From 2f6a901aa2f4f9b1f27521856351ddb6dcefafca Mon Sep 17 00:00:00 2001 From: "wootak.jung" Date: Thu, 27 Jun 2013 10:17:40 +0900 Subject: [PATCH] Fix prevent issue - src/co_call.c: buffer_size_warning Calling strncpy with a maximum size argument of 83 bytes on destination array "co->cna.name" of size 83 bytes might leave the destination string unterminated. - src/co_call.c: dead_error_line Execution cannot reach this statement "continue;". - src/co_sat.c: check_after_deref Null-checking "address" suggests that it may be null, but it has already been dereferenced on all paths leading to the check. - src/at.c: suspicious_sizeof Passing argument "at->resp" of type "TcoreATResponse *" and argument "4 /* sizeof (TcoreATResponse *) */" to function "tcore_pending_emit_ response_callback(TcorePending *, int, void const *)" is suspicious. Did you intend to use "sizeof(TcoreATResponse)" instead of "sizeof (TcoreATResponse *)" ? Change-Id: Ic5fd98b57b2cca40da80f74a5e3415974287e56a --- packaging/libtcore.spec | 2 +- src/at.c | 2 +- src/co_call.c | 35 ++++++++++++++++------------------- src/co_sat.c | 9 +++++---- 4 files changed, 23 insertions(+), 25 deletions(-) diff --git a/packaging/libtcore.spec b/packaging/libtcore.spec index 21e37c2..dd2b5af 100644 --- a/packaging/libtcore.spec +++ b/packaging/libtcore.spec @@ -1,6 +1,6 @@ Name: libtcore Summary: Telephony-core library -Version: 0.1.84 +Version: 0.1.85 Release: 1 Group: System/Libraries License: Apache diff --git a/src/at.c b/src/at.c index 8bb02c2..e47ac2e 100755 --- a/src/at.c +++ b/src/at.c @@ -184,7 +184,7 @@ static void _emit_pending_response(TcoreAT *at) dbg("no pending"); } - tcore_pending_emit_response_callback(p, sizeof(TcoreATResponse *), at->resp); + tcore_pending_emit_response_callback(p, sizeof(TcoreATResponse), at->resp); tcore_user_request_unref(tcore_pending_ref_user_request(p)); tcore_pending_free(p); diff --git a/src/co_call.c b/src/co_call.c index 8d3c371..67bcc04 100644 --- a/src/co_call.c +++ b/src/co_call.c @@ -359,28 +359,14 @@ static TReturn _dispatcher(CoreObject *o, UserRequest *ur) static void _free_hook(CoreObject *o) { struct private_object_data *po; - GSList *list; po = tcore_object_ref_object(o); if (NULL == po) return; - if (po->cobjs) { - for (list = po->cobjs; list; list = list->next) { - if (NULL == list) - continue; - - if (list->data) - g_free(list->data); - - list->data = NULL; - } - - g_slist_free(po->cobjs); - po->cobjs = NULL; - } - + g_slist_free_full(po->cobjs, g_free); g_free(po); + tcore_object_link_object(o, NULL); } @@ -843,13 +829,24 @@ enum tcore_call_cli_mode tcore_call_object_get_cli_mode(struct call_object *co) } gboolean tcore_call_object_set_cna_info(struct call_object *co, - enum tcore_call_cna_mode mode, char *name, int dcs) + enum tcore_call_cna_mode mode, char *name, int dcs) { + int len; + _check_null("co", co, FALSE); _check_null("name", name, FALSE); + len = strlen(name); + if (len >= MAX_CALL_NAME_LEN) { + dbg("Call name is too long"); + return FALSE; + } + + strncpy(co->cna.name, name, len); + co->cna.name[len] = '\0'; + co->cna.mode = mode; - strncpy(co->cna.name, name, MAX_CALL_NAME_LEN); + return TRUE; } @@ -1150,7 +1147,7 @@ void tcore_call_information_mt_cna(CoreObject *o, { CORE_OBJECT_CHECK(o, CORE_OBJECT_TYPE_CALL); - return _call_info_mt_cna(o, mode, name, dcs); + _call_info_mt_cna(o, mode, name, dcs); } void tcore_call_information_mt_forwarded_call(CoreObject *o, char *number) diff --git a/src/co_sat.c b/src/co_sat.c index 35d4048..7cb2df2 100644 --- a/src/co_sat.c +++ b/src/co_sat.c @@ -2299,13 +2299,14 @@ static enum tcore_sat_result _sat_decode_other_address_tlv(unsigned char* tlv_st }//end of switch //address - memcpy(other_address_obj->address, address, strlen(address)); - other_address_obj->address_len = strlen(address); + if (address) { + other_address_obj->address_len = strlen(address); + memcpy(other_address_obj->address, address, other_address_obj->address_len); - if (address) g_free(address); + dbg("destination address(%s)", other_address_obj->address); + } - dbg("destination address(%s)", other_address_obj->address); *consumed_data_len = 2+address_len; return TCORE_SAT_SUCCESS; } -- 2.7.4