From: manish.r Date: Wed, 5 May 2021 09:12:23 +0000 (+0530) Subject: Changes based on security review X-Git-Tag: submit/tizen/20210506.042811^0 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F75%2F257875%2F1;p=sdk%2Ftarget%2Fsdbd.git Changes based on security review Change-Id: I9c694e91948445b1cc3acfc004d463c069bb4c4e Signed-off-by: manish.r --- diff --git a/src/services.c b/src/services.c index 77a670f..ccf817a 100755 --- a/src/services.c +++ b/src/services.c @@ -732,7 +732,17 @@ static int create_subproc_thread(const char *name, int lines, int columns) char *envp_plugin = NULL; envp_plugin = malloc(ENV_BUF_MAX); if (envp_plugin == NULL) { - E("Cannot allocate the shell commnad buffer."); + E("Cannot allocate the shell command buffer."); + /* free environment variables */ + int i = 0; + if(envp_cnt > 0) { + for(i = 0; i < envp_cnt; i++) { + if(envp[i]) { + D("envp[%d] = %s\n", i, envp[i]); + free(envp[i]); + } + } + } return -1; } memset(envp_plugin, 0, ENV_BUF_MAX); @@ -740,6 +750,16 @@ static int create_subproc_thread(const char *name, int lines, int columns) envp_plugin, ENV_BUF_MAX)) { E("Failed to convert the shell command. (%s)\n", name); free(envp_plugin); + /* free environment variables */ + int i = 0; + if(envp_cnt > 0) { + for(i = 0; i < envp_cnt; i++) { + if(envp[i]) { + D("envp[%d] = %s\n", i, envp[i]); + free(envp[i]); + } + } + } return -1; } else { if(envp_plugin[0] != '\0') { @@ -755,6 +775,16 @@ static int create_subproc_thread(const char *name, int lines, int columns) // Check the shell command validation. if (!request_validity_to_plugin(PLUGIN_SYNC_CMD_VERIFY_SHELLCMD, name)) { E("This shell command is invalid. (%s)\n", name); + /* free environment variables */ + int i = 0; + if(envp_cnt > 0) { + for(i = 0; i < envp_cnt; i++) { + if(envp[i]) { + D("envp[%d] = %s\n", i, envp[i]); + free(envp[i]); + } + } + } return -1; } @@ -763,6 +793,16 @@ static int create_subproc_thread(const char *name, int lines, int columns) new_cmd = malloc(SDBD_SHELL_CMD_MAX); if(new_cmd == NULL) { E("Cannot allocate the shell commnad buffer."); + /* free environment variables */ + int i = 0; + if(envp_cnt > 0) { + for(i = 0; i < envp_cnt; i++) { + if(envp[i]) { + D("envp[%d] = %s\n", i, envp[i]); + free(envp[i]); + } + } + } return -1; } @@ -770,6 +810,16 @@ static int create_subproc_thread(const char *name, int lines, int columns) if(!request_conversion_to_plugin(PLUGIN_SYNC_CMD_CONVERT_SHELLCMD, name, new_cmd, SDBD_SHELL_CMD_MAX)) { E("Failed to convert the shell command. (%s)\n", name); free(new_cmd); + /* free environment variables */ + int i = 0; + if(envp_cnt > 0) { + for(i = 0; i < envp_cnt; i++) { + if(envp[i]) { + D("envp[%d] = %s\n", i, envp[i]); + free(envp[i]); + } + } + } return -1; } @@ -789,6 +839,16 @@ static int create_subproc_thread(const char *name, int lines, int columns) // Check the capability for interactive shell support. if (!is_support_interactive_shell()) { E("This platform dose NOT support the interactive shell\n"); + /* free environment variables */ + int i = 0; + if(envp_cnt > 0) { + for(i = 0; i < envp_cnt; i++) { + if(envp[i]) { + D("envp[%d] = %s\n", i, envp[i]); + free(envp[i]); + } + } + } return -1; } diff --git a/src/transport_local.c b/src/transport_local.c index 7601969..0eb4851 100644 --- a/src/transport_local.c +++ b/src/transport_local.c @@ -492,8 +492,7 @@ static void* notify_sdbd_startup_thread(void* ptr) { // tell sdb server emulator's vms name // TODO: should we use host:emulator request? let's talk about this! - - if (!strncmp(host_ip, QEMU_FORWARD_IP, sizeof host_ip)) { + if (!strncmp(host_ip, QEMU_FORWARD_IP, strlen(QEMU_FORWARD_IP)+1)) { snprintf(request, sizeof request, "host:emulator:%d:%s", (emulator_port + 1), vm_name); } else { snprintf(request, sizeof request, "host:connect:%s:%d", guest_ip, DEFAULT_SDB_LOCAL_TRANSPORT_PORT);