From e82766b34da64122ebabed66b2579e95bbc837c4 Mon Sep 17 00:00:00 2001
From: Jeon Sang-Heon <sh95.jeon@samsung.com>
Date: Fri, 31 Jan 2020 11:37:39 +0900
Subject: [PATCH] fix coverity issue

- modify strcmp to strncmp for non null terminated string params
- modify uncatched return code from fseek

Change-Id: Ia7f672a163dc4e7eeeb44dd0b077f73df7e97ab7
---
 ss_engine/SS_PatchDelta.c | 7 ++++++-
 ss_engine/SS_UPI.c        | 2 +-
 ss_engine/fota_tar.c      | 2 +-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/ss_engine/SS_PatchDelta.c b/ss_engine/SS_PatchDelta.c
index af6df2a..a65ae7c 100755
--- a/ss_engine/SS_PatchDelta.c
+++ b/ss_engine/SS_PatchDelta.c
@@ -655,7 +655,12 @@ int SS_UpdateDeltaKernel(ua_dataSS_t * ua_dataSS, int (*write_to_blkdev) (char *
 		file_num = atoi(tok_buf);
 
 	//adjust offset to start of data section before proceeding
-	fseek(fp, SS_KERNEL_DELTA_HEADER, SEEK_SET);
+	ret = fseek(fp, SS_KERNEL_DELTA_HEADER, SEEK_SET);
+	if (ret != 0) {
+		LOGE("fseek is failed : errno[%d]\n", ret);
+		result = E_SS_FAILURE;
+		goto Cleanup;
+	}
 
 	while (file_num-- > 0) {
 		file_name = strtok_r(NULL, ":", &saveptr);
diff --git a/ss_engine/SS_UPI.c b/ss_engine/SS_UPI.c
index cbfac8f..9fcbcff 100755
--- a/ss_engine/SS_UPI.c
+++ b/ss_engine/SS_UPI.c
@@ -2371,7 +2371,7 @@ int SS_IMGUpdatemain(ua_dataSS_t * ua_dataSS, int update_type)  //SS_FSUpdatePar
 			LOGL(LOG_SSENGINE, "short read of \"%s\" (%ld bytes of %ld)\n", SS_PATCHFILE_SOURCE, (long)bytes_read, (long)13);
 		fclose(fp);
 
-		if (strcmp(buf, SS_KERNEL_MAGIC) == 0)
+		if (strncmp(buf, SS_KERNEL_MAGIC, sizeof(buf) / sizeof(char)) == 0)
 			ulResult = SS_UpdateDeltaKernel(ua_dataSS, ua_dataSS->write_data_to_blkdev);
 		else
 			ulResult = SS_UpdateDeltaIMG(ua_dataSS, ua_dataSS->write_data_to_blkdev);
diff --git a/ss_engine/fota_tar.c b/ss_engine/fota_tar.c
index 604cf75..1ec4aae 100755
--- a/ss_engine/fota_tar.c
+++ b/ss_engine/fota_tar.c
@@ -334,7 +334,7 @@ int tar_get_item_size(char *tar, char *item)
 		}
 
 		/* check if the file is what we are looking for */
-		if (strcmp(uExtendedName, item) == 0) {
+		if (strncmp(uExtendedName, item, sizeof(uExtendedName) / sizeof(char)) == 0) {
 			ret = (int)size_dec;
 			if ((ret == 0) && (header[TAR_ITEM_TYPE_FLAG_POS] == DIRTYPE))
 				ret = tar_get_folder_size(tar, item);
-- 
2.7.4