From 6bfc6ae63cf97aa415bb57511de769cad5416cd3 Mon Sep 17 00:00:00 2001
From: ChaJiWon <jw_wonny.cha@samsung.com>
Date: Fri, 3 Feb 2017 15:04:45 +0900
Subject: [PATCH] Fix defect found by static analyzer

- ocpayloadparse : double free
- occollection : need to NULL check
- ocRepresentation : big size of m_devAddr parameter

Change-Id: I5bd4cbc6d5dab1dfe7293a234e90d2c465a0039c
Signed-off-by: ChaJiWon <jw_wonny.cha@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/17007
Tested-by: jenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: Dan Mihai <Daniel.Mihai@microsoft.com>
---
 resource/csdk/stack/src/occollection.c   | 3 +++
 resource/csdk/stack/src/ocpayloadparse.c | 1 +
 resource/include/OCRepresentation.h      | 2 +-
 resource/src/OCRepresentation.cpp        | 2 +-
 4 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/resource/csdk/stack/src/occollection.c b/resource/csdk/stack/src/occollection.c
index 6ec6e16..d4198fb 100755
--- a/resource/csdk/stack/src/occollection.c
+++ b/resource/csdk/stack/src/occollection.c
@@ -264,6 +264,9 @@ OCStackResult DefaultCollectionEntityHandler(OCEntityHandlerFlag flag, OCEntityH
     {
         ifQueryParam = OICStrdup(OC_RSRVD_INTERFACE_LL);
     }
+
+    VERIFY_PARAM_NON_NULL(TAG, ifQueryParam, "Invalid Parameter ifQueryParam");
+
     if (0 == strcmp(ifQueryParam, OC_RSRVD_INTERFACE_LL) || 0 == strcmp (ifQueryParam, OC_RSRVD_INTERFACE_DEFAULT))
     {
         if (ehRequest->method == OC_REST_PUT || ehRequest->method == OC_REST_POST)
diff --git a/resource/csdk/stack/src/ocpayloadparse.c b/resource/csdk/stack/src/ocpayloadparse.c
index 2327e46..62a187d 100755
--- a/resource/csdk/stack/src/ocpayloadparse.c
+++ b/resource/csdk/stack/src/ocpayloadparse.c
@@ -836,6 +836,7 @@ static CborError OCParseSingleRepPayload(OCRepPayload **outPayload, CborValue *o
                 {
                     err = cbor_value_advance(&repMap);
                     free(name);  // Free *TinyCBOR allocated* string.
+                    name = NULL;
                     continue;
                 }
             }
diff --git a/resource/include/OCRepresentation.h b/resource/include/OCRepresentation.h
index 309b3e5..541cea5 100644
--- a/resource/include/OCRepresentation.h
+++ b/resource/include/OCRepresentation.h
@@ -119,7 +119,7 @@ namespace OC
 
             virtual ~OCRepresentation(){}
 
-            void setDevAddr(const OCDevAddr addr);
+            void setDevAddr(const OCDevAddr&);
 
             const std::string getHost() const;
 
diff --git a/resource/src/OCRepresentation.cpp b/resource/src/OCRepresentation.cpp
index 2997995..edbb756 100644
--- a/resource/src/OCRepresentation.cpp
+++ b/resource/src/OCRepresentation.cpp
@@ -631,7 +631,7 @@ namespace OC
         m_children = children;
     }
 
-    void OCRepresentation::setDevAddr(const OCDevAddr m_devAddr)
+    void OCRepresentation::setDevAddr(const OCDevAddr& m_devAddr)
     {
         std::ostringstream ss;
         if (m_devAddr.flags & OC_SECURE)
-- 
2.7.4