From 6ddbb97984e78a666ec56faacdc702c8776e7fb3 Mon Sep 17 00:00:00 2001
From: hyunuktak <hyunuk.tak@samsung.com>
Date: Mon, 18 Sep 2017 18:29:20 +0900
Subject: [PATCH] Fixed a svace issue for 293218

Change-Id: I0dff5c0cf7f228243c090a1213aee280ddc6bb63
Signed-off-by: hyunuktak <hyunuk.tak@samsung.com>
---
 src/helper/helper-nfacct-rule.c | 48 ++++++++++++++++++++++++++++-------------
 1 file changed, 33 insertions(+), 15 deletions(-)

diff --git a/src/helper/helper-nfacct-rule.c b/src/helper/helper-nfacct-rule.c
index 3c365ee..a2a598f 100755
--- a/src/helper/helper-nfacct-rule.c
+++ b/src/helper/helper-nfacct-rule.c
@@ -411,26 +411,44 @@ static char* get_cmd_pos(const char *cmd_buf)
 
 static bool is_rule_present(const char *cmd_buf)
 {
-	size_t buf_len;
-	char *exec_buf;
-	char *cmd_pos = get_cmd_pos(cmd_buf);
 	bool ret = false;
-	if (!cmd_pos)
-		return false;
+	pid_t pid = fork();
 
-	buf_len = strlen(cmd_buf) + 1;
-	exec_buf = (char *)malloc(buf_len);
-	if (!exec_buf)
-		return false;
+	if (pid == 0) {
+		gchar **args = NULL;
+		size_t buf_len;
+		char *exec_buf;
+		char *cmd_pos = get_cmd_pos(cmd_buf);
+
+		if (!cmd_pos)
+			exit(1);
+
+		buf_len = strlen(cmd_buf) + 1;
+		exec_buf = (char *)malloc(buf_len);
+		if (!exec_buf)
+			exit(1);
+
+		strncpy(exec_buf, cmd_buf, buf_len);
+		strncpy(exec_buf + (cmd_pos - cmd_buf), IPTABLES_CHECK,
+			sizeof(IPTABLES_CHECK) - 1);
+
+		STC_LOGD("check rule %s", exec_buf);
 
-	strncpy(exec_buf, cmd_buf, buf_len);
-	strncpy(exec_buf + (cmd_pos - cmd_buf), IPTABLES_CHECK,
-		sizeof(IPTABLES_CHECK) - 1);
+		args = g_strsplit_set(exec_buf, " ", -1);
 
-	STC_LOGD("check rule %s", exec_buf);
+		ret = execv(args[0], args);
+		if (ret) {
+			char buf[BUF_SIZE_FOR_ERR] = { 0 };
+			STC_LOGE("Can't execute %s: %s",
+				 cmd_buf, strerror_r(errno, buf,
+						     BUF_SIZE_FOR_ERR));
+		}
+
+		free(exec_buf);
+		g_strfreev(args);
+		exit(ret);
+	}
 
-	ret = system(exec_buf) == 0;
-	free(exec_buf);
 	return ret;
 }
 
-- 
2.7.4