From: Varinder Pratap <varinder.p@samsung.com>
Date: Mon, 23 Sep 2024 06:32:17 +0000 (+0530)
Subject: Fixed memory initialization & NULL free issue.
X-Git-Tag: accepted/tizen/unified/20241105.122216^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=94c2fd5371a0ca84b4ec8011bdd56197a8c3976a;p=sdk%2Ftarget%2Fsdbd.git

Fixed memory initialization & NULL free issue.
Signed-off-by: Varinder Pratap <varinder.p@samsung.com>wq

Change-Id: I0d6e2bf57c3260d8715346d91b3e6eb163bf486d
---

diff --git a/src/sdb.c b/src/sdb.c
index 7b33f8a..e078d0e 100755
--- a/src/sdb.c
+++ b/src/sdb.c
@@ -380,11 +380,9 @@ apacket *get_apacket(void)
 {
     apacket *p = malloc(sizeof(apacket));
     if(p == 0) {
-        // free only being done to resolve SVACE issue.
-        free(p) ;
         fatal("failed to allocate an apacket");
     }
-    memset(p, 0, sizeof(apacket) - MAX_PAYLOAD);
+    memset(p, 0, sizeof(apacket));
     return p;
 }
 
@@ -650,8 +648,13 @@ static void send_connect(atransport *t)
     if (extcmd != NULL) {
         char extbuf[BUF_SIZE] = {0,};
         snprintf(extbuf, sizeof extbuf, "::%s", extcmd);
-        strncat((char*) cp->data, extbuf, sizeof(cp->data) - strlen((const char*)cp->data)- 1);
+        if ((strlen((const char*)cp->data) + strlen(extbuf) + 1) <= sizeof(cp->data)) {
+	    strncat((char*) cp->data, extbuf, sizeof(cp->data) - strlen((const char*)cp->data)- 1);
+        } else {
+            E("Buffer overflow detected while concatenating extcmd\n");
+        }
     }
+
     cp->msg.data_length = strlen((char*) cp->data) + 1;
     D("CNXN data: %s\n", (char*)cp->data);