fix: Check for all zero UUID of a subject

https://github.sec.samsung.net/RS7-IOTIVITY/IoTivity/pull/787 (cherry-picked from 788de326f33bc5bb9c754a20f922631c7b53d930) Change-Id: I4f3746c346085434bbf2acdfe1eedf23c05b3a17 Signed-off-by: Volodymyr Brynza <v.brynza@samsung.com> Signed-off-by: DoHyun Pyun <dh79.pyun@samsung.com>
author: Volodymyr Brynza <v.brynza@samsung.com> 2021-02-10 11:50:28 +0200
committer: DoHyun Pyun <dh79.pyun@samsung.com> 2021-02-17 11:58:33 +0900
commit: e399a13447872ade36cda2cdd33c2418e04f0180 (patch)
tree: df35401e33a95859dad7dcd04d0495611ec544b1
parent: af4cadbe1659bcd6e8f526535386fba5a11742c3 (diff)
download: iotivity-e399a13447872ade36cda2cdd33c2418e04f0180.tar.gz
iotivity-e399a13447872ade36cda2cdd33c2418e04f0180.tar.bz2
iotivity-e399a13447872ade36cda2cdd33c2418e04f0180.zip
1 files changed, 29 insertions, 4 deletions
diff --git a/resource/csdk/security/src/policyengine.c b/resource/csdk/security/src/policyengine.c
index 649ba6ebe..9be59fb4c 100644
--- a/resource/csdk/security/src/policyengine.c
+++ b/resource/csdk/security/src/policyengine.c
@@ -91,6 +91,17 @@ static bool UuidCmp(OicUuid_t *firstId, OicUuid_t *secondId)
     return true;
 }
 
+/**
+ * Compares input OicUuid_t struct with OicUuid_t struct which has all zero values.
+ *
+ * @return true if the two OicUuid_t structs are equal, else false.
+ */
+static bool IsUuidAllZero(OicUuid_t *uuid)
+{
+    OicUuid_t allZeroUuid = {.id={0}};
+    return UuidCmp(&allZeroUuid, uuid);
+}
+
 void SetPolicyEngineState(PEContext_t *context, const PEState_t state)
 {
     if (NULL == context)
@@ -134,12 +145,12 @@ static bool IsRequestFromDevOwner(PEContext_t *context)
         return retVal;
     }
 
-    /*
-    if(OC_STACK_OK == GetDoxmDevOwnerId(&ownerid))
+    // Check for all zero UUID
+    if (true == IsUuidAllZero(&context->subject))
     {
-        retVal = UuidCmp(&context->subject, &ownerid);
+        OIC_LOG_V(DEBUG, TAG, "%s: UUID is all zero", __func__);
+        return retVal;
     }
-    */
 
     // TODO: Added as workaround for CTT
     OicSecDoxm_t* doxm = (OicSecDoxm_t*) GetDoxmResourceData();
@@ -180,6 +191,13 @@ static bool IsRequestFromSubOwner(PEContext_t *context)
         return retVal;
     }
 
+    // Check for all zero UUID
+    if (true == IsUuidAllZero(&context->subject))
+    {
+        OIC_LOG_V(DEBUG, TAG, "%s: UUID is all zero", __func__);
+        return retVal;
+    }
+
     if(IsSubOwner(&context->subject))
     {
         retVal = true;
@@ -302,6 +320,13 @@ bool IsRequestFromResourceOwner(PEContext_t *context)
         return false;
     }
 
+    // Check for all zero UUID
+    if (true == IsUuidAllZero(&context->subject))
+    {
+        OIC_LOG_V(DEBUG, TAG, "%s: UUID is all zero", __func__);
+        return retVal;
+    }
+
     if((OIC_R_ACL_TYPE <= context->resourceType) && \
         (OIC_SEC_SVR_TYPE_COUNT > context->resourceType))
     {
author	Volodymyr Brynza <v.brynza@samsung.com>	2021-02-10 11:50:28 +0200
committer	DoHyun Pyun <dh79.pyun@samsung.com>	2021-02-17 11:58:33 +0900
commit	e399a13447872ade36cda2cdd33c2418e04f0180 (patch)
tree	df35401e33a95859dad7dcd04d0495611ec544b1
parent	af4cadbe1659bcd6e8f526535386fba5a11742c3 (diff)
download	iotivity-e399a13447872ade36cda2cdd33c2418e04f0180.tar.gz iotivity-e399a13447872ade36cda2cdd33c2418e04f0180.tar.bz2 iotivity-e399a13447872ade36cda2cdd33c2418e04f0180.zip