From: Wook Song <wook16.song@samsung.com>
Date: Thu, 16 Mar 2017 09:25:06 +0000 (+0900)
Subject: pmqos: Fix strcpy use and memory leak defects
X-Git-Tag: submit/tizen/20170328.004502~4
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=ed4b4920c2cb1faf3895f862c8107807a95ead32;p=platform%2Fcore%2Fsystem%2Fpass.git

pmqos: Fix strcpy use and memory leak defects

This patch fixes the following code-level defects according to static
program analysis result:

1. PROC_USE.VULNERABLE: Use of vulnerable function 'strcpy'. For better
security, using strncpy is recommended instead of strcpy.
2. MEMORY_LEAK.EX: Dynamic memory was allocated by calling function
'calloc' and lost at some point.

Change-Id: Ie58bb7073254935b24257f8c9db19dd04c8b25f8
Signed-off-by: Wook Song <wook16.song@samsung.com>
Reviewed-by: Chanwoo Choi <cw00.choi@samsung.com>
---

diff --git a/src/pmqos/pmqos.c b/src/pmqos/pmqos.c
index 6b7c2f1..1caa7bb 100644
--- a/src/pmqos/pmqos.c
+++ b/src/pmqos/pmqos.c
@@ -256,10 +256,18 @@ static int pmqos_request(const char *name, int val)
 
 	ret = pmqos_unlock_timer_start();
 	if (ret < 0)
-		return ret;
+		goto err;
+
 	/* Set cpu lock */
 	set_pmqos(cpu->name, true);
 	return 0;
+err:
+	if (!found) {
+		DD_LIST_REMOVE(pmqos_head, cpu);
+		free(cpu);
+	}
+
+	return ret;
 }
 
 static DBusMessage *dbus_pmqos_handler(E_DBus_Object *obj, DBusMessage *msg)
@@ -371,7 +379,7 @@ static int get_methods_from_conf(const char *path, struct edbus_method **edbus_m
 	/* allocate edbus methods structure */
 	methods = calloc(scenarios.num, sizeof(struct edbus_method));
 	if (!methods) {
-		_E("failed to allocate methods memory : %s", strerror(errno));
+		_E("failed to allocate memory for methods");
 		pmqos_put_scenario(&scenarios);
 		return -errno;
 	}