From: Kyungwook Tak <k.tak@samsung.com>
Date: Thu, 7 Jan 2016 07:26:04 +0000 (+0900)
Subject: Manage null input for empty password on CertSvcString
X-Git-Tag: accepted/tizen/mobile/20160115.111035~5
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F85%2F56385%2F1;p=platform%2Fcore%2Fsecurity%2Fcert-svc.git

Manage null input for empty password on CertSvcString

Change-Id: Ia2ebb8ef2d9fa36ca70f54d834b3706baaee3f47
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
---

diff --git a/tests/capi/test-certificate.cpp b/tests/capi/test-certificate.cpp
index ca76716..e77034f 100644
--- a/tests/capi/test-certificate.cpp
+++ b/tests/capi/test-certificate.cpp
@@ -335,12 +335,17 @@ RUNNER_TEST(T0106_chain_sort)
 
 	RUNNER_ASSERT_MSG(CERTSVC_SUCCESS == certsvc_certificate_chain_sort(collection, 3), "FAIL TO SORT CERTIFICATE");
 
-	RUNNER_ASSERT_MSG(collection[2].privateHandler == cert3.privateHandler, "certsvc_certificate_chain_sort failed");
+	RUNNER_ASSERT_MSG(
+		(memcmp(&collection[2], &cert3, sizeof(CertSvcCertificate)) == 0
+			&& memcmp(&collection[1], &cert2, sizeof(CertSvcCertificate)) == 0
+			&& memcmp(&collection[0], &cert1, sizeof(CertSvcCertificate)) == 0),
+		"certsvc_certificate_chain_sort success but it's not sorted really.");
 
 	collection[0] = cert1;
 	collection[1] = cert3;
 
-	RUNNER_ASSERT_MSG(CERTSVC_FAIL == certsvc_certificate_chain_sort(collection, 2), "certsvc_certificate_chain_sort failed");
+	RUNNER_ASSERT_MSG(CERTSVC_FAIL == certsvc_certificate_chain_sort(collection, 2),
+		"certsvc_certificate_chain_sort must be failed");
 }
 
 RUNNER_TEST_GROUP_INIT(T0200_CAPI_CERTIFICATE_VERIFY)
diff --git a/tests/pkcs12/new_test_cases.cpp b/tests/pkcs12/new_test_cases.cpp
index 12fe993..5e60422 100644
--- a/tests/pkcs12/new_test_cases.cpp
+++ b/tests/pkcs12/new_test_cases.cpp
@@ -46,15 +46,15 @@ static CertSvcInstance instance;
 static CertSvcString wrapper_certsvc_string_new(const char *cStr)
 {
 	CertSvcString certsvcStr;
+	int retval;
 
-	if (!cStr) {
-		certsvcStr.privateHandler = NULL;
-		return certsvcStr;
-	}
+	if (cStr == NULL)
+		retval = certsvc_string_new(instance, NULL, 0, &certsvcStr);
+	else
+		retval = certsvc_string_new(instance, cStr, strlen(cStr), &certsvcStr);
 
-	RUNNER_ASSERT_MSG(
-		certsvc_string_new(instance, cStr, strlen(cStr), &certsvcStr) == CERTSVC_SUCCESS,
-		"Failed to certsvc_string_new");
+	RUNNER_ASSERT_MSG(retval == CERTSVC_SUCCESS,
+		"Failed to certsvc_string_new with retval: " << retval);
 
 	return certsvcStr;
 }
diff --git a/vcore/vcore/api.cpp b/vcore/vcore/api.cpp
index 3f7f9c7..417ec80 100644
--- a/vcore/vcore/api.cpp
+++ b/vcore/vcore/api.cpp
@@ -635,21 +635,27 @@ public:
         size_t size,
         CertSvcString *output)
     {
-        if (!output) {
+        if (!output)
             return CERTSVC_WRONG_ARGUMENT;
-        }
 
-        size_t allocSize = size;
+        /* return struct for empty string */
+        if (size == 0 || str == NULL) {
+            output->privateHandler = NULL;
+            output->privateLength = 0;
+            output->privateInstance = instance;
 
-        if (allocSize == 0 || str[allocSize - 1] != 0)
-            allocSize++;
+            return CERTSVC_SUCCESS;
+        }
+
+        if (strlen(str) < size)
+            return CERTSVC_WRONG_ARGUMENT;
 
-        char *ptr = new char[allocSize];
+        char *ptr = new(std::nothrow) char[size + 1];
         if (ptr == NULL)
             return CERTSVC_BAD_ALLOC;
 
         memcpy(ptr, str, size);
-        ptr[allocSize - 1] = 0;
+        ptr[size] = '\0';
 
         output->privateHandler = ptr;
         output->privateLength = size;