From 82028c8dd5061b42e20fea83c59d296ca2202ac3 Mon Sep 17 00:00:00 2001 From: Sangkoo Kim Date: Fri, 25 Mar 2016 16:11:31 +0900 Subject: [PATCH] Fix svace defects Change-Id: Id6bff4e8d7c12d9916ae7a61973c9730343778cb Signed-off-by: Sangkoo Kim --- framework/setting-handler/MsgSettingHandler.cpp | 6 --- framework/transaction-manager/MsgTransManager.cpp | 4 +- include/common/MsgInternalTypes.h | 1 - mapi/msg_mms.cpp | 10 ++--- plugin/mms_plugin/MmsPluginConnManWrapper.cpp | 2 +- plugin/mms_plugin/MmsPluginDecode.cpp | 2 +- plugin/mms_plugin/MmsPluginStorage.cpp | 23 +++++------ plugin/mms_plugin/MmsPluginTransport.cpp | 2 +- plugin/mms_plugin/MmsPluginUserAgent.cpp | 15 ++++++-- plugin/mms_plugin/include/MmsPluginUserAgent.h | 2 +- plugin/sms_plugin/SmsPluginSetting.cpp | 47 ++++------------------- utils/MsgIpcSocket.cpp | 14 +++++-- utils/MsgUtilFunction.cpp | 17 ++------ utils/MsgVMessage.cpp | 14 +++---- vobject-engine/VCard.c | 2 +- vobject-engine/VCardCalUtil.c | 42 +++++++++++++------- vobject-engine/VMessage.c | 2 +- 17 files changed, 93 insertions(+), 112 deletions(-) diff --git a/framework/setting-handler/MsgSettingHandler.cpp b/framework/setting-handler/MsgSettingHandler.cpp index 3f708d5..7891237 100755 --- a/framework/setting-handler/MsgSettingHandler.cpp +++ b/framework/setting-handler/MsgSettingHandler.cpp @@ -1036,12 +1036,6 @@ msg_error_t MsgSetVoiceMailOpt(const MSG_SETTING_S *pSetting, bool bSetSim) err = MsgSettingSetString(keyName, voiceMailOpt.mailNumber); if (err != MSG_SUCCESS) MSG_ERR("Error to set config data [%s]", keyName); - - memset(keyName, 0x00, sizeof(keyName)); - snprintf(keyName, sizeof(keyName), "%s/%d", VOICEMAIL_DEFAULT_NUMBER, simIndex); - err = MsgSettingSetString(keyName, voiceMailOpt.mailNumber); - if (err != MSG_SUCCESS) - MSG_ERR("Error to set config data [%s]", keyName); } _END_OF_SET_VOICE_OPT: diff --git a/framework/transaction-manager/MsgTransManager.cpp b/framework/transaction-manager/MsgTransManager.cpp index a7528d1..3d1d70d 100755 --- a/framework/transaction-manager/MsgTransManager.cpp +++ b/framework/transaction-manager/MsgTransManager.cpp @@ -364,8 +364,8 @@ void MsgTransactionManager::handleRequest(int fd) return; } - if (len <= 0) - THROW(MsgException::INVALID_RESULT, "read buffer size <= 0"); + if (len <= 0 && len >= MSG_MAX_IPC_SIZE) + THROW(MsgException::INVALID_RESULT, "read buffer size <= 0 or over max ipc size"); char* pEventData = NULL; unique_ptr eventBuf(&pEventData, unique_ptr_deleter); diff --git a/include/common/MsgInternalTypes.h b/include/common/MsgInternalTypes.h index 084db74..70a930b 100755 --- a/include/common/MsgInternalTypes.h +++ b/include/common/MsgInternalTypes.h @@ -174,7 +174,6 @@ #define VOICEMAIL_NUMBER DEFAULT_VOICE_MAIL_OPT_PATH"/voice_mail_number" #define