From: Oleg Kopysov <o.kopysov@samsung.com>
Date: Fri, 19 May 2017 17:38:46 +0000 (+0300)
Subject: Fix defects detected by SVACE
X-Git-Tag: 1.3.0~69
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=bab5cb3865a6e3e0c5989b952419da1a055b51f0;p=platform%2Fupstream%2Fiotivity.git

Fix defects detected by SVACE

Fix SVACE warnings in the following directories:
- /resource/csdk/security/provisioning
- /resource/provisioning

Implemented:
- use snprintf instead of sprintf
- null pointer checks
- fclose added to remove lost handles

Change-Id: I31d6765df649e30c24c931932eb68bc35b7e6cef
Signed-off-by: Oleksandr Moliavko <o.moliavko@samsung.com>
Signed-off-by: Oleg Kopysov <o.kopysov@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/20049
Tested-by: jenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: dongik Lee <dongik.lee@samsung.com>
Reviewed-by: Dmitriy Zhuravlev <d.zhuravlev@samsung.com>
---

diff --git a/resource/csdk/security/provisioning/sample/certgenerator.cpp b/resource/csdk/security/provisioning/sample/certgenerator.cpp
index 8bd4c96da..7d97f15ec 100644
--- a/resource/csdk/security/provisioning/sample/certgenerator.cpp
+++ b/resource/csdk/security/provisioning/sample/certgenerator.cpp
@@ -388,13 +388,6 @@ exit:
 
     OICFree(serial);
     OICFree(certificate);
-    if (NULL != f)
-    {
-        if (0 != fclose(f))
-        {
-            printf("Warning: failed to fclose\n");
-        }
-    }
 }
 
 static void DoGenKeyPair()
@@ -532,4 +525,4 @@ int main()
             break;
         }
     }
-}
\ No newline at end of file
+}
diff --git a/resource/csdk/security/provisioning/src/cloud/aclid.c b/resource/csdk/security/provisioning/src/cloud/aclid.c
index eaac70e68..03881488a 100644
--- a/resource/csdk/security/provisioning/src/cloud/aclid.c
+++ b/resource/csdk/security/provisioning/src/cloud/aclid.c
@@ -254,7 +254,7 @@ OCStackResult OCCloudAclIndividualAclUpdate(void* ctx,
         goto no_memory;
     }
 
-    int acllist_count = 0;
+    size_t acllist_count = 0;
     //code below duplicates LL_COUNT, implemented in newer version of utlist.h
     {
         cloudAce_t *ace = (cloudAce_t*)aces;
@@ -297,7 +297,7 @@ OCStackResult OCCloudAclIndividualAclUpdate(void* ctx,
 
         OICFree(uuid);
 
-        int reslist_count = 0;
+        size_t reslist_count = 0;
         //code below duplicates LL_COUNT, implemented in newer version of utlist.h
         {
             OicSecRsrc_t *res = ace->resources;
@@ -399,7 +399,7 @@ OCStackResult OCCloudAclIndividualAceUpdate(void* ctx,
         goto no_memory;
     }
 
-    int acllist_count = 1;
+    size_t acllist_count = 1;
 
     helperPayload = OICCalloc(acllist_count, sizeof(OCRepPayload *));
     if (!helperPayload)
@@ -433,7 +433,7 @@ OCStackResult OCCloudAclIndividualAceUpdate(void* ctx,
 
         OICFree(uuid);
 
-        int reslist_count = 0;
+        size_t reslist_count = 0;
         //code below duplicates LL_COUNT, implemented in newer version of utlist.h
         {
             OicSecRsrc_t *res = ace->resources;
diff --git a/resource/provisioning/examples/cloudClient.cpp b/resource/provisioning/examples/cloudClient.cpp
index 585ecb9c1..02ee44338 100644
--- a/resource/provisioning/examples/cloudClient.cpp
+++ b/resource/provisioning/examples/cloudClient.cpp
@@ -225,8 +225,8 @@ static int saveTrustCert(void)
             {
                 OIC_LOG(ERROR, TAG, "Certiface not read completely");
             }
-            fclose(fp);
         }
+        fclose(fp);
     }
     OIC_LOG_BUFFER(DEBUG, TAG, trustCertChainArray.data, trustCertChainArray.len);
 
diff --git a/resource/provisioning/examples/provisioningclient.cpp b/resource/provisioning/examples/provisioningclient.cpp
index e786e3538..5c3ea1ab4 100644
--- a/resource/provisioning/examples/provisioningclient.cpp
+++ b/resource/provisioning/examples/provisioningclient.cpp
@@ -886,8 +886,8 @@ static int saveTrustCert(void)
             {
                 OIC_LOG(ERROR,TAG,"Read error");
             }
-            fclose(fp);
         }
+        fclose(fp);
     }
     OIC_LOG_BUFFER(DEBUG, TAG, trustCertChainArray.data, trustCertChainArray.len);
 
diff --git a/resource/provisioning/src/OCProvisioningManager.cpp b/resource/provisioning/src/OCProvisioningManager.cpp
index 4e135d4a4..5711c91fc 100644
--- a/resource/provisioning/src/OCProvisioningManager.cpp
+++ b/resource/provisioning/src/OCProvisioningManager.cpp
@@ -812,7 +812,9 @@ namespace OC
             memcpy(number, verifNum, MUTUAL_VERIF_NUM_LEN);
         }
 
-        return context->callback(number);
+        OCStackResult res = context->callback(number);
+        delete context;
+        return res;
     }
 
     OCStackResult OCSecure::registerDisplayNumCallback(DisplayNumCB displayNumCB)
@@ -879,7 +881,9 @@ namespace OC
             return OC_STACK_INVALID_PARAM;
         }
 
-        return context->callback();
+        OCStackResult res = context->callback();
+        delete context;
+        return res;
     }
 
     OCStackResult OCSecure::registerUserConfirmCallback(UserConfirmNumCB userConfirmCB)