From 4ff91f288827be5db20219949732d1120894964a Mon Sep 17 00:00:00 2001 From: JooHark Park Date: Tue, 22 Oct 2013 19:40:45 +0900 Subject: [PATCH] [Internal: Prevent 18801, 18802, 18808, 18810 patch ] ===================================== [Problem] - [Cause] - [Solution] - Prevent 18801, 18802, 18808, 18810 patch ===================================== Change-Id: I40c990b527aa0e1775fd05cfaff1992032b33eb0 --- .../dm-phase-handler/dm_phase_handler.c | 44 ++++++++++++++++------ 1 file changed, 32 insertions(+), 12 deletions(-) diff --git a/src/agent/serviceadapter/dm-phase-handler/dm_phase_handler.c b/src/agent/serviceadapter/dm-phase-handler/dm_phase_handler.c index 20c0dba..9d06d0e 100755 --- a/src/agent/serviceadapter/dm-phase-handler/dm_phase_handler.c +++ b/src/agent/serviceadapter/dm-phase-handler/dm_phase_handler.c @@ -93,6 +93,7 @@ static DM_ERROR ___generater_deviceInfo_replacecmd(Command ** pReplaceCommand) /*get DevInfo */ Item *pItem = NULL; ret = get_child_mo_list(DM_DEVINFO, &(*pReplaceCommand)->private.change.items); + _DEBUG_INFO("get_child_mo_list(%s) ret [%d]", DM_DEVINFO, ret); if (ret != DM_OK) goto error; @@ -162,8 +163,11 @@ static DM_ERROR _generate_setupphase_msg(Session ** session, char *pServer_id, c char *targetUrl = NULL; int isBase64 = 0; char *nextNonce = NULL; - SyncML *pSyncML = NULL; + + Command *pAlertCommand = NULL; Command *pReplaceCommand = NULL; + SyncML *pSyncML = NULL; + SyncHdr *pSyncHdr = NULL; ret = __get_dmaccInfo(pServer_id, &client_id, &client_pwd, &sourceUrl, &targetUrl, &isBase64, &nextNonce); if (ret != DM_OK) @@ -206,7 +210,7 @@ static DM_ERROR _generate_setupphase_msg(Session ** session, char *pServer_id, c GList *commands_last = NULL; /*SyncHdr */ - SyncHdr *pSyncHdr = NULL; + //SyncHdr *pSyncHdr = NULL; ret = create_syncml_hdr((*session), &pSyncHdr); if (ret != DM_OK) goto error; @@ -229,7 +233,7 @@ static DM_ERROR _generate_setupphase_msg(Session ** session, char *pServer_id, c break; } - Command *pAlertCommand = NULL; + //Command *pAlertCommand = NULL; ret = create_alert_cmd((*session), syncType, &pAlertCommand); if (ret != DM_OK) goto error; @@ -356,11 +360,12 @@ static DM_ERROR _generate_setupphase_msg(Session ** session, char *pServer_id, c str_free(&contenttype); str_free(&data); - if(pSyncML != NULL) { // prevent - free_syncml(pSyncML); - pSyncML = NULL; - } - str_free(&nextNonce); // prevent + str_free(&nextNonce); + free_command(pReplaceCommand); + free_syncml(pSyncML); + pSyncML = NULL; + free_synchdr(pSyncHdr); + pSyncHdr = NULL; _INNER_FUNC_EXIT; return ret; @@ -716,8 +721,13 @@ DM_ERROR __check_hmac(Session ** session, char *xml, unsigned int xml_len) char *mac = NULL; ret = gemerate_hmac(acc_info->auth_name, acc_info->auth_secret, nonce, nonce_size, xml, xml_len, &mac); - if (ret != DM_OK) + if (ret != DM_OK){ + if(nonce != NULL) { + free(nonce); + nonce = NULL; + } goto error; + } _DEBUG_VERBOSE("mac : %s", mac); ret = create_hmac(acc_info->auth_name, "MD5", mac, session); @@ -755,6 +765,7 @@ static DM_ERROR __create_authentication(Session ** session, char *client_id, cha FormatType formatType = FORMAT_TYPE_UNKNOWN; AuthType pAuthType = AUTH_TYPE_UNKNOWN; char *credData = NULL; + unsigned char *nextNonceDecode = NULL; ret = get_dmacc_authType((*session)->pServer_id, &pAuthType); if (ret != DM_OK) @@ -765,7 +776,7 @@ static DM_ERROR __create_authentication(Session ** session, char *client_id, cha _DEBUG_VERBOSE("CHAL DOES NOT EXIST\n"); unsigned int out_len = 0; - unsigned char *nextNonceDecode = NULL; + //unsigned char *nextNonceDecode = NULL; switch (pAuthType) { case AUTH_TYPE_BASIC:{ @@ -812,7 +823,7 @@ static DM_ERROR __create_authentication(Session ** session, char *client_id, cha _DEBUG_VERBOSE("CHAL DOES EXIST\n"); unsigned int out_len = 0; - unsigned char *nextNonceDecode = NULL; + //unsigned char *nextNonceDecode = NULL; if ((*session)->res_chal->type == AUTH_TYPE_HMAC) { (*session)->isHMAC = 1; @@ -826,8 +837,9 @@ static DM_ERROR __create_authentication(Session ** session, char *client_id, cha ret = nonce_decode(chal->nonce_plain, &nextNonceDecode, &out_len); _DEBUG_VERBOSE("nonce result : %d", ret); _DEBUG_VERBOSE("nextnonceDecode : %s, out len : %d", nextNonceDecode, out_len); - if (ret != DM_OK) + if (ret != DM_OK) { goto error; + } } ret = create_auth_credString(chal->type, client_id, client_pwd, chal->type == AUTH_TYPE_BASIC ? (const unsigned char *)(chal->nonce_b64) : (const unsigned char *)(nextNonceDecode), out_len, &credData); if (ret != DM_OK) @@ -843,10 +855,18 @@ static DM_ERROR __create_authentication(Session ** session, char *client_id, cha if (ret != DM_OK) goto error; + if(nextNonceDecode != NULL) { + free(nextNonceDecode); + nextNonceDecode = NULL; + } _INNER_FUNC_EXIT; return ret; error: _DEBUG_VERBOSE(" end error %d \n", ret); + if(nextNonceDecode != NULL) { + free(nextNonceDecode); + nextNonceDecode = NULL; + } _INNER_FUNC_EXIT; return ret; } -- 2.7.4