From 9554f00a77b82b1a2c62af170a213ad3cd288a9d Mon Sep 17 00:00:00 2001 From: Abhimanyu Swami Date: Thu, 25 Feb 2021 18:16:12 +0530 Subject: [PATCH] SVACE issue fix Change-Id: I8565465f0b4584df45bd62a2f94839a64316aae4 Signed-off-by: Abhimanyu Swami --- framework/storage-handler/MsgStorageFolder.cpp | 5 +++++ plugin/sms_plugin/3gpp2/Sms3gpp2Codec.cpp | 9 +++++++-- utils/MsgUtilStorage.cpp | 20 ++++++++++++++++++++ utils/MsgVMessage.cpp | 3 +++ 4 files changed, 35 insertions(+), 2 deletions(-) diff --git a/framework/storage-handler/MsgStorageFolder.cpp b/framework/storage-handler/MsgStorageFolder.cpp index 1688fec..bf12ef3 100755 --- a/framework/storage-handler/MsgStorageFolder.cpp +++ b/framework/storage-handler/MsgStorageFolder.cpp @@ -133,6 +133,11 @@ msg_error_t MsgStoGetFolderList(msg_struct_list_s *pFolderList) pFolderList->msg_struct_info = (msg_struct_t *)calloc(rowCnt, sizeof(MSG_FOLDER_INFO_S *)); + if (pFolderList->msg_struct_info == NULL){ + dbHandle->freeTable(); + return MSG_ERR_NULL_POINTER; + } + msg_struct_s* pTmp = NULL; for (int i = 0; i < rowCnt; i++) { diff --git a/plugin/sms_plugin/3gpp2/Sms3gpp2Codec.cpp b/plugin/sms_plugin/3gpp2/Sms3gpp2Codec.cpp index 7ac659f..5a92d5b 100755 --- a/plugin/sms_plugin/3gpp2/Sms3gpp2Codec.cpp +++ b/plugin/sms_plugin/3gpp2/Sms3gpp2Codec.cpp @@ -2070,7 +2070,7 @@ int Sms3gpp2MsgCodec::decodeAbsTime(const unsigned char *p_pkg_str, sms_3gpp2_ti int Sms3gpp2MsgCodec::encodeUserData(const unsigned char* src, unsigned char *dest, int src_size) { - int i, j; + int i, j = 0; int shift = 0; unsigned char *tmp = (unsigned char *)calloc(1, src_size+1); @@ -2078,7 +2078,11 @@ int Sms3gpp2MsgCodec::encodeUserData(const unsigned char* src, unsigned char *de tmp[i] = src[i] << 1; } - j = 0; + if (tmp == NULL){ + MSG_ERR("failed to allocate memory"); + goto END; + } + for (i = 0; i < src_size; i++) { shift = j % 7; dest[j++] = (tmp[i] << shift) + (tmp[i+1] >> (7-shift)); @@ -2092,6 +2096,7 @@ int Sms3gpp2MsgCodec::encodeUserData(const unsigned char* src, unsigned char *de tmp = NULL; } +END: return j; } diff --git a/utils/MsgUtilStorage.cpp b/utils/MsgUtilStorage.cpp index 04d6d76..8dfcb78 100755 --- a/utils/MsgUtilStorage.cpp +++ b/utils/MsgUtilStorage.cpp @@ -654,6 +654,11 @@ msg_error_t MsgStoGetAddressByConvId(MsgDbHandler *pDbHandle, msg_thread_id_t co pAddrlist->msg_struct_info = (msg_struct_t *)calloc(rowCnt, sizeof(msg_struct_t)); + if (pAddrlist->msg_struct_info == NULL){ + pDbHandle->freeTable(); + return MSG_ERR_NULL_POINTER; + } + for (int i = 0; i < rowCnt; i++) { pAddrlist->msg_struct_info[i] = (msg_struct_t)new msg_struct_s; pTmp = (msg_struct_s *)pAddrlist->msg_struct_info[i]; @@ -1753,6 +1758,11 @@ msg_error_t MsgStoGetThreadViewList(const MSG_SORT_RULE_S *pSortRule, msg_struct pThreadViewList->msg_struct_info = (msg_struct_t *)calloc(rowCnt, sizeof(msg_struct_t)); + if (pThreadViewList->msg_struct_info == NULL){ + dbHandle->freeTable(); + return MSG_ERR_NULL_POINTER; + } + MSG_THREAD_VIEW_S *pTmp = NULL; msg_struct_s *thread_t = NULL; @@ -2222,6 +2232,11 @@ msg_error_t MsgStoGetConversationViewList(msg_thread_id_t threadId, msg_struct_l pConvViewList->msg_struct_info = (msg_struct_t *)calloc(rowCnt, sizeof(msg_struct_t)); memset(pConvViewList->msg_struct_info, 0x00, sizeof(msg_struct_t) * rowCnt); + if (pConvViewList->msg_struct_info == NULL){ + dbHandle->freeTable(); + return MSG_ERR_NULL_POINTER; + } + msg_struct_s *conv = NULL; MSG_CONVERSATION_VIEW_S *pTmp = NULL; @@ -2533,6 +2548,11 @@ msg_error_t MsgStoGetRejectMsgList(const char *pNumber, msg_struct_list_s *pReje msg_struct_s* pTmp = NULL; + if (pRejectMsgList->msg_struct_info == NULL){ + dbHandle->freeTable(); + return MSG_ERR_NULL_POINTER; + } + for (int i = 0; i < rowCnt; i++) { pRejectMsgList->msg_struct_info[i] = (msg_struct_t)new msg_struct_s; diff --git a/utils/MsgVMessage.cpp b/utils/MsgVMessage.cpp index ba17cdd..39ba518 100755 --- a/utils/MsgVMessage.cpp +++ b/utils/MsgVMessage.cpp @@ -628,6 +628,9 @@ static inline int __msgsvc_vmsg_add_folding(char **buf, int *buf_size, int buf_l buf_copy = (char *)calloc(1, *buf_size); + if (buf_copy == NULL) + return -1; + s = *buf; r = buf_copy; len = result_len = 0; -- 2.7.4