From 32be85f98400eca17ab6c8c86fff3396e3b0d533 Mon Sep 17 00:00:00 2001
From: Parkhi <h_w.park@samsung.com>
Date: Tue, 14 Feb 2017 13:50:02 +0900
Subject: [PATCH] Fix defects detected by static analysis

 - mediator/submediator sample app.
 - enrolleeSecurity class memory issue.

Change-Id: I74652088e48008458f6b76b119cc068895d640b4
Signed-off-by: Parkhi <h_w.park@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/17255
Tested-by: jenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: Jihun Ha <jihun.ha@samsung.com>
Reviewed-by: Uze Choi <uzchoi@samsung.com>
---
 service/easy-setup/enrollee/src/resourcehandler.c           |  8 ++++----
 service/easy-setup/mediator/richsdk/inc/ESRichCommon.h      |  2 +-
 .../easy-setup/mediator/richsdk/src/EnrolleeSecurity.cpp    | 13 +++++++------
 service/easy-setup/sampleapp/enrollee/linux/enrolleewifi.c  | 10 +++++++---
 .../sampleapp/mediator/linux/richsdk_sample/mediator.cpp    |  2 +-
 5 files changed, 20 insertions(+), 15 deletions(-)

diff --git a/service/easy-setup/enrollee/src/resourcehandler.c b/service/easy-setup/enrollee/src/resourcehandler.c
index 9a4fed1..17981f2 100755
--- a/service/easy-setup/enrollee/src/resourcehandler.c
+++ b/service/easy-setup/enrollee/src/resourcehandler.c
@@ -155,27 +155,27 @@ OCStackResult initEasySetupResource(bool isSecured)
         OC_RSRVD_ES_URI_EASYSETUP, OCEntityHandlerCb,
         NULL, OC_DISCOVERABLE | OC_OBSERVABLE);
     }
-    if(res)
+    if(res != OC_STACK_OK)
     {
         OIC_LOG_V(INFO, ES_RH_TAG, "Created EasySetup resource with result: %s", getResult(res));
         return res;
     }
 
     res = OCBindResourceTypeToResource(g_ESEasySetupResource.handle, OC_RSRVD_ES_RES_TYPE_COL);
-    if(res)
+    if(res != OC_STACK_OK)
     {
         OIC_LOG_V(INFO, ES_RH_TAG, "Binding Resource type with result: %s", getResult(res));
         return res;
     }
 
     res = OCBindResourceInterfaceToResource(g_ESEasySetupResource.handle, OC_RSRVD_INTERFACE_LL);
-    if(res)
+    if(res != OC_STACK_OK)
     {
         OIC_LOG_V(INFO, ES_RH_TAG, "Binding Resource interface with result: %s", getResult(res));
         return res;
     }
     res = OCBindResourceInterfaceToResource(g_ESEasySetupResource.handle, OC_RSRVD_INTERFACE_BATCH);
-    if(res)
+    if(res != OC_STACK_OK)
     {
         OIC_LOG_V(INFO, ES_RH_TAG, "Binding Resource interface with result: %s", getResult(res));
         return res;
diff --git a/service/easy-setup/mediator/richsdk/inc/ESRichCommon.h b/service/easy-setup/mediator/richsdk/inc/ESRichCommon.h
index 5b28bd8..4c9a8f5 100755
--- a/service/easy-setup/mediator/richsdk/inc/ESRichCommon.h
+++ b/service/easy-setup/mediator/richsdk/inc/ESRichCommon.h
@@ -536,7 +536,7 @@ namespace OIC
 
                     if(resource->getOwnedStatus())
                     {
-                        char uuidString[UUID_STRING_SIZE];
+                        char uuidString[UUID_STRING_SIZE] = {};
                         if(OCConvertUuidToString(resource->getDevPtr()->doxm->owner.id, uuidString))
                         {
                             m_ownerID = uuidString;
diff --git a/service/easy-setup/mediator/richsdk/src/EnrolleeSecurity.cpp b/service/easy-setup/mediator/richsdk/src/EnrolleeSecurity.cpp
index 2f2079b..26ba5db 100755
--- a/service/easy-setup/mediator/richsdk/src/EnrolleeSecurity.cpp
+++ b/service/easy-setup/mediator/richsdk/src/EnrolleeSecurity.cpp
@@ -175,7 +175,7 @@ namespace OIC
 
             bool ret = false;
             std::string ownerID;
-            char uuidString[UUID_STRING_SIZE];
+            char uuidString[UUID_STRING_SIZE] = {};
             if(OCConvertUuidToString(foundDevice->getDevPtr()->doxm->owner.id, uuidString))
             {
                 ownerID = uuidString;
@@ -518,7 +518,7 @@ namespace OIC
                         }
                         else if(OC_STACK_AUTHENTICATION_FAILURE  == result->at(i).res)
                         {
-                            OicSecOxm_t oxm;
+                            OicSecOxm_t oxm = OIC_OXM_COUNT;
                             if(OC_STACK_OK != m_securedResource->getOTMethod(&oxm))
                             {
                                 OTMResult = false;
@@ -625,7 +625,7 @@ namespace OIC
             OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "SID: %s", m_securedResource->getDeviceID().c_str());
             OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Owned status: %d", m_securedResource->getOwnedStatus());
 
