From 6312e291aae38d32f0829079b9864a7d1e9f7bd3 Mon Sep 17 00:00:00 2001 From: Vitaliy Cherepanov Date: Tue, 22 Dec 2015 11:41:02 +0300 Subject: [PATCH] [FIX] Svace issues ----------------------------------------------------- | WGID | Type | File | |---------------------------------------------------- | 24915 | NEGATIVE_CODE_ERROR | da_protocol.c | | 25135 | TOCTTOU_SEQUENCE | da_protocol.c | | 25452 | DEREF_AFTER_NULL | da_protocol.c | | 25453 | DEREF_AFTER_NULL | da_protocol.c | | 26296 | SIGNED_TO_BIGGER_UNDIGNED | sys_stat.c | | 26856 | NOCAST.INTEGER_OVERFLOW | sys_stat.c | |---------------------------------------------------- Change-Id: I08d791b3fb592b1f56d7ecf8ad853f7f423bb2a8 Signed-off-by: Vitaliy Cherepanov --- daemon/cpp/features/feature.cpp | 1 + daemon/da_protocol.c | 10 +++++++++- daemon/sys_stat.c | 5 +++-- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/daemon/cpp/features/feature.cpp b/daemon/cpp/features/feature.cpp index fa1cd18..c611321 100644 --- a/daemon/cpp/features/feature.cpp +++ b/daemon/cpp/features/feature.cpp @@ -81,6 +81,7 @@ int Feature::uninit() ret = doDisable(); if (ret) return ret; + /* no break. fall throught to 'case F_INIT' */ case F_INIT: ret = doUninit(); if (ret) { diff --git a/daemon/da_protocol.c b/daemon/da_protocol.c index 3aca301..70fd861 100644 --- a/daemon/da_protocol.c +++ b/daemon/da_protocol.c @@ -616,7 +616,8 @@ int sendACKToHost(enum HostMessageT resp, enum ErrorCode err_code, //set return id pack_int32(p, err); //copy payload data - memcpy(p, payload, payload_size); + if (payload != NULL && payload_size != 0) + memcpy(p, payload, payload_size); LOGI("ACK (%s) errcode<%s> payload=0x%08X; size=%d\n", msg_ID_str(resp), msgErrStr(err_code), (int)payload, payload_size); @@ -842,6 +843,11 @@ static struct binary_ack* binary_ack_alloc(const char *filename) char builddir[PATH_MAX]; char local_bin_path[PATH_MAX]; + if (filename == NULL) { + LOGW("request filename is NULL\n"); + goto exit_fail; + } + builddir[0]='\0'; local_bin_path[0]='\0'; ba = malloc(sizeof(*ba)); @@ -1139,6 +1145,8 @@ static char *get_process_cmd_line(uint32_t pid) count = read(f, buf, sizeof(buf)); if (count >= sizeof(buf)) count = sizeof(buf) - 1; + if (count == -1) + count = 0; buf[count] = '\0'; close(f); } else { diff --git a/daemon/sys_stat.c b/daemon/sys_stat.c index 52083a2..213242a 100644 --- a/daemon/sys_stat.c +++ b/daemon/sys_stat.c @@ -2217,8 +2217,9 @@ int fill_target_info(struct target_info_t *target_info) target_info->network_type[0] = 0; target_info->sys_mem_size = get_system_total_memory(); - target_info->storage_size = stat_get_storageinfo(FSINFO_TYPE_TOTAL) * - 1024 * 1024; + target_info->storage_size = + (uint64_t)stat_get_storageinfo(FSINFO_TYPE_TOTAL) * + (uint64_t)1024 * (uint64_t)1024; target_info->bluetooth_supp = is_bluetooth_available(); target_info->gps_supp = is_gps_available(); -- 2.7.4