From: jiyong.min <jiyong.min@samsung.com>
Date: Mon, 29 Jun 2020 05:35:04 +0000 (+0900)
Subject: Added safe_atoi to avoid unwanted loop because of tainted int 'num'
X-Git-Tag: submit/tizen/20200709.031615~2^2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=6d5a25ecc169c9ba143fb4c7505e875e2461a2f2;p=platform%2Fcore%2Fapi%2Fmetadata-editor.git

Added safe_atoi to avoid unwanted loop because of tainted int 'num'

Change-Id: I2fc79d9b9134cbee1cfdc7887f0effc3570b158a
---

diff --git a/test/metadata_editor_test.c b/test/metadata_editor_test.c
index 6321a4e..1449497 100755
--- a/test/metadata_editor_test.c
+++ b/test/metadata_editor_test.c
@@ -161,8 +161,10 @@ static bool __get_tag_info(metadata_editor_h metadata)
 		else if ((ret == METADATA_EDITOR_ERROR_NONE) && picture_index) {
 			int num = 0, i;
 			ret = __safe_atoi(picture_index, &num);
-			if (ret != METADATA_EDITOR_ERROR_NONE || num < 0)
-				return true;
+			if (ret != METADATA_EDITOR_ERROR_NONE || num < 0) {
+				printf("fail to __safe_atoi[%d]\n", ret);
+				return false;
+			}
 
 			printf("Number of pictures: %u\n", num);
 
@@ -379,8 +381,12 @@ static bool __delete_pictures(metadata_editor_h metadata)
 
 	printf("The number of pictures is [%s]\n", picture_num);
 
-	num = atoi(picture_num);
+	ret = __safe_atoi(picture_num, &num);
 	free(picture_num);
+	if (ret != METADATA_EDITOR_ERROR_NONE || num < 0) {
+		printf("fail to __safe_atoi[%d]\n", ret);
+		return false;
+	}
 
 	if (num == 0) {
 		printf("There are no pictures to delete\n");