Fix coverity defectssubmit/tizen/20180404.064013submit/tizen/20180404.020934accepted/tizen/unified/20180405.064319

* Uninitialized scalar field
* Uninitialized pointer field
* Unchecked return value from library
* Wrapper object use after free
* Data race condition

Change-Id: I00bf5cf4d4dc5afe53a0080d9316da37989c9e42
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>

7 files changed, 33 insertions, 17 deletions

diff --git a/src/framework/ui/common.h b/src/framework/ui/common.h
index 605a2f9..564251c 100644
--- a/src/framework/ui/common.h
+++ b/src/framework/ui/common.h
@@ -51,7 +51,7 @@ struct UrlItem : public ISerializable {
 	UrlItem(IStream &);
 	virtual void Serialize(IStream &) const override;
 
-	csr_wp_risk_level_e risk;
+	csr_wp_risk_level_e risk = CSR_WP_RISK_UNVERIFIED;
 	std::string url;
 };
 
diff --git a/src/framework/ui/popup/popup.cpp b/src/framework/ui/popup/popup.cpp
index c7822f0..c2482dc 100644
--- a/src/framework/ui/popup/popup.cpp
+++ b/src/framework/ui/popup/popup.cpp
@@ -35,7 +35,7 @@ namespace {
 		AppControl() { app_control_create(&handle); }
 		~AppControl() { app_control_destroy(handle); }
 
-		app_control_h handle;
+		app_control_h handle = nullptr;
 	};
 
 	const std::string DEFAULT_URL("https://developer.tizen.org/");
diff --git a/test/engine/web-protection/sample-engine.cpp b/test/engine/web-protection/sample-engine.cpp
index e26288e..84b2470 100644
--- a/test/engine/web-protection/sample-engine.cpp
+++ b/test/engine/web-protection/sample-engine.cpp
@@ -218,9 +218,8 @@ int csret_wp_init_engine(csret_wp_engine_s **pengine)
 
 	struct stat attrib;
 
-	stat(PRIVATE_DB_NAME, &attrib);
-
-	ptr->latestUpdate = attrib.st_mtime;
+	if (::stat(PRIVATE_DB_NAME, &attrib) == 0)
+		ptr->latestUpdate = attrib.st_mtime;
 
 	*pengine = ptr;
 
diff --git a/test/internals/test-db.cpp b/test/internals/test-db.cpp
index d92352f..1c1eb3d 100644
--- a/test/internals/test-db.cpp
+++ b/test/internals/test-db.cpp
@@ -46,9 +46,9 @@ void checkSameMalware(const CsDetected &d, const Db::Row &r)
 	ASSERT_IF(d.ts,          r.ts);
 }
 
-const char *appendIdxToStr(const char *str, int idx)
+std::string appendIdxToStr(const char *str, int idx)
 {
-	return std::string(str + std::to_string(idx)).c_str();
+	return std::string(str + std::to_string(idx));
 }
 
 using TimePoint = std::chrono::high_resolution_clock::time_point;
@@ -257,11 +257,15 @@ BOOST_AUTO_TEST_CASE(transaction_time)
 	auto start = timeCheckStart();
 	db.transactionBegin();
 	for(int i = 0; i < testSize; i++) {
+		std::string targetName = appendIdxToStr("/opt/transmalware", i);
+		std::string malwareName = appendIdxToStr("transmalware", i);
+		std::string detailedUrl = appendIdxToStr("http://detailed.transmalware", i);
+
 		CsDetected d;
-		d.targetName = appendIdxToStr("/opt/transmalware", i);
+		d.targetName = targetName.c_str();
 		d.severity = CSR_CS_SEVERITY_LOW;
-		d.malwareName = appendIdxToStr("transmalware", i);
-		d.detailedUrl = appendIdxToStr("http://detailed.transmalware", i);
+		d.malwareName = malwareName.c_str();
+		d.detailedUrl = detailedUrl.c_str();
 		d.ts = 100;
 
 		db.insertDetectedFile(d, dataVersion);
@@ -272,11 +276,15 @@ BOOST_AUTO_TEST_CASE(transaction_time)
 	BOOST_MESSAGE("Start to time check about insert DB");
 	auto start2 = timeCheckStart();
 	for(int i = 0; i < testSize; i++) {
+		std::string targetName = appendIdxToStr("/opt/transmalware", i);
+		std::string malwareName = appendIdxToStr("transmalware", i);
+		std::string detailedUrl = appendIdxToStr("http://detailed.transmalware", i);
+
 		CsDetected d;
-		d.targetName = appendIdxToStr("/opt/testmalware", i);
+		d.targetName = targetName.c_str();
 		d.severity = CSR_CS_SEVERITY_LOW;
-		d.malwareName = appendIdxToStr("testmalware", i);
-		d.detailedUrl = appendIdxToStr("http://detailed.malware", i);
+		d.malwareName = malwareName.c_str();
+		d.detailedUrl = detailedUrl.c_str();
 		d.ts = 100;
 
 		db.insertDetectedFile(d, dataVersion);
diff --git a/test/internals/test-file-system.cpp b/test/internals/test-file-system.cpp
index 30f0457..4f60297 100644
--- a/test/internals/test-file-system.cpp
+++ b/test/internals/test-file-system.cpp
@@ -24,6 +24,8 @@
 
 #include <string>
 #include <iostream>
+#include <thread>
+#include <mutex>
 #include <climits>
 #include <ctime>
 #include <cstdio>
@@ -59,19 +61,25 @@ void __assertFile(const File &file, const std::string &path,
 }
 */
 
+std::mutex __mutex;
+
 void __createFile(const std::string &path)
 {
+	std::lock_guard<std::mutex> lock(__mutex);
 	if (::access(path.c_str(), R_OK | W_OK) == 0)
 		return; // already exist
 
 	int fd = creat(path.c_str(), S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
 	BOOST_REQUIRE_MESSAGE(fd > 0, "Failed to create file: " << path);
-	close(fd);
+
+	if (fd > 0)
+		::close(fd);
 }
 
 void __removeFile(const std::string &path)
 {
-	remove(path.c_str());
+	if (::remove(path.c_str()) != 0)
+		BOOST_MESSAGE("Failed to remove file: " << path);
 }
 
 void __writeFile(const std::string &path)
diff --git a/test/test-resource.cpp b/test/test-resource.cpp
index 1d41ceb..f541129 100644
--- a/test/test-resource.cpp
+++ b/test/test-resource.cpp
@@ -58,8 +58,8 @@ std::string getUsername(void)
 
 	std::vector<char> buf(bufsize, 0);
 
-	::getpwuid_r(::getuid(), &pwd, buf.data(), buf.size(), &result);
-	if (result == nullptr)
+	int ret = ::getpwuid_r(::getuid(), &pwd, buf.data(), buf.size(), &result);
+	if (ret != 0 || result == nullptr)
 		throw std::logic_error("Failed to getpwuid_r with errno: " + errno);
 
 	return std::string(pwd.pw_name);
diff --git a/test/thread-pool/test-thread-pool.cpp b/test/thread-pool/test-thread-pool.cpp
index 70a61c6..48f6276 100644
--- a/test/thread-pool/test-thread-pool.cpp
+++ b/test/thread-pool/test-thread-pool.cpp
@@ -54,6 +54,7 @@ std::mutex _m;
 // times in milliseconds unit
 inline void START_TIME(void)
 {
+	std::lock_guard<std::mutex> l(_m);
 	_expected = 0;
 	_start = high_resolution_clock::now();
 }