From 8ef16e975dd0b313b6e9cfd84da48bb3693bbb57 Mon Sep 17 00:00:00 2001
From: Susnata <s.sovalin@samsung.com>
Date: Mon, 26 Mar 2018 01:03:17 -0400
Subject: [PATCH] Fix Svace issue of msg-service

Change-Id: Ic9e197fb195e00aa5b993fe2e2cbadd7a4d011d8
Signed-off-by: Susnata <s.sovalin@samsung.com>
---
 framework/storage-handler/MsgStorageManager.cpp | 20 +++++++++++++------
 plugin/mms_plugin/MmsPluginDecode.cpp           |  2 +-
 utils/MsgSmil.cpp                               | 26 +++++++++++++++++++++++--
 utils/MsgVMessage.cpp                           |  9 ++++++++-
 4 files changed, 47 insertions(+), 10 deletions(-)

diff --git a/framework/storage-handler/MsgStorageManager.cpp b/framework/storage-handler/MsgStorageManager.cpp
index ca1e821..8eaf0da 100755
--- a/framework/storage-handler/MsgStorageManager.cpp
+++ b/framework/storage-handler/MsgStorageManager.cpp
@@ -274,7 +274,7 @@ void MsgInitMmapMutex(const char *shm_file_name)
 		return;
 	}
 
-	fchmod(fd, 0666);
+	fchmod(fd, 0644);
 	MSG_DEBUG("** Create SHM FILE **");
 	if (ftruncate(fd, sizeof(pthread_mutex_t)) != 0) {
 		MSG_FATAL("ftruncate errno [%d]", errno);
@@ -686,7 +686,7 @@ msg_error_t MsgStoBackupMessage(msg_message_backup_type_t type, const char *file
 
 			free(encoded_data);
 
-			if (chmod(fileName, 0666) == -1) {
+			if (chmod(fileName, 0644) == -1) {
 				MSG_FATAL("chmod: %s", g_strerror(errno));
 				return MSG_ERR_UNKNOWN;
 			}
@@ -771,10 +771,6 @@ msg_error_t MsgStoRestoreMessage(const char *filepath, msg_id_list_s **result_id
 	VTree* vMsg = NULL;
 	VObject* pObject = NULL;
 	bool isMMS = false;
-
-	msg_id_list_s *msgIdList = NULL;
-	msgIdList = (msg_id_list_s *)calloc(1, sizeof(msg_id_list_s));
-
 	int dataSize = 0;
 
 	char fileName[MSG_FILENAME_LEN_MAX+1];
@@ -784,6 +780,13 @@ msg_error_t MsgStoRestoreMessage(const char *filepath, msg_id_list_s **result_id
 
 	*result_id_list = NULL;
 
+	msg_id_list_s *msgIdList = NULL;
+	msgIdList = (msg_id_list_s *)calloc(1, sizeof(msg_id_list_s));
+	if (!msgIdList) {
+		MSG_DEBUG("calloc failed");
+		err = MSG_ERR_UNKNOWN;
+		goto __RETURN;
+	}
 #ifdef MSG_FOR_DEBUG
 	char sample[10000] = "BEGIN:VMSG\r\nX-MESSAGE-TYPE:SMS\r\nX-IRMC-BOX:INBOX\r\nX-SS-DT:20100709T155811Z\r\nBEGIN:VBODY\r\nX-BODY-SUBJECT:hekseh\r\nX-BODY-CONTENTS;ENCODING=BASE64:aGVsbG93b3JsZA==\r\nEND:VBODY\r\nBEGIN:VCARD\r\nVERSION:2.1\r\nTEL:01736510664\r\nEND:VCARD\r\nEND:VMSG\r\n";
 	vMsg = vmsg_decode(sample);
@@ -1071,6 +1074,11 @@ msg_error_t MsgStoRestoreMessage(const char *filepath, msg_id_list_s **result_id
 
 		if (msgIdList->nCount == 0) {
 			msgIdList->msgIdList = (msg_message_id_t*)calloc(1, sizeof(msg_message_id_t));
+			if (msgIdList->msgIdList == NULL) {
+				MSG_DEBUG("calloc failed");
+				err = MSG_ERR_UNKNOWN;
+				goto __RETURN;
+			}
 		} else {
 			msg_message_id_t * msg_id_list;
 			msg_id_list = (msg_message_id_t*)realloc(msgIdList->msgIdList, sizeof(msg_message_id_t)*(msgIdList->nCount+1));
diff --git a/plugin/mms_plugin/MmsPluginDecode.cpp b/plugin/mms_plugin/MmsPluginDecode.cpp
index c91437f..057a642 100755
--- a/plugin/mms_plugin/MmsPluginDecode.cpp
+++ b/plugin/mms_plugin/MmsPluginDecode.cpp
@@ -4341,7 +4341,7 @@ static char *__MsgConvertLatin2UTF8FileName(char *pSrc)
 			goto __CATCH;
 		}
 
