Fix use-after-free bugsubmit/tizen_5.0/20181101.000003submit/tizen/20180509.100419accepted/tizen/unified/20180510.070817accepted/tizen/5.0/unified/20181102.020045tizen_5.0accepted/tizen_5.0_unified

Change-Id: I35ba8a8b687024311b40796a3ae3640f1b9cd71d
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>

5 files changed, 33 insertions, 4 deletions

diff --git a/src/server/plugin/generic-backend/ipassword-file.h b/src/server/plugin/generic-backend/ipassword-file.h
index c0d26eb..33246cf 100644
--- a/src/server/plugin/generic-backend/ipassword-file.h
+++ b/src/server/plugin/generic-backend/ipassword-file.h
@@ -28,8 +28,15 @@ namespace AuthPasswd {
 constexpr time_t PASSWORD_INFINITE_EXPIRATION_TIME = std::numeric_limits<time_t>::max();
 
 struct IPasswordFile {
+	IPasswordFile() = default;
 	virtual ~IPasswordFile() = default;
 
+	IPasswordFile(const IPasswordFile&) = delete;
+	IPasswordFile& operator=(const IPasswordFile&) = delete;
+
+	IPasswordFile(IPasswordFile&&) = delete;
+	IPasswordFile& operator=(IPasswordFile&&) = delete;
+
 	virtual void writeMemoryToFile() const = 0;
 	virtual void writeAttemptToFile() const = 0;
 
diff --git a/src/server/plugin/sw-backend/password-file.h b/src/server/plugin/sw-backend/password-file.h
index a5097e5..15f496b 100644
--- a/src/server/plugin/sw-backend/password-file.h
+++ b/src/server/plugin/sw-backend/password-file.h
@@ -60,6 +60,13 @@ namespace SWBackend {
 class PasswordFile : public IPasswordFile {
 public:
 	PasswordFile(unsigned int user);
+	~PasswordFile() = default;
+
+	PasswordFile(const PasswordFile&) = delete;
+	PasswordFile& operator=(const PasswordFile&) = delete;
+
+	PasswordFile(PasswordFile&&) = delete;
+	PasswordFile& operator=(PasswordFile&&) = delete;
 
 	void writeMemoryToFile() const override;
 	void writeAttemptToFile() const override;
diff --git a/src/server/plugin/tz-backend/password-file.h b/src/server/plugin/tz-backend/password-file.h
index 7749c91..16cc04b 100644
--- a/src/server/plugin/tz-backend/password-file.h
+++ b/src/server/plugin/tz-backend/password-file.h
@@ -26,6 +26,12 @@ class PasswordFile : public IPasswordFile {
 public:
 	PasswordFile(unsigned int user);
 
+	PasswordFile(const PasswordFile&) = delete;
+	PasswordFile& operator=(const PasswordFile&) = delete;
+
+	PasswordFile(PasswordFile&&) = delete;
+	PasswordFile& operator=(PasswordFile&&) = delete;
+
 	void writeMemoryToFile() const override;
 	void writeAttemptToFile() const override;
 
diff --git a/src/server/service/include/password-manager.h b/src/server/service/include/password-manager.h
index b0b604a..a63ea5d 100644
--- a/src/server/service/include/password-manager.h
+++ b/src/server/service/include/password-manager.h
@@ -38,10 +38,10 @@
 namespace AuthPasswd {
 class PasswordManager final {
 public:
-	typedef std::map<unsigned int, std::shared_ptr<IPasswordFile>> PasswordFileMap;
+	typedef std::map<unsigned int, IPasswordFile*> PasswordFileMap;
 
 	PasswordManager();
-	~PasswordManager() = default;
+	~PasswordManager();
 
 	//checking functions
 	//no const in checkPassword, attempts are update
diff --git a/src/server/service/password-manager.cpp b/src/server/service/password-manager.cpp
index 73dbcc1..b42320f 100644
--- a/src/server/service/password-manager.cpp
+++ b/src/server/service/password-manager.cpp
@@ -69,10 +69,19 @@ PasswordManager::PasswordManager()
 	m_pluginManager.loadFactory("PasswordFileFactory", m_factory);
 }
 
+PasswordManager::~PasswordManager()
+{
+	PasswordFileMap::iterator iter;
+	for (iter = m_pwdFile.begin(); iter != m_pwdFile.end(); iter++) {
+		if (iter->second != nullptr)
+			delete iter->second;
+	}
+}
+
 void PasswordManager::addPassword(unsigned int user)
 {
-	std::shared_ptr<IPasswordFile> passwordFile((*m_factory)(user));
-	m_pwdFile.insert(PasswordFileMap::value_type(user, passwordFile));
+	IPasswordFile* passwordFile = (*m_factory)(user);
+	m_pwdFile[user] = passwordFile;
 }
 
 void PasswordManager::removePassword(unsigned int user)