From 4b5570d66db9e4f6cc9fc007f3d53889fc9932d3 Mon Sep 17 00:00:00 2001
From: "arya.k" <arya.kumar@samsung.com>
Date: Thu, 6 Jul 2017 12:21:51 +0530
Subject: [PATCH] [IOT - 2413] Fix for Heap-use-after-free issue.

[AddressSanitizer] Heap-use-after-free in InProcServerWrapper.cpp fix.

 if(!interface.empty())
        {
            const string query = string("if=" + interface);
            ocEntityHandlerRequest.query = const_cast<char *>
            		(query.c_str());
        }


Local variable 'query' reference after it goes out of scope
can be a cause for crash.

Change-Id: I63a2b77719caa5fe5a3cb18bdb21943ddd616da7
Signed-off-by: arya.k <arya.kumar@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/21269
Reviewed-by: Harish Marappa <h.marappa@samsung.com>
Tested-by: jenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: Changjoon Baek <joon.c.baek@samsung.com>
Reviewed-by: Uze Choi <uzchoi@samsung.com>
---
 .../src/serverBuilder/unittests/RCSResourceObjectTest.cpp              | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/service/resource-encapsulation/src/serverBuilder/unittests/RCSResourceObjectTest.cpp b/service/resource-encapsulation/src/serverBuilder/unittests/RCSResourceObjectTest.cpp
index 8733319..e111be6 100644
--- a/service/resource-encapsulation/src/serverBuilder/unittests/RCSResourceObjectTest.cpp
+++ b/service/resource-encapsulation/src/serverBuilder/unittests/RCSResourceObjectTest.cpp
@@ -374,6 +374,7 @@ public:
         auto request = make_shared<OCResourceRequest>();
 
         OCEntityHandlerRequest ocEntityHandlerRequest;
+        string query;
         memset(&ocEntityHandlerRequest, 0, sizeof(OCEntityHandlerRequest));
         OC::MessageContainer mc;
 
@@ -386,7 +387,7 @@ public:
 
         if(!interface.empty())
         {
-            const string query = string("if=" + interface);
+            query = string("if=" + interface);
             ocEntityHandlerRequest.query = const_cast<char *> (query.c_str());
         }
 
-- 
2.7.4