From: jongmyeongko <jongmyeong.ko@samsung.com>
Date: Mon, 13 Jun 2016 02:41:12 +0000 (+0900)
Subject: fix buffer underflow and overflow
X-Git-Tag: submit/tizen/20160615.073423^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=aebbbe90751335a93ad5abff9fe21573a107f39e;p=platform%2Fcore%2Fappfw%2Fapp2sd.git

fix buffer underflow and overflow

Change-Id: I667f183f886be7b06bf41fef597fdafca86b3cbe
Signed-off-by: jongmyeongko <jongmyeong.ko@samsung.com>
---

diff --git a/plugin/app2sd/src/app2sd_internals_utils.c b/plugin/app2sd/src/app2sd_internals_utils.c
index b48558a..cada8e3 100644
--- a/plugin/app2sd/src/app2sd_internals_utils.c
+++ b/plugin/app2sd/src/app2sd_internals_utils.c
@@ -622,10 +622,12 @@ char *_app2sd_generate_password(const char *pkgid)
 
 	while (i < PASSWD_LEN) {
 		seed = time(NULL);
-		char_1 = (rand_r(&seed) + pkgid[j--]) % ASCII_PASSWD_CHAR;
+		if (j > 0) j--;
+		char_1 = (rand_r(&seed) + pkgid[j]) % ASCII_PASSWD_CHAR;
 		char_2 = rand_r(&seed) % ASCII_PASSWD_CHAR;
 		passwd[i] = set[char_1];
-		passwd[i + 1] = set[(pkgid[j--]) * 2];
+		if (j > 0) j--;
+		passwd[i + 1] = set[((pkgid[j]) * 2) % ASCII_PASSWD_CHAR];
 		if (i < PASSWD_LEN - 3)
 			passwd[i + 2] = set[char_2];
 		i++;