From e399a13447872ade36cda2cdd33c2418e04f0180 Mon Sep 17 00:00:00 2001
From: Volodymyr Brynza <v.brynza@samsung.com>
Date: Wed, 10 Feb 2021 11:50:28 +0200
Subject: [PATCH] fix: Check for all zero UUID of a subject

https://github.sec.samsung.net/RS7-IOTIVITY/IoTivity/pull/787
(cherry-picked from 788de326f33bc5bb9c754a20f922631c7b53d930)

Change-Id: I4f3746c346085434bbf2acdfe1eedf23c05b3a17
Signed-off-by: Volodymyr Brynza <v.brynza@samsung.com>
Signed-off-by: DoHyun Pyun <dh79.pyun@samsung.com>
---
 resource/csdk/security/src/policyengine.c | 33 +++++++++++++++++++++++++++----
 1 file changed, 29 insertions(+), 4 deletions(-)

diff --git a/resource/csdk/security/src/policyengine.c b/resource/csdk/security/src/policyengine.c
index 649ba6e..9be59fb 100644
--- a/resource/csdk/security/src/policyengine.c
+++ b/resource/csdk/security/src/policyengine.c
@@ -91,6 +91,17 @@ static bool UuidCmp(OicUuid_t *firstId, OicUuid_t *secondId)
     return true;
 }
 
+/**
+ * Compares input OicUuid_t struct with OicUuid_t struct which has all zero values.
+ *
+ * @return true if the two OicUuid_t structs are equal, else false.
+ */
+static bool IsUuidAllZero(OicUuid_t *uuid)
+{
+    OicUuid_t allZeroUuid = {.id={0}};
+    return UuidCmp(&allZeroUuid, uuid);
+}
+
 void SetPolicyEngineState(PEContext_t *context, const PEState_t state)
 {
     if (NULL == context)
@@ -134,12 +145,12 @@ static bool IsRequestFromDevOwner(PEContext_t *context)
         return retVal;
     }
 
-    /*
-    if(OC_STACK_OK == GetDoxmDevOwnerId(&ownerid))
+    // Check for all zero UUID
+    if (true == IsUuidAllZero(&context->subject))
     {
-        retVal = UuidCmp(&context->subject, &ownerid);
+        OIC_LOG_V(DEBUG, TAG, "%s: UUID is all zero", __func__);
+        return retVal;
     }
-    */
 
     // TODO: Added as workaround for CTT
     OicSecDoxm_t* doxm = (OicSecDoxm_t*) GetDoxmResourceData();
@@ -180,6 +191,13 @@ static bool IsRequestFromSubOwner(PEContext_t *context)
         return retVal;
     }
 
+    // Check for all zero UUID
+    if (true == IsUuidAllZero(&context->subject))
+    {
+        OIC_LOG_V(DEBUG, TAG, "%s: UUID is all zero", __func__);
+        return retVal;
+    }
+
     if(IsSubOwner(&context->subject))
     {
         retVal = true;
@@ -302,6 +320,13 @@ bool IsRequestFromResourceOwner(PEContext_t *context)
         return false;
     }
 
+    // Check for all zero UUID
+    if (true == IsUuidAllZero(&context->subject))
+    {
+        OIC_LOG_V(DEBUG, TAG, "%s: UUID is all zero", __func__);
+        return retVal;
+    }
+
     if((OIC_R_ACL_TYPE <= context->resourceType) && \
         (OIC_SEC_SVR_TYPE_COUNT > context->resourceType))
     {
-- 
2.7.4