From 7f2119e3814d7f37fb4ae971dcbec1afaf5daff5 Mon Sep 17 00:00:00 2001
From: jkjo92 <jkjo92@samsung.com>
Date: Fri, 21 Jul 2017 12:23:40 +0900
Subject: [PATCH] fix security defect

Change-Id: Ia79761f53cacaba88f415cff1b53380b34e092dc
Signed-off-by: jkjo92 <jkjo92@samsung.com>
---
 common/cryptoutil/inc/asmcrypto.h         |  0
 common/cryptoutil/src/AsmCrypto.cpp       | 18 ++++++++++++++++++
 server/auth_discovery/src/RoamingUtil.cpp |  2 ++
 test/shell_tc/fido_asm_shell_tc.cpp       |  0
 4 files changed, 20 insertions(+)
 mode change 100644 => 100755 common/cryptoutil/inc/asmcrypto.h
 mode change 100644 => 100755 common/cryptoutil/src/AsmCrypto.cpp
 mode change 100644 => 100755 server/auth_discovery/src/RoamingUtil.cpp
 mode change 100644 => 100755 test/shell_tc/fido_asm_shell_tc.cpp

diff --git a/common/cryptoutil/inc/asmcrypto.h b/common/cryptoutil/inc/asmcrypto.h
old mode 100644
new mode 100755
diff --git a/common/cryptoutil/src/AsmCrypto.cpp b/common/cryptoutil/src/AsmCrypto.cpp
old mode 100644
new mode 100755
index 24eb33d..8abdfe5
--- a/common/cryptoutil/src/AsmCrypto.cpp
+++ b/common/cryptoutil/src/AsmCrypto.cpp
@@ -40,8 +40,13 @@ void
 AsmCrypto::logDataToFile(const char *file_name_prefix, const char *data, int data_len)
 {
 	char fn[128] = {0, };
+	char resolved_path[128];
 	snprintf(fn, 127, "%s%s", LOG_FILE_PATH, file_name_prefix);
 
+	if(realpath(fn, resolved_path) == NULL) {
+		_ERR("realpath error");
+		return;
+	}
 	FILE *fp = fopen(fn, "w+");
 	if (fp == NULL)
 		return;
@@ -57,8 +62,14 @@ void
 AsmCrypto::logRawDataToFile(const char *file_name_prefix, const unsigned char *data, int data_len)
 {
 	char fn[128] = {0, };
+	char resolved_path[128];
 	snprintf(fn, 127, "%s%s", LOG_FILE_PATH, file_name_prefix);
 
+	if(realpath(fn, resolved_path) == NULL) {
+		_ERR("realpath error");
+		return;
+	}
+
 	FILE *fp = fopen(fn, "w+");
 	if (fp == NULL)
 		return;
@@ -179,6 +190,13 @@ AsmCrypto::getAsmToken(void)
 		return macStr;
 	}
 
+	char resolved_path[128];
+
+	if(realpath(ASM_CONFIG_FILE, resolved_path) == NULL) {
+		_ERR("realpath error");
+		return std::string();
+	}
+
 	FILE *file = fopen(ASM_CONFIG_FILE, "r");
 
 	if (file == NULL) {
diff --git a/server/auth_discovery/src/RoamingUtil.cpp b/server/auth_discovery/src/RoamingUtil.cpp
old mode 100644
new mode 100755
index 9fd6b76..dd48827
--- a/server/auth_discovery/src/RoamingUtil.cpp
+++ b/server/auth_discovery/src/RoamingUtil.cpp
@@ -279,6 +279,8 @@ RoamingUtil::composeAuthGetInfoResponce(std::vector<GetAuthInfoResp*> *infoList)
 	Buffer *getinfoRespBuff = encoderResp.encode();
 	_INFO("RoamingUtil after TLV encode");
 
+	SAFE_DELETE(infoList);
+
 	/*B64 encode*/
 	return b64Encode(getinfoRespBuff->data, getinfoRespBuff->len);
 
diff --git a/test/shell_tc/fido_asm_shell_tc.cpp b/test/shell_tc/fido_asm_shell_tc.cpp
old mode 100644
new mode 100755
-- 
2.7.4