From: Kichan Kwon <k_c.kwon@samsung.com>
Date: Thu, 31 Aug 2017 01:32:07 +0000 (+0900)
Subject: init_db : allocate one more byte to boolean value
X-Git-Tag: submit/tizen_4.0/20200622.054729~4
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=60f077fc65a5cbdd1325cf0a69a3d7daca523fb1;p=platform%2Fcore%2Fapi%2Fsystem-info.git

init_db : allocate one more byte to boolean value

- For null character, write (len + 1) bytes to the DB
- However, only len bytes are allocated for boolean value
- To prevent buffer over-read, give a spare byte

Change-Id: I5582e0ac5c1d5837ce9ac1b295762814011133f0
Signed-off-by: Kichan Kwon <k_c.kwon@samsung.com>
---

diff --git a/src/init_db/system_info_db_init.c b/src/init_db/system_info_db_init.c
index b20e9ea..911c997 100644
--- a/src/init_db/system_info_db_init.c
+++ b/src/init_db/system_info_db_init.c
@@ -119,7 +119,7 @@ static int db_get_value(GDBM_FILE *db, char *tag, char *name, char *type, char *
 
 static int db_set_value_specific_runtime(GDBM_FILE *db, char *tag, char *name, char *type, char *value, int lang)
 {
-	char value_intg[LANG_MAX];
+	char value_intg[LANG_MAX + 1] = {0};
 	int ret;
 
 	ret = db_get_value(db, tag, name, type, value_intg, LANG_MAX);
@@ -127,7 +127,7 @@ static int db_set_value_specific_runtime(GDBM_FILE *db, char *tag, char *name, c
 		return ret;
 
 	value_intg[lang] = (value[0] == 't' ? 'T' : 'F');
-	ret = db_set_value(db, tag, name, type, value_intg, sizeof(value_intg));
+	ret = db_set_value(db, tag, name, type, value_intg, LANG_MAX);
 
 	return ret;
 }
@@ -137,10 +137,10 @@ static int db_set_value_foreach_runtime(GDBM_FILE *db, xmlNode *node,
 {
 	int rt;
 	xmlChar *prop_val;
-	char value_intg[LANG_MAX];
+	char value_intg[LANG_MAX + 1] = {0};
 	int ret;
 
-	memset(value_intg, strncmp(value, "true", 4) ? 'F' : 'T', sizeof(value_intg));
+	memset(value_intg, strncmp(value, "true", 4) ? 'F' : 'T', LANG_MAX);
 
 	for (rt = 0; rt < LANG_MAX; rt++) {
 		if (!runtime[rt].xml_prop)
@@ -155,7 +155,7 @@ static int db_set_value_foreach_runtime(GDBM_FILE *db, xmlNode *node,
 		xmlFree(prop_val);
 	}
 
-	ret = db_set_value(db, tag, name, type, value_intg, sizeof(value_intg));
+	ret = db_set_value(db, tag, name, type, value_intg, LANG_MAX);
 
 	return ret;
 }
@@ -347,7 +347,7 @@ static int system_info_update_db(int argc, char *argv[])
 	char type[KEY_MAX] = {0};
 	char tag[KEY_MAX] = {0};
 	char value[KEY_MAX] = {0};
-	char value_bool[LANG_MAX] = {0};
+	char value_bool[LANG_MAX + 1] = {0};
 	char conf_path[KEY_MAX] = {0};
 	char db_path[KEY_MAX] = {0};
 	enum language lang = LANG_MAX;