From df24f592ca1b8780010ca43ab3b792e6eeebd481 Mon Sep 17 00:00:00 2001
From: Manasij Sur Roy <manasij.r@samsung.com>
Date: Thu, 20 Apr 2017 14:51:26 +0530
Subject: [PATCH] Fixed SVACE issues

Change-Id: I910e7a526e80a72bc6070a682afe2b03ffb20006
Signed-off-by: Manasij Sur Roy <manasij.r@samsung.com>
---
 src/oauth2_manager.c | 41 +++++++++++++++++++++++------------------
 src/oauth2_private.h |  2 ++
 src/oauth2_util.c    | 30 ++++++++++++++++++++++++++++++
 src/oauth2_util.h    |  2 ++
 4 files changed, 57 insertions(+), 18 deletions(-)

diff --git a/src/oauth2_manager.c b/src/oauth2_manager.c
index f8075a1..c0ba9a0 100644
--- a/src/oauth2_manager.c
+++ b/src/oauth2_manager.c
@@ -94,7 +94,7 @@ __check_permission(void)
 		char smack_label[SMACK_LABEL_LEN + 1] = {0};
 		char uid[10];
 		FILE *fd;
-		cynara *cynara_h;
+		cynara *cynara_h = NULL;
 
 		ret = cynara_initialize(&cynara_h, NULL);
 		if (CYNARA_API_SUCCESS != ret) {
@@ -333,8 +333,10 @@ __request_data_iter_cb(const char *key, const int type,
 			if (value) {
 				OAUTH2_LOG_I("Appending val=[%s]", value);
 
-				strncat(*final_url, key, strlen(key));
-				strncat(*final_url, "=", 1);
+				oauth2_strcat(*final_url, key, MAX_URL_LENGTH);
+				OAUTH2_LOG_I("After append = [%s]", *final_url);
+				oauth2_strcat(*final_url, "=", MAX_URL_LENGTH);
+				OAUTH2_LOG_I("After append = [%s]", *final_url);
 
 				if (strcmp(key,
 					OAUTH2_PARAMETER_KEY_GRANT_TYPE) == 0)
@@ -345,8 +347,10 @@ __request_data_iter_cb(const char *key, const int type,
 					value = __get_response_type(value);
 
 				if (value != NULL) {
-					strncat(*final_url, value, strlen(value));
-					strncat(*final_url, "&", 1);
+					oauth2_strcat(*final_url, value, MAX_URL_LENGTH);
+					OAUTH2_LOG_I("After append = [%s]", *final_url);
+					oauth2_strcat(*final_url, "&", MAX_URL_LENGTH);
+					OAUTH2_LOG_I("After append = [%s]", *final_url);
 				}
 			}
 		}
@@ -370,9 +374,9 @@ __get_authorization_url(oauth2_request_s *request_impl)
 		return NULL;
 	}
 
-	char *final_url = (char *) calloc(1, 1024);
-	strncat(final_url, authorization_url, 1023);
-	strncat(final_url, "?", 1023);
+	char *final_url = (char *) calloc(1, MAX_URL_LENGTH);
+	oauth2_strcat(final_url, authorization_url, MAX_URL_LENGTH);
+	oauth2_strcat(final_url, "?", MAX_URL_LENGTH);
 
 	bundle_foreach(request_impl->request_data, __request_data_iter_cb,
 		&final_url);
@@ -412,12 +416,13 @@ __append_to_post_data(CURL *curl_handle, char *post_data, const char *key,
 		return;
 	}
 
-	strncat(post_data, encoded_key, strlen(encoded_key));
-	strncat(post_data, "=", 1);
-	strncat(post_data, encoded_val, strlen(encoded_val));
-	if (append_delim)
-		strncat(post_data, "&", 1);
-	OAUTH2_LOG_I("__append_to_post_data end");
+	oauth2_strcat(post_data, encoded_key, MAX_URL_LENGTH);
+	oauth2_strcat(post_data, "=", MAX_URL_LENGTH);
+	oauth2_strcat(post_data, encoded_val, MAX_URL_LENGTH);
+	if (append_delim == true)
+		oauth2_strcat(post_data, "&", MAX_URL_LENGTH);
+
+	OAUTH2_LOG_I("__append_to_post_data end = [%s]", post_data);
 }
 
 static size_t
@@ -703,7 +708,7 @@ _request_access_token_by_code(oauth2_manager_s *mgr_handle, const char *code)
 {
 	OAUTH2_LOG_I("_request_access_token_by_code start");
 