-            OicSecOxm_t selectedOTMethod;
+            OicSecOxm_t selectedOTMethod = OIC_OXM_COUNT;
             if( OC_STACK_OK != m_securedResource->getOTMethod(&selectedOTMethod) )
             {
                 selectedOTMethod = OIC_OXM_COUNT; // Out-of-range
@@ -637,7 +637,7 @@ namespace OIC
 #endif
             if(m_securedResource->getOwnedStatus())
             {
-                char uuidString[UUID_STRING_SIZE];
+                char uuidString[UUID_STRING_SIZE] = {};
                 if(OCConvertUuidToString(m_securedResource->getDevPtr()->doxm->owner.id, uuidString))
                 {
                     OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Owner ID: %s", uuidString);
@@ -730,7 +730,7 @@ namespace OIC
                 return {};
             }
 
-            char uuidString[UUID_STRING_SIZE];
+            char uuidString[UUID_STRING_SIZE] = {};
             if(OCConvertUuidToString(mediatorDevId->id, uuidString))
             {
                 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Mediator UUID : %s", uuidString);
@@ -1056,6 +1056,7 @@ namespace OIC
             if (OC_STACK_OK != res)
             {
                 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "Error while getting info from DB");
+                OICFree(uuidList);
                 return false;
             }
 
@@ -1095,7 +1096,7 @@ namespace OIC
             // Need to discover Owned device in a given network, again
             std::shared_ptr< OC::OCSecureResource > ownedDevice = NULL;
 
-            OCStackResult result;
+            OCStackResult result = OC_STACK_ERROR;
             OicUuid_t uuid;
             if(OC_STACK_OK != ConvertStrToUuid(m_ocResource->sid().c_str(), &uuid))
             {
diff --git a/service/easy-setup/sampleapp/enrollee/linux/enrolleewifi.c b/service/easy-setup/sampleapp/enrollee/linux/enrolleewifi.c
index cc63855..98a8751 100755
--- a/service/easy-setup/sampleapp/enrollee/linux/enrolleewifi.c
+++ b/service/easy-setup/sampleapp/enrollee/linux/enrolleewifi.c
@@ -191,7 +191,8 @@ void SetDeviceInfo()
     // Set user properties if needed
     char userValue_str[] = "user_str";
     g_userProperties.userValue_int = 0;
-    strcpy(g_userProperties.userValue_str, userValue_str);
+
+    strncpy(g_userProperties.userValue_str, userValue_str, strlen(userValue_str));
     SetUserProperties(&g_userProperties);
 
     if(ESSetDeviceProperty(&deviceProperty) == ES_ERROR)
@@ -239,7 +240,7 @@ int main()
     printf("EasySetup Enrollee SAMPLE\n");
     printf("#########################\n");
     PrintMenu();
-    char option;
+    char option = "";
 
     while(true)
     {
@@ -296,7 +297,10 @@ int main()
                     PrintMenu();
                     break;
             }
-            if (option == 'Q' || option == 'q') { break; }
+            if (option == 'Q' || option == 'q')
+            {
+                break;
+            }
         }
     }
     return 0;
diff --git a/service/easy-setup/sampleapp/mediator/linux/richsdk_sample/mediator.cpp b/service/easy-setup/sampleapp/mediator/linux/richsdk_sample/mediator.cpp
index 1836233..7ecf8da 100755
--- a/service/easy-setup/sampleapp/mediator/linux/richsdk_sample/mediator.cpp
+++ b/service/easy-setup/sampleapp/mediator/linux/richsdk_sample/mediator.cpp
@@ -370,7 +370,7 @@ void discoveryEnrolleeResource()
         std::unique_lock<std::mutex> lck(g_discoverymtx);
         g_cond.wait_for(lck, std::chrono::seconds(5));
 	}
-	catch (OCException& e)
+	catch (OCException &e)
 	{
 		std::cout << "Exception in discoveryEnrolleeResource: "<<e.what();
 	}
-- 
2.7.4