From 297846934e51193e2bf9d718b21cecdc104d0750 Mon Sep 17 00:00:00 2001 From: Bang Kwang min Date: Wed, 29 Aug 2012 10:35:16 +0900 Subject: [PATCH] fix INTEGER OVERFLOW [Title] INTEGER OVERFLOW [Issue#] N/A [Problem] N/A [Cause] N/A [Solution] N/A [SCMRequest] N/A Change-Id: Ife83905c713a04a9a741afa940fde527122ab07a --- src/download-provider-ipc.c | 12 ++++++++---- src/download-provider-notification.c | 5 +++-- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/src/download-provider-ipc.c b/src/download-provider-ipc.c index 18627a8..835c387 100644 --- a/src/download-provider-ipc.c +++ b/src/download-provider-ipc.c @@ -143,7 +143,8 @@ int ipc_receive_request_msg(download_clientinfo *clientinfo) TRACE_DEBUG_MSG("failed to read message header"); return -1; } - if (clientinfo->requestinfo->client_packagename.length > 1) { + if (clientinfo->requestinfo->client_packagename.length > 1 + && clientinfo->requestinfo->client_packagename.length < DP_MAX_STR_LEN) { clientinfo->requestinfo->client_packagename.str = (char *) calloc((clientinfo->requestinfo->client_packagename.length + @@ -166,7 +167,8 @@ int ipc_receive_request_msg(download_clientinfo *clientinfo) clientinfo->requestinfo->client_packagename. str); } - if (clientinfo->requestinfo->url.length > 1) { + if (clientinfo->requestinfo->url.length > 1 + && clientinfo->requestinfo->url.length < DP_MAX_URL_LEN) { clientinfo->requestinfo->url.str = (char *)calloc((clientinfo->requestinfo->url.length + 1), sizeof(char)); @@ -182,7 +184,8 @@ int ipc_receive_request_msg(download_clientinfo *clientinfo) TRACE_DEBUG_INFO_MSG("request url [%s]", clientinfo->requestinfo->url.str); } - if (clientinfo->requestinfo->install_path.length > 1) { + if (clientinfo->requestinfo->install_path.length > 1 + && clientinfo->requestinfo->install_path.length < DP_MAX_PATH_LEN) { clientinfo->requestinfo->install_path.str = (char *) calloc((clientinfo->requestinfo->install_path.length + 1), @@ -204,7 +207,8 @@ int ipc_receive_request_msg(download_clientinfo *clientinfo) TRACE_DEBUG_INFO_MSG("request install_path [%s]", clientinfo->requestinfo->install_path.str); } - if (clientinfo->requestinfo->filename.length > 1) { + if (clientinfo->requestinfo->filename.length > 1 + && clientinfo->requestinfo->filename.length < DP_MAX_STR_LEN) { clientinfo->requestinfo->filename.str = (char *) calloc((clientinfo->requestinfo->filename.length + 1), diff --git a/src/download-provider-notification.c b/src/download-provider-notification.c index 1ce130d..0bbc4de 100644 --- a/src/download-provider-notification.c +++ b/src/download-provider-notification.c @@ -113,7 +113,7 @@ bool download_provider_appfw_notification_cb(ui_notification_h notification, TRACE_DEBUG_MSG("content [%s]", content); // relatively unique - if (title && clientinfo->downloadinfo->content_name) { + if (title) { int title_length = strlen(title); int content_name_length = strlen(clientinfo->downloadinfo->content_name); @@ -125,6 +125,7 @@ bool download_provider_appfw_notification_cb(ui_notification_h notification, } // Only when matched title. if (checkInfo && content) { + checkInfo = false; char *failed_content = __get_string_status(DOWNLOAD_STATE_FAILED); if (failed_content) { @@ -275,7 +276,7 @@ int create_appfw_notification(download_clientinfo *clientinfo, bool ongoing) if (!ongoing) { // view the special viewer by contents if (clientinfo->downloadinginfo - && clientinfo->downloadinginfo->saved_path + && sizeof(clientinfo->downloadinginfo->saved_path) > 0 && clientinfo->state == DOWNLOAD_STATE_FINISHED) { if (service_set_operation (clientinfo->service_handle, -- 2.7.4