diff options
author | Kyungwook Tak <k.tak@samsung.com> | 2016-03-02 20:45:52 +0900 |
---|---|---|
committer | Kyungwook Tak <k.tak@samsung.com> | 2016-03-02 20:45:52 +0900 |
commit | 4ac21f065674dd7c1b11a0918953fc552ec9a924 (patch) | |
tree | a19255f75a1054ac48ea7a3cb5d4f2f275925fd9 | |
parent | b4ea2b8348e45f355cdf1140b666f0897fc63644 (diff) | |
download | libwebappenc-4ac21f065674dd7c1b11a0918953fc552ec9a924.tar.gz libwebappenc-4ac21f065674dd7c1b11a0918953fc552ec9a924.tar.bz2 libwebappenc-4ac21f065674dd7c1b11a0918953fc552ec9a924.zip |
Use snprintf instead of sprintf to be safesubmit/tizen/20160303.045232accepted/tizen/wearable/20160305.090436accepted/tizen/tv/20160305.090421accepted/tizen/mobile/20160305.090405accepted/tizen/ivi/20160305.090455accepted/tizen/common/20160303.110357
Change-Id: I664d9f039b09b576c4ebe84c29d8a7c459bc1384
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
-rw-r--r-- | srcs/key_handler.c | 23 | ||||
-rw-r--r-- | srcs/key_handler.h | 2 | ||||
-rw-r--r-- | tests/wae_tests.c | 6 |
3 files changed, 22 insertions, 9 deletions
diff --git a/srcs/key_handler.c b/srcs/key_handler.c index 7c986c0..7b050d6 100644 --- a/srcs/key_handler.c +++ b/srcs/key_handler.c @@ -231,9 +231,16 @@ error: } -int _get_preloaded_app_dek_file_path(const char* pPkgId, char *path) +int _get_preloaded_app_dek_file_path(const char* pPkgId, size_t size, char *path) { - sprintf(path, "%s/%s_%s.adek", _get_dek_store_path(), APP_DEK_FILE_PFX, pPkgId); + int ret = -1; + + ret = snprintf(path, size, "%s/%s_%s.adek", + _get_dek_store_path(), APP_DEK_FILE_PFX, pPkgId); + + if (ret < 0) + return WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */ + return WAE_ERROR_NONE; } @@ -258,14 +265,14 @@ int _extract_pkg_id_from_file_name(const char* fileName, char* pkgId) int _read_encrypted_app_dek_from_file(const char* pPkgId, unsigned char** encrypted_app_dek, size_t *len) { char path[MAX_PATH_LEN] = {0,}; - _get_preloaded_app_dek_file_path(pPkgId, path); + _get_preloaded_app_dek_file_path(pPkgId, sizeof(path), path); return _read_from_file(path, encrypted_app_dek, len); } int _write_encrypted_app_dek_to_file(const char* pPkgId, const unsigned char* encrypted_app_dek, size_t len) { char path[MAX_PATH_LEN] = {0,}; - _get_preloaded_app_dek_file_path(pPkgId, path); + _get_preloaded_app_dek_file_path(pPkgId, sizeof(path), path); return _write_to_file( path, encrypted_app_dek, len); } @@ -683,7 +690,13 @@ int load_preloaded_app_deks(int reload) // regular file && start with KEY_MANAGER_INITIAL_VALUE_FILE_PFX if(entry.d_type == DT_REG && strstr(entry.d_name, APP_DEK_FILE_PFX) != NULL) { memset(file_path_buff, 0, sizeof(file_path_buff)); - sprintf(file_path_buff, "%s/%s", _get_dek_store_path(), entry.d_name); + ret = snprintf(file_path_buff, sizeof(file_path_buff), "%s/%s", + _get_dek_store_path(), entry.d_name); + if(ret < 0) { + WAE_SLOGE("Failed to make file path by snprintf."); + ret = WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */ + goto error; + } ret = _extract_pkg_id_from_file_name(entry.d_name, pkgId); if(ret != WAE_ERROR_NONE) { diff --git a/srcs/key_handler.h b/srcs/key_handler.h index 03de1ab..a417fdd 100644 --- a/srcs/key_handler.h +++ b/srcs/key_handler.h @@ -61,7 +61,7 @@ const char* _get_dek_kek_pub_key_path(); const char* _get_dek_kek_pri_key_path(); const char* _get_dek_store_path(); int _add_dek_to_key_manager(const char* pPkgId, wae_app_type_e appType, const unsigned char* pDek, size_t len); -int _get_preloaded_app_dek_file_path(const char* pPkgId, char *path); +int _get_preloaded_app_dek_file_path(const char* pPkgId, size_t size, char *path); int _extract_pkg_id_from_file_name(const char* fileName, char* pkgId); int _read_encrypted_app_dek_from_file(const char* pPkgId, unsigned char** encrypted_app_dek, size_t*len); int _write_encrypted_app_dek_to_file(const char* pPkgId, const unsigned char* encrypted_app_dek, size_t len); diff --git a/tests/wae_tests.c b/tests/wae_tests.c index 631e9ea..0b584e5 100644 --- a/tests/wae_tests.c +++ b/tests/wae_tests.c @@ -430,7 +430,7 @@ int wae_tc_get_preloaded_app_dek_file_path() char path[256]; FPRINTF("...expected path : %s\n", expectedPath); - ret = _get_preloaded_app_dek_file_path(pkgId, path); + ret = _get_preloaded_app_dek_file_path(pkgId, sizeof(path), path); FPRINTF("...returned path : %s\n", path); if(ret != WAE_ERROR_NONE || strncmp(expectedPath, path, strlen(expectedPath)) != 0) { @@ -623,8 +623,8 @@ int wae_tc_load_preloaded_app_deks() char path2[MAX_PATH_LEN] = {0, }; FILE *f2 = NULL; - _get_preloaded_app_dek_file_path(pkgId1, path1); - _get_preloaded_app_dek_file_path(pkgId2, path2); + _get_preloaded_app_dek_file_path(pkgId1, sizeof(path1), path1); + _get_preloaded_app_dek_file_path(pkgId2, sizeof(path2), path2); // remove old test data remove_app_dek(pkgId1, WAE_PRELOADED_APP); |