diff options
author | Hyunho Kang <hhstark.kang@samsung.com> | 2016-06-16 11:30:01 +0900 |
---|---|---|
committer | Hyunho Kang <hhstark.kang@samsung.com> | 2016-06-16 11:30:33 +0900 |
commit | b54b4b16f233d61f588a3d80bb56cf1794abbf40 (patch) | |
tree | 82dd1072239241a7096ebd454c538d981fecf086 | |
parent | 1365c8686301659972d0903be61e8c88da2772be (diff) | |
download | message-port-b54b4b16f233d61f588a3d80bb56cf1794abbf40.tar.gz message-port-b54b4b16f233d61f588a3d80bb56cf1794abbf40.tar.bz2 message-port-b54b4b16f233d61f588a3d80bb56cf1794abbf40.zip |
Fix tainted intsubmit/tizen_common/20160703.182952submit/tizen_common/20160703.163502submit/tizen_common/20160703.163500submit/tizen/20160622.083438accepted/tizen/wearable/20160623.121940accepted/tizen/tv/20160623.121927accepted/tizen/mobile/20160623.121920accepted/tizen/ivi/20160623.121957
Change-Id: I4b7f89fc432b2b4203370633cb76b263a6717db9
Signed-off-by: Hyunho Kang <hhstark.kang@samsung.com>
-rwxr-xr-x | src/message-port.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/message-port.c b/src/message-port.c index a43ba36..4d4699f 100755 --- a/src/message-port.c +++ b/src/message-port.c @@ -579,7 +579,7 @@ static int __read_string_from_socket(int fd, char **buffer, int *string_len) LOGE("read socket fail"); return MESSAGEPORT_ERROR_IO_ERROR; } - if (*string_len > 0) { + if (*string_len > 0 && *string_len < MAX_MESSAGE_SIZE) { *buffer = (char *)calloc(*string_len, sizeof(char)); if (*buffer == NULL) { LOGE("Out of memory."); @@ -589,6 +589,9 @@ static int __read_string_from_socket(int fd, char **buffer, int *string_len) LOGE("read socket fail"); return MESSAGEPORT_ERROR_IO_ERROR; } + } else { + LOGE("Invalid string len %d", &string_len); + return MESSAGEPORT_ERROR_IO_ERROR; } return MESSAGEPORT_ERROR_NONE; } |