From c8dfff71aaa6c1d23efa76399166b57a8b4d9363 Mon Sep 17 00:00:00 2001 From: Bhanu Singh Rao Date: Fri, 18 Oct 2013 18:05:47 +0530 Subject: [PATCH] Applied sizeof operator on fixed sized array to calculate size. Change-Id: If35099cea95c074ed2a0a1703aa9d033b8a7398f Signed-off-by: Bhanu Singh Rao --- src/security/cert/FSecCert_CertDbManager.cpp | 79 ++++++++++++++-------------- src/security/cert/FSecCert_CertFileStore.cpp | 2 +- src/security/cert/FSecCert_CertManager.cpp | 18 +++---- 3 files changed, 49 insertions(+), 50 deletions(-) diff --git a/src/security/cert/FSecCert_CertDbManager.cpp b/src/security/cert/FSecCert_CertDbManager.cpp index 71ddfe2..a49bb1e 100644 --- a/src/security/cert/FSecCert_CertDbManager.cpp +++ b/src/security/cert/FSecCert_CertDbManager.cpp @@ -152,7 +152,7 @@ _CertDbManager::RemoveCaCertificateByType(_CaCertType certType) char condition[_MAX_TYPE_CONST_SIZE] = {0, }; char installed[_MAX_TYPE_RECORD_SIZE] = "T\0"; - snprintf(condition, _MAX_TYPE_CONST_SIZE, "certType = %d and installed = '%s'", certType, installed); + snprintf(condition, sizeof(condition), "certType = %d and installed = '%s'", certType, installed); r = __caCertDbStore.RemoveAllCertificateByCondition(reinterpret_cast< byte* >(condition)); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "Failed to delete all the certificate tables in database."); @@ -167,7 +167,7 @@ _CertDbManager::RemoveUserCaCertificateByCertId(int certId) char condition[_MAX_TYPE_CONST_SIZE] = {0, }; char installed[_MAX_TYPE_RECORD_SIZE] = "T\0"; - snprintf(condition, _MAX_TYPE_CONST_SIZE, "certId = %d and certType = %d and installed = '%s'", certId, _CERT_TYPE_ROOT_CA_BY_USER, installed); + snprintf(condition, sizeof(condition), "certId = %d and certType = %d and installed = '%s'", certId, _CERT_TYPE_ROOT_CA_BY_USER, installed); r = __caCertDbStore.RemoveAllCertificateByCondition(reinterpret_cast< byte* >(condition)); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "Failed to delete all the certificate tables in database."); @@ -227,8 +227,8 @@ _CertDbManager::InsertCaCertificateFromBuffer(_CaCertType certType, _CertFormat SysTryReturnResult(NID_SEC_CERT, lenSubjectName < _MAX_ISSUER_SUBJECT_NAME_SIZE, E_SYSTEM, "Subject name is more then maximum specified length."); SysTryReturnResult(NID_SEC_CERT, lenIssuerName < _MAX_ISSUER_SUBJECT_NAME_SIZE, E_SYSTEM, "Subject name is more then maximum specified length."); - strncpy(subjectName, reinterpret_cast< const char* >(pTbsCert->GetSubjectName()),lenSubjectName); - strncpy(issuerName, reinterpret_cast< const char* >(pTbsCert->GetIssuerName()),lenIssuerName); + snprintf(subjectName, sizeof(subjectName), "%s", reinterpret_cast< const char* >(pTbsCert->GetSubjectName())); + snprintf(issuerName, sizeof(issuerName), "%s", reinterpret_cast< const char* >(pTbsCert->GetIssuerName())); pTbsCert->GetSerialNumber(pSerial, reinterpret_cast< int& >(lenSerialNo)); if ((lenSerialNo <= 0) || (lenSerialNo > _MAX_SERIAL_NUMBER_SIZE)) @@ -302,7 +302,7 @@ _CertDbManager::InsertCaCertificateFromBuffer(_CaCertType certType, _CertFormat SysTryReturnResult(NID_SEC_CERT, pFileName != null, E_SYSTEM, "Failed to get file attributes."); int len = strlen(pFileName.get()); - strncpy(certRecord.fileName, pFileName.get(), len); + snprintf(certRecord.fileName, sizeof(certRecord.fileName), "%s", pFileName.get()); certRecord.subjectNameLen = lenSubjectName; memcpy(certRecord.subjectName, subjectName, lenSubjectName); @@ -379,7 +379,7 @@ _CertDbManager::UpdateCaCertificateFromBuffer(_CaCertType certType, _CertFormat r = _Base64::Encode(pTbsCert->GetSubjectName(), lenSubjectName, subjectNameBase64, subjNameB64len); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r), E_ENCODING_FAILED, "Failed to encode data in base 64 encoding."); - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "subjectName = '%s' and certType = %d and installed = '%s'", subjectNameBase64, certType, installed); + snprintf(condition, sizeof(condition), "subjectName = '%s' and certType = %d and installed = '%s'", subjectNameBase64, certType, installed); r = __caCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &certRecord); SysTryReturn(NID_SEC_CERT, !IsFailed(r), r, r, "[%s] Failed to get certificates record.", GetErrorMessage(r)); @@ -399,11 +399,8 @@ _CertDbManager::UpdateCaCertificateFromBuffer(_CaCertType certType, _CertFormat pNewTbsCert = pNewCert->GetTbsCertInstance(); SysTryReturnResult(NID_SEC_CERT, pNewTbsCert != null, E_SYSTEM, "Failed to get certificate to be signed instance."); - lenSubjectName = strlen(reinterpret_cast< char* >(pNewTbsCert->GetSubjectName())); - lenIssuerName = strlen(reinterpret_cast< char* >(pNewTbsCert->GetIssuerName())); - - strncpy(newSubjectName, reinterpret_cast< const char* >(pNewTbsCert->GetSubjectName()),lenSubjectName); - strncpy(newIssuerName, reinterpret_cast< const char* >(pNewTbsCert->GetIssuerName()),lenIssuerName); + snprintf(newSubjectName, sizeof(newSubjectName), "%s", reinterpret_cast< const char* >(pNewTbsCert->GetSubjectName())); + snprintf(newIssuerName, sizeof(newIssuerName), "%s", reinterpret_cast< const char* >(pNewTbsCert->GetIssuerName())); lenNewSubjectName = strlen(newSubjectName); lenNewIssuerName = strlen(newIssuerName); @@ -430,7 +427,7 @@ _CertDbManager::UpdateCaCertificateFromBuffer(_CaCertType certType, _CertFormat SysTryReturnResult(NID_SEC_CERT, pFileName != null, E_OPERATION_FAILED, "Failed to get file name."); int len = strlen(pFileName.get()); - strncpy(certRecord1.fileName, pFileName.get(), len); + snprintf(certRecord1.fileName, sizeof(certRecord1.fileName), "%s", pFileName.get()); certRecord1.subjectNameLen = lenNewSubjectName; memcpy(certRecord1.subjectName, newSubjectName, lenNewSubjectName); @@ -509,7 +506,7 @@ _CertDbManager::RemoveCertificateChainByCertId(int certId) memset(&userCertRecord, 0, sizeof(userCertRecord)); memset(condition, 0, _MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE); - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "certId = %d", certId); + snprintf(condition, sizeof(condition), "certId = %d", certId); r = __userCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &userCertRecord); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r) || r == E_DATA_NOT_FOUND, E_SYSTEM, "Failed to get certificate record."); SysTryReturnResult(NID_SEC_CERT, r != E_DATA_NOT_FOUND, E_SUCCESS, "No such record found."); @@ -554,22 +551,22 @@ _CertDbManager::GetCaCertificateId(byte* pSubjectName, int subjectNameSize, byte if (certType == _CERT_TYPE_NOT_BOUNDED) { - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "subjectName = '%s' and issuerName = '%s' and installed = '%s'", subjectNameBase64, issuerNameBase64, installed); + snprintf(condition, sizeof(condition), "subjectName = '%s' and issuerName = '%s' and installed = '%s'", subjectNameBase64, issuerNameBase64, installed); } else { - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "subjectName = '%s' and issuerName = '%s' and certType = %d and installed = '%s'", subjectNameBase64, issuerNameBase64, certType, installed); + snprintf(condition, sizeof(condition), "subjectName = '%s' and issuerName = '%s' and certType = %d and installed = '%s'", subjectNameBase64, issuerNameBase64, certType, installed); } } else { if (certType == _CERT_TYPE_NOT_BOUNDED) { - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "subjectName = '%s' and installed = '%s'", subjectNameBase64, installed); + snprintf(condition, sizeof(condition), "subjectName = '%s' and installed = '%s'", subjectNameBase64, installed); } else { - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "subjectName = '%s' and certType = %d and installed = '%s'", subjectNameBase64, certType, installed); + snprintf(condition, sizeof(condition), "subjectName = '%s' and certType = %d and installed = '%s'", subjectNameBase64, certType, installed); } } @@ -612,11 +609,11 @@ _CertDbManager::GetUserCertificateId(byte* pSubjectName, int subjectNameSize, by r = _Base64::Encode(reinterpret_cast< byte* >(pIssuerName), issuerNameSize, issuerNameBase64, issuerB64len); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r), E_ENCODING_FAILED, "Failed to encode data in base 64 encoding."); - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_ISSUER_SUBJECT_NAME_SIZE), "subjectName = '%s' and issuerName = '%s' and installed = '%s'", subjectNameBase64, issuerNameBase64, installed); + snprintf(condition, sizeof(condition), "subjectName = '%s' and issuerName = '%s' and installed = '%s'", subjectNameBase64, issuerNameBase64, installed); } else { - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_ISSUER_SUBJECT_NAME_SIZE), "subjectName = '%s' and installed = '%s'", subjectNameBase64, installed); + snprintf(condition, sizeof(condition), "subjectName = '%s' and installed = '%s'", subjectNameBase64, installed); } r = __userCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &userCertRecord); @@ -652,7 +649,8 @@ _CertDbManager::DeleteCertificateChain(int devCertId, int devParentCA) memset(condition, 0, _MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE); - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "parentCa = %d and installed = '%s'", devParentCA, installed); + snprintf(condition, sizeof(condition), "parentCa = %d and installed = '%s'", devParentCA, installed); + //Check if any other device certificate has same parent as of referred device certificare. If it is yes then we //delete only device certificate and return. We cannot disturb another chain. __userCertDbStore.GetCountByCondition(reinterpret_cast< byte* >(&condition), recCount); @@ -708,7 +706,7 @@ _CertDbManager::DeleteCertificateChain(int devCertId, int devParentCA) } caCertId = caParentCa; // Now look for next certificate in chain memset(condition, 0, _MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE); - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "certId = %d and installed = '%s'", devParentCA, installed); + snprintf(condition, sizeof(condition), "certId = %d and installed = '%s'", devParentCA, installed); memset(&certRecord, 0, sizeof(certRecord)); r = __caCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &certRecord); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r) || r == E_DATA_NOT_FOUND, E_SYSTEM, "Failed to get certificate record."); @@ -734,7 +732,7 @@ _CertDbManager::GetCertificateListByFormat(_CertFormat certFormat, _CertificateL char installed[_MAX_TYPE_RECORD_SIZE] = "T\0"; char