From b6363325de31ee37147c816716b65ee81d2aad62 Mon Sep 17 00:00:00 2001
From: Sooyoung Ha <yoosah.ha@samsung.com>
Date: Tue, 14 Mar 2017 19:50:13 +0900
Subject: [PATCH] source: remove some risky codes

Some of these codes can cause the various defects.

Change-Id: I5effcdba397a9f80583564ccb2f975205413543c
Signed-off-by: Sooyoung Ha <yoosah.ha@samsung.com>
---
 src/services.c   | 18 ++++++++++++------
 src/subprocess.c | 41 +++++++++++++++++++++++------------------
 2 files changed, 35 insertions(+), 24 deletions(-)

diff --git a/src/services.c b/src/services.c
index f395fca..f6c1df6 100644
--- a/src/services.c
+++ b/src/services.c
@@ -459,20 +459,20 @@ int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * c
         snprintf(tmptext, sizeof tmptext, "/tmp/.sdbduser_%d.sock", (int)(*pid));
         char *sockpath = strdup(tmptext);
         if (sockpath == NULL) {
-            D("failed to get socket path, %s\n", strerror(errno));
+            D("failed to get socket path, %d\n", errno);
             return -1;
         }
         D("read fd socket is %s\n", sockpath);
 
         sock = socket(PF_LOCAL, SOCK_STREAM, 0);
         if (sock == -1) {
-            D("socket error, %s\n", strerror(errno));
+            D("socket error, %d\n", errno);
             free(sockpath);
             return -1;
         }
         memset(&addr, 0, sizeof(addr));
         addr.sun_family = AF_LOCAL;
-        strcpy(addr.sun_path, sockpath);
+        s_strncpy(addr.sun_path, sockpath, strlen(sockpath));
         int slen = offsetof(struct sockaddr_un, sun_path) + strlen(sockpath);
         while (connect(sock, (struct sockaddr *)&addr, slen) == -1
                 && trycnt < 100) {
@@ -481,14 +481,20 @@ int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * c
             usleep(10000);
         }
         if (trycnt == 100) {
-            D("failed to connect, err: %s\n", strerror(errno));
+            D("failed to connect, errno: %d\n", errno);
+            if (sdb_close(sock) == -1) {
+                D("close sock error, %d\n", errno);
+            }
             free(sockpath);
             return -1;
         }
 
         char c;
         if (recv_fd(sock, &c, 1, &ptm) == -1) {
-            D("recv_fd error, %s\n", strerror(errno));
+            D("recv_fd error, %d\n", errno);
+            if (sdb_close(sock) == -1) {
+                D("close sock error, %d\n", errno);
+            }
             free(sockpath);
             return -1;
         } else {
@@ -496,7 +502,7 @@ int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * c
         }
 
         if (sdb_close(sock) == -1) {
-            D("close sock error, %s\n", strerror(errno));
+            D("close sock error, %d\n", errno);
         }
         free(sockpath);
 
diff --git a/src/subprocess.c b/src/subprocess.c
index c5d4bbd..24676a1 100644
--- a/src/subprocess.c
+++ b/src/subprocess.c
@@ -144,36 +144,41 @@ int main (int argc, char **argv, char **envp)
 
         snprintf(tmptext, sizeof tmptext, "/tmp/.sdbduser_%d.sock", (int)mypid);
 
-        char *sockpath = strdup(tmptext);
-        if (sockpath == NULL) {
-            fprintf(stderr, "sdbu socket path error, %s\n", strerror(errno));
-            exit(-1);
-        }
-
         sock = socket(PF_LOCAL, SOCK_STREAM, 0);
         if (sock == -1) {
-            fprintf(stderr, "sdbu socket error, %s\n", strerror(errno));
+            fprintf(stderr, "sdbu socket error, %d\n", errno);
+            return -1;
+        }
+
+        char *sockpath = strdup(tmptext);
+        if (sockpath == NULL) {
+            fprintf(stderr, "sdbu socket path error, %d\n", errno);
+            sdb_close(sock);
+            return -1;
         }
         memset(&addr, 0, sizeof(addr));
         addr.sun_family = AF_LOCAL;
-        strcpy(addr.sun_path, sockpath);
+        strncpy(addr.sun_path, sockpath, strlen(sockpath));
         int slen = offsetof(struct sockaddr_un, sun_path) + strlen(sockpath);
         if (bind(sock, (struct sockaddr *)&addr, slen) == -1) {
-            fprintf(stderr, "sdbu socket bind error, %s\n", strerror(errno));
+            fprintf(stderr, "sdbu socket bind error, %d\n", errno);
+            goto socket_fail;
         }
         if (listen(sock, 5) == -1) {
-            fprintf(stderr, "sdbu listen error, %s\n", strerror(errno));
+            fprintf(stderr, "sdbu listen error, %d\n", errno);
+            goto socket_fail;
         }
         if ((s = sdb_socket_accept(sock, NULL, 0)) == -1) {
-            fprintf(stderr, "sdbu accept error, %s\n", strerror(errno));
-        }
-
-        /* send ptm fd to sdbd */
-        if (send_fd(s, &c, 1, ptm) != 0) {
-            fprintf(stderr, "sdbu send fd error, %s\n", strerror(errno));
+            fprintf(stderr, "sdbu accept error, %d\n", errno);
+            goto socket_fail;
+        } else {
+            /* send ptm fd to sdbd */
+            if (send_fd(s, &c, 1, ptm) != 0) {
+                fprintf(stderr, "sdbu send fd error, %d\n", errno);
+            }
+            sdb_close(s);
         }
-
-        sdb_close(s);
+socket_fail:
         sdb_close(sock);
         sdb_unlink(sockpath);
         free(sockpath);
-- 
2.7.4