From: Jiyong <jiyong.min@samsung.com>
Date: Wed, 18 Dec 2024 06:45:43 +0000 (+0900)
Subject: Bug fix. insecure strncmp
X-Git-Tag: accepted/tizen/unified/20241219.032735^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=db1e071ad52b664c2acb3b80c28e05cd3033cd09;p=platform%2Fcore%2Fapi%2Fmedia-controller.git

Bug fix. insecure strncmp

 - fix svace issue (LIB.INSECURE_STRNCMP)

The problem that such using checks only prefix of string because null-terminator is not checked.
It may be source of vulnarability when using for compariso passwords.
Correct pattern should use strlen(arg) + 1.

Change-Id: Ic9ac12468a6c81901e1c169097109e47a4c496fa
---

diff --git a/packaging/capi-media-controller.spec b/packaging/capi-media-controller.spec
index 131f056..ba2b29b 100644
--- a/packaging/capi-media-controller.spec
+++ b/packaging/capi-media-controller.spec
@@ -1,6 +1,6 @@
 Name:       capi-media-controller
 Summary:    A media controller library in Tizen Native API
-Version:    1.0.7
+Version:    1.0.8
 Release:    0
 Group:      Multimedia/API
 License:    Apache-2.0
diff --git a/svc/media_controller_db_util.c b/svc/media_controller_db_util.c
index dcf9ca3..15fca1c 100644
--- a/svc/media_controller_db_util.c
+++ b/svc/media_controller_db_util.c
@@ -631,7 +631,7 @@ static int __parse_db_request(gchar **params, char **sql_str)
 				MC_DB_TABLE_SERVER_INFO, i_value, llu_value, i_value_1, i_value_2, params[1]);
 		}
 
-	} else if (strncmp(MC_DB_CMD_UPDATE_META, params[0], strlen(MC_DB_CMD_UPDATE_META)) == 0) {
+	} else if (strncmp(MC_DB_CMD_UPDATE_META, params[0], strlen(MC_DB_CMD_UPDATE_META) + 1) == 0) {
 		gchar *message = NULL;
 		size_t message_size = 0;
 		g_auto(GStrv) meta_params = NULL;
@@ -774,10 +774,10 @@ static int __update_db_request(uid_t uid, gchar **params, const char *sql_str)
 		mc_error("mc_db_util_update_db error : %d", ret);
 
 	/* Update vconf */
-	if (strncmp(MC_DB_CMD_UPDATE_LATEST, params[0], strlen(MC_DB_CMD_UPDATE_LATEST)) == 0) {
+	if (strncmp(MC_DB_CMD_UPDATE_LATEST, params[0], strlen(MC_DB_CMD_UPDATE_LATEST) + 1) == 0) {
 		ret = __mc_update_latest_server_info_to_vconf(params[1], MC_SERVER_STATE_ACTIVATE, MC_PLAYBACK_STATE_PLAYING);
 
-	} else if (strncmp(MC_DB_CMD_UPDATE_PLAYBACK, params[0], strlen(MC_DB_CMD_UPDATE_PLAYBACK)) == 0) {
+	} else if (strncmp(MC_DB_CMD_UPDATE_PLAYBACK, params[0], strlen(MC_DB_CMD_UPDATE_PLAYBACK) + 1) == 0) {
 		mc_retvm_if(!params[2], MEDIA_CONTROLLER_ERROR_INVALID_OPERATION, "invalid query");
 
 		if (__mc_db_is_latest(db_handle, params[1])) {