condition[_MAX_TYPE_CONST_SIZE] = {0, }; - snprintf(condition, _MAX_TYPE_CONST_SIZE, "certFormat = %d and certType != %d and installed = '%s'", certFormat, _CERT_TYPE_INTERMIDIATE_CA, installed); + snprintf(condition, sizeof(condition), "certFormat = %d and certType != %d and installed = '%s'", certFormat, _CERT_TYPE_INTERMIDIATE_CA, installed); r = __caCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &certRecord); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r) || r == E_DATA_NOT_FOUND, E_SYSTEM, "Failed to get certificate record."); @@ -805,7 +803,7 @@ _CertDbManager::GetUserCertificateListByFormat(_CertFormat certFormat, _Certific *ppCertList = null; - snprintf(condition, _MAX_TYPE_CONST_SIZE, "certFormat = %d and installed = '%s'", certFormat, installed); + snprintf(condition, sizeof(condition), "certFormat = %d and installed = '%s'", certFormat, installed); r = __userCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &certRecord); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r) || r == E_DATA_NOT_FOUND, E_SYSTEM, "Failed to get certificate record."); @@ -873,7 +871,7 @@ _CertDbManager::GetCaCertificateListByCertId(int certId, _CertificateListInfo** char condition[_MAX_TYPE_CONST_SIZE] = {0, }; *ppCertList = null; - snprintf(condition, _MAX_TYPE_CONST_SIZE, "certId = %d and certType != %d and installed = '%s'", certId, _CERT_TYPE_INTERMIDIATE_CA, installed); + snprintf(condition, sizeof(condition), "certId = %d and certType != %d and installed = '%s'", certId, _CERT_TYPE_INTERMIDIATE_CA, installed); r = __caCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &certRecord); SysTryReturn(NID_SEC_CERT, !IsFailed(r), r, r, "[%s] Failed to get certificate record.", GetErrorMessage(r)); @@ -916,7 +914,7 @@ _CertDbManager::GetUserCertificateListByCertId(int certId, _CertificateListInfo* SysTryReturnResult(NID_SEC_CERT, ppCertList != null, E_INVALID_ARG, "Invalid input arguments."); SysTryReturnResult(NID_SEC_CERT, certId > 0, E_INVALID_ARG, "Invalid input arguments."); - snprintf(condition, _MAX_TYPE_CONST_SIZE, "certId = %d and installed = '%s'", certId, installed); + snprintf(condition, sizeof(condition), "certId = %d and installed = '%s'", certId, installed); r = __userCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &certRecord); SysTryReturn(NID_SEC_CERT, !IsFailed(r), r, r, "[%s] Failed to get certificate record.", GetErrorMessage(r)); @@ -995,7 +993,7 @@ _CertDbManager::FindIssuerCertificateAndTypeN(_CertFormat certFormat, char* pIss r = _Base64::Encode(reinterpret_cast< byte* >(pIssuerName), strlen(pIssuerName), issuerNameBase64, issuerNameB64len); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r), E_ENCODING_FAILED, "Failed to encode data in base 64 encoding."); - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_OFFSET_CONST_SIZE), "subjectName = '%s' and certFormat = %d and installed = '%s'", issuerNameBase64, certFormat, installed); + snprintf(condition, sizeof(condition), "subjectName = '%s' and certFormat = %d and installed = '%s'", issuerNameBase64, certFormat, installed); r = __caCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &certRecord); SysTryReturn(NID_SEC_CERT, !IsFailed(r), r, r, "[%s] Failed to get certificate record.", GetErrorMessage(r)); @@ -1041,7 +1039,7 @@ _CertDbManager::FindIssuerCertificateByTypeN(_CertFormat certFormat, _CaCertType r = _Base64::Encode(reinterpret_cast< byte* >(pIssuerName), strlen(pIssuerName), issuerNameBase64, issuerNameB64len); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r), E_ENCODING_FAILED, "Failed