From e6723314fe1221f75f2c4ed069c48c99ad46d571 Mon Sep 17 00:00:00 2001 From: Anatolii Nikulin Date: Mon, 23 May 2016 14:25:50 +0300 Subject: [PATCH] [FIX] Svace issues ----------------------------------------------------- | WGID | Type | File | |---------------------------------------------------- | 72423 | MEMORY_LEAK | da_protocol.c | | 78692 | PROC_USE.VULNERABLE | utils.c | |---------------------------------------------------| Change-Id: I4896f7aa780cf331d36f729ca1e9b4993c4c0ab4 Signed-off-by: Anatolii Nikulin --- daemon/da_protocol.c | 11 ++++------- daemon/utils.c | 9 +++++---- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/daemon/da_protocol.c b/daemon/da_protocol.c index d7406bb..45d465b 100644 --- a/daemon/da_protocol.c +++ b/daemon/da_protocol.c @@ -901,7 +901,7 @@ exit_fail: static int process_msg_binary_info(struct msg_buf_t *msg) { - int err; + int err = -1; uint32_t allocated_acks, i, bincount; enum ErrorCode error_code = ERR_NO; @@ -966,23 +966,20 @@ static int process_msg_binary_info(struct msg_buf_t *msg) pack_int32(p, error_code); pack_int32(p, bincount); - for (i = 0; i != bincount; ++i) { + for (i = 0; i != bincount; ++i) p += binary_ack_pack(p, acks[i]); - binary_ack_free(acks[i]); - } printBuf((char *)msg_reply, msg_reply->len + sizeof(*msg_reply)); err = send_reply(msg_reply); free(msg_reply); - return err; - exit_fail_free_ack: for (i = 0; i < allocated_acks; i++) binary_ack_free(acks[i]); free(acks); + exit_fail: - return -1; + return err; } static int process_msg_get_probe_map() diff --git a/daemon/utils.c b/daemon/utils.c index bc02434..fca624d 100644 --- a/daemon/utils.c +++ b/daemon/utils.c @@ -141,11 +141,12 @@ int remove_indir(const char *dirname) int change_user(const char *username) { struct passwd *pw; - int uid, gid; + struct passwd pw_entry; + char buf[1024]; + int uid, gid, err; - - pw = getpwnam(username); - if (!pw) { + err = getpwnam_r(username, &pw_entry, buf, sizeof(buf), &pw); + if (err || !pw) { LOGE("user %s is unknown\n", username); return -1; } -- 2.7.4