-	char *post_body = (char *)calloc(1, 2048);
+	char *post_body = (char *)calloc(1, MAX_URL_LENGTH);
 	if (post_body == NULL) {
 		OAUTH2_LOG_E("Out of memory");
 		return;
@@ -753,7 +758,7 @@ __request_access_token_for_client_cred(oauth2_manager_s *mgr_handle)
 {
 	mgr_handle->curl_handle = curl_easy_init();
 
-	char *post_body = (char *)calloc(1, 2048);
+	char *post_body = (char *)calloc(1, MAX_URL_LENGTH);
 	if (post_body == NULL) {
 		OAUTH2_LOG_E("Out of memory");
 		return;
@@ -804,7 +809,7 @@ _request_access_token_for_grant_type_pwd(oauth2_manager_s *mgr_handle)
 {
 	mgr_handle->curl_handle = curl_easy_init();
 
-	char *post_body = (char *)calloc(1, 2048);
+	char *post_body = (char *)calloc(1, MAX_URL_LENGTH);
 	if (post_body == NULL) {
 		OAUTH2_LOG_E("Out of memory");
 		return;
@@ -1494,7 +1499,7 @@ _request_refresh_token(oauth2_manager_s *mgr_impl)
 	bundle_get_str(mgr_impl->request->request_data,
 		OAUTH2_PARAMETER_KEY_SCOPE, &scope);
 
-	char *post_body = (char *)calloc(1, 2048);
+	char *post_body = (char *)calloc(1, MAX_URL_LENGTH);
 	if (post_body == NULL) {
 		OAUTH2_LOG_E("Out of memory");
 		OAUTH2_FREE(refresh_uri);
diff --git a/src/oauth2_private.h b/src/oauth2_private.h
index 4929567..e73f3b3 100644
--- a/src/oauth2_private.h
+++ b/src/oauth2_private.h
@@ -93,6 +93,8 @@
 
 #define OAUTH2_LOADING_POP_UP_TEXT			"Loading..."
 
+#define MAX_URL_LENGTH 5012
+
 typedef enum {
 	REQUEST_ACCESS_TOKEN = 1,
 	REQUEST_AUTHORIZATION_CODE
diff --git a/src/oauth2_util.c b/src/oauth2_util.c
index da62fcf..01d4a3f 100644
--- a/src/oauth2_util.c
+++ b/src/oauth2_util.c
@@ -136,4 +136,34 @@ oauth2_util_get_params(const char *url_part, bundle **params)
 
 	return OAUTH2_ERROR_NONE;
 }
+
+static size_t
+min(size_t a, size_t b)
+{
+	return a < b ? a : b;
+}
+
+static char*
+strcat_partial(char* dest, size_t destSize, const char* source, size_t sourceLen)
+{
+	if (!dest || !source)
+		return NULL;
+
+	if ((destSize == 0) || (sourceLen == 0))
+		return dest;
+
+	size_t destLen = strlen(dest);
+
+	if (destLen >= destSize)
+		return dest;
+
+	return strncat(dest, source, min(destSize - destLen - 1, sourceLen));
+}
+
+char*
+oauth2_strcat(char* dest, const char* source, size_t dest_size)
+{
+	return strcat_partial(dest, dest_size, source, dest_size == 0 ? 0 : dest_size - 1);
+}
+
 /*LCOV_EXCL_STOP*/
diff --git a/src/oauth2_util.h b/src/oauth2_util.h
index cefb15a..a36dbc1 100644
--- a/src/oauth2_util.h
+++ b/src/oauth2_util.h
@@ -67,4 +67,6 @@ int oauth2_util_get_query(const char *url, char **query);
 int oauth2_util_get_fragment(const char *url, char **fragment);
 int oauth2_util_get_params(const char *url_part, bundle **params);
 
+char* oauth2_strcat(char* dest, const char* source, size_t dest_size);
+
 #endif /* _OAUTH2_UTIL_H_ */
-- 
2.34.1