From 59d7ace35973ec64e6a6c136a277ca00e9ec681a Mon Sep 17 00:00:00 2001
From: "i.pazderskyy" <i.pazderskyy@samsung.com>
Date: Wed, 9 Mar 2016 13:59:12 +0200
Subject: [PATCH] Fix issues reported by SVACE tool in CKM module 2

Change-Id: Ied98d297287e3e1dad6bc51b19889c6647e097b9
Signed-off-by: i.pazderskyy <i.pazderskyy@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/5627
Reviewed-by: Dmitriy Zhuravlev <d.zhuravlev@samsung.com>
Reviewed-by: Randeep Singh <randeep.s@samsung.com>
Tested-by: Randeep Singh <randeep.s@samsung.com>
(cherry picked from commit f4a9bcabc5e28cbc63ff1dfb4fb727afc3949703)
Reviewed-on: https://gerrit.iotivity.org/gerrit/5639
---
 .../security/provisioning/ck_manager/sample/provisioningclient.c  | 4 ++--
 .../csdk/security/provisioning/ck_manager/src/cert_generator.c    | 5 ++++-
 resource/csdk/security/provisioning/ck_manager/src/ck_manager.c   | 8 +++++---
 resource/csdk/security/provisioning/src/credentialgenerator.c     | 4 ++--
 4 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/resource/csdk/security/provisioning/ck_manager/sample/provisioningclient.c b/resource/csdk/security/provisioning/ck_manager/sample/provisioningclient.c
index 8d9aed1..67ae5ae 100644
--- a/resource/csdk/security/provisioning/ck_manager/sample/provisioningclient.c
+++ b/resource/csdk/security/provisioning/ck_manager/sample/provisioningclient.c
@@ -515,6 +515,8 @@ static int InputCRL(OicSecCrl_t *crlRes)
 int main()
 {
     OCStackResult res = OC_STACK_OK;
+    OCProvisionDev_t* pDeviceList = NULL;
+    OCProvisionDev_t *pOwnedList = NULL;
 
     // Initialize Persistent Storage for SVR database
     OCPersistentStorage ps = { .open = client_fopen,
@@ -536,7 +538,6 @@ int main()
         goto error;
     }
 
-    OCProvisionDev_t* pDeviceList = NULL;
     res = OCDiscoverUnownedDevices(PREDEFINED_TIMEOUT, &pDeviceList);
     if(OC_STACK_OK != res)
     {
@@ -592,7 +593,6 @@ int main()
 
 // Credential & ACL provisioning between two devices.
 
-    OCProvisionDev_t *pOwnedList = NULL;
     OCProvisionDev_t *pOwnedDevices [MAX_OWNED_DEVICE] = {0,};
     int nOwnedDevice = 0;
 
diff --git a/resource/csdk/security/provisioning/ck_manager/src/cert_generator.c b/resource/csdk/security/provisioning/ck_manager/src/cert_generator.c
index e66385e..dd02862 100644
--- a/resource/csdk/security/provisioning/ck_manager/src/cert_generator.c
+++ b/resource/csdk/security/provisioning/ck_manager/src/cert_generator.c
@@ -234,7 +234,10 @@ PKIError GenerateCertificate (const UTF8String_t *subjectName, const UTF8String_
             certificate->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.buf          = NULL;
             certificate->tbsCertificate.signature.algorithm.buf                            = NULL;
             certificate->tbsCertificate.subjectPublicKeyInfo.algorithm.algorithm.buf       = NULL;
-            certificate->tbsCertificate.subjectPublicKeyInfo.algorithm.id_ecPublicKey->buf = NULL;
+            if (certificate->tbsCertificate.subjectPublicKeyInfo.algorithm.id_ecPublicKey)
+            {
+                certificate->tbsCertificate.subjectPublicKeyInfo.algorithm.id_ecPublicKey->buf = NULL;
+            }
             certificate->signatureAlgorithm.algorithm.buf                                  = NULL;
         }
         ASN_STRUCT_FREE(asn_DEF_Certificate, certificate);
diff --git a/resource/csdk/security/provisioning/ck_manager/src/ck_manager.c b/resource/csdk/security/provisioning/ck_manager/src/ck_manager.c
index 25c579b..1b30469 100644
--- a/resource/csdk/security/provisioning/ck_manager/src/ck_manager.c
+++ b/resource/csdk/security/provisioning/ck_manager/src/ck_manager.c
@@ -424,10 +424,12 @@ PKIError GenerateCSR (const uint8_t *uint8SubjectName,
 
     FUNCTION_CLEAR(
         OICFree(subjectName);
-        OICFree(subjectPublicKey->buf);
         OICFree(subjectPublicKey);
-        OICFree(subjectPrivateKey->buf);
-        OICFree(subjectPrivateKey);
+        if (subjectPrivateKey)
+        {
+            OICFree(subjectPrivateKey->buf);
+            OICFree(subjectPrivateKey);
+        }
     );
 }
 
diff --git a/resource/csdk/security/provisioning/src/credentialgenerator.c b/resource/csdk/security/provisioning/src/credentialgenerator.c
index 747ae37..df7754b 100644
--- a/resource/csdk/security/provisioning/src/credentialgenerator.c
+++ b/resource/csdk/security/provisioning/src/credentialgenerator.c
@@ -169,9 +169,9 @@ static char *CreateCertificatePublicJWK(const char *const *certificateChain,
         size_t offset = strlen(firstPart);
         for (size_t i = 0; i < chainLength; ++i)
         {
-            offset += snprintf(certPubJWK + offset, certPubJWKLen, "\"%s\",", certificateChain[i]);
+            offset += snprintf(certPubJWK + offset, certPubJWKLen - offset, "\"%s\",", certificateChain[i]);
         }
-        sprintf(certPubJWK + offset - 1, secondPart);
+        snprintf(certPubJWK + offset - 1, certPubJWK - offset - 1, secondPart);
     }
     else
     {
-- 
2.7.4