From ab0fda06dd1256f6e92e866373cd7eb1d10ef3df Mon Sep 17 00:00:00 2001 From: Sang-Hun Chung Date: Tue, 15 Jan 2013 16:13:14 +0900 Subject: [PATCH] prevent fix & bug fix --- email-core/email-core-mail.c | 33 ++++--------- email-core/email-core-mime.c | 65 ++++++++------------------ email-core/email-core-smtp.c | 2 +- email-core/email-storage/email-storage.c | 18 +++---- email-daemon/email-daemon-etc.c | 2 +- email-daemon/main.c | 17 ++++++- email-ipc/email-ipc-api/email-ipc-param-list.c | 19 ++++++++ email-ipc/email-stub/email-stub-socket.c | 5 ++ email-ipc/email-stub/email-stub-task-manager.c | 5 +- email-ipc/email-stub/email-stub-task.c | 5 +- 10 files changed, 85 insertions(+), 86 deletions(-) diff --git a/email-core/email-core-mail.c b/email-core/email-core-mail.c index a0a7432..b43d916 100755 --- a/email-core/email-core-mail.c +++ b/email-core/email-core-mail.c @@ -2847,7 +2847,7 @@ INTERNAL_FUNC int emcore_download_body_multi_sections_bulk(void *mail_stream, in struct attachment_info *ai = NULL; struct _m_content_info *cnt_info = NULL; void *tmp_stream = NULL; - char *s_uid = NULL, *server_mbox = NULL, buf[512]; + char *s_uid = NULL, buf[512]; int msgno = 0, attachment_num = 1, local_attachment_count = 0, local_inline_content_count = 0; int iActualSize = 0; char html_body[MAX_PATH] = {0, }; @@ -2856,7 +2856,6 @@ INTERNAL_FUNC int emcore_download_body_multi_sections_bulk(void *mail_stream, in #ifdef CHANGE_HTML_BODY_TO_ATTACHMENT int html_changed = 0; #endif - int mailbox_id = 0; if (mail_id < 1) { EM_DEBUG_EXCEPTION("mail_stream[%p], account_id[%d], mail_id[%d], verbose[%d], with_attach[%d]", mail_stream, account_id, mail_id, verbose, with_attach); @@ -2888,19 +2887,12 @@ INTERNAL_FUNC int emcore_download_body_multi_sections_bulk(void *mail_stream, in goto FINISH_OFF; } - account_id = mail->account_id; - s_uid = mail->server_mail_id; - server_mbox = mail->server_mailbox_name; - mail->server_mail_id = NULL; - mail->server_mailbox_name = NULL; + s_uid = EM_SAFE_STRDUP(mail->server_mail_id); attachment.account_id = mail->account_id; attachment.mail_id = mail->mail_id; attachment.mailbox_id = mail->mailbox_id; attachment.attachment_save_status = 0; - mailbox_id = mail->mailbox_id; - emstorage_free_mail(&mail, 1, NULL); - mail = NULL; if (!(ref_account = emcore_get_account_reference(account_id))) { EM_DEBUG_EXCEPTION("emcore_get_account_reference failed [%d]", account_id); @@ -2912,7 +2904,7 @@ INTERNAL_FUNC int emcore_download_body_multi_sections_bulk(void *mail_stream, in /* open mail server. */ if (!mail_stream) { - if (!emcore_connect_to_remote_mailbox(account_id, mailbox_id, (void **)&tmp_stream, &err) || !tmp_stream) { + if (!emcore_connect_to_remote_mailbox(account_id, mail->mailbox_id, (void **)&tmp_stream, &err) || !tmp_stream) { EM_DEBUG_EXCEPTION("emcore_connect_to_remote_mailbox failed [%d]", err); status = EMAIL_DOWNLOAD_CONNECTION_FAIL; goto FINISH_OFF; @@ -2922,9 +2914,6 @@ INTERNAL_FUNC int emcore_download_body_multi_sections_bulk(void *mail_stream, in else stream = (MAILSTREAM *)mail_stream; - free(server_mbox); - server_mbox = NULL; - FINISH_OFF_IF_CANCELED; if (!