From: manish.r Date: Mon, 3 May 2021 12:29:13 +0000 (+0530) Subject: Changes for Security Review X-Git-Tag: submit/tizen/20210504.105536^0 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=68e2d85108ec6285e428ad9942ac5e30913487d7;p=sdk%2Ftarget%2Fsdbd.git Changes for Security Review Change-Id: I89bc56842a1c20708190807e31a1b4be36cce647 Signed-off-by: manish.r --- diff --git a/src/default_plugin_appcmd.c b/src/default_plugin_appcmd.c index d6d04ff..596d905 100755 --- a/src/default_plugin_appcmd.c +++ b/src/default_plugin_appcmd.c @@ -83,8 +83,8 @@ static int appcmd_install_gen_shellcmd(appcmd_info* p_info) { if (type != NULL && pkgpath != NULL && pkgid != NULL && teppath != NULL) { D("args: type=%s, pkgpath=%s, pkgid=%s, teppath=%s\n", type, pkgpath, pkgid, teppath); - if (strncmp(pkgid, "\\n\\u\\l\\l", 8) == 0) { - if (strncmp(teppath, "\\n\\u\\l\\l", 8) == 0) { + if (strncmp(pkgid, "\\n\\u\\l\\l", strlen("\\n\\u\\l\\l")+1) == 0) { + if (strncmp(teppath, "\\n\\u\\l\\l", strlen("\\n\\u\\l\\l")+1) == 0) { /* Normal install case */ snprintf(buf, len, "pkgcmd -i -q -t %s -p %s -G", type, pkgpath); } else { @@ -845,7 +845,7 @@ int appcmd_service( parameters* in, int out_fd ) { service_name = info.args[0]; D("service name=%s\n", service_name); - if (strncmp(service_name, "install", 7) == 0) { + if (strncmp(service_name, "install", strlen("install")+1) == 0) { info.receiver_func = appcmd_receiver_default; info.gen_cmd_func = appcmd_install_gen_shellcmd; run_appcmd_with_shell_process(&info); @@ -853,15 +853,15 @@ int appcmd_service( parameters* in, int out_fd ) { if (info.args[2] != NULL) { sdb_unlink(info.args[2]); } - } else if (strncmp(service_name, "uninstall", 9) == 0) { + } else if (strncmp(service_name, "uninstall", strlen("uninstall")+1) == 0) { info.receiver_func = appcmd_receiver_default; info.gen_cmd_func = appcmd_uninstall_gen_shellcmd; run_appcmd_with_shell_process(&info); - } else if (strncmp(service_name, "appinfo", 7) == 0) { + } else if (strncmp(service_name, "appinfo", strlen("appinfo")+1) == 0) { info.gen_cmd_func = appcmd_appinfo_gen_shellcmd; info.receiver_func = appcmd_receiver_appinfo; run_appcmd_with_shell_process(&info); - } else if (strncmp(service_name, "packageinfo", 11) == 0) { + } else if (strncmp(service_name, "packageinfo", strlen("packageinfo")+1) == 0) { #if APPCMD_USING_PKGMGR run_appcmd_packageinfo(&info); #else @@ -869,29 +869,29 @@ int appcmd_service( parameters* in, int out_fd ) { info.receiver_func = appcmd_receiver_packageinfo; run_appcmd_with_shell_process(&info); #endif - } else if (strncmp(service_name, "packagelist", 11) == 0) { + } else if (strncmp(service_name, "packagelist", strlen("packagelist")+1) == 0) { info.gen_cmd_func = appcmd_packagelist_gen_shellcmd; info.receiver_func = appcmd_receiver_packagelist; run_appcmd_with_shell_process(&info); - } else if (strncmp(service_name, "appinstallpath", 14) == 0) { + } else if (strncmp(service_name, "appinstallpath", strlen("appinstallpath")+1) == 0) { run_appcmd_appinstallpath(&info); - } else if (strncmp(service_name, "runapp", 6) == 0) { + } else if (strncmp(service_name, "runapp", strlen("runapp")+1) == 0) { info.receiver_func = appcmd_receiver_default; info.gen_cmd_func = appcmd_runapp_gen_shellcmd; run_appcmd_with_shell_process(&info); - } else if (strncmp(service_name, "rununittestapp", 14) == 0) { + } else if (strncmp(service_name, "rununittestapp", strlen("rununittestapp")+1) == 0) { info.receiver_func = appcmd_receiver_default; info.gen_cmd_func = appcmd_rununittestapp_gen_shellcmd; run_appcmd_with_shell_process(&info); - } else if (strncmp(service_name, "killapp", 7) == 0) { + } else if (strncmp(service_name, "killapp", strlen("killapp")+1) == 0) { info.receiver_func = appcmd_receiver_default; info.gen_cmd_func = appcmd_killapp_gen_shellcmd; run_appcmd_with_shell_process(&info); - } else if (strncmp(service_name, "debugwebapp", 11) == 0) { + } else if (strncmp(service_name, "debugwebapp", strlen("debugwebapp")+1) == 0) { info.gen_cmd_func = appcmd_debugwebapp_gen_shellcmd; info.receiver_func = appcmd_receiver_debugwebapp; run_appcmd_with_shell_process(&info); - } else if (strncmp(service_name, "debugnativeapp", 14) == 0) { + } else if (strncmp(service_name, "debugnativeapp", strlen("debugnativeapp")+1) == 0) { info.gen_cmd_func = appcmd_debugnativeapp_gen_shellcmd; run_appcmd_with_shell_process(&info); } else { diff --git a/src/default_plugin_basic.c b/src/default_plugin_basic.c old mode 100644 new mode 100755 index 5a3d317..5c32ef0 --- a/src/default_plugin_basic.c +++ b/src/default_plugin_basic.c @@ -349,7 +349,9 @@ int verify_handle_by_plugin ( parameters* in, parameters* out ) D("failed to allocate memory for the parameter\n"); return PLUGIN_CMD_FAIL; } - if(!strncmp(in->array_of_parameter[0].v_string.data, "sample-echo", 11)) { + + //the data contains the string sample-echo followed by space and then the user string, hence checking for space. + if((in->array_of_parameter[0].v_string.data[11] == ' ')&&(!strncmp(in->array_of_parameter[0].v_string.data, "sample-echo", strlen("sample-echo")))) { out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = PLUGIN_RET_HANDLE; } diff --git a/src/file_sync_service.c b/src/file_sync_service.c old mode 100644 new mode 100755 index 8ec4268..2ab73c1 --- a/src/file_sync_service.c +++ b/src/file_sync_service.c @@ -170,7 +170,8 @@ static int do_stat(int s, const char *path, const char* cmd) struct stat st; msg.stat.id = ID_STAT; - if (cmd && !strncmp(cmd, "pull", 4)) { + + if (cmd && !strncmp(cmd, "pull", strlen(cmd)+1)) { if (!request_validity_to_plugin(PLUGIN_SYNC_CMD_VERIFY_PULL, path)) { D("cannot pull files from this path.\n"); msg.stat.mode = 1; @@ -453,14 +454,14 @@ static int handle_send_link(int s, int noti_fd, char *path, char *buffer) static int is_support_push() { - return (!strncmp(g_capabilities.filesync_support, PLUGIN_RET_PUSHPULL, strlen(PLUGIN_RET_PUSHPULL)) - || !strncmp(g_capabilities.filesync_support, PLUGIN_RET_PUSH, strlen(PLUGIN_RET_PUSH))); + return (!strncmp(g_capabilities.filesync_support, PLUGIN_RET_PUSHPULL, strlen(PLUGIN_RET_PUSHPULL)+1) + || !strncmp(g_capabilities.filesync_support, PLUGIN_RET_PUSH, strlen(PLUGIN_RET_PUSH)+1)); } static int is_support_pull() { - return (!strncmp(g_capabilities.filesync_support, PLUGIN_RET_PUSHPULL, strlen(PLUGIN_RET_PUSHPULL)) - || !strncmp(g_capabilities.filesync_support, PLUGIN_RET_PULL, strlen(PLUGIN_RET_PULL))); + return (!strncmp(g_capabilities.filesync_support, PLUGIN_RET_PUSHPULL, strlen(PLUGIN_RET_PUSHPULL)+1) + || !strncmp(g_capabilities.filesync_support, PLUGIN_RET_PULL, strlen(PLUGIN_RET_PULL)+1)); } static int do_send(int s, int noti_fd, char *path, char *buffer) diff --git a/src/sdb.c b/src/sdb.c index c92bf11..844ac49 100755 --- a/src/sdb.c +++ b/src/sdb.