From 9aa94491aeda2e6e3b236fd18ae4ac30bc26bb14 Mon Sep 17 00:00:00 2001 From: Jinhyung Jo Date: Wed, 9 Aug 2017 16:50:43 +0900 Subject: [PATCH] source: add code to check for null pointer Change-Id: Ie73726a837cdc6d28468845c91388644f0c5a853 Signed-off-by: Jinhyung Jo --- src/default_plugin_auth.c | 4 ++++ src/default_plugin_basic.c | 28 ++++++++++++++++++++++++++++ src/default_plugin_event.c | 14 ++++++++++++++ src/plugin.c | 44 ++++++++++++++++++++++++++++++-------------- src/plugin_encrypt.c | 36 ++++++++++++++++++++++++++++++++++++ src/usb_funcfs_client.c | 4 ++++ 6 files changed, 116 insertions(+), 14 deletions(-) diff --git a/src/default_plugin_auth.c b/src/default_plugin_auth.c index 103603b..5021827 100644 --- a/src/default_plugin_auth.c +++ b/src/default_plugin_auth.c @@ -32,6 +32,10 @@ int auth_support ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = PLUGIN_RET_INVALID; diff --git a/src/default_plugin_basic.c b/src/default_plugin_basic.c index 6078e7e..0354377 100644 --- a/src/default_plugin_basic.c +++ b/src/default_plugin_basic.c @@ -49,6 +49,10 @@ int get_plugin_capability ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } capability = in->array_of_parameter[0].v_int32; @@ -114,6 +118,10 @@ int verify_shell_cmd ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = PLUGIN_RET_VALID; @@ -137,6 +145,10 @@ int convert_shell_cmd ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } make_string_parameter ( & ( out->array_of_parameter[0] ), "%s", in->array_of_parameter[0].v_string.data ); return PLUGIN_CMD_SUCCESS; @@ -159,6 +171,10 @@ int verify_peer_ip ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = PLUGIN_RET_VALID; @@ -174,6 +190,10 @@ int verify_sdbd_launch ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = PLUGIN_RET_VALID; @@ -197,6 +217,10 @@ int verify_root_cmd ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } out->array_of_parameter[0].type = type_int32; if ( verify_root_commands ( in->array_of_parameter[0].v_string.data ) ) { @@ -217,6 +241,10 @@ int get_shell_env ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } make_string_parameter ( & ( out->array_of_parameter[0] ), "%s", "" ); return PLUGIN_CMD_SUCCESS; diff --git a/src/default_plugin_event.c b/src/default_plugin_event.c index 787c3f4..37aa39a 100644 --- a/src/default_plugin_event.c +++ b/src/default_plugin_event.c @@ -120,6 +120,11 @@ int get_lock_state ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + out->number_of_parameter = 0; + PLUGIN_LOG("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = ( plugin_pwlocked() == 1 ) ? PLUGIN_RET_ON : PLUGIN_RET_OFF; @@ -132,8 +137,17 @@ static void pwlock_cb ( keynode_t *key, void* data ) int pwlocked = plugin_pwlocked(); parameters* out = ( parameters* ) malloc ( sizeof ( parameters ) ); + if (out == NULL) { + PLUGIN_LOG("failed to allocate memory for the parameter\n"); + return; + } out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + PLUGIN_LOG("failed to allocate memory for the parameter\n"); + free(out); + return; + } out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = ( pwlocked == 1 ) ? PLUGIN_RET_ON : PLUGIN_RET_OFF; diff --git a/src/plugin.c b/src/plugin.c index 394c863..fd6ceb8 100644 --- a/src/plugin.c +++ b/src/plugin.c @@ -212,10 +212,6 @@ static void request_async_cmd ( int cmd, parameters* in, int out_fd ) ret = default_plugin_async_proc ( cmd, in, out_fd ); } - release_parameters ( in ); - if ( in != NULL ) { - free( in ); - } sdb_close(out_fd); } @@ -266,6 +262,10 @@ int request_capability_to_plugin ( int cap, char* out_buf, unsigned int out_len in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = cap; @@ -296,6 +296,10 @@ int request_validity_to_plugin ( int cmd, const char* in_buf ) if ( in_buf != NULL ) { in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_string; in.array_of_parameter[0].v_string.length = strlen ( in_buf ); in.array_of_parameter[0].v_string.data = strdup ( in_buf ); @@ -329,6 +333,10 @@ int request_conversion_to_plugin ( int cmd, const char* in_buf, char* out_buf, u if ( in_buf != NULL ) { in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_string; in.array_of_parameter[0].v_string.length = strlen ( in_buf ); in.array_of_parameter[0].v_string.data = strdup ( in_buf ); @@ -360,6 +368,10 @@ int request_lock_state_to_plugin ( int lock_type ) in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return result; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = lock_type; @@ -384,23 +396,27 @@ int request_lock_state_to_plugin ( int lock_type ) // return -1 if failed to create async proc thread int request_appcmd_to_plugin ( const char* in_buf ) { - parameters* in; + parameters in; int fd; - in = ( parameters* ) malloc ( sizeof ( parameters ) ); if ( in_buf != NULL ) { - in->number_of_parameter = 1; - in->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); - in->array_of_parameter[0].type = type_string; - in->array_of_parameter[0].v_string.length = strlen ( in_buf ); - in->array_of_parameter[0].v_string.data = strdup ( in_buf ); + in.number_of_parameter = 1; + in.array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return -1; + } + in.array_of_parameter[0].type = type_string; + in.array_of_parameter[0].v_string.length = strlen ( in_buf ); + in.array_of_parameter[0].v_string.data = strdup ( in_buf ); } else { - in->number_of_parameter = 0; - in->array_of_parameter = NULL; + in.number_of_parameter = 0; + in.array_of_parameter = NULL; } - fd = create_async_proc_thread( PLUGIN_ASYNC_CMD_APPCMD_SERVICE, in ); + fd = create_async_proc_thread( PLUGIN_ASYNC_CMD_APPCMD_SERVICE, &in ); + release_parameters ( &in ); return fd; } diff --git a/src/plugin_encrypt.c b/src/plugin_encrypt.c index b7fc3ab..8bd9b9d 100644 --- a/src/plugin_encrypt.c +++ b/src/plugin_encrypt.c @@ -25,11 +25,19 @@ int security_init(const int nSessionID, const char* pUserID) if (pUserID == NULL) { in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; } else { in.number_of_parameter = 2; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; in.array_of_parameter[1].type = type_string; @@ -57,6 +65,10 @@ int security_deinit(const int nSessionID) in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; @@ -80,6 +92,10 @@ int security_parse_server_hello(const int nSessionID, apacket* pApacket) in.number_of_parameter = 2; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; in.array_of_parameter[1].type = type_chunk; @@ -108,6 +124,10 @@ int security_gen_client_hello(const int nSessionID, apacket* pApacket) in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; @@ -133,6 +153,10 @@ int security_parse_server_ack(const int nSessionID, apacket* pApacket) in.number_of_parameter = 2; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; in.array_of_parameter[1].type = type_chunk; @@ -161,6 +185,10 @@ int security_gen_client_ack(const int nSessionID, apacket* pApacket) in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; @@ -186,6 +214,10 @@ int security_encrypt(const int nSessionID, apacket* pApacket) in.number_of_parameter = 2; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; in.array_of_parameter[1].type = type_chunk; @@ -216,6 +248,10 @@ int security_decrypt(const int nSessionID, apacket* pApacket) in.number_of_parameter = 2; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; in.array_of_parameter[1].type = type_chunk; diff --git a/src/usb_funcfs_client.c b/src/usb_funcfs_client.c index 00b25c3..7522c11 100644 --- a/src/usb_funcfs_client.c +++ b/src/usb_funcfs_client.c @@ -487,6 +487,10 @@ void ffs_usb_init() D("[ usb_init - using FunctionFS ]\n"); h = calloc(1, sizeof(usb_handle)); + if (h == NULL) { + perror("[ failed to allocate memory for usb FunctionFS bulk device ]\n"); + return; + } if (autoconfig(h) < 0) { perror("[ can't recognize usb FunctionFS bulk device ]\n"); free(h); -- 2.7.4