VOICEMAIL_COUNT DEFAULT_VOICE_MAIL_OPT_PATH"/voice_mail_count" #define VOICEMAIL_ALPHA_ID DEFAULT_VOICE_MAIL_OPT_PATH"/voice_mail_alphaid" -#define VOICEMAIL_DEFAULT_NUMBER DEFAULT_VOICE_MAIL_OPT_PATH"/voice_mail_default_number" #define VOICEMAIL_DEFAULT_ALPHA_ID "" #define MSGSIZE_OPTION DEFAULT_MSGSIZE_OPT_PATH"/msg_size" diff --git a/mapi/msg_mms.cpp b/mapi/msg_mms.cpp index 7073543..e2afdbd 100755 --- a/mapi/msg_mms.cpp +++ b/mapi/msg_mms.cpp @@ -1631,11 +1631,11 @@ void convert_to_hidden_mmsdata(MMS_DATA_S *pSrc, msg_struct_s *pDest) if (src_multipart) { msg_struct_s *multipart_struct = (msg_struct_s *)msg_create_struct(MSG_STRUCT_MULTIPART_INFO); - MMS_MULTIPART_DATA_S *dst_multipart = (MMS_MULTIPART_DATA_S*)multipart_struct->data; - - memcpy(dst_multipart, src_multipart, sizeof(MMS_MULTIPART_DATA_S)); - - pDestMms->multipartlist = g_list_append(pDestMms->multipartlist, multipart_struct); + if (multipart_struct) { + MMS_MULTIPART_DATA_S *dst_multipart = (MMS_MULTIPART_DATA_S*)multipart_struct->data; + memcpy(dst_multipart, src_multipart, sizeof(MMS_MULTIPART_DATA_S)); + pDestMms->multipartlist = g_list_append(pDestMms->multipartlist, multipart_struct); + } } } } diff --git a/plugin/mms_plugin/MmsPluginConnManWrapper.cpp b/plugin/mms_plugin/MmsPluginConnManWrapper.cpp index 53e9987..3428a09 100755 --- a/plugin/mms_plugin/MmsPluginConnManWrapper.cpp +++ b/plugin/mms_plugin/MmsPluginConnManWrapper.cpp @@ -221,7 +221,7 @@ static gboolean __connection_create(void *pVoid) } else { int err = connection_create(&g_connection); - if (CONNECTION_ERROR_NONE == err) { + if (CONNECTION_ERROR_NONE == err && g_connection) { connection_cellular_state_e cellular_state; connection_type_e net_state; diff --git a/plugin/mms_plugin/MmsPluginDecode.cpp b/plugin/mms_plugin/MmsPluginDecode.cpp index 02f3a03..a959fa6 100755 --- a/plugin/mms_plugin/MmsPluginDecode.cpp +++ b/plugin/mms_plugin/MmsPluginDecode.cpp @@ -1341,7 +1341,7 @@ static bool __MmsBinaryDecodeParameter(FILE *pFile, MsgType *pMsgType, int value if (szTypeValue) { /* checkMe: forwardLock needs boudary string */ - if (strcasecmp(szTypeString, "boundary") == 0) { + if (g_ascii_strcasecmp(szTypeString, "boundary") == 0) { memset(pMsgType->param.szBoundary, 0, MSG_BOUNDARY_LEN + 1); strncpy(pMsgType->param.szBoundary, szTypeValue, MSG_BOUNDARY_LEN); #ifdef FEATURE_JAVA_MMS diff --git a/plugin/mms_plugin/MmsPluginStorage.cpp b/plugin/mms_plugin/MmsPluginStorage.cpp index 79e46b2..b54bae5 100755 --- a/plugin/mms_plugin/MmsPluginStorage.cpp +++ b/plugin/mms_plugin/MmsPluginStorage.cpp @@ -1049,26 +1049,27 @@ msg_error_t MmsPluginStorage::getMultipartList(msg_message_id_t msgId, MMSList * if (err == MSG_SUCCESS) { for (int i = 0; i < rowCnt; i++) { MMS_MULTIPART_DATA_S *multipart = MsgMmsCreateMultipart(); + if (multipart) { + dbHandle->getColumnToString(index++, sizeof(multipart->szContentType), multipart->szContentType); - dbHandle->getColumnToString(index++, sizeof(multipart->szContentType), multipart->szContentType); + dbHandle->getColumnToString(index++, sizeof(multipart->szFileName), multipart->szFileName); - dbHandle->getColumnToString(index++, sizeof(multipart->szFileName), multipart->szFileName); + dbHandle->getColumnToString(index++, sizeof(multipart->szFilePath), multipart->szFilePath); - dbHandle->getColumnToString(index++, sizeof(multipart->szFilePath), multipart->szFilePath); + dbHandle->getColumnToString(index++, sizeof(multipart->szContentID), multipart->szContentID); - dbHandle->getColumnToString(index++, sizeof(multipart->szContentID), multipart->szContentID); + dbHandle->getColumnToString(index++, sizeof(multipart->szContentLocation), multipart->szContentLocation); - dbHandle->getColumnToString(index++, sizeof(multipart->szContentLocation), multipart->szContentLocation); + multipart->tcs_bc_level = dbHandle->getColumnToInt(index++); - multipart->tcs_bc_level = dbHandle->getColumnToInt(index++); + multipart->malware_allow = dbHandle->getColumnToInt(index++); - multipart->malware_allow = dbHandle->getColumnToInt(index++); + dbHandle->getColumnToString(index++, sizeof(multipart->szThumbFilePath), multipart->szThumbFilePath); - dbHandle->getColumnToString(index++, sizeof(multipart->szThumbFilePath), multipart->szThumbFilePath); + multipart->type = MimeGetMimeIntFromMimeString(multipart->szContentType); - multipart->type = MimeGetMimeIntFromMimeString(multipart->szContentType); - - *multipart_list = g_list_append(*multipart_list, multipart); + *multipart_list = g_list_append(*multipart_list, multipart); + } } } diff --git a/plugin/mms_plugin/MmsPluginTransport.cpp b/plugin/mms_plugin/MmsPluginTransport.cpp index 88f904f..548ecc3 100755 --- a/plugin/mms_plugin/MmsPluginTransport.cpp +++ b/plugin/mms_plugin/MmsPluginTransport.cpp @@ -152,7 +152,7 @@ void MmsPluginTransport::submitRequest(const MSG_REQUEST_INFO_S *pReqInfo) break; } - MmsPluginUaManager::instance()->addMmsReqEntity(reqItem); + MmsPluginUaManager::instance()->addMmsReqEntity(&reqItem); MmsPluginUaManager::instance()->start(); if (msisdn) { diff --git a/plugin/mms_plugin/MmsPluginUserAgent.cpp b/plugin/mms_plugin/MmsPluginUserAgent.cpp index 7841856..7de01c8 100755 --- a/plugin/mms_plugin/MmsPluginUserAgent.cpp +++ b/plugin/mms_plugin/MmsPluginUserAgent.cpp @@ -628,15 +628,22 @@ void MmsPluginUaManager::getMmsPduData(mmsTranQEntity *qEntity) unlock(); } -void MmsPluginUaManager::addMmsReqEntity(mmsTranQEntity req) +void MmsPluginUaManager::addMmsReqEntity(mmsTranQEntity *req) { + if (req == NULL) + return; + + mmsTranQEntity