(cnt_info = em_malloc(sizeof(struct _m_content_info)))) { @@ -2955,8 +2944,6 @@ INTERNAL_FUNC int emcore_download_body_multi_sections_bulk(void *mail_stream, in goto FINISH_OFF; } - free(s_uid); s_uid = NULL; - if (!emcore_check_thread_status()) { err = EMAIL_ERROR_CANCELLED; goto FINISH_OFF; @@ -3001,8 +2988,6 @@ INTERNAL_FUNC int emcore_download_body_multi_sections_bulk(void *mail_stream, in int uid = atoi(s_uid); - free(s_uid); s_uid = NULL; - /* set sparep(member of BODY) memory free function */ mail_parameters(stream, SET_FREEBODYSPAREP, emcore_free_body_sharep); @@ -3095,12 +3080,6 @@ INTERNAL_FUNC int emcore_download_body_multi_sections_bulk(void *mail_stream, in FINISH_OFF_IF_CANCELED; } - - if (false == emstorage_get_mail_by_id(mail_id, &mail, true, &err)) { - EM_DEBUG_EXCEPTION(" emstorage_get_mail_by_id failed [%d]", err); - goto FINISH_OFF; - } - if (cnt_info->text.plain) { EM_DEBUG_LOG("cnt_info->text.plain [%s]", cnt_info->text.plain); @@ -3154,6 +3133,11 @@ INTERNAL_FUNC int emcore_download_body_multi_sections_bulk(void *mail_stream, in else mail->body_download_status = EMAIL_BODY_DOWNLOAD_STATUS_FULLY_DOWNLOADED; + /* Update local_preview_text */ + if ((err = emcore_get_preview_text_from_file(mail->file_path_plain, mail->file_path_html, MAX_PREVIEW_TEXT_LENGTH, &(mail->preview_text))) != EMAIL_ERROR_NONE) { + EM_DEBUG_EXCEPTION("emcore_get_preview_text_from_file failedi : [%d]", err); + } + #ifdef CHANGE_HTML_BODY_TO_ATTACHMENT if (html_changed) mail->flag2 = 1; #endif @@ -3389,7 +3373,6 @@ FINISH_OFF: emcore_free_content_info(cnt_info); if (mail) emstorage_free_mail(&mail, 1, NULL); - EM_SAFE_FREE(server_mbox); EM_SAFE_FREE(s_uid); EM_SAFE_FREE(mailbox_name); diff --git a/email-core/email-core-mime.c b/email-core/email-core-mime.c index 8991f0b..15226a9 100755 --- a/email-core/email-core-mime.c +++ b/email-core/email-core-mime.c @@ -2224,42 +2224,16 @@ PARTLIST* emcore_get_body_full(MAILSTREAM *stream, int msg_uid, BODY *body, stru if (body->id || body->location || body->disposition.type) { char filename[512] = {0, }; + struct attachment_info *current_ai = NULL; struct attachment_info *ai = NULL; - struct attachment_info *prev_ai = NULL; - struct attachment_info *next_ai = NULL; - int i = 0; if (emcore_get_file_pointer(body, true, filename, cnt_info, (int*)NULL) < 0) EM_DEBUG_EXCEPTION("emcore_get_file_pointer failed"); else { /* To form list of attachment info - Attachment list followed by inline attachment list */ - prev_ai = NULL; - next_ai = NULL; - ai = cnt_info->file; - - EM_DEBUG_LOG("ai - %p", ai); - - if (ai != NULL) { - /* if ((body->id) || (body->location) */ - if ((body->id) || (body->location) || ((body->disposition.type != NULL) && ((body->disposition.type[0] == 'i') || (body->disposition.type[0] == 'I')))) { - /* For Inline content append to the end */ - for (i = 1; ai; ai = ai->next) - i++; - } - else { - /* For attachment - search till Inline content found and insert before inline */ - for (i = 1; ai; ai = ai->next) { - if (ai->type == 1) { - /* Means inline image */ - EM_DEBUG_LOG("Found Inline Content "); - next_ai = ai; - break; - } - i++; - prev_ai = ai; - } - } - } + current_ai = cnt_info->file; + + EM_DEBUG_LOG("current_ai - %p", current_ai); ai = em_malloc(sizeof(struct attachment_info)); if (ai == NULL) { @@ -2268,7 +2242,6 @@ PARTLIST* emcore_get_body_full(MAILSTREAM *stream, int msg_uid, BODY *body, stru *err_code = EMAIL_ERROR_OUT_OF_MEMORY; return NULL; } - cnt_info->file = ai; if ((body->id) || (body->location) || ((body->disposition.type != NULL) && ((body->disposition.type[0] == 'i') || (body->disposition.type[0] == 'I')))) ai->type = 1; /* inline contents */ @@ -2301,22 +2274,17 @@ PARTLIST* emcore_get_body_full(MAILSTREAM *stream, int msg_uid, BODY *body, stru cnt_info->grab_type = cnt_info->grab_type | GRAB_TYPE_ATTACHMENT; } - if (ai->type != 1 && next_ai != NULL) { - /* Means next_ai points to the inline attachment info structure */ - if (prev_ai == NULL) { - /* First node is inline attachment */ - ai->next = next_ai; + if (current_ai == NULL) { cnt_info->file = ai; - } - else { - prev_ai->next = ai; - ai->next = next_ai; - } + } else { + while(current_ai->next != NULL) + current_ai = current_ai->next; + + current_ai->next = ai; } } } - /* if (cnt_info->grab_type == GRAB_TYPE_ATTACHMENT */ if (cnt_info->grab_type & GRAB_TYPE_ATTACHMENT) { if (((body->disposition.type != NULL) && ((body->disposition.type[0] == 'a') || (body->disposition.type[0] == 'A'))) && (cnt_info->file != NULL)) { @@ -2457,7 +2425,13 @@ static int emcore_write_response_into_file(char *filename, char *write_mode, cha default: { unsigned char *orignal = (unsigned char *)g_strdup_printf("%s\r\n", encoded); - memcpy(decoded = malloc(encoded_len + 3), orignal, encoded_len + 3); + decoded = em_malloc(encoded_len + 3); /*prevent 28347*/ + if(!decoded) { + EM_DEBUG_EXCEPTION("em_malloc failed"); + error = EMAIL_ERROR_OUT_OF_MEMORY; + goto FINISH_OFF; + } + memcpy(decoded, orignal, encoded_len + 3); decoded_len = encoded_len + 2; g_free(orignal); } @@ -2470,9 +2444,8 @@ static int emcore_write_response_into_file(char *filename, char *write_mode, cha if (!(fp = fopen(filename, write_mode))) { EM_DEBUG_EXCEPTION("fopen failed - %s", filename); - error = EMAIL_ERROR_SYSTEM_FAILURE; - EM_SAFE_FREE(decoded); - return false; + error = EMAIL_ERROR_SYSTEM_FAILURE; /*prevent 28347*/ + goto FINISH_OFF; } if (subtype && subtype[0] == 'H') { diff --git a/email-core/email-core-smtp.c b/email-core/email-core-smtp.c index b59c326..14661a7 100755 --- a/email-core/email-core-smtp.c +++ b/email-core/email-core-smtp.c @@ -2210,7 +2210,6 @@ static int attach_part(BODY *body, const unsigned char *data, int data_len, char } snprintf(encoded_file_name, EM_SAFE_STRLEN(result_file_name) + 15, "=?UTF-8?B?%s?