projects / platform / core / security / security-manager.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a5a056f) | patch
Fix security server API argument validation
authorMarcin Lis <m.lis@samsung.com>
Thu, 29 Aug 2013 10:10:17 +0000 (12:10 +0200)
committerBartlomiej Grzelewski <b.grzelewski@samsung.com>
Thu, 6 Feb 2014 16:13:22 +0000 (17:13 +0100)
commitec8076dc1abe3adf1738f561b97f727093154cc9
tree617c0984644e06cf9aafd36fbcdb74c62904bc49tree | snapshot
parenta5a056f80be9f5955475026da57b73e57e8d263ccommit | diff
Fix security server API argument validation

[Issue#]       SSDWSSP-332
[Bug]          Potential bug, bad parameters (f.e. pid) may be used in two
               functions.
[Cause]        Two API functions does not validate all given arguments.
               Also there is a risk of unsigned int overflow when calculating
               password validity (when changing from days to seconds).
[Solution]     Checking existence of a process with given pid added.
               Unsigned int overflow protection is added.
               Also argument validation added to API function.
[Verification] Build, install and run tests.

Change-Id: Ia8e9528462e31220faf88c72c111b7f0efc03681
src/server/security-server-password.c diff | blob | history
src/server2/client/client-privilege-by-pid.cpp diff | blob | history
Domain: Security / Access Control;