From 6d5a25ecc169c9ba143fb4c7505e875e2461a2f2 Mon Sep 17 00:00:00 2001
From: "jiyong.min" <jiyong.min@samsung.com>
Date: Mon, 29 Jun 2020 14:35:04 +0900
Subject: [PATCH] Added safe_atoi to avoid unwanted loop because of tainted int
 'num'

Change-Id: I2fc79d9b9134cbee1cfdc7887f0effc3570b158a
---
 test/metadata_editor_test.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/test/metadata_editor_test.c b/test/metadata_editor_test.c
index 6321a4e..1449497 100755
--- a/test/metadata_editor_test.c
+++ b/test/metadata_editor_test.c
@@ -161,8 +161,10 @@ static bool __get_tag_info(metadata_editor_h metadata)
 		else if ((ret == METADATA_EDITOR_ERROR_NONE) && picture_index) {
 			int num = 0, i;
 			ret = __safe_atoi(picture_index, &num);
-			if (ret != METADATA_EDITOR_ERROR_NONE || num < 0)
-				return true;
+			if (ret != METADATA_EDITOR_ERROR_NONE || num < 0) {
+				printf("fail to __safe_atoi[%d]\n", ret);
+				return false;
+			}
 
 			printf("Number of pictures: %u\n", num);
 
@@ -379,8 +381,12 @@ static bool __delete_pictures(metadata_editor_h metadata)
 
 	printf("The number of pictures is [%s]\n", picture_num);
 
-	num = atoi(picture_num);
+	ret = __safe_atoi(picture_num, &num);
 	free(picture_num);
+	if (ret != METADATA_EDITOR_ERROR_NONE || num < 0) {
+		printf("fail to __safe_atoi[%d]\n", ret);
+		return false;
+	}
 
 	if (num == 0) {
 		printf("There are no pictures to delete\n");
-- 
2.34.1