From: sung.goo.kim <sung.goo.kim@samsung.com>
Date: Fri, 24 Jun 2016 06:28:43 +0000 (+0900)
Subject: Fix internal API(security) bugs
X-Git-Tag: submit/tizen/20160627.095054~2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=b923b22c75d11c1ff42d82dfb0605d06740c831d;p=platform%2Fcore%2Fiot%2Fiotcon.git

Fix internal API(security) bugs

Change-Id: Ica37351fd806a9322ae5249e60ae3b469a43aeb3
---

diff --git a/lib/icl-provisioning-struct.c b/lib/icl-provisioning-struct.c
index 665c2a3..5bc56ef 100644
--- a/lib/icl-provisioning-struct.c
+++ b/lib/icl-provisioning-struct.c
@@ -76,6 +76,8 @@ static OCProvisionDev_t* _provisioning_device_clone(OCProvisionDev_t *src)
 
 	OCProvisionDev_t *clone;
 
+	RETV_IF(NULL == src, NULL);
+
 	clone = PMCloneOCProvisionDev(src);
 	if (NULL == clone) {
 		ERR("PMCloneOCProvisionDev() Fail");
@@ -604,9 +606,13 @@ API int iotcon_provisioning_devices_add_device(iotcon_provisioning_devices_h dev
 {
 	FN_CALL;
 	OCProvisionDev_t *current;
-	OCProvisionDev_t *dev_list = devices->dev_list;
+	OCProvisionDev_t *dev_list;
 
 	RETV_IF(false == ic_utils_check_ocf_feature(), IOTCON_ERROR_NOT_SUPPORTED);
+	RETV_IF(NULL == devices, IOTCON_ERROR_INVALID_PARAMETER);
+	RETV_IF(NULL == device, IOTCON_ERROR_INVALID_PARAMETER);
+
+	dev_list = devices->dev_list;
 
 	current = icl_provisioning_devices_get_devices(devices);
 	for (; current; current = current->next) {
@@ -623,10 +629,13 @@ API int iotcon_provisioning_devices_add_device(iotcon_provisioning_devices_h dev
 		return IOTCON_ERROR_OUT_OF_MEMORY;
 	}
 
-	while (dev_list->next)
-		dev_list = dev_list->next;
-
-	dev_list->next = current;
+	if (NULL == dev_list)
+		dev_list = current;
+	else {
+		while (dev_list->next)
+			dev_list = dev_list->next;
+		dev_list->next = current;
+	}
 
 	return IOTCON_ERROR_NONE;
 }
diff --git a/lib/icl-provisioning.c b/lib/icl-provisioning.c
index e6c8e41..985cc02 100644
--- a/lib/icl-provisioning.c
+++ b/lib/icl-provisioning.c
@@ -222,6 +222,9 @@ API int iotcon_provisioning_get_devices(iotcon_provisioning_devices_h *owned_dev
 {
 	FN_CALL;
 
+	RETV_IF(NULL == owned_devices && NULL == unowned_devices,
+			IOTCON_ERROR_INVALID_PARAMETER);
+
 	if (owned_devices)
 		*owned_devices = icl_owned_devices;