From 4eb6ef31fe2841dac28d8ad9c59624d7843fcd27 Mon Sep 17 00:00:00 2001 From: Markus Jung Date: Mon, 29 Feb 2016 17:17:12 +0900 Subject: [PATCH] RC Configuration: fixing potential dereference of null pointers Checks to make sure if certain configuration values are not provided no null dereferenciation happens. Issues reported by SVACE tool. Change-Id: If4b7466dc2faca9447457784fb54d9990c3a15e4 Signed-off-by: Markus Jung Reviewed-on: https://gerrit.iotivity.org/gerrit/5261 Tested-by: jenkins-iotivity Reviewed-by: Habib Virji --- service/resource-container/src/Configuration.cpp | 309 +++++++++++++---------- 1 file changed, 178 insertions(+), 131 deletions(-) diff --git a/service/resource-container/src/Configuration.cpp b/service/resource-container/src/Configuration.cpp index 1f4b88f..13bb113 100644 --- a/service/resource-container/src/Configuration.cpp +++ b/service/resource-container/src/Configuration.cpp @@ -95,23 +95,26 @@ namespace OIC { try { - for (bundle = m_xmlDoc.first_node()->first_node(BUNDLE_TAG); bundle; bundle = - bundle->next_sibling()) + if (m_xmlDoc.first_node()) { - std::map< std::string, std::string > bundleMap; - for (subItem = bundle->first_node(); subItem; - subItem = subItem->next_sibling()) + for (bundle = m_xmlDoc.first_node()->first_node(BUNDLE_TAG); bundle; bundle = + bundle->next_sibling()) { - strKey = subItem->name(); - strValue = subItem->value(); - - if (strlen(subItem->value()) > 0) + std::map< std::string, std::string > bundleMap; + for (subItem = bundle->first_node(); subItem; + subItem = subItem->next_sibling()) { - bundleMap.insert( - std::make_pair(trim_both(strKey), trim_both(strValue))); + strKey = subItem->name(); + strValue = subItem->value(); + + if (strlen(subItem->value()) > 0) + { + bundleMap.insert( + std::make_pair(trim_both(strKey), trim_both(strValue))); + } } + configOutput->push_back(bundleMap); } - configOutput->push_back(bundleMap); } } @@ -136,28 +139,47 @@ namespace OIC std::map< std::string, std::string > bundleConfigMap; // - for (bundle = m_xmlDoc.first_node()->first_node(BUNDLE_TAG); bundle; bundle = - bundle->next_sibling()) + if (m_xmlDoc.first_node()) { - // - strBundleId = bundle->first_node(BUNDLE_ID)->value(); - - if (!strBundleId.compare(bundleId)) + for (bundle = m_xmlDoc.first_node()->first_node(BUNDLE_TAG); bundle; bundle = + bundle->next_sibling()) { - bundleConfigMap.insert(std::make_pair(BUNDLE_ID, trim_both(strBundleId))); + // + if (bundle->first_node(BUNDLE_ID)) + { + strBundleId = bundle->first_node(BUNDLE_ID)->value(); + } + else{ + strBundleId = ""; + } - // - strPath = bundle->first_node(BUNDLE_PATH)->value(); - bundleConfigMap.insert(std::make_pair(BUNDLE_PATH, trim_both(strPath))); + if (!strBundleId.compare(bundleId)) + { + bundleConfigMap.insert(std::make_pair(BUNDLE_ID, trim_both(strBundleId))); + + // + if (bundle->first_node(BUNDLE_PATH)){ + strPath = bundle->first_node(BUNDLE_PATH)->value(); + } + else{ + strPath = ""; + } + bundleConfigMap.insert(std::make_pair(BUNDLE_PATH, trim_both(strPath))); - // - strVersion = bundle->first_node(BUNDLE_VERSION)->value(); - bundleConfigMap.insert( - std::make_pair(BUNDLE_VERSION, trim_both(strVersion))); + // + if (bundle->first_node(BUNDLE_VERSION)){ + strVersion = bundle->first_node(BUNDLE_VERSION)->value(); + } + else{ + strVersion = ""; + } + bundleConfigMap.insert( + std::make_pair(BUNDLE_VERSION, trim_both(strVersion))); - configOutput->push_back(bundleConfigMap); + configOutput->push_back(bundleConfigMap); - break; + break; + } } } } @@ -177,79 +199,91 @@ namespace OIC string strBundleId; string strKey, strValue; - OIC_LOG_V(INFO, CONTAINER_TAG, "Loading resource configuration for %s %s!", bundleId.c_str(), resourceName.c_str()); + OIC_LOG_V(INFO, CONTAINER_TAG, "Loading resource configuration for %s %s!", + bundleId.c_str(), resourceName.c_str()); if (m_loaded) { try { // - for (bundle = m_xmlDoc.first_node()->first_node(BUNDLE_TAG); bundle; bundle = - bundle->next_sibling()) + if (m_xmlDoc.first_node()) { - // - strBundleId = bundle->first_node(BUNDLE_ID)->value(); - - OIC_LOG_V(INFO, CONTAINER_TAG, "Comparing bundle id %s - %s !", strBundleId.c_str(), bundleId.c_str()); - - if (!strBundleId.compare(bundleId)) + for (bundle = m_xmlDoc.first_node()->first_node(BUNDLE_TAG); bundle; bundle = + bundle->next_sibling()) { - OIC_LOG_V(INFO, CONTAINER_TAG, "Inspecting"); - // - for (resource = bundle->first_node(OUTPUT_RESOURCES_TAG)->first_node(OUTPUT_RESOURCE_INFO); - resource; resource = resource->next_sibling()) - { - - for (item = resource->first_node(); item; item = - item->next_sibling()) - { - strKey = item->name(); - strValue = item->value(); + // + strBundleId = bundle->first_node(BUNDLE_ID)->value(); - if (!strKey.compare(OUTPUT_RESOURCE_NAME)) - resourceInfoOut->name = trim_both(strValue); + OIC_LOG_V(INFO, CONTAINER_TAG, "Comparing bundle id %s - %s !", + strBundleId.c_str(), bundleId.c_str()); - else if (!strKey.compare(OUTPUT_RESOURCE_URI)) - resourceInfoOut->uri = trim_both(strValue); + if (!strBundleId.compare(bundleId)) + { + OIC_LOG_V(INFO, CONTAINER_TAG, "Inspecting"); + // + if (bundle->first_node(OUTPUT_RESOURCES_TAG)){ + for (resource = bundle->first_node(OUTPUT_RESOURCES_TAG)-> + first_node(OUTPUT_RESOURCE_INFO); + resource; resource = resource->next_sibling()) + { - else if (!strKey.compare(OUTPUT_RESOURCE_ADDR)) - resourceInfoOut->address = trim_both(strValue); + for (item = resource->first_node(); item; item = + item->next_sibling()) + { + strKey = item->name(); + strValue = item->value(); - else if (!strKey.compare(OUTPUT_RESOURCE_TYPE)) - resourceInfoOut->resourceType = trim_both(strValue); + if (!strKey.compare(OUTPUT_RESOURCE_NAME)) + resourceInfoOut->name = trim_both(strValue); - else - { - for (subItem = item->first_node(); subItem; subItem = - subItem->next_sibling()) - { - map< string, string > propertyMap; + else if (!strKey.compare(OUTPUT_RESOURCE_URI)) + resourceInfoOut->uri = trim_both(strValue); - strKey = subItem->name(); + else if (!strKey.compare(OUTPUT_RESOURCE_ADDR)) + resourceInfoOut->address = trim_both(strValue); - if (strKey.compare(INPUT_RESOURCE)) - { - m_mapisHasInput[strBundleId] = true; - OIC_LOG_V(INFO, CONTAINER_TAG, "Bundle has input (%s)", strBundleId.c_str()); - } + else if (!strKey.compare(OUTPUT_RESOURCE_TYPE)) + resourceInfoOut->resourceType = trim_both(strValue); - for (subItem2 = subItem->first_node(); subItem2; - subItem2 = subItem2->next_sibling()) + else { - string newStrKey = subItem2->name(); - string newStrValue = subItem2->value(); - OIC_LOG_V(INFO, CONTAINER_TAG, "key: %s, value %s", newStrKey.c_str(), newStrValue.c_str()); - - propertyMap[trim_both(newStrKey)] = trim_both( - newStrValue); + for (subItem = item->first_node(); subItem; subItem = + subItem->next_sibling()) + { + map< string, string > propertyMap; + + strKey = subItem->name(); + + if (strKey.compare(INPUT_RESOURCE)) + { + m_mapisHasInput[strBundleId] = true; + OIC_LOG_V(INFO, CONTAINER_TAG, + "Bundle has input (%s)", + strBundleId.c_str()); + } + + for (subItem2 = subItem->first_node(); subItem2; + subItem2 = subItem2->next_sibling()) + { + string newStrKey = subItem2->name(); + string newStrValue = subItem2->value(); + OIC_LOG_V(INFO, CONTAINER_TAG, + "key: %s, value %s", + newStrKey.c_str(), newStrValue.c_str()); + + propertyMap[trim_both(newStrKey)] = + trim_both(newStrValue); + } + + resourceInfoOut->resourceProperty[trim_both(strKey)].push_back( + propertyMap); + } } - - resourceInfoOut->resourceProperty[trim_both(strKey)].push_back( - propertyMap); } + } } - } } } @@ -281,73 +315,86 @@ namespace OIC try { // - for (bundle = m_xmlDoc.first_node()->first_node(BUNDLE_TAG); bundle; bundle = - bundle->next_sibling()) + if (m_xmlDoc.first_node()) { - // - strBundleId = bundle->first_node(BUNDLE_ID)->value(); + for (bundle = m_xmlDoc.first_node()->first_node(BUNDLE_TAG); bundle; bundle = + bundle->next_sibling()) + { + // + strBundleId = bundle->first_node(BUNDLE_ID)->value(); - OIC_LOG_V(INFO, CONTAINER_TAG, "Comparing bundle ids %s - %s !", strBundleId.c_str(), bundleId.c_str()); + OIC_LOG_V(INFO, CONTAINER_TAG, "Comparing bundle ids %s - %s !", + strBundleId.c_str(), bundleId.c_str()); - if (!strBundleId.compare(bundleId)) - { - OIC_LOG_V(INFO, CONTAINER_TAG, "Inspecting"); - // - for (resource = bundle->first_node(OUTPUT_RESOURCES_TAG)->first_node(OUTPUT_RESOURCE_INFO); - resource; resource = resource->next_sibling()) + if (!strBundleId.compare(bundleId)) { - resourceInfo tempResourceInfo; - - for (item = resource->first_node(); item; item = - item->next_sibling()) + OIC_LOG_V(INFO, CONTAINER_TAG, "Inspecting"); + // + if (bundle->first_node(OUTPUT_RESOURCES_TAG)) { - strKey = item->name(); - strValue = item->value(); - - if (!strKey.compare(OUTPUT_RESOURCE_NAME)) - tempResourceInfo.name = trim_both(strValue); + for (resource = bundle->first_node(OUTPUT_RESOURCES_TAG)-> + first_node(OUTPUT_RESOURCE_INFO); + resource; resource = resource->next_sibling()) + { + resourceInfo tempResourceInfo; - else if (!strKey.compare(OUTPUT_RESOURCE_URI)) - tempResourceInfo.uri = trim_both(strValue); + for (item = resource->first_node(); item; item = + item->next_sibling()) + { + strKey = item->name(); + strValue = item->value(); - else if (!strKey.compare(OUTPUT_RESOURCE_ADDR)) - tempResourceInfo.address = trim_both(strValue); + if (!strKey.compare(OUTPUT_RESOURCE_NAME)) + tempResourceInfo.name = trim_both(strValue); - else if (!strKey.compare(OUTPUT_RESOURCE_TYPE)) - tempResourceInfo.resourceType = trim_both(strValue); + else if (!strKey.compare(OUTPUT_RESOURCE_URI)) + tempResourceInfo.uri = trim_both(strValue); - else - { - for (subItem = item->first_node(); subItem; subItem = - subItem->next_sibling()) - { - map< string, string > propertyMap; + else if (!strKey.compare(OUTPUT_RESOURCE_ADDR)) + tempResourceInfo.address = trim_both(strValue); - strKey = subItem->name(); + else if (!strKey.compare(OUTPUT_RESOURCE_TYPE)) + tempResourceInfo.resourceType = trim_both(strValue); - if (strKey.compare(INPUT_RESOURCE)) + else { - m_mapisHasInput[strBundleId] = true; - OIC_LOG_V(INFO, CONTAINER_TAG, "Bundle has input (%s)", strBundleId.c_str()); + for (subItem = item->first_node(); subItem; subItem = + subItem->next_sibling()) + { + map< string, string > propertyMap; + + strKey = subItem->name(); + + if (strKey.compare(INPUT_RESOURCE)) + { + m_mapisHasInput[strBundleId] = true; + OIC_LOG_V(INFO, CONTAINER_TAG, + "Bundle has input (%s)", + strBundleId.c_str()); + } + + for (subItem2 = subItem->first_node(); subItem2; + subItem2 = subItem2->next_sibling()) + { + string newStrKey = subItem2->name(); + string newStrValue = subItem2->value(); + OIC_LOG_V(INFO, CONTAINER_TAG, + "key: %s, value %s", + newStrKey.c_str(), + newStrValue.c_str()); + + propertyMap[trim_both(newStrKey)] = + trim_both(newStrValue); + } + + tempResourceInfo.resourceProperty[trim_both(strKey)]. + push_back(propertyMap); + } } - - for (subItem2 = subItem->first_node(); subItem2; - subItem2 = subItem2->next_sibling()) - { - string newStrKey = subItem2->name(); - string newStrValue = subItem2->value(); - OIC_LOG_V(INFO, CONTAINER_TAG, "key: %s, value %s", newStrKey.c_str(), newStrValue.c_str()); - - propertyMap[trim_both(newStrKey)] = trim_both( - newStrValue); - } - - tempResourceInfo.resourceProperty[trim_both(strKey)].push_back( - propertyMap); } + configOutput->push_back(tempResourceInfo); } } - configOutput->push_back(tempResourceInfo); } } } -- 2.7.4