=", result_file_name); EM_DEBUG_LOG("encoded_file_name [%s]", encoded_file_name); - EM_SAFE_FREE(result_file_name); } extension = em_get_extension_from_file_path(filename, NULL); @@ -2389,6 +2388,7 @@ static int attach_part(BODY *body, const unsigned char *data, int data_len, char FINISH_OFF: EM_SAFE_FREE(encoded_file_name); + EM_SAFE_FREE(result_file_name); /*prevent 26242*/ EM_SAFE_FREE(base64_file_name); if (err_code != NULL) *err_code = error; diff --git a/email-core/email-storage/email-storage.c b/email-core/email-storage/email-storage.c index 44b5b6e..bde1bec 100755 --- a/email-core/email-storage/email-storage.c +++ b/email-core/email-storage/email-storage.c @@ -1912,7 +1912,7 @@ INTERNAL_FUNC int emstorage_create_table(emstorage_create_db_type_t type, int *e EM_DEBUG_LOG("CREATE TABLE mail_account_tbl"); - EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_ACCOUNT_TBL], sizeof(sql_query_string)); + EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_ACCOUNT_TBL], sizeof(sql_query_string)-1); /*prevent 21984*/ EMSTORAGE_PROTECTED_FUNC_CALL(sqlite3_exec(local_db_handle, sql_query_string, NULL, NULL, NULL), rc); EM_DEBUG_DB_EXEC(SQLITE_OK != rc, {error = EMAIL_ERROR_DB_FAILURE;goto FINISH_OFF; }, ("SQL(%s) exec fail:%d -%s", sql_query_string, rc, sqlite3_errmsg(local_db_handle))); @@ -1948,7 +1948,7 @@ INTERNAL_FUNC int emstorage_create_table(emstorage_create_db_type_t type, int *e EM_DEBUG_LOG("CREATE TABLE mail_box_tbl"); - EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_BOX_TBL], sizeof(sql_query_string)); + EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_BOX_TBL], sizeof(sql_query_string)-1); /*prevent 21984*/ EMSTORAGE_PROTECTED_FUNC_CALL(sqlite3_exec(local_db_handle, sql_query_string, NULL, NULL, NULL), rc); EM_DEBUG_DB_EXEC(SQLITE_OK != rc, {error = EMAIL_ERROR_DB_FAILURE;goto FINISH_OFF; }, @@ -1985,7 +1985,7 @@ INTERNAL_FUNC int emstorage_create_table(emstorage_create_db_type_t type, int *e EM_DEBUG_LOG("CREATE TABLE mail_read_mail_uid_tbl"); - EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_READ_MAIL_UID_TBL], sizeof(sql_query_string)); + EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_READ_MAIL_UID_TBL], sizeof(sql_query_string)-1); /*prevent 21984*/ EMSTORAGE_PROTECTED_FUNC_CALL(sqlite3_exec(local_db_handle, sql_query_string, NULL, NULL, NULL), rc); EM_DEBUG_DB_EXEC(SQLITE_OK != rc, {error = EMAIL_ERROR_DB_FAILURE;goto FINISH_OFF; }, @@ -2022,7 +2022,7 @@ INTERNAL_FUNC int emstorage_create_table(emstorage_create_db_type_t type, int *e EM_DEBUG_LOG("CREATE TABLE mail_rule_tbl"); - EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_RULE_TBL], sizeof(sql_query_string)); + EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_RULE_TBL], sizeof(sql_query_string)-1); /*prevent 21984*/ EMSTORAGE_PROTECTED_FUNC_CALL(sqlite3_exec(local_db_handle, sql_query_string, NULL, NULL, NULL), rc); EM_DEBUG_DB_EXEC(SQLITE_OK != rc, {error = EMAIL_ERROR_DB_FAILURE;goto FINISH_OFF; }, @@ -2050,7 +2050,7 @@ INTERNAL_FUNC int emstorage_create_table(emstorage_create_db_type_t type, int *e ("SQL(BEGIN EXCLUSIVE) exec fail:%d -%s", rc, sqlite3_errmsg(local_db_handle))); EM_DEBUG_LOG("CREATE TABLE mail_tbl"); - EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_TBL], sizeof(sql_query_string)); + EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_TBL], sizeof(sql_query_string)-1); /*prevent 21984*/ EMSTORAGE_PROTECTED_FUNC_CALL(sqlite3_exec(local_db_handle, sql_query_string, NULL, NULL, NULL), rc); EM_DEBUG_DB_EXEC(SQLITE_OK != rc, {error = EMAIL_ERROR_DB_FAILURE;goto FINISH_OFF; }, @@ -2099,7 +2099,7 @@ INTERNAL_FUNC int emstorage_create_table(emstorage_create_db_type_t type, int *e ("SQL(BEGIN EXCLUSIVE) exec fail:%d -%s", rc, sqlite3_errmsg(local_db_handle))); EM_DEBUG_LOG("CREATE TABLE mail_attachment_tbl"); - EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_ATTACHMENT_TBL], sizeof(sql_query_string)); + EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_ATTACHMENT_TBL], sizeof(sql_query_string)-1); /*prevent 21984*/ EMSTORAGE_PROTECTED_FUNC_CALL(sqlite3_exec(local_db_handle, sql_query_string, NULL, NULL, NULL), rc); EM_DEBUG_DB_EXEC(SQLITE_OK != rc, {error = EMAIL_ERROR_DB_FAILURE;goto FINISH_OFF; }, @@ -2136,7 +2136,7 @@ INTERNAL_FUNC int emstorage_create_table(emstorage_create_db_type_t type, int *e EM_DEBUG_LOG("CREATE TABLE mail_partial_body_activity_tbl"); - EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_PARTIAL_BODY_ACTIVITY_TBL], sizeof(sql_query_string)); + EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_PARTIAL_BODY_ACTIVITY_TBL], sizeof(sql_query_string)-1); /*prevent 21984*/ EMSTORAGE_PROTECTED_FUNC_CALL(sqlite3_exec(local_db_handle, sql_query_string, NULL, NULL, NULL), rc); EM_DEBUG_DB_EXEC(SQLITE_OK != rc, {error = EMAIL_ERROR_DB_FAILURE;goto FINISH_OFF; }, @@ -2166,7 +2166,7 @@ INTERNAL_FUNC int emstorage_create_table(emstorage_create_db_type_t type, int *e EM_DEBUG_LOG("CREATE TABLE mail_meeting_tbl"); - EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_MEETING_TBL], sizeof(sql_query_string)); + EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_MEETING_TBL], sizeof(sql_query_string)-1); /*prevent 21984*/ EMSTORAGE_PROTECTED_FUNC_CALL(sqlite3_exec(local_db_handle, sql_query_string, NULL, NULL, NULL), rc); EM_DEBUG_DB_EXEC(SQLITE_OK != rc, {error = EMAIL_ERROR_DB_FAILURE;goto FINISH_OFF; }, @@ -2230,7 +2230,7 @@ INTERNAL_FUNC int emstorage_create_table(emstorage_create_db_type_t type, int *e EM_DEBUG_LOG("CREATE TABLE mail_certificate_tbl"); - EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_CERTIFICATE_TBL], sizeof(sql_query_string)); + EM_SAFE_STRNCPY(sql_query_string, create_table_query[CREATE_TABLE_MAIL_CERTIFICATE_TBL], sizeof(sql_query_string)-1); /*prevent 21984*/ EMSTORAGE_PROTECTED_FUNC_CALL(sqlite3_exec(local_db_handle, sql_query_string, NULL, NULL, NULL), rc); EM_DEBUG_DB_EXEC(SQLITE_OK != rc, {error = EMAIL_ERROR_DB_FAILURE;goto FINISH_OFF; }, ("SQL(%s) exec fail:%d -%s", sql_query_string, rc, sqlite3_errmsg(local_db_handle))); diff --git a/email-daemon/email-daemon-etc.c