From 9fd3add7b2a931bfd74db0e995adbbf21633df8c Mon Sep 17 00:00:00 2001
From: "sanghyeok.oh" <sanghyeok.oh@samsung.com>
Date: Thu, 5 Jan 2017 12:22:57 +0900
Subject: [PATCH] svace:handling wrong policy syntax

Change-Id: I8871c77bf5f58ad89885c128f96442ce009197a8
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
---
 src/internal/policy.cpp | 34 ++++++++++++++++++----------------
 1 file changed, 18 insertions(+), 16 deletions(-)

diff --git a/src/internal/policy.cpp b/src/internal/policy.cpp
index d4ab166..3bc5fce 100644
--- a/src/internal/policy.cpp
+++ b/src/internal/policy.cpp
@@ -19,6 +19,9 @@ static const char* message_dir[] = { "ANY", "SEND", "RECEIVE"};
 static const char* message_decision[] = {"NO_DECISION", "ALLOW", "DENY", "CHECK"};
 
 static MessageType __str_to_message_type(const char* str) {
+	if (!str)
+		return MessageType::ANY;
+
 	if (!std::strcmp(str, "method_call"))
 		return MessageType::METHOD_CALL;
 	else if (!std::strcmp(str, "method_return"))
@@ -113,23 +116,22 @@ void DbAdapter::updateDecision(const boost::property_tree::ptree::value_type& v,
 		if (v.second.data() != "*")
 			value = v.second.data().c_str();
 
-		if (v.first == "context") {
-			if (std::strcmp(value, "mandatory") == 0 ) {
-				policy_type = PolicyType::CONTEXT;
-				policy_type_value.context = ContextType::MANDATORY;
-			} else if (std::strcmp(value, "default") == 0) {
-				policy_type = PolicyType::CONTEXT;
-				policy_type_value.context = ContextType::DEFAULT;
+		if (value) {
+			if (v.first == "context") {
+				if (std::strcmp(value, "mandatory") == 0 ) {
+					policy_type = PolicyType::CONTEXT;
+					policy_type_value.context = ContextType::MANDATORY;
+				} else if (std::strcmp(value, "default") == 0) {
+					policy_type = PolicyType::CONTEXT;
+					policy_type_value.context = ContextType::DEFAULT;
+				}
+			} else if (v.first == "user") {
+				policy_type = PolicyType::USER;
+				policy_type_value.user = convertToUid(value);
+			} else if (v.first == "group") {
+				policy_type = PolicyType::GROUP;
+				policy_type_value.group = convertToGid(value);
 			}
-		} else if (v.first == "user") {
-			policy_type = PolicyType::USER;
-			policy_type_value.user = convertToUid(value);
-		} else if (v.first == "group") {
-			policy_type = PolicyType::GROUP;
-			policy_type_value.group = convertToGid(value);
-		} else {
-			attr = false;
-			t = NONE;
 		}
 	} else if (attr && t == ALLOW_DENY_CHECK) {
 		if (v.second.data() != "*")
-- 
2.7.4