From c6b7badd297ef6e2b674fce8e8ac0af8b3f1107e Mon Sep 17 00:00:00 2001 From: Suyeon Hwang Date: Fri, 28 Oct 2022 15:24:43 +0900 Subject: [PATCH] Use setter to set invocation name safely - Issue: The invocation name previously set can be leaked. - Solution: The invocation name parameter is set by __vc_db_insert_commands_list() without checking invocation itself. In most cases, invocation name is not set by this function, but in special cases, memory leak can occurred if use repeatedely set command list. Thus, this patch prevents leak using setter function. The setter function checks the invocation name paraemeter and safely changes it. Change-Id: Ibe373fd51d5c2880ccea1d2b6699cd5614ffe49c Signed-off-by: Suyeon Hwang --- common/vc_cmd_db.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/common/vc_cmd_db.c b/common/vc_cmd_db.c index 8db3d37..9d572d0 100644 --- a/common/vc_cmd_db.c +++ b/common/vc_cmd_db.c @@ -2284,10 +2284,10 @@ static int __vc_db_insert_commands_list(sqlite3* db_handle, int pid, vc_cmd_type } if (type == temp_cmd->type) { - if (NULL != invocation_name) - temp_cmd->invocation_name = strdup(invocation_name); + int ret = vc_cmd_set_invocation_name((vc_cmd_h)temp_cmd, invocation_name); + SLOG(LOG_DEBUG, vc_db_tag(), "Set invocation to command, ret(%d)", ret); - int ret = __vc_db_insert_command(db_handle, pid, type, temp_cmd, skip_invocation); + ret = __vc_db_insert_command(db_handle, pid, type, temp_cmd, skip_invocation); if (ret != VC_DB_ERROR_NONE) { SLOG(LOG_ERROR, vc_db_tag(), "Fail to insert command, ret(%d)", ret); return ret; -- 2.7.4