b/email-daemon/email-daemon-etc.c index 35da020..526684b 100755 --- a/email-daemon/email-daemon-etc.c +++ b/email-daemon/email-daemon-etc.c @@ -289,7 +289,7 @@ static char *_make_criteria_to_search_filter(email_search_filter_t *search_filte err = EMAIL_ERROR_INVALID_PARAM; goto FINISH_OFF; } - + EM_SAFE_FREE(time_string); /*prevent 26258*/ } FINISH_OFF: diff --git a/email-daemon/main.c b/email-daemon/main.c index d8a86d2..9d057f6 100755 --- a/email-daemon/main.c +++ b/email-daemon/main.c @@ -860,7 +860,13 @@ void stb_get_rule(HIPC_API a_hAPI) /* insert a rule if there exists a rule */ if ( rule ) { local_rule_stream = em_convert_rule_to_byte_stream(rule, &size); - EM_NULL_CHECK_FOR_VOID(local_rule_stream); + if(!local_rule_stream) { /*prevent 26265*/ + EM_DEBUG_EXCEPTION("em_convert_rule_to_byte_stream failed"); + emcore_free_rule(rule); + EM_SAFE_FREE(rule); + return; + } + if(!emipc_add_parameter(a_hAPI, ePARAMETER_OUT, local_rule_stream, size)) EM_DEBUG_EXCEPTION("emipc_add_parameter failed "); EM_SAFE_FREE( local_rule_stream ); @@ -1592,7 +1598,10 @@ void stb_get_attachment(HIPC_API a_hAPI) EM_DEBUG_LOG("emdaemon_get_attachment - Success"); /* attachment */ attachment_stream = em_convert_attachment_data_to_byte_stream(attachment, 1, &size); - + if(!attachment_stream) { /*prevent 26263*/ + emcore_free_attachment_data(&attachment, 1, &err); + return; + } EM_NULL_CHECK_FOR_VOID(attachment_stream); if(!emipc_add_parameter(a_hAPI, ePARAMETER_OUT, attachment_stream, size)) @@ -2486,6 +2495,10 @@ void stb_write_mime_file(HIPC_API a_hAPI) input_attachment_tbl_data[i].attachment_mime_type = EM_SAFE_STRDUP(result_attachment_data[i].attachment_mime_type); } + if ((err = em_verify_email_address_of_mail_tbl(input_mail_tbl_data, false)) != EMAIL_ERROR_NONE) { + EM_DEBUG_EXCEPTION("em_verify_email_address_of_mail_tbl failed : [%d]", err); + goto FINISH_OFF; + } if (!emcore_make_rfc822_file_from_mail(input_mail_tbl_data, input_attachment_tbl_data, result_attachment_data_count, NULL, &file_path, NULL, &err)) { EM_DEBUG_EXCEPTION("emcore_make_rfc822_file_from_mail failed"); diff --git a/email-ipc/email-ipc-api/email-ipc-param-list.c b/email-ipc/email-ipc-api/email-ipc-param-list.c index 70bd377..92b7ae6 100755 --- a/email-ipc/email-ipc-api/email-ipc-param-list.c +++ b/email-ipc/email-ipc-api/email-ipc-param-list.c @@ -22,6 +22,7 @@ #include #include +#include #include "email-ipc-build.h" #include "email-ipc-param-list.h" @@ -77,23 +78,41 @@ EXPORT_API bool emipc_parse_stream_of_param_list(emipc_param_list *param_list, v return false; } + int stream_len = malloc_usable_size(stream); + int remain_len = stream_len - (sizeof(long) * eSTREAM_DATA); + EM_DEBUG_LOG("Allocated stream size : %dbyte", stream_len); + unsigned char* cur = ((unsigned char*)stream) + sizeof(int)*eSTREAM_DATA; int i = 0; /* stream is composed of data type which is encoded into length and data field */ int len = 0; for(i = 0; i < parameter_count; i++) { + + if (remain_len < sizeof(int)) { + EM_DEBUG_EXCEPTION("Not enough remain stream_len[%d]", remain_len); + return false; + } + /* reading length */ memcpy(&len, cur, sizeof(int)); /* moving from length field to data field */ cur += sizeof(int); + remain_len -= sizeof(int); + + if (remain_len > 0 && len > 0 && remain_len >= len) emipc_add_param_to_param_list(param_list, (void*)cur, len); + else { + EM_DEBUG_EXCEPTION("data_len[%d] is not in the boundary of remain stream_len", len); + return false; + } EM_DEBUG_LOG("Parsing stream : element %d is %dbyte long ", i, len); /* move to next parameter */ cur += len; + remain_len -= len; } EM_DEBUG_FUNC_END(); diff --git a/email-ipc/email-stub/email-stub-socket.c b/email-ipc/email-stub/email-stub-socket.c index 58f4b55..247c201 100755 --- a/email-ipc/email-stub/email-stub-socket.c +++ b/email-ipc/email-stub/email-stub-socket.c @@ -163,7 +163,12 @@ EXPORT_API void emipc_wait_for_ipc_request() EM_DEBUG_LOG("===================================================================="); EM_DEBUG_LOG("[IPCLib]Stub Socket Recv [Socket ID = %d], [recv_len = %d]", event_fd, recv_len); EM_DEBUG_LOG("===================================================================="); + + /* IPC request stream is at least 16byte */ + if (recv_len >= sizeof(long) * eSTREAM_DATA) { emipc_create_task((unsigned char *)sz_buf, event_fd); + } else + EM_DEBUG_LOG("[IPCLib] Stream size is less than default size"); } else if( recv_len == 0 ) { EM_DEBUG_LOG("[IPCLib] Client closed connection [%d]", event_fd); epoll_ctl(epfd, EPOLL_CTL_DEL, event_fd, events); diff --git a/email-ipc/email-stub/email-stub-task-manager.c b/email-ipc/email-stub/email-stub-task-manager.c index edae95b..5dc0198 100755 --- a/email-ipc/email-stub/email-stub-task-manager.c +++ b/email-ipc/email-stub/email-stub-task-manager.c @@ -112,7 +112,10 @@ EXPORT_API bool emipc_create_task(unsigned char *task_stream, int response_chann EM_DEBUG_EXCEPTION("Malloc failed."); ret = false; } else { - emipc_parse_stream_email_task(task, task_stream, response_channel); + if (!emipc_parse_stream_email_task(task, task_stream, response_channel)) { + EM_DEBUG_EXCEPTION("emipc_parse_stream_email_task failed"); + return false; + } EM_DEBUG_LOG("[IPCLib] ======================================================"); EM_DEBUG_LOG("[IPCLib] Register new task : %p", task); diff --git a/email-ipc/email-stub/email-stub-task.c b/email-ipc/email-stub/email-stub-task.c index be90db5..b063301 100755 --- a/email-ipc/email-stub/email-stub-task.c +++ b/email-ipc/email-stub/email-stub-task.c @@ -58,7 +58,10 @@ EXPORT_API bool emipc_parse_stream_email_task(emipc_email_task *task, void *stre memset(task->api_info, 0x00, sizeof(emipc_email_api_info)); if (task->api_info) { - emipc_deserialize_api_info(task->api_info, ePARAMETER_IN, stream); + if (!emipc_deserialize_api_info(task->api_info, ePARAMETER_IN, stream)) { + EM_DEBUG_EXCEPTION("emipc_deserialize_api_info failed"); + return false; + } task->api_info->response_id = response_id; return true; } -- 2.7.4