-		memcpy(pUTF8Buff, pSrc, length);
+		memcpy(pUTF8Buff, pSrc, length+1);
 	}
 
 	/* convert hex string */
diff --git a/utils/MsgSmil.cpp b/utils/MsgSmil.cpp
index 7986aa1..031f437 100755
--- a/utils/MsgSmil.cpp
+++ b/utils/MsgSmil.cpp
@@ -361,8 +361,6 @@ int MsgSmilGetElementID(char *pString)
 		return ELEMENT_REF;
 	else if (!strcmp(pString, "animate"))
 		return ELEMENT_ANIMATE;
-	else if (!strcmp(pString, "root-layout"))
-		return ELEMENT_HEAD;
 	else if (!strcmp(pString, "transition"))
 		return ELEMENT_TRANSITION;
 	else if (!strcmp(pString, "meta"))
@@ -1432,6 +1430,10 @@ void MsgSmilParseNode(MMS_MESSAGE_DATA_S *pMmsMsg, xmlNode *a_node, int depth)
 				}
 
 				gMedia = (MMS_MEDIA_S *)calloc(1, sizeof(MMS_MEDIA_S));
+				if (!gMedia) {
+					MSG_DEBUG("calloc for gMedia is failed");
+					return;
+				}
 				gMedia->mediatype = MMS_SMIL_MEDIA_TEXT;
 				gCmd[ELEMENT_TEXT] = true;
 				break;
@@ -1443,6 +1445,10 @@ void MsgSmilParseNode(MMS_MESSAGE_DATA_S *pMmsMsg, xmlNode *a_node, int depth)
 				}
 
 				gMedia = (MMS_MEDIA_S *)calloc(1, sizeof(MMS_MEDIA_S));
+				if (!gMedia) {
+					MSG_DEBUG("calloc for gMedia is failed");
+					return;
+				}
 				gMedia->mediatype = MMS_SMIL_MEDIA_IMG;
 				gCmd[ELEMENT_IMG] = true;
 				break;
@@ -1454,6 +1460,10 @@ void MsgSmilParseNode(MMS_MESSAGE_DATA_S *pMmsMsg, xmlNode *a_node, int depth)
 				}
 
 				gMedia = (MMS_MEDIA_S *)calloc(1, sizeof(MMS_MEDIA_S));
+				if (!gMedia) {
+					MSG_DEBUG("calloc for gMedia is failed");
+					return;
+				}
 				gMedia->mediatype = MMS_SMIL_MEDIA_AUDIO;
 				gCmd[ELEMENT_AUDIO] = true;
 				break;
@@ -1465,6 +1475,10 @@ void MsgSmilParseNode(MMS_MESSAGE_DATA_S *pMmsMsg, xmlNode *a_node, int depth)
 				}
 
 				gMedia = (MMS_MEDIA_S *)calloc(1, sizeof(MMS_MEDIA_S));
+				if (!gMedia) {
+					MSG_DEBUG("calloc for gMedia is failed");
+					return;
+				}
 				gMedia->mediatype = MMS_SMIL_MEDIA_VIDEO;
 				gCmd[ELEMENT_VIDEO] = true;
 				break;
@@ -1476,6 +1490,10 @@ void MsgSmilParseNode(MMS_MESSAGE_DATA_S *pMmsMsg, xmlNode *a_node, int depth)
 				}
 
 				gMedia = (MMS_MEDIA_S *)calloc(1, sizeof(MMS_MEDIA_S));
+				if (!gMedia) {
+					MSG_DEBUG("calloc for gMedia is failed");
+					return;
+				}
 				gMedia->mediatype = MMS_SMIL_MEDIA_IMG_OR_VIDEO;
 				gCmd[ELEMENT_REF] = true;
 				break;
@@ -1487,6 +1505,10 @@ void MsgSmilParseNode(MMS_MESSAGE_DATA_S *pMmsMsg, xmlNode *a_node, int depth)
 				}
 
 				gMedia = (MMS_MEDIA_S *)calloc(1, sizeof(MMS_MEDIA_S));
+				if (!gMedia) {
+					MSG_DEBUG("calloc for gMedia is failed");
+					return;
+				}
 				gMedia->mediatype = MMS_SMIL_MEDIA_ANIMATE;
 				gCmd[ELEMENT_ANIMATE] = true;
 				break;
diff --git a/utils/MsgVMessage.cpp b/utils/MsgVMessage.cpp
index 109da57..4402ab2 100755
--- a/utils/MsgVMessage.cpp
+++ b/utils/MsgVMessage.cpp
@@ -1482,7 +1482,11 @@ static void __msgsvc_vmsg_get_prefix(char **prefix, char *src)
 	if (temp) {
 		long len = (long)temp - (long)src;
 		*prefix = (char *)calloc(len+1, sizeof(char));
-		snprintf(*prefix, len+1, "%s", src);
+		if (*prefix) {
+			snprintf(*prefix, len+1, "%s", src);
+		} else {
+			*prefix = NULL;
+		}
 	} else {
 		*prefix = NULL;
 	}
@@ -1638,6 +1642,9 @@ static char* __msgsvc_vmsg_decode_base64_val(char *val)
 	decoded_str = g_base64_decode(src, &size);
 
 	dest = (char *)calloc((src-val)+size+1, sizeof(char));
+	if (NULL == dest) {
+		return NULL;
+	}
 	snprintf(dest, (src-val)+1, "%s", val);
 	snprintf(dest+(src-val), size+1, "%s", decoded_str);
 	g_free(decoded_str);
-- 
2.7.4