From c941f1bd8a4b9dd6e592fdbe82a8adadecf9b2e7 Mon Sep 17 00:00:00 2001
From: Wonki Kim <wonki_.kim@samsung.com>
Date: Wed, 23 Dec 2020 12:45:16 +0900
Subject: [PATCH] aurum-bootstrap: extend buffer size to avoid BOF

static analytic reports buffer can be overflowed.
this patch changes the size of buffer to avoid buffer over flow.

Change-Id: I54481a211518da3818447ed188e6d072d73b1e4c
---
 .../src/Commands/GetDeviceTimeCommand.cc      | 20 ++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/org.tizen.aurum-bootstrap/src/Commands/GetDeviceTimeCommand.cc b/org.tizen.aurum-bootstrap/src/Commands/GetDeviceTimeCommand.cc
index ed71dcc..0119a20 100644
--- a/org.tizen.aurum-bootstrap/src/Commands/GetDeviceTimeCommand.cc
+++ b/org.tizen.aurum-bootstrap/src/Commands/GetDeviceTimeCommand.cc
@@ -8,6 +8,8 @@
 #include "UiDevice.h"
 #include <string>
 
+#define BUFSIZE 64
+
 GetDeviceTimeCommand::GetDeviceTimeCommand(
     const ::aurum::ReqGetDeviceTime* request,
     ::aurum::RspGetDeviceTime*       response)
@@ -26,11 +28,11 @@ public:
         i18n_udatepg_h pattern_generator = NULL;
         i18n_udate_format_h formatter = NULL;
 
-        i18n_uchar timezone_i18[64] = {0,};
-        i18n_uchar pattern_i18[64]= {0,};
-        i18n_uchar best_pattern_i18[64]= {0,};
-        i18n_uchar result_i18[64]= {0,};
-        char result[64]= {0,};
+        i18n_uchar timezone_i18[BUFSIZE+1] = {0,};
+        i18n_uchar pattern_i18[BUFSIZE+1]= {0,};
+        i18n_uchar best_pattern_i18[BUFSIZE+1]= {0,};
+        i18n_uchar result_i18[BUFSIZE+1]= {0,};
+        char result[BUFSIZE+1]= {0,};
 
         int pattern_len, best_pattern_len, result_i18n_len;
 
@@ -55,7 +57,7 @@ public:
 
         i18n_udatepg_get_best_pattern(pattern_generator,
                                       pattern_i18, pattern_len,
-                                      best_pattern_i18, 64, &best_pattern_len);
+                                      best_pattern_i18, BUFSIZE, &best_pattern_len);
 
         i18n_ustring_copy_ua_n(timezone_i18, timezone, strlen(timezone));
 
@@ -72,8 +74,8 @@ public:
 
         if (formatter) {
             i18n_udate date = timestamp;
-            i18n_udate_format_date(formatter, date, result_i18, 64, NULL, &result_i18n_len);
-            i18n_ustring_copy_au_n(result , result_i18, 64);
+            i18n_udate_format_date(formatter, date, result_i18, BUFSIZE, NULL, &result_i18n_len);
+            i18n_ustring_copy_au_n(result , result_i18, BUFSIZE);
             i18n_udate_destroy(formatter);
             return std::string{result};
         }
@@ -110,4 +112,4 @@ public:
 
     mResponse->set_status(::aurum::RspStatus::OK);
     return grpc::Status::OK;
-}
\ No newline at end of file
+}
-- 
2.34.1