From: wn.jang <wn.jang@samsung.com>
Date: Thu, 13 Oct 2022 02:16:23 +0000 (+0900)
Subject: Fix stack-buffer-overflow issue which is detected by ASAN
X-Git-Tag: accepted/tizen/7.0/unified/20221107.172908~2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F82%2F282882%2F1;p=platform%2Fcore%2Fuifw%2Fvoice-control.git

Fix stack-buffer-overflow issue which is detected by ASAN

Cause: A buffer overflow occurs because 4 bytes access occurs
       when the value is changeed as it is converted to (int*)
       even though it is set as 1 byte pool variable.

Soluetion: Use bool* instead of int* is_system_cmd_valid.

This issue is described on code.sec.samsung.net/jira/browse/TSEVEN-2604

Change-Id: I4d8dae44234d4879b99c75296244018b45e85e69
---

diff --git a/server/vcd_server.c b/server/vcd_server.c
index 868a681..f0b1b3c 100644
--- a/server/vcd_server.c
+++ b/server/vcd_server.c
@@ -2592,7 +2592,7 @@ int vcd_server_dialog(int pid, const char* disp_text, const char* utt_text, int
 	return VCD_ERROR_NONE;
 }
 
-int vcd_server_is_system_command_valid(int pid, int* is_sys_cmd_valid)
+int vcd_server_is_system_command_valid(int pid, bool* is_sys_cmd_valid)
 {
 	/* check if pid is valid */
 	if (false == vcd_client_is_available(pid) && false == vcd_client_widget_is_available(pid)) {
diff --git a/server/vcd_server.h b/server/vcd_server.h
index 4f1286d..999083e 100644
--- a/server/vcd_server.h
+++ b/server/vcd_server.h
@@ -107,7 +107,7 @@ int vcd_server_set_server_dialog(int pid, const char* app_id, const char* creden
 
 int vcd_server_dialog(int pid, const char* disp_text, const char* utt_text, int continuous);
 
-int vcd_server_is_system_command_valid(int pid, int* is_sys_cmd_valid);
+int vcd_server_is_system_command_valid(int pid, bool* is_sys_cmd_valid);
 
 #if 0
 int vcd_server_set_exclusive_command(int pid, bool value);
diff --git a/server/vcd_tidl.c b/server/vcd_tidl.c
index 08060ca..7d8abfe 100644
--- a/server/vcd_tidl.c
+++ b/server/vcd_tidl.c
@@ -589,7 +589,7 @@ static int __vc_is_system_command_valid_cb(rpc_port_stub_vcd_stub_vc_context_h c
 
 	int ret = VCD_ERROR_OPERATION_FAILED;
 
-	ret = vcd_server_is_system_command_valid(pid, (int*)is_sys_cmd_valid);
+	ret = vcd_server_is_system_command_valid(pid, is_sys_cmd_valid);
 	if (VCD_ERROR_NONE == ret) {
 		SLOG(LOG_INFO, TAG_VCD, "[IN] vcd check system command is valid : pid(%d), is_sys_cmd_valid(%d)", pid, *is_sys_cmd_valid);
 	} else {