From 3c49607ce6f0b22bacc04fa7efa5603bb2752513 Mon Sep 17 00:00:00 2001 From: Yunmi Ha Date: Wed, 30 Nov 2016 16:37:57 +0900 Subject: [PATCH] Fix some security holes - Uninitialized data is read from local variable : Add initializing logic - unreachable code : Add string length chekcing logic Change-Id: I595494f01046b69b7afec6facd0cf1701e72f965 Signed-off-by: Yunmi Ha --- src/common/tlm-utils.c | 6 +++--- src/utils/tlm-client.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) mode change 100644 => 100755 src/utils/tlm-client.c diff --git a/src/common/tlm-utils.c b/src/common/tlm-utils.c index 22c3ea9..cc04208 100755 --- a/src/common/tlm-utils.c +++ b/src/common/tlm-utils.c @@ -61,7 +61,7 @@ g_clear_string (gchar **str) gchar * tlm_user_get_name (uid_t user_id) { - struct passwd *pwent; + struct passwd *pwent = NULL; struct passwd buf_pwent; gchar *buf = NULL, *tmp = NULL, *pw_name = NULL; gsize size = sysconf(_SC_GETPW_R_SIZE_MAX); @@ -162,7 +162,7 @@ tlm_user_get_gid (const gchar *username) gchar * tlm_user_get_home_dir (const gchar *username) { - struct passwd *pwent; + struct passwd *pwent = NULL; struct passwd buf_pwent; gchar *buf = NULL, *tmp = NULL, *pw_dir = NULL; gsize size = sysconf(_SC_GETPW_R_SIZE_MAX); @@ -197,7 +197,7 @@ tlm_user_get_home_dir (const gchar *username) gchar * tlm_user_get_shell (const gchar *username) { - struct passwd *pwent; + struct passwd *pwent = NULL; struct passwd buf_pwent; gchar *buf = NULL, *tmp = NULL, *pw_shell = NULL; gsize size = sysconf(_SC_GETPW_R_SIZE_MAX); diff --git a/src/utils/tlm-client.c b/src/utils/tlm-client.c old mode 100644 new mode 100755 index 7551f61..1d07747 --- a/src/utils/tlm-client.c +++ b/src/utils/tlm-client.c @@ -94,7 +94,7 @@ _setup_daemon () if (env_val) bin_path = env_val; #endif - if(!bin_path) { + if(!bin_path || strlen(bin_path) == 0) { WARN("No TLM daemon bin path found"); return FALSE; } -- 2.7.4