to encode data in base 64 encoding."); - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_ISSUER_CONDITION_SIZE), "subjectName = '%s' and certFormat = %d and certType = %d and installed = '%s'", issuerNameBase64, certFormat, certType, installed); + snprintf(condition, sizeof(condition), "subjectName = '%s' and certFormat = %d and certType = %d and installed = '%s'", issuerNameBase64, certFormat, certType, installed); r = __caCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &certRecord); SysTryReturn(NID_SEC_CERT, !IsFailed(r), r, r, "[%s] Failed to get certificate record.", GetErrorMessage(r)); @@ -1099,7 +1097,7 @@ _CertDbManager::FindCertType(_CertFormat certFormat, char* pIssuerName, char* pS r = _Base64::Encode(reinterpret_cast< byte* >(pSubjectName), strlen(pSubjectName), subjectNameBase64, subjectNameB64len); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r), E_ENCODING_FAILED, "Failed to encode data in base 64 encoding."); - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_CONDITION_CONST_SIZE), "certFormat = %d and issuerName = '%s' and subjectName = '%s' and installed = '%s'", certFormat, issuerNameBase64, subjectNameBase64, installed); + snprintf(condition, sizeof(condition), "certFormat = %d and issuerName = '%s' and subjectName = '%s' and installed = '%s'", certFormat, issuerNameBase64, subjectNameBase64, installed); r = __caCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &certRecord); SysTryReturn(NID_SEC_CERT, !IsFailed(r), r, r, "[%s] Failed to get certificate record.", GetErrorMessage(r)); @@ -1596,8 +1594,8 @@ _CertDbManager::InsertUserCertificateFromBuffer(_CertFormat certFormat, byte* pC SysTryReturnResult(NID_SEC_CERT, lenSubjectName < _MAX_ISSUER_SUBJECT_NAME_SIZE, E_DATABASE, "Length is greater than maximum allowed length."); SysTryReturnResult(NID_SEC_CERT, lenIssuerName < _MAX_ISSUER_SUBJECT_NAME_SIZE, E_DATABASE, "Length is greater than maximum allowed length."); - strncpy(subjectNameBuffer, reinterpret_cast< char* >(pTbsCert->GetSubjectName()),lenSubjectName); - strncpy(szIssuerName, reinterpret_cast< char* >(pTbsCert->GetIssuerName()),lenIssuerName); + snprintf(subjectNameBuffer, sizeof(subjectNameBuffer), "%s", reinterpret_cast< char* >(pTbsCert->GetSubjectName())); + snprintf(szIssuerName, sizeof(szIssuerName), "%s", reinterpret_cast< char* >(pTbsCert->GetIssuerName())); pTbsCert->GetSerialNumber(pSerial, static_cast< int& >(lenSerialNo)); if ((lenSerialNo <= 0) || (lenSerialNo > _MAX_SERIAL_NUMBER_SIZE)) @@ -1663,7 +1661,8 @@ _CertDbManager::InsertUserCertificateFromBuffer(_CertFormat certFormat, byte* pC SysTryReturnResult(NID_SEC_CERT, pFileName != null, E_SYSTEM, "Failed to get attributes."); int len = strlen(pFileName.get()); - strncpy(certRecord.fileName, pFileName.get(), len); + snprintf(certRecord.fileName, sizeof(certRecord.fileName), "%s", pFileName.get()); + certRecord.subjectNameLen = lenSubjectName; memcpy(certRecord.subjectName, subjectNameBuffer, lenSubjectName); @@ -1674,7 +1673,7 @@ _CertDbManager::InsertUserCertificateFromBuffer(_CertFormat certFormat, byte* pC SysTryReturnResult(NID_SEC_CERT, pPriKeyFileName != null, E_SYSTEM, "Failed to get attributes."); len = strlen(pPriKeyFileName.get()); - strncpy(certRecord.prvKeyPath, pPriKeyFileName.get(), len); + snprintf(certRecord.prvKeyPath, sizeof(certRecord.prvKeyPath), "%s", pPriKeyFileName.get()); certRecord.prvKeyLen = privateKeyLen; certRecord.parentCa = certId; strcpy(certRecord.installed, installedRecord); @@ -1739,14 +1738,14 @@ _CertDbManager::GetUserCertificateChain(char* pIssuerName, int issuerNameLen, ch memset(subjectNameBase64, 0, sizeof(subjectNameBase64)); r = _Base64::Encode(reinterpret_cast< byte* >(pSubjectName), subjectNameLen, reinterpret_cast< char* >(subjectNameBase64), subjectNameBase64Len); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r), E_ENCODING_FAILED, "Failed to encode data in base 64 encoding."); - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "subjectName = '%s' and installed = '%s'", subjectNameBase64, installedRecord); + snprintf(condition, sizeof(condition), "subjectName = '%s' and installed = '%s'", subjectNameBase64, installedRecord); } else { r = __userCertDbStore.GetNumberOfCertificates(recordCount); SysTryReturn(NID_SEC_CERT, !IsFailed(r), r, r, "[%s] Failed to get certificates.", GetErrorMessage(r)); SysTryReturnResult(NID_SEC_CERT, recordCount > 0, E_OBJ_NOT_FOUND, "Failed to get certificate records."); - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "installed = '%s'", installedRecord); + snprintf(condition, sizeof(condition), "installed = '%s'", installedRecord); } memset(&userCertRecord, 0, sizeof(userCertRecord)); @@ -1895,7 +1894,7 @@ _CertDbManager::GetUserCertificateChain(char* pIssuerName, int issuerNameLen, ch memset(subjectNameBase64, 0, sizeof(subjectNameBase64)); r = _Base64::Encode(reinterpret_cast< byte* >(subName), subNameLen, reinterpret_cast< char* >(subjectNameBase64), subjectNameBase64Len); SysTryCatch(NID_SEC_CERT, !IsFailed(r), , r, "[%s] Failed to encode data in base 64 encoding.", GetErrorMessage(r)); - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "subjectName = '%s' and installed = '%s'", subjectNameBase64, installedRecord); + snprintf(condition, sizeof(condition), "subjectName = '%s' and installed = '%s'", subjectNameBase64, installedRecord); if (strcmp(reinterpret_cast< char* >(issuerNameBase64), reinterpret_cast< char* >(subjectNameBase64)) == 0) { @@ -1981,7 +1980,7 @@ _CertDbManager::GetUserCertificateChain(char* pIssuerName, int issuerNameLen, ch } memset(condition, 0, sizeof(condition)); - snprintf(condition, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "installed = '%s'", installedRecord); + snprintf(condition, sizeof(condition), "installed = '%s'", installedRecord); count++; @@ -2037,7 +2036,7 @@ _CertDbManager::GetUserCertificateChain(_CertFormat certFormat, _CertChain* pCer memset(subjectNameBase64, 0, sizeof(subjectNameBase64)); r = _Base64::Encode(reinterpret_cast< byte* >(pSubjectName), strlen(pSubjectName), subjectNameBase64, subjNameB64len); SysTryReturnResult(NID_SEC_CERT, !IsFailed(r), E_ENCODING_FAILED, "Failed to encode data in base 64 encoding."); - snprintf(conditonRecord, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "subjectName = '%s' and installed = '%s'", subjectNameBase64, installedRecord); + snprintf(conditonRecord, sizeof(conditonRecord), "subjectName = '%s' and installed = '%s'", subjectNameBase64, installedRecord); r = __userCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(conditonRecord), &userCertRecord); SysTryReturn(NID_SEC_CERT, !IsFailed(r), r, r, "[%s] Failed to get certificates record.", GetErrorMessage(r)); @@ -2056,7 +2055,7 @@ _CertDbManager::GetUserCertificateChain(_CertFormat certFormat, _CertChain* pCer { memset(&caCertRecord, 0, sizeof(caCertRecord)); memset(conditonRecord, 