From: Boram Bae Date: Tue, 19 May 2020 03:31:03 +0000 (+0900) Subject: Use a buffer size when disclosing message X-Git-Tag: submit/tizen/20200724.011530~3 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=fbf7ea473b79bdf592e93ac5a84b8b9497eb1d51;p=platform%2Fcore%2Fsystem%2Fsensord.git Use a buffer size when disclosing message Change-Id: Ica95575c04fce516fb8e156fa8281d8888a1ea15 Signed-off-by: Boram Bae --- diff --git a/src/client/sensor_listener.cpp b/src/client/sensor_listener.cpp index 0c129281..08e8cd70 100644 --- a/src/client/sensor_listener.cpp +++ b/src/client/sensor_listener.cpp @@ -224,7 +224,7 @@ bool sensor_listener::connect(void) m_evt_channel->send_sync(msg); m_evt_channel->read_sync(reply); - reply.disclose((char *)&buf); + reply.disclose((char *)&buf, sizeof(buf)); m_id = buf.listener_id; m_connected.store(true); @@ -640,7 +640,7 @@ int sensor_listener::get_sensor_data(sensor_data_t *data) m_cmd_channel->send_sync(msg); m_cmd_channel->read_sync(reply); - reply.disclose((char *)&buf); + reply.disclose((char *)&buf, sizeof(buf)); int size = sizeof(sensor_data_t); if (buf.len > size || buf.len < 0) { @@ -681,7 +681,7 @@ int sensor_listener::get_sensor_data_list(sensor_data_t **data, int *count) retvm_if(!reply_buf, -ENOMEM, "Failed to allocate memory"); - reply.disclose((char *)reply_buf); + reply.disclose((char *)reply_buf, size); if (reply_buf->len <= 0) { delete [] reply_buf; diff --git a/src/client/sensor_manager.cpp b/src/client/sensor_manager.cpp index 64b623c7..b72580af 100644 --- a/src/client/sensor_manager.cpp +++ b/src/client/sensor_manager.cpp @@ -296,7 +296,7 @@ bool sensor_manager::get_sensors_internal(void) ret = m_cmd_channel->read_sync(reply); retvm_if(!ret, false, "Failed to receive message"); - reply.disclose(buf); + reply.disclose(buf, MAX_BUF_SIZE); decode_sensors(buf, m_sensors); diff --git a/src/client/sensor_manager_channel_handler.cpp b/src/client/sensor_manager_channel_handler.cpp index 97ffd7b1..3feed82f 100644 --- a/src/client/sensor_manager_channel_handler.cpp +++ b/src/client/sensor_manager_channel_handler.cpp @@ -82,7 +82,7 @@ void sensor_manager::channel_handler::on_sensor_removed(ipc::channel *ch, ipc::m ret_if(msg.header()->err < 0); char uri[NAME_MAX] = {0, }; - msg.disclose(uri); + msg.disclose(uri, NAME_MAX); m_manager->remove_sensor(uri); auto it = m_sensor_removed_callbacks.begin(); diff --git a/src/client/sensor_provider_channel_handler.cpp b/src/client/sensor_provider_channel_handler.cpp index c9391381..039c93de 100644 --- a/src/client/sensor_provider_channel_handler.cpp +++ b/src/client/sensor_provider_channel_handler.cpp @@ -62,7 +62,7 @@ void sensor_provider::channel_handler::read(ipc::channel *ch, ipc::message &msg) break; case CMD_PROVIDER_ATTR_INT: cmd_provider_attr_int_t buf; - msg.disclose((char *)&buf); + msg.disclose((char *)&buf, sizeof(buf)); if (buf.attribute == SENSORD_ATTRIBUTE_INTERVAL && m_interval_changed_cb) m_interval_changed_cb(m_provider, buf.value, m_interval_changed_user_data); @@ -73,7 +73,7 @@ void sensor_provider::channel_handler::read(ipc::channel *ch, ipc::message &msg) attr = (cmd_provider_attr_str_t *) new(std::nothrow) char[msg.size()]; retm_if(!attr, "Failed to allocate memory"); - msg.disclose((char *)attr); + msg.disclose((char *)attr, msg.size()); if (m_attribute_str_cb) m_attribute_str_cb(m_provider, attr->attribute, attr->value, attr->len, m_attribute_str_user_data); diff --git a/src/sensorctl/testcase/unit_ipc.cpp b/src/sensorctl/testcase/unit_ipc.cpp index 10e11e4c..ab51d65f 100644 --- a/src/sensorctl/testcase/unit_ipc.cpp +++ b/src/sensorctl/testcase/unit_ipc.cpp @@ -64,7 +64,7 @@ public: auto reply = message::create(); RETM_IF(!reply, "Failed to allocate memory"); - msg.disclose(buf); + msg.disclose(buf, MAX_BUF_SIZE); reply->enclose(buf, MAX_BUF_SIZE); ch->send(reply); @@ -123,7 +123,7 @@ static bool run_ipc_client_sleep_1s(const char *str, int size, int count) SLEEP_1S; ch->read_sync(reply); - reply.disclose(buf); + reply.disclose(buf, MAX_BUF_SIZE); int ret = strncmp(buf, "111", 3); ASSERT_EQ(ret, 0); @@ -166,7 +166,7 @@ static bool run_ipc_client_small_buffer(const char *str, int size, int count) ch->read_sync(reply); } - reply.disclose(buf); + reply.disclose(buf, MAX_BUF_SIZE); ret = strncmp(buf, "111", 3); ASSERT_EQ(ret, 0); @@ -201,7 +201,7 @@ static bool run_ipc_client_1M(const char *str, int size, int count) ch->read_sync(reply); } - reply.disclose(buf); + reply.disclose(buf, MAX_BUF_SIZE); ret = strncmp(buf, "111", 3); ASSERT_EQ(ret, 0); @@ -222,7 +222,7 @@ public: void read(channel *ch, message &msg) { char buf[MAX_BUF_SIZE]; - msg.disclose(buf); + msg.disclose(buf, MAX_BUF_SIZE); auto reply = message::create(); if (!reply) return; @@ -281,7 +281,7 @@ static bool run_ipc_client_2_channel_message(const char *str, int size, int coun ch[0]->send_sync(msg); SLEEP_1S; ch[0]->read_sync(reply); - reply.disclose(buf); + reply.disclose(buf, MAX_BUF_SIZE); ret = strncmp(buf, "TEXTTEXTTEXTTEXT", 16); ASSERT_EQ(ret, 0); @@ -292,7 +292,7 @@ static bool run_ipc_client_2_channel_message(const char *str, int size, int coun ch[1]->send_sync(msg); SLEEP_1S; ch[1]->read_sync(reply); - reply.disclose(buf); + reply.disclose(buf, MAX_BUF_SIZE); ret = strncmp(buf, "TEXTTEXTTEXTTEXT", 16); ASSERT_EQ(ret, 0); @@ -343,7 +343,7 @@ static bool run_ipc_client(const char *str, int size, int count) SLEEP_1S; ch->read_sync(reply); - reply.disclose(buf); + reply.disclose(buf, MAX_BUF_SIZE); ret = strncmp(buf, "TEXTTEXTTEXTTEXT", 16); ASSERT_EQ(ret, 0); diff --git a/src/server/server_channel_handler.cpp b/src/server/server_channel_handler.cpp index 8268e6b4..07b26895 100644 --- a/src/server/server_channel_handler.cpp +++ b/src/server/server_channel_handler.cpp @@ -158,7 +158,7 @@ int server_channel_handler::listener_connect(channel *ch, message &msg) static uint32_t listener_id = 1; cmd_listener_connect_t buf; - msg.disclose((char *)&buf); + msg.disclose((char *)&buf, sizeof(buf)); sensor_listener_proxy *listener; listener = new(std::nothrow) sensor_listener_proxy(listener_id, @@ -189,7 +189,7 @@ int server_channel_handler::listener_connect(channel *ch, message &msg) int server_channel_handler::listener_start(channel *ch, message &msg) { cmd_listener_start_t buf; - msg.disclose((char *)&buf); + msg.disclose((char *)&buf, sizeof(buf)); uint32_t id = buf.listener_id; auto it = m_listeners.find(id); @@ -207,7 +207,7 @@ int server_channel_handler::listener_start(channel *ch, message &msg) int server_channel_handler::listener_stop(channel *ch, message &msg) { cmd_listener_stop_t buf; - msg.disclose((char *)&buf); + msg.disclose((char *)&buf, sizeof(buf)); uint32_t id = buf.listener_id; auto it = m_listeners.find(id); @@ -225,7 +225,7 @@ int server_channel_handler::listener_stop(channel *ch, message &msg) int server_channel_handler::listener_set_attr_int(channel *ch, message &msg) { cmd_listener_attr_int_t buf; - msg.disclose((char *)&buf); + msg.disclose((char *)&buf, sizeof(buf)); uint32_t id = buf.listener_id; int ret = OP_SUCCESS; @@ -270,7 +270,7 @@ int server_channel_handler::listener_set_attr_str(channel *ch, message &msg) buf = (cmd_listener_attr_str_t *) new(std::nothrow) char[msg.size()]; retvm_if(!buf, -ENOMEM, "Failed to allocate memory"); - msg.disclose((char *)buf); + msg.disclose((char *)buf, msg.size()); id = buf->listener_id; auto it = m_listeners.find(id); @@ -305,7 +305,7 @@ int server_channel_handler::listener_set_attr_str(channel *ch, message &msg) int server_channel_handler::listener_get_attr_int(ipc::channel *ch, ipc::message &msg) { cmd_listener_attr_int_t buf; - msg.disclose((char *)&buf); + msg.disclose((char *)&buf, sizeof(buf)); uint32_t id = buf.listener_id; int attr = buf.attribute; int value = 0; @@ -359,7 +359,7 @@ int server_channel_handler::listener_get_attr_str(ipc::channel *ch, ipc::message buf = (cmd_listener_attr_str_t *) new(std::nothrow) char[msg.size()]; retvm_if(!buf, -ENOMEM, "Failed to allocate memory"); - msg.disclose((char *)buf); + msg.disclose((char *)buf, msg.size()); id = buf->listener_id; auto it = m_listeners.find(id); @@ -412,7 +412,7 @@ int server_channel_handler::listener_get_data(channel *ch, message &msg) int len; uint32_t id; - msg.disclose((char *)&buf); + msg.disclose((char *)&buf, sizeof(buf)); id = buf.listener_id; auto it = m_listeners.find(id); @@ -446,7 +446,7 @@ int server_channel_handler::listener_get_data_list(ipc::channel *ch, ipc::messag int len; uint32_t id; - msg.disclose((char *)&buf); + msg.disclose((char *)&buf, sizeof(buf)); id = buf.listener_id; auto it = m_listeners.find(id); @@ -514,7 +514,7 @@ int server_channel_handler::provider_publish(channel *ch, message &msg) void *data = (void *)malloc(size); retvm_if(!data, -ENOMEM, "Failed to allocate memory"); - msg.disclose(data); + msg.disclose(data, size); it->second->publish((sensor_data_t*)data, size); return OP_SUCCESS; @@ -524,7 +524,7 @@ int server_channel_handler::has_privileges(channel *ch, message &msg) { sensor_handler *sensor; cmd_has_privilege_t buf; - msg.disclose((char *)&buf); + msg.disclose((char *)&buf, sizeof(buf)); sensor = m_manager->get_sensor(buf.sensor); retv_if(!sensor, OP_ERROR); diff --git a/src/shared/message.cpp b/src/shared/message.cpp index f28780d4..5f12d233 100644 --- a/src/shared/message.cpp +++ b/src/shared/message.cpp @@ -98,9 +98,9 @@ void message::enclose(int error) m_size = 0; } -void message::disclose(void *msg) +void message::disclose(void *msg, const size_t size) { - if (!msg || !m_msg) + if (!msg || !m_msg || m_size > size) return; ::memcpy(msg, m_msg, m_size); diff --git a/src/shared/message.h b/src/shared/message.h index 5687c2cf..49055c3c 100644 --- a/src/shared/message.h +++ b/src/shared/message.h @@ -54,7 +54,7 @@ public: void enclose(const void *msg, const size_t size); void enclose(int error); - void disclose(void *msg); + void disclose(void *msg, const size_t size); uint32_t type(void); void set_type(uint32_t type);