From: Mandeep Shetty Date: Tue, 17 Mar 2015 20:55:11 +0000 (-0700) Subject: Klockwork fixes on C samples X-Git-Tag: 1.2.0+RC1~1855^2~56 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=bbe6ea7b93285c7c35291a6db4b5da9aa57cf550;p=platform%2Fupstream%2Fiotivity.git Klockwork fixes on C samples Send MAX_HEADER_OPTION_DATA_LENGTH as buffer size to avoid array bounds violation by potentially sending a larger size contained in the optionLength field in received headers. Change-Id: If9f6ea0688298a2ba7723db67f5082509fad1d5f Signed-off-by: Mandeep Shetty Reviewed-on: https://gerrit.iotivity.org/gerrit/493 Tested-by: jenkins-iotivity Reviewed-by: Erich Keane --- diff --git a/resource/csdk/stack/samples/linux/SimpleClientServer/occlient.cpp b/resource/csdk/stack/samples/linux/SimpleClientServer/occlient.cpp index 9dce85f..3ed35e2 100644 --- a/resource/csdk/stack/samples/linux/SimpleClientServer/occlient.cpp +++ b/resource/csdk/stack/samples/linux/SimpleClientServer/occlient.cpp @@ -230,8 +230,9 @@ OCStackApplicationResult getReqCB(void* ctx, OCDoHandle handle, OCClientResponse { OC_LOG_V(INFO, TAG, "Received option with OC_COAP_ID and ID %u with", ((OCHeaderOption)rcvdOptions[i]).optionID ); + OC_LOG_BUFFER(INFO, TAG, ((OCHeaderOption)rcvdOptions[i]).optionData, - ((OCHeaderOption)rcvdOptions[i]).optionLength); + MAX_HEADER_OPTION_DATA_LENGTH); } } } diff --git a/resource/csdk/stack/samples/linux/SimpleClientServer/occlientbasicops.cpp b/resource/csdk/stack/samples/linux/SimpleClientServer/occlientbasicops.cpp index e126035..1f6051d 100644 --- a/resource/csdk/stack/samples/linux/SimpleClientServer/occlientbasicops.cpp +++ b/resource/csdk/stack/samples/linux/SimpleClientServer/occlientbasicops.cpp @@ -207,8 +207,9 @@ OCStackApplicationResult getReqCB(void* ctx, OCDoHandle handle, { OC_LOG_V(INFO, TAG, "Received option with OC_COAP_ID and ID %u with", ((OCHeaderOption)rcvdOptions[i]).optionID ); + OC_LOG_BUFFER(INFO, TAG, ((OCHeaderOption)rcvdOptions[i]).optionData, - ((OCHeaderOption)rcvdOptions[i]).optionLength); + MAX_HEADER_OPTION_DATA_LENGTH); } } } diff --git a/resource/csdk/stack/samples/linux/SimpleClientServer/occlientslow.cpp b/resource/csdk/stack/samples/linux/SimpleClientServer/occlientslow.cpp index a31b9c7..6a9a66e 100644 --- a/resource/csdk/stack/samples/linux/SimpleClientServer/occlientslow.cpp +++ b/resource/csdk/stack/samples/linux/SimpleClientServer/occlientslow.cpp @@ -116,8 +116,9 @@ OCStackApplicationResult getReqCB(void* ctx, OCDoHandle handle, OCClientResponse { OC_LOG_V(INFO, TAG, "Received option with OC_COAP_ID and ID %u with", ((OCHeaderOption)rcvdOptions[i]).optionID ); + OC_LOG_BUFFER(INFO, TAG, ((OCHeaderOption)rcvdOptions[i]).optionData, - ((OCHeaderOption)rcvdOptions[i]).optionLength); + MAX_HEADER_OPTION_DATA_LENGTH); } } } diff --git a/resource/csdk/stack/samples/linux/SimpleClientServer/ocserver.cpp b/resource/csdk/stack/samples/linux/SimpleClientServer/ocserver.cpp index dbfeec7..acd3f13 100644 --- a/resource/csdk/stack/samples/linux/SimpleClientServer/ocserver.cpp +++ b/resource/csdk/stack/samples/linux/SimpleClientServer/ocserver.cpp @@ -591,8 +591,9 @@ OCEntityHandlerCb (OCEntityHandlerFlag flag, { OC_LOG_V(INFO, TAG, "Received option with OC_COAP_ID and ID %u with", ((OCHeaderOption)rcvdOptions[i]).optionID ); + OC_LOG_BUFFER(INFO, TAG, ((OCHeaderOption)rcvdOptions[i]).optionData, - ((OCHeaderOption)rcvdOptions[i]).optionLength); + MAX_HEADER_OPTION_DATA_LENGTH); } } OCHeaderOption * sendOptions = response.sendVendorSpecificHeaderOptions;