reqTmp = {0, }; + + memcpy(&reqTmp, req, sizeof(mmsTranQEntity)); + lock(); - if (mmsTranQ.checkExist(req, compare_func) == true) { - MSG_DEBUG("request Already Exist, req_id = %d", req.msgId); + if (mmsTranQ.checkExist(reqTmp, compare_func) == true) { + MSG_DEBUG("request Already Exist, req_id = %d", reqTmp.msgId); unlock(); THROW(MsgException::REQ_EXIST_ERROR, "MMS request already exist"); } - mmsTranQ.push_back(req); + mmsTranQ.push_back(reqTmp); signal(); unlock(); diff --git a/plugin/mms_plugin/include/MmsPluginUserAgent.h b/plugin/mms_plugin/include/MmsPluginUserAgent.h index 4f2523a..25b8b0e 100755 --- a/plugin/mms_plugin/include/MmsPluginUserAgent.h +++ b/plugin/mms_plugin/include/MmsPluginUserAgent.h @@ -27,7 +27,7 @@ class MmsPluginUaManager: public MsgThread { static MmsPluginUaManager *instance(); virtual void start(); - void addMmsReqEntity(mmsTranQEntity req); + void addMmsReqEntity(mmsTranQEntity *req); void getMmsPduData(mmsTranQEntity *qEntity); bool processReceivedData(int msgId, char *pRcvdBody, int rcvdBodyLen, char *retrievedFilePath); diff --git a/plugin/sms_plugin/SmsPluginSetting.cpp b/plugin/sms_plugin/SmsPluginSetting.cpp index 94ce647..ec2981d 100755 --- a/plugin/sms_plugin/SmsPluginSetting.cpp +++ b/plugin/sms_plugin/SmsPluginSetting.cpp @@ -284,12 +284,11 @@ void SmsPluginSetting::initConfigData(TapiHandle *handle) char keyName[MAX_VCONFKEY_NAME_LEN]; MSG_INFO("=================SIM CHANGED==================="); - /* reset default voicemail number and voicemail number */ - + /* reset voicemail number */ memset(keyName, 0x00, sizeof(keyName)); - snprintf(keyName, sizeof(keyName), "%s/%d", VOICEMAIL_DEFAULT_NUMBER, sim_idx); + snprintf(keyName, sizeof(keyName), "%s/%d", VOICEMAIL_NUMBER, sim_idx); if (MsgSettingSetString(keyName, "") != MSG_SUCCESS) - MSG_DEBUG("MsgSettingSetString is failed!!"); + MSG_DEBUG("MsgSettingSetInt is failed!!"); memset(keyName, 0x00, sizeof(keyName)); snprintf(keyName, sizeof(keyName), "%s/%d", VOICEMAIL_COUNT, sim_idx); @@ -305,42 +304,6 @@ void SmsPluginSetting::initConfigData(TapiHandle *handle) MsgDeleteNoti(MSG_NOTI_TYPE_VOICE_2, sim_idx); } - /*==================== Default Voice mail Setting ====================*/ - memset(keyName, 0x00, sizeof(keyName)); - snprintf(keyName, sizeof(keyName), "%s/%d", VOICEMAIL_DEFAULT_NUMBER, sim_idx); - char *num = NULL; - if (MsgSettingGetString(keyName, &num) != MSG_SUCCESS) { - MSG_INFO("MsgSettingGetString() is failed"); - } - - if (num && num[0] != '\0') { - MSG_DEBUG("Voicemail Default Number [%s]", num); - - memset(keyName, 0x00, sizeof(keyName)); - snprintf(keyName, sizeof(keyName), "%s/%d", VOICEMAIL_NUMBER, sim_idx); - - if (MsgSettingSetString(keyName, num) != MSG_SUCCESS) - MSG_DEBUG("MsgSettingSetInt is