKET_USAGE);
+error_with_function_failure:
+	if (input) {
+		free(input);
+	}
 	return -1;
 }