diff options
author | Vitalii Irkha <v.irkha@samsung.com> | 2020-04-16 13:24:03 +0300 |
---|---|---|
committer | Sudipto <sudipto.bal@samsung.com> | 2020-06-11 23:48:02 +0530 |
commit | 6de08d315a9c6383e3c33e660b2e5e2b6497316f (patch) | |
tree | 9600424bace1c3318df93a51addd92acff44f535 /resource | |
parent | f744bc43e56b717fafeee0a3215f17704e8ed33c (diff) | |
download | iotivity-6de08d315a9c6383e3c33e660b2e5e2b6497316f.tar.gz iotivity-6de08d315a9c6383e3c33e660b2e5e2b6497316f.tar.bz2 iotivity-6de08d315a9c6383e3c33e660b2e5e2b6497316f.zip |
issue in OwnerUuidUpdateHandler
Fix possible crash in OwnerUuidUpdateHandler() API
https://github.sec.samsung.net/RS7-IOTIVITY/IoTivity/pull/682
(cherry-picked from 0132766ed5abdc8252f5ebbdd20583af0b203eda)
Change-Id: Iee6f14b176b52b72fb55e2d9b22ed11d9bc70492
Signed-off-by: Vitalii Irkha <v.irkha@samsung.com>
Signed-off-by: Sudipto <sudipto.bal@samsung.com>
Diffstat (limited to 'resource')
-rw-r--r-- | resource/csdk/security/provisioning/src/ownershiptransfermanager.c | 95 |
1 files changed, 47 insertions, 48 deletions
diff --git a/resource/csdk/security/provisioning/src/ownershiptransfermanager.c b/resource/csdk/security/provisioning/src/ownershiptransfermanager.c index 4a9021ac3..bdd25fcdd 100644 --- a/resource/csdk/security/provisioning/src/ownershiptransfermanager.c +++ b/resource/csdk/security/provisioning/src/ownershiptransfermanager.c @@ -1067,69 +1067,68 @@ static OCStackApplicationResult OwnerUuidUpdateHandler(void *ctx, OCDoHandle UNU OTMContext_t* otmCtx = (OTMContext_t*)ctx; otmCtx->ocDoHandle = NULL; - if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) + if(otmCtx && otmCtx->selectedDeviceInfo) { - if(otmCtx && otmCtx->selectedDeviceInfo) + if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) { - //In case of Mutual Verified Just-Works, wait for user confirmation - if (OIC_MV_JUST_WORKS == otmCtx->selectedDeviceInfo->doxm->oxmSel) - { - res = VerifyOwnershipTransfer(NULL, USER_CONFIRM); - if (OC_STACK_OK != res) + //In case of Mutual Verified Just-Works, wait for user confirmation + if (OIC_MV_JUST_WORKS == otmCtx->selectedDeviceInfo->doxm->oxmSel) { - if (OC_STACK_OK != SRPResetDevice(otmCtx->selectedDeviceInfo, deleteCallback)) + res = VerifyOwnershipTransfer(NULL, USER_CONFIRM); + if (OC_STACK_OK != res) { - OIC_LOG(WARNING, TAG, "OwnerUuidUpdateHandler : SRPResetDevice error"); + if (OC_STACK_OK != SRPResetDevice(otmCtx->selectedDeviceInfo, deleteCallback)) + { + OIC_LOG(WARNING, TAG, "OwnerUuidUpdateHandler : SRPResetDevice error"); + } + OIC_LOG(ERROR, TAG, "OwnerUuidUpdateHandler:Failed to verify user confirm"); + SetResult(otmCtx, res); + return OC_STACK_DELETE_TRANSACTION; } - OIC_LOG(ERROR, TAG, "OwnerUuidUpdateHandler:Failed to verify user confirm"); + } + + res = SaveOwnerPSK(otmCtx->selectedDeviceInfo); + if(OC_STACK_OK != res) + { + OIC_LOG(ERROR, TAG, "OwnerUuidUpdateHandler:Failed to owner PSK generation"); SetResult(otmCtx, res); return OC_STACK_DELETE_TRANSACTION; } - } - res = SaveOwnerPSK(otmCtx->selectedDeviceInfo); - if(OC_STACK_OK != res) + //POST owner credential to new device according to security spec B. + res = PostOwnerCredential(otmCtx); + if(OC_STACK_OK != res) + { + OIC_LOG(ERROR, TAG, + "OwnerUuidUpdateHandler:Failed to send PosT request for onwer credential"); + SetResult(otmCtx, res); + return OC_STACK_DELETE_TRANSACTION; + } + } + else + { + if (((OIC_MANUFACTURER_CERTIFICATE == otmCtx->selectedDeviceInfo->doxm->oxmSel) || + (OIC_CON_MFG_CERT == otmCtx->selectedDeviceInfo->doxm->oxmSel)) && + OC_STACK_NOT_ACCEPTABLE == clientResponse->result) { - OIC_LOG(ERROR, TAG, "OwnerUuidUpdateHandler:Failed to owner PSK generation"); - SetResult(otmCtx, res); - return OC_STACK_DELETE_TRANSACTION; + res = OC_STACK_USER_DENIED_REQ; + OIC_LOG_V(ERROR, TAG, + "OwnerUuidUpdateHandler : Denied Request(%d)", res); } - - //POST owner credential to new device according to security spec B. - res = PostOwnerCredential(otmCtx); - if(OC_STACK_OK != res) + else if (OC_STACK_GATEWAY_TIMEOUT == clientResponse->result) { - OIC_LOG(ERROR, TAG, - "OwnerUuidUpdateHandler:Failed to send PosT request for onwer credential"); - SetResult(otmCtx, res); - return OC_STACK_DELETE_TRANSACTION; + res = clientResponse->result; + OIC_LOG_V(ERROR, TAG, + "OwnerUuidUpdateHandler : Timeout:No Response Received(%d)", res); } + else + { + res = clientResponse->result; + OIC_LOG_V(ERROR, TAG, "OwnerUuidUpdateHandler : Unexpected result(%d)", res); + } + SetResult(otmCtx, res); } } - else - { - if (((OIC_MANUFACTURER_CERTIFICATE == otmCtx->selectedDeviceInfo->doxm->oxmSel) || - (OIC_CON_MFG_CERT == otmCtx->selectedDeviceInfo->doxm->oxmSel)) && - OC_STACK_NOT_ACCEPTABLE == clientResponse->result) - { - res = OC_STACK_USER_DENIED_REQ; - OIC_LOG_V(ERROR, TAG, - "OwnerUuidUpdateHandler : Denied Request(%d)", res); - } - else if (OC_STACK_GATEWAY_TIMEOUT == clientResponse->result) - { - res = clientResponse->result; - OIC_LOG_V(ERROR, TAG, - "OwnerUuidUpdateHandler : Timeout:No Response Received(%d)", res); - } - else - { - res = clientResponse->result; - OIC_LOG_V(ERROR, TAG, "OwnerