From: Aleksey Volkov <a.volkov@samsung.com>
Date: Wed, 20 Sep 2017 13:33:27 +0000 (+0300)
Subject: [IOT-2726] Add pstat.dos check in AddCredential
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=add093b173491fdf4bc4f9964e5dc956a96123fa;p=platform%2Fupstream%2Fiotivity.git

[IOT-2726] Add pstat.dos check in AddCredential

This change adds /pstat.dos state check to protect credentials modifications in read-only states.

Change-Id: I9a3402e458db8c5fa62a5a0fa0e08c1dd432ceaf
Signed-off-by: Aleksey Volkov <a.volkov@samsung.com>
---

diff --git a/resource/csdk/security/src/credresource.c b/resource/csdk/security/src/credresource.c
index 94cd79e..fe24c13 100644
--- a/resource/csdk/security/src/credresource.c
+++ b/resource/csdk/security/src/credresource.c
@@ -1680,6 +1680,17 @@ OCStackResult AddCredential(OicSecCred_t * newCred)
 
     bool found = false;
 
+    OicSecDostype_t dos;
+
+    VERIFY_SUCCESS(TAG, OC_STACK_OK == GetDos(&dos), ERROR);
+    if ((DOS_RESET == dos.state) ||
+        (DOS_RFNOP == dos.state))
+    {
+        OIC_LOG_V(ERROR, TAG, "%s /cred resource is read-only in RESET and RFNOP.", __func__);
+        result = OC_EH_NOT_ACCEPTABLE;
+        goto exit;
+    }
+
     //leave IOT-1936 fix for preconfig pin
 #if ((defined(__WITH_DTLS__) || defined(__WITH_TLS__)) && defined(MULTIPLE_OWNER))
     LL_FOREACH_SAFE(gCred, cred, tempCred)
@@ -1743,7 +1754,7 @@ saveToDB:
     {
         result = OC_STACK_OK;
     }
-
+exit:
     return result;
 }