From: sinikang Date: Mon, 18 Feb 2019 04:54:37 +0000 (+0900) Subject: Fix svace issue (378703, 378705) X-Git-Tag: accepted/tizen/5.5/unified/20191031.034058^0 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fheads%2Ftizen_5.5;p=profile%2Fmobile%2Fapps%2Fnative%2Fciss.git Fix svace issue (378703, 378705) - missing null termination on string copy Change-Id: Ide831d8fc0d68e74976e99bca02c74b7a73ce917 Signed-off-by: sinikang --- diff --git a/packaging/org.tizen.ciss.spec b/packaging/org.tizen.ciss.spec index dbf469a..b70d401 100644 --- a/packaging/org.tizen.ciss.spec +++ b/packaging/org.tizen.ciss.spec @@ -1,6 +1,6 @@ %define major 0 %define minor 1 -%define patchlevel 7 +%define patchlevel 8 Name: org.tizen.ciss Summary: CISS-MMI application diff --git a/src/ciss-parser.c b/src/ciss-parser.c index 8579a98..9495915 100644 --- a/src/ciss-parser.c +++ b/src/ciss-parser.c @@ -326,7 +326,8 @@ int _ciss_parse_req_string(char *pszSS, ciss_mmi_context_t *mmi_ctx) DBG("\n [CISS-ENGINE] received string = %s", pszSS); mmi_ctx->user_string_length = strlen(pszSS); if (mmi_ctx->user_string_length > 0) { - memcpy(mmi_ctx->user_string, pszSS, mmi_ctx->user_string_length); + memset(mmi_ctx->user_string, 0, MAX_USS_CHAR); + strncpy(mmi_ctx->user_string, pszSS, MAX_USS_CHAR - 1); } else { DBG("\n [CISS-ENGINE] User String Length should be non-zero"); return CISS_ERR_UNKNOWN; diff --git a/src/ciss-util.c b/src/ciss-util.c index ae9a44f..7bb0eec 100644 --- a/src/ciss-util.c +++ b/src/ciss-util.c @@ -25,6 +25,9 @@ char *_ciss_strcpy(char *pBuffer, int nBufCount, const char *pszString) { + retv_if(pBuffer == NULL, NULL); + memset(pBuffer, 0, nBufCount*sizeof(char)); + if ((nBufCount - 1) >= (int)strlen(pszString)) { strncpy(pBuffer, pszString, (int)strlen(pszString)); pBuffer[(int)strlen(pszString)] = '\0';