0, _MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE); - snprintf(conditonRecord, (_MAX_ISSUER_SUBJECT_NAME_SIZE + _MAX_SUBJECT_OFFSET_SIZE), "certId = %d and installed = '%s'", parentCa, installedRecord); + snprintf(conditonRecord, sizeof(conditonRecord), "certId = %d and installed = '%s'", parentCa, installedRecord); r = __caCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(conditonRecord), &caCertRecord); SysTryReturn(NID_SEC_CERT, !IsFailed(r), r, r, "[%s] Failed to get certificates record.", GetErrorMessage(r)); @@ -2082,7 +2081,7 @@ _CertDbManager::GetUserCertificateInfoByCertId(int certId, int* pSubjectLength, char installedRecord[_MAX_TYPE_RECORD_SIZE] = "T\0"; char condition[_MAX_TYPE_CONST_SIZE] = {0, }; - snprintf(condition, _MAX_TYPE_CONST_SIZE, "certId = %d and installed = '%s'", certId, installedRecord); + snprintf(condition, sizeof(condition), "certId = %d and installed = '%s'", certId, installedRecord); r = __userCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &userCertRecord); SysTryReturn(NID_SEC_CERT, !IsFailed(r), r, r, "[%s] Failed to get certificates record.", GetErrorMessage(r)); @@ -2120,7 +2119,7 @@ _CertDbManager::GetUserCertificateInfoByCertId(int certId, _CertEncodingType enc *ppUserCertInfo = null; SysTryReturnResult(NID_SEC_CERT, certId > 0, E_INVALID_ARG, "Invalid input parameter."); - snprintf(condition, _MAX_TYPE_CONST_SIZE, "certId = %d and installed = '%s'", certId, installedRecord); + snprintf(condition, sizeof(condition), "certId = %d and installed = '%s'", certId, installedRecord); r = __userCertDbStore.GetFirstRecordByConditions(reinterpret_cast< byte* >(condition), &certRecord); SysTryReturn(NID_SEC_CERT, !IsFailed(r), r, r, "[%s] Failed to get certificates record.", GetErrorMessage(r)); diff --git a/src/security/cert/FSecCert_CertFileStore.cpp b/src/security/cert/FSecCert_CertFileStore.cpp index 1bfe0c0..bcf222d 100644 --- a/src/security/cert/FSecCert_CertFileStore.cpp +++ b/src/security/cert/FSecCert_CertFileStore.cpp @@ -191,7 +191,7 @@ _CertFileStore::GetFileNameFromHandle(CertIdNo hCert, _CertPathType pathType, St SysTryReturnResult(NID_SEC_CERT, hCert != null, E_INVALID_ARG, "Invalid input parameter."); - snprintf(temp, _MAX_CERT_EXT_PATH_SIZE, "%03d", hCert); + snprintf(temp, sizeof(temp), "%03d", hCert); tempStr.Append(temp); switch (pathType) diff --git a/src/security/cert/FSecCert_CertManager.cpp b/src/security/cert/FSecCert_CertManager.cpp index eb0e3d1..d2d97f5 100644 --- a/src/security/cert/FSecCert_CertManager.cpp +++ b/src/security/cert/FSecCert_CertManager.cpp @@ -383,7 +383,7 @@ _CertManager::GetCertInfo(CertificateHandle certHandle, _CertFieldType field, _C int len = strlen(pSigAlg); if (len <= _MAX_CERT_ALGORITHM_SIZE) { - strncpy(pCertInfo->sigAlgorithm, pSigAlg, len); + snprintf(pCertInfo->sigAlgorithm, sizeof(pCertInfo->sigAlgorithm), "%s", pSigAlg); } else { @@ -421,7 +421,7 @@ _CertManager::GetCertInfo(CertificateHandle certHandle, _CertFieldType field, _C memset(pCertInfo->subjectName, 0, _MAX_ISSUER_SUBJECT_NAME_SIZE + 1); if (subLen <= _MAX_ISSUER_SUBJECT_NAME_SIZE + 1) { - strncpy(pCertInfo->subjectName, reinterpret_cast< const char* >(pSubjectName), subLen); + snprintf(pCertInfo->subjectName, sizeof(pCertInfo->subjectName), "%s", reinterpret_cast< const char* >(pSubjectName)); } ParseCertTitle(reinterpret_cast< char* >(pSubjectName), pCertInfo->certTitle); ClearLastResult(); @@ -433,7 +433,7 @@ _CertManager::GetCertInfo(CertificateHandle certHandle, _CertFieldType field, _C