From: Chanwoo Choi Date: Mon, 21 Mar 2022 04:16:50 +0000 (+0900) Subject: monitor: request-handler: Replace with strerror_r to fix vulnerability issue X-Git-Tag: accepted/tizen/unified/20220321.141108~1 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F63%2F272563%2F2;p=platform%2Fcore%2Fsystem%2Fpass.git monitor: request-handler: Replace with strerror_r to fix vulnerability issue Change-Id: I399fe56e8305df1ed3aef2b7e55677ea2b463313 Signed-off-by: Chanwoo Choi --- diff --git a/src/monitor/request-handler.c b/src/monitor/request-handler.c index edaabdb..b70f504 100644 --- a/src/monitor/request-handler.c +++ b/src/monitor/request-handler.c @@ -453,6 +453,7 @@ static void handle_request(struct request_client *client, char *buffer) int request_type; int ret; int buffer_len = REQUEST_BUFFER_MAX; + char err_buf[BUFF_MAX]; request_type = split_request_type_and_args(buffer, &args); @@ -644,8 +645,10 @@ static void handle_request(struct request_client *client, char *buffer) } ADD_RESPONSE(response, buffer_len, "%d", ret); - if (send(client->socket_fd, _response, strlen(_response), 0) < 0) - _E("Failed to send respones, error: %s", strerror(errno)); + if (send(client->socket_fd, _response, strlen(_response), 0) < 0) { + strerror_r(errno, err_buf, BUFF_MAX); + _E("Failed to send respones, errno: %d, error: %s", errno, err_buf); + } } static GList *g_request_client_head; @@ -684,6 +687,7 @@ static int request_handler_func(void *data, void **result) char buffer[REQUEST_BUFFER_MAX + 1]; struct request_client *client = (struct request_client *)data; int len; + char err_buf[BUFF_MAX]; _D("Start worker thread for client-%d", client->socket_fd); @@ -695,7 +699,9 @@ static int request_handler_func(void *data, void **result) } if (len < 0) { - _E("Error occurs while receiving request: %s", strerror(errno)); + strerror_r(errno, err_buf, BUFF_MAX); + _E("Error occurs while receiving request: errno: %d, error: %s", + errno, err_buf); goto out; }