failed!!"); - - free(num); - num = NULL; - } else { - MSG_DEBUG("Voicemail Default Number is NULL"); - - memset(keyName, 0x00, sizeof(keyName)); - snprintf(keyName, sizeof(keyName), "%s/%d", VOICEMAIL_NUMBER, sim_idx); - - char *voicemail = NULL; - if (MsgSettingGetString(keyName, &voicemail) != MSG_SUCCESS) { - MSG_INFO("MsgSettingGetString() is failed"); - } - - if (!voicemail || voicemail[0] == '\0') { - if (MsgSettingSetString(keyName, "") != MSG_SUCCESS) - MSG_DEBUG("MsgSettingSetInt is failed!!"); - } - } - /*==================== Voice mail information update ====================*/ if (getVoiceMailInfo(handle) == true) { MSG_DEBUG("######## getVoiceMailInfo Success !!! #######"); @@ -1702,9 +1665,13 @@ bool SmsPluginSetting::getMailboxInfoEvent() { int ret = 0; + mx.lock(); + bTapiResult = false; ret = cv.timedwait(mx.pMutex(), MAX_TAPI_SIM_API_TIMEOUT); + mx.unlock(); + if (ret == ETIMEDOUT) { MSG_DEBUG("WARNING: TAPI callback TIME-OUT"); return false; diff --git a/utils/MsgIpcSocket.cpp b/utils/MsgIpcSocket.cpp index c9c345a..bd8b18d 100755 --- a/utils/MsgIpcSocket.cpp +++ b/utils/MsgIpcSocket.cpp @@ -192,7 +192,11 @@ int MsgIpcClientSocket::readn(char *buf, unsigned int len ) break; } - nleft -= nread; + if (nleft >= (unsigned int)nread) + nleft -= nread; + else + return -1; + memcpy(buf, t_buf, nread); buf += nread; } @@ -442,7 +446,11 @@ int MsgIpcServerSocket::readn(int fd, char *buf, unsigned int len ) else if (nread == 0) break; - nleft -= nread; + if (nleft >= (unsigned int)nread) + nleft -= nread; + else + return -1; + buf += nread; } return (len-nleft); @@ -483,7 +491,7 @@ int MsgIpcServerSocket::read(int fd, char** buf, int* len ) return *len; /* read the data in subsequence */ - if (*len > 0) { + if (*len > 0 && *len < MSG_MAX_IPC_SIZE) { unsigned int ulen = (unsigned int)*len; *buf = new char[ulen+1]; bzero(*buf, ulen+1); diff --git a/utils/MsgUtilFunction.cpp b/utils/MsgUtilFunction.cpp index 5618966..056efa7 100755 --- a/utils/MsgUtilFunction.cpp +++ b/utils/MsgUtilFunction.cpp @@ -1020,20 +1020,12 @@ msg_error_t MsgMakeSortRule(const MSG_SORT_RULE_S *pSortRule, char *pSqlSort) else strncpy(order, "DESC", 5); - int nameOrder = 0; - switch (pSortRule->sortType) { case MSG_SORT_BY_DISPLAY_FROM : - if (nameOrder == 0) - snprintf(sql, sizeof(sql), "ORDER BY B.FIRST_NAME %s, B.LAST_NAME %s, B.ADDRESS_VAL, A.DISPLAY_TIME DESC;", order, order); - else - snprintf(sql, sizeof(sql), "ORDER BY B.LAST_NAME %s, B.FIRST_NAME %s, B.ADDRESS_VAL, A.DISPLAY_TIME DESC;", order, order); + snprintf(sql, sizeof(sql), "ORDER BY B.FIRST_NAME %s, B.LAST_NAME %s, B.ADDRESS_VAL, A.DISPLAY_TIME DESC;", order, order); break; case MSG_SORT_BY_DISPLAY_TO : - if (nameOrder == 0) - snprintf(sql, sizeof(sql), "ORDER BY B.FIRST_NAME %s, B.LAST_NAME %s, B.ADDRESS_VAL, A.DISPLAY_TIME DESC;", order, order); - else - snprintf(sql, sizeof(sql), "ORDER BY B.LAST_NAME %s, B.FIRST_NAME %s, B.ADDRESS_VAL, A.DISPLAY_TIME DESC;", order, order); + snprintf(sql, sizeof(sql), "ORDER BY B.FIRST_NAME %s, B.LAST_NAME %s, B.ADDRESS_VAL, A.DISPLAY_TIME DESC;", order, order); break; case MSG_SORT_BY_DISPLAY_TIME : snprintf(sql, sizeof(sql), "ORDER BY DISPLAY_TIME %s;", order); @@ -1048,10 +1040,7 @@ msg_error_t MsgMakeSortRule(const MSG_SORT_RULE_S *pSortRule, char *pSqlSort) snprintf(sql, sizeof(sql), "ORDER BY A.STORAGE_ID %s, A.DISPLAY_TIME DESC;", order); break; case MSG_SORT_BY_THREAD_NAME : - if (nameOrder == 0) - snprintf(sql, sizeof(sql), "ORDER BY FIRST_NAME %s, LAST_NAME %s;", order, order); - else - snprintf(sql, sizeof(sql), "ORDER BY LAST_NAME %s, FIRST_NAME %s;", order, order); + snprintf(sql, sizeof(sql), "ORDER BY FIRST_NAME %s, LAST_NAME %s;", order, order); break; case MSG_SORT_BY_THREAD_DATE : snprintf(sql, sizeof(sql), "ORDER BY MSG_TIME %s;", order); diff --git a/utils/MsgVMessage.cpp b/utils/MsgVMessage.cpp index 4524908..f555e85 100755 --- a/utils/MsgVMessage.cpp +++ b/utils/MsgVMessage.cpp @@ -890,12 +890,11 @@ static inline int __msgsvc_vmsg_append_msg_body(MSG_MESSAGE_INFO_S *pMsg, char * MSGSVC_VMSG_APPEND_STR(buf, buf_size, len, MSGSVC_CRLF); /* Date: */ + MSGSVC_VMSG_APPEND_STR(buf, buf_size, len, content_name[VMSG_BODY_PROPERTY_DATE]); + MSGSVC_VMSG_APPEND_STR(buf, buf_size, len, content_name[VMSG_DATA_SEPARATOR]); tzset(); localtime_r(&(pMsg->displayTime), &display_time); char *msgDate = __msgsvc_vmsg_convert_tm_to_vdata_str(&display_time); - - MSGSVC_VMSG_APPEND_STR(buf, buf_size, len, content_name[VMSG_BODY_PROPERTY_DATE]); - MSGSVC_VMSG_APPEND_STR(buf, buf_size, len, content_name[VMSG_DATA_SEPARATOR]); if (msgDate !=NULL) { MSGSVC_VMSG_APPEND_STR_FREE(buf, buf_size, len, msgDate); MSGSVC_VMSG_APPEND_STR(buf, buf_size, len, MSGSVC_CRLF); @@ -1156,10 +1155,11 @@ char *MsgVMessageEncode(MSG_MESSAGE_INFO_S *pMsg) #endif MSG_DEBUG("FILE SIZE IS %d, %s", fileSize, pFileData); - msgText = (char *)calloc(1, fileSize); - if(pFileData && msgText) - memcpy(msgText, pFileData, fileSize); - + if (fileSize > 0) { + msgText = (char *)calloc(1, fileSize); + if(pFileData && msgText) + memcpy(msgText, pFileData, fileSize); + } pObject->numOfBiData = fileSize; pObject->pszValue[0] = msgText; pObject->valueCount = 1; diff --git a/vobject-engine/VCard.c b/vobject-engine/VCard.c index b622b37..2853176 100755 --- a/vobject-engine/VCard.c +++ b/vobject-engine/VCard.c @@ -1029,7 +1029,7 @@ VTree* vcard_decode(char *pCardRaw) dLen = 0; temp = __VCardGetTypeVal(pCardRaw, &status, &dLen, enc, pVCard->pCur); - if (valueCount <= VDATA_VALUE_COUNT_MAX) { + if (valueCount < VDATA_VALUE_COUNT_MAX) { pVCard->pCur->pszValue[valueCount] = temp; valueCount++; pVCard->pCur->valueCount = valueCount; diff --git a/vobject-engine/VCardCalUtil.c b/vobject-engine/VCardCalUtil.c index 9666807..78988b0 100755 --- a/vobject-engine/VCardCalUtil.c +++ b/vobject-engine/VCardCalUtil.c @@ -503,7 +503,7 @@ _VUnfolding(char *string) /* 12.03.2004 Process garbage character at the end of vcard/vcal */ if (_VIsSpace(string[i]) && (i < len-5)) { - if (string[i-1] == LF || string[i-1] == CR) { + if (i >= 1 && (string[i-1] == LF || string[i-1] == CR)) { if (j < 2) j = 0; else @@ -512,7 +512,7 @@ _VUnfolding(char *string) string[i-1] = 0; } - if (string[i-2] == LF || string[i-2] == CR) { + if (i >= 2 && (string[i-2] == LF || string[i-2] == CR)) { if (j < 1) j = 0; else @@ -635,29 +635,45 @@ _VUnfoldingNoSpecNew(char *string) if (string[i+1] == CR && string[i+2] == LF) { if (__VIsNewType(string) == false) { - j -= 2; + if (j >= 2) + j -= 2; + else + j = 0; i += 2; } } else if (string[i+1] == CR || string[i+1] == LF) { if (__VIsNewType(string) == false) { - j -= 1; + if (j >= 1) + j -= 1; + else + j = 0; i += 1; } } } else if (string[i] == ' ') { - if (string[i-2] == CR && string[i-1] == LF) { - if (__VIsNewType(string) == false) - j -= 3; - else + if (i >= 2 && string[i-2] == CR && string[i-1] == LF) { + if (__VIsNewType(string) == false) { + if (j >= 3) + j -= 3; + else + j = 0; + } else { j -= 1; - } else if (string[i-1] == CR || string[i-1] == LF) { - j -= 2; + } + } else if (i >= 1 && (string[i-1] == CR || string[i-1] == LF)) { + if (j >= 2) + j -= 2; + else + j = 0; } } else if ((string[i] == CR || string[i] == LF) && __VIsNewType(string) == false) { if (string[i+1] == LF) { - j -= 1; + if (j >= 1) + j -= 1; + else + j = 0; i += 1; } } @@ -704,7 +720,7 @@ _VUnfoldingNoSpec(char *string, int vType) i += 2; } } else if (string[i] == WSP || string[i] == TAB) { - if (string[i-2] == CR && string[i-1] == LF) { + if (i >= 2 && string[i-2] == CR && string[i-1] == LF) { string[i] = 0; string[i-1] = 0; string[i-2] = 0; @@ -712,7 +728,7 @@ _VUnfoldingNoSpec(char *string, int vType) j -= 3; else j = 0; - } else if (string[i-1] == CR || string[i-1] == LF) { + } else if (i >= 1 && (string[i-1] == CR || string[i-1] == LF)) { string[i] = 0; string[i-1] = 0; diff --git a/vobject-engine/VMessage.c b/vobject-engine/VMessage.c index 60ea296..2820504 100755 --- a/vobject-engine/VMessage.c +++ b/vobject-engine/VMessage.c @@ -1012,7 +1012,7 @@ VTree* vmsg_decode(char *pMsgRaw) dLen = 0; temp = __VMsgGetTypeVal(pMsgRaw, &status, &dLen, enc, pCurrent->pCur); - if (valueCount <= VDATA_VALUE_COUNT_MAX) { + if (valueCount < VDATA_VALUE_COUNT_MAX) { pCurrent->pCur->pszValue[valueCount] = temp; valueCount++; pCurrent->pCur->valueCount = valueCount; -- 2.7.4