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the License); @@ -271,7 +271,7 @@ static char* get_sdb_log_conf(const char* key) static int is_enable_sdbd_log() { - return (!strncmp(g_capabilities.log_enable, PLUGIN_RET_ENABLED, strlen(PLUGIN_RET_ENABLED))); + return (!strncmp(g_capabilities.log_enable, PLUGIN_RET_ENABLED, strlen(PLUGIN_RET_ENABLED)+1)); } int sdb_trace_mask; @@ -378,7 +378,11 @@ int sdb_debug_qemu = -1; apacket *get_apacket(void) { apacket *p = malloc(sizeof(apacket)); - if(p == 0) fatal("failed to allocate an apacket"); + if(p == 0) { + // free only being done to resolve SVACE issue. + free(p) ; + fatal("failed to allocate an apacket"); + } memset(p, 0, sizeof(apacket) - MAX_PAYLOAD); return p; } @@ -1999,12 +2003,12 @@ static void init_capabilities(void) { static int is_support_usbproto() { - return (!strncmp(g_capabilities.usbproto_support, PLUGIN_RET_ENABLED, strlen(PLUGIN_RET_ENABLED))); + return (!strncmp(g_capabilities.usbproto_support, PLUGIN_RET_ENABLED, strlen(PLUGIN_RET_ENABLED)+1)); } static int is_support_sockproto() { - return (!strncmp(g_capabilities.sockproto_support, PLUGIN_RET_ENABLED, strlen(PLUGIN_RET_ENABLED))); + return (!strncmp(g_capabilities.sockproto_support, PLUGIN_RET_ENABLED, strlen(PLUGIN_RET_ENABLED)+1)); } #define EMULATOR_MODEL_NAME "Emulator" @@ -2016,7 +2020,7 @@ static void check_emulator_or_device() // Get the model name from model_config.xml ret = get_device_name(model_name, sizeof model_name); if (ret == 0) { - if(!strncmp(model_name, EMULATOR_MODEL_NAME, sizeof(EMULATOR_MODEL_NAME))){ + if(!strncmp(model_name, EMULATOR_MODEL_NAME, strlen("Emulator")+1)){ g_is_emulator = 1; I("This target type is Emulator\n"); } else { diff --git a/src/sdktools.c b/src/sdktools.c index c734c10..11377e6 100644 --- a/src/sdktools.c +++ b/src/sdktools.c @@ -162,7 +162,7 @@ int verify_root_commands(const char *arg1) { if (!is_cmd_suffix_denied(arg1) && (cnt == 2)) { // check if command is used with permitted arguments for (i = 0; root_commands[0].arguments[i] != NULL; i++) { - if (!strncmp(tokens[1], root_commands[0].arguments[i], strlen(tokens[1]))){ + if (!strncmp(tokens[1], root_commands[0].arguments[i], strlen(tokens[1])+1)){ D("found permitted arguments :%s\n", tokens[1]); ret = 1; break; @@ -216,7 +216,7 @@ int regcmp(const char* pattern, const char* str) { int is_root_commands(const char *command) { int i = -1; for(i = 0; root_commands[i].path != NULL; i++) { - if(!strncmp(root_commands[i].path, command, PATH_MAX)) { + if(!strncmp(root_commands[i].path, command, strlen(root_commands[i].path)+1)) { return i; } } diff --git a/src/services.c b/src/services.c index 0ef738c..77a670f 100755 --- a/src/services.c +++ b/src/services.c @@ -74,7 +74,7 @@ void *service_bootstrap_func(void *x) static int is_support_interactive_shell() { - return (!strncmp(g_capabilities.intershell_support, PLUGIN_RET_ENABLED, strlen(PLUGIN_RET_ENABLED))); + return (!strncmp(g_capabilities.intershell_support, PLUGIN_RET_ENABLED, strlen(PLUGIN_RET_ENABLED)+1)); } #if 0 @@ -115,7 +115,7 @@ static void recover_service(int s, void *cookie) static int is_support_rootonoff() { - return (!strncmp(g_capabilities.rootonoff_support, PLUGIN_RET_ENABLED, strlen(PLUGIN_RET_ENABLED))); + return (!strncmp(g_capabilities.rootonoff_support, PLUGIN_RET_ENABLED, strlen(PLUGIN_RET_ENABLED)+1)); } void rootshell_service(int fd, void *cookie) @@ -892,8 +892,8 @@ static int create_sync_subprocess(void (*func)(int, void *), void* cookie) { char *arg[5]; char targ[10]; char smarg[10]; - sprintf(targ,"%d",s[1]); - sprintf(smarg, "%d",rootshell_mode); + snprintf(targ, sizeof(targ), "%d", s[1]); + snprintf(smarg, sizeof(smarg), "%d", rootshell_mode); D("SERVICE fd to be used by child process %d",s[1]); D("SERVICE rootmode to be used by child process %s",smarg); arg[0]=fname;