memset(pCertInfo->issuerName, 0, _MAX_ISSUER_SUBJECT_NAME_SIZE + 1); if (issuerLen <= _MAX_ISSUER_SUBJECT_NAME_SIZE + 1) { - strncpy(pCertInfo->issuerName, reinterpret_cast< const char* >(pIssuerName), issuerLen); + snprintf(pCertInfo->issuerName, sizeof(pCertInfo->issuerName), "%s", reinterpret_cast< const char* >(pIssuerName)); } ParseCertTitle(reinterpret_cast< char* >(pIssuerName), pCertInfo->certSubTitle); ClearLastResult(); @@ -762,8 +762,8 @@ _CertManager::GetCertificateType(CertificateHandle certHandle, _CaCertType* pCer SysTryReturnResult(NID_SEC_CERT, lenSubjectName > 0, E_SYSTEM, "Subject length is not valid."); SysTryReturnResult(NID_SEC_CERT, lenIssuerName > 0, E_SYSTEM, "Issuer length is not valid."); - strncpy(subjectName, reinterpret_cast< const char* >(pTbsCert->GetSubjectName()), lenSubjectName); - strncpy(issuerName, reinterpret_cast< const char* >(pTbsCert->GetIssuerName()), lenIssuerName); + snprintf(subjectName, sizeof(subjectName), "%s", reinterpret_cast< const char* >(pTbsCert->GetSubjectName())); + snprintf(issuerName, sizeof(issuerName), "%s", reinterpret_cast< const char* >(pTbsCert->GetIssuerName())); pCertDb = _CertDbManager::GetInstance(); SysTryReturnResult(NID_SEC_CERT, pCertDb != null, E_SYSTEM, "Failed to get instance of certificate database manager."); @@ -794,7 +794,7 @@ _CertManager::ParseCertTitle(char subject[_MAX_ISSUER_SUBJECT_NAME_SIZE + 1], ch char* pSubStr = null; char tempSubject[_MAX_ISSUER_SUBJECT_NAME_SIZE + 1] = {0, }; - strncpy(tempSubject, subject, strlen(subject + 1)); + snprintf(tempSubject, sizeof(tempSubject), "%s", subject); pPivotPtr = tempSubject; for (;; pSubStr = null) { @@ -1107,7 +1107,7 @@ _CertManager::OpenUserCertificateStore(int& totalCount) totalCount = 0; - snprintf(condition, _MAX_TYPE_CONST_SIZE, "installed = '%s'", installedRecord); + snprintf(condition, sizeof(condition), "installed = '%s'", installedRecord); std::unique_ptr< _UserCertDbStore > pUserCertDbStore(new (std::nothrow) _UserCertDbStore()); SysTryReturn(NID_SEC_CERT, pUserCertDbStore != null, certificateStoreCtx, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory."); @@ -1185,7 +1185,7 @@ _CertManager::OpenRootCaStore(_CaCertType type, int& totalCount) // _CERT_TYPE_T SysTryReturn(NID_SEC_CERT, type > _CERT_TYPE_NOT_BOUNDED, certificateStoreCtx, E_INVALID_ARG, "[E_INVALID_ARG] Invalid certificate type."); SysTryReturn(NID_SEC_CERT, type < _CERT_TYPE_MAX, certificateStoreCtx, E_INVALID_ARG, "[E_INVALID_ARG] Invalid certificate type."); - snprintf(condition, _MAX_TYPE_CONST_SIZE, "certType = %d and installed = '%s'", static_cast< int >(type), installedRecord); + snprintf(condition, sizeof(condition), "certType = %d and installed = '%s'", static_cast< int >(type), installedRecord); std::unique_ptr< _CaCertDbStore > pCaCertDbStore(new (std::nothrow) _CaCertDbStore()); SysTryReturn(NID_SEC_CERT, pCaCertDbStore != null, certificateStoreCtx, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory."); @@ -1256,7 +1256,7 @@ _CertManager::CheckRootCaIntegrity(void) ClearLastResult(); - snprintf(condition, _MAX_TYPE_CONST_SIZE, "certType = %d and installed = '%s'", _CERT_TYPE_ROOT_CA, installedRecord); + snprintf(condition, sizeof(condition), "certType = %d and installed = '%s'", _CERT_TYPE_ROOT_CA, installedRecord); std::unique_ptr< _CaCertDbStore > pCaCertDbStore(new (std::nothrow) _CaCertDbStore()); SysTryReturnResult(NID_SEC_CERT, pCaCertDbStore != null, E_OUT_OF_MEMORY, "Failed to allocate memory."); -- 2.7.4