From 9f5a0f4bb5efb33a8d6cc72fd274ef11042cd73a Mon Sep 17 00:00:00 2001 From: Yunhee Seo Date: Mon, 18 Nov 2024 13:13:57 +0900 Subject: [PATCH] sound: Replace insecure string comparison macro to strncmp The MATCH macro from the libsyscommon was omitted secure string length comparison. When comparing strings with the strncmp function, it is safer to use a parameter length of strlen + 1. For clear comparison, strings are compared by the length of the literal string. Change-Id: I014c7a2d97a97584ba7f1f0c4a4b7b6681a69048 Signed-off-by: Yunhee Seo --- src/sound-parser.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/sound-parser.c b/src/sound-parser.c index 4c43a98..e792bef 100644 --- a/src/sound-parser.c +++ b/src/sound-parser.c @@ -76,17 +76,17 @@ static int parse_sound_theme_property(gpointer data, gpointer user_data) if (!prop || !sound_theme_elem) return 0; - if (MATCH(prop->key, "SoundThemeId")) { + if (!strncmp(prop->key, "SoundThemeId", strlen("SoundThemeId") + 1)) { sscanf(prop->value, "%d", (&sound_theme_elem->id)); if (sound_theme_elem->id < 0) return -EPERM; - } else if (MATCH(prop->key, "SoundThemePath")) { + } else if (!strncmp(prop->key, "SoundThemePath", strlen("SoundThemePath") + 1)) { int str_len = sizeof(prop->value); sound_theme_elem->conf_file_path = strndup(prop->value, str_len); - } else if (MATCH(prop->key, "SoundThemeDefault")) { - if (MATCH(prop->value, "yes")) + } else if (!strncmp(prop->key, "SoundThemeDefault", strlen("SoundThemeDefault") + 1)) { + if (!strncmp(prop->value, "yes", strlen("yes") + 1)) sound_theme_elem->is_default = 1; - else if (MATCH(prop->value, "no")) + else if (!strncmp(prop->value, "no", strlen("no") + 1)) sound_theme_elem->is_default = 0; else return -EPERM; @@ -109,7 +109,7 @@ static int parse_sound_theme_section(const struct parse_result *result, void *da if (!result || !result->props) return 0; - if (!MATCH("SoundTheme", result->section)) + if (strncmp("SoundTheme", result->section, strlen("SoundTheme") + 1)) return 0; SYS_G_LIST_FOREACH(result->props, temp_glist, extracted_section_prop) { @@ -151,7 +151,7 @@ static int parse_sound_section(const struct parse_result *result, void *data) if (!result || !result->props) return 0; - if (MATCH(result->section, "Sound")) { + if (!strncmp(result->section, "Sound", strlen("Sound") + 1)) { if (is_default_theme_id_set()) { _E("Failed to parse sound conf file, please check conf file description and follow the rules"); return -EINVAL; @@ -217,7 +217,7 @@ static int parse_sound_property(const struct parse_result *result, void *data) if (!data) return -EINVAL; - if (!MATCH(result->section, "Sound")) + if (strncmp(result->section, "Sound", strlen("Sound") + 1)) return 0; sound_config_info = (GHashTable*)data; @@ -269,7 +269,7 @@ static int parse_sound_pattern_priority_property(const struct parse_result *resu if (!data) return -EINVAL; - if (!MATCH("SoundPatternPriority", result->section)) + if (strncmp("SoundPatternPriority", result->section, strlen("SoundPatternPriority") + 1)) return 0; sound_config_info = (GHashTable*)data; -- 2.7.4