From d1a7ff96aad344b8a30d4328c3dea65d4ee7aa06 Mon Sep 17 00:00:00 2001
From: Kyuho Jo <kyuho.jo@samsung.com>
Date: Tue, 12 May 2015 23:01:01 +0900
Subject: Fix PREVENT issues.

Change-Id: I493ac672207a9bc236999a8954aa964076ecc641
Signed-off-by: Kyuho Jo <kyuho.jo@samsung.com>
---
 src/notification.c      |  8 +++++++
 src/notification_ipc.c  |  5 +++++
 src/notification_noti.c | 55 ++++++++++++++-----------------------------------
 3 files changed, 28 insertions(+), 40 deletions(-)

diff --git a/src/notification.c b/src/notification.c
index a903d7c..0e8e085 100644
--- a/src/notification.c
+++ b/src/notification.c
@@ -2480,6 +2480,10 @@ notification_resister_changed_cb(void (*changed_cb)
 	noti_cb_list_new =
 	    (notification_cb_list_s *) malloc(sizeof(notification_cb_list_s));
 
+	if (noti_cb_list_new == NULL) {
+		return NOTIFICATION_ERROR_OUT_OF_MEMORY;
+	}
+
 	noti_cb_list_new->next = NULL;
 	noti_cb_list_new->prev = NULL;
 
@@ -2574,6 +2578,10 @@ notification_register_detailed_changed_cb(
 	noti_cb_list_new =
 	    (notification_cb_list_s *) malloc(sizeof(notification_cb_list_s));
 
+	if (noti_cb_list_new == NULL) {
+		return NOTIFICATION_ERROR_OUT_OF_MEMORY;
+	}
+
 	noti_cb_list_new->next = NULL;
 	noti_cb_list_new->prev = NULL;
 
diff --git a/src/notification_ipc.c b/src/notification_ipc.c
index ac1391b..b5a298e 100644
--- a/src/notification_ipc.c
+++ b/src/notification_ipc.c
@@ -308,6 +308,11 @@ notification_op *notification_ipc_create_op(notification_op_type_e type, int num
 	}
 
 	op_list = (notification_op *)malloc(sizeof(notification_op) * num_op);
+
+	if (op_list == NULL) {
+		return NULL;
+	}
+
 	memset(op_list, 0x0, sizeof(notification_op) * num_op);
 
 	for (i = 0; i < num_op; i++) {
diff --git a/src/notification_noti.c b/src/notification_noti.c
index 84df045..e831e73 100644
--- a/src/notification_noti.c
+++ b/src/notification_noti.c
@@ -843,7 +843,6 @@ err:
 EXPORT_API int notification_noti_get_by_tag(notification_h noti, char *pkgname, char* tag)
 {
 	int ret = 0;
-	char *query = NULL;
 	sqlite3 *db = NULL;
 	sqlite3_stmt *stmt = NULL;
 
@@ -903,36 +902,7 @@ EXPORT_API int notification_noti_get_by_tag(notification_h noti, char *pkgname,
 			goto err;
 		}
 	}
-/*
-	char *base_query = "select "
-			 "type, layout, caller_pkgname, launch_pkgname, image_path, group_id, priv_id, "
-			 "tag, b_text, b_key, b_format_args, num_format_args, "
-			 "text_domain, text_dir, time, insert_time, args, group_args, "
-			 "b_execute_option, b_service_responding, b_service_single_launch, b_service_multi_launch, "
-			 "sound_type, sound_path, vibration_type, vibration_path, led_operation, led_argb, led_on_ms, led_off_ms, "
-			 "flags_for_property, display_applist, progress_size, progress_percentage "
-			 "from noti_list ";
-
-	if (pkgname != NULL) {
-		query = sqlite3_mprintf("%s where caller_pkgname = '%s' and tag = '%s'",
-				base_query ,pkgname, tag);
-	} else {
-		query = sqlite3_mprintf("%s where tag = '%s'", base_query,  tag);
-	}
-	if (query == NULL) {
-		ret = NOTIFICATION_ERROR_OUT_OF_MEMORY;
-		goto err;
-	}
 
-	ret = sqlite3_prepare_v2(db, query, -1, &stmt, NULL);
-	if (ret != SQLITE_OK) {
-		NOTIFICATION_ERR("select Query : %s", query);
-		NOTIFICATION_ERR("select DB error(%d) : %s", ret,
-				 sqlite3_errmsg(db));
-		ret = NOTIFICATION_ERROR_FROM_DB;
-		goto err;
-	}
-*/
 	ret = sqlite3_step(stmt);
 	if (ret == SQLITE_ROW) {
 		_notification_noti_populate_from_stmt(stmt, noti);
@@ -941,9 +911,6 @@ EXPORT_API int notification_noti_get_by_tag(notification_h noti, char *pkgname,
 		ret = NOTIFICATION_ERROR_FROM_DB;
 	}
 err:
-	if (query) {
-		sqlite3_free(query);
-	}
 
 	if (stmt) {
 		sqlite3_finalize(stmt);
@@ -1740,7 +1707,6 @@ EXPORT_API int notification_noti_check_tag(notification_h noti)
 {
 	int result = 0;
 	int ret = NOTIFICATION_ERROR_NONE;
-	char *query = NULL;
 	sqlite3 *db;
 	sqlite3_stmt *stmt = NULL;
 
@@ -1806,9 +1772,6 @@ EXPORT_API int notification_noti_check_tag(notification_h noti)
 	}
 
 err:
-	if (query) {
-		sqlite3_free(query);
-	}
 
 	return ret;
 }
@@ -1897,10 +1860,16 @@ EXPORT_API int notification_noti_post_toast_message(const char *message)
 {
 	int let = 0;
 	char *msg = NULL;
+	char *temp_string = NULL;
 	int count = 0;
 
 	msg = (char *)calloc(strlen(message) + 1, sizeof(char));
-	strcpy(msg, message);
+
+	if (msg == NULL) {
+		return NOTIFICATION_ERROR_OUT_OF_MEMORY;
+	}
+
+	strncpy(msg, message, strlen(message) + 1);
 
 /*
 	if (eina_list_count(toast_list) == 10) {
@@ -1917,7 +1886,10 @@ EXPORT_API int notification_noti_post_toast_message(const char *message)
 		let = _post_toast_message(msg);
 	}
 	else if (count == 1) {
-		if (strcmp(msg, (char *)eina_list_nth(toast_list, count - 1)) == 0) {
+		temp_string = (char*)eina_list_nth(toast_list, count - 1);
+		if (temp_string == NULL)
+			return 0;
+		if (strcmp(msg, temp_string) == 0) {
 			elm_popup_timeout_set(toast_popup, 3.0);
 		}
 		else {
@@ -1926,7 +1898,10 @@ EXPORT_API int notification_noti_post_toast_message(const char *message)
 		}
 	}
 	else if (count >= 2) {
-		if (strcmp(msg, (char *)eina_list_nth(toast_list, count - 1)) == 0) {
+		temp_string = (char*)eina_list_nth(toast_list, count - 1);
+		if (temp_string == NULL)
+			return 0;
+		if (strcmp(msg, temp_string) == 0) {
 			free(msg);
 			return 0;
 		}
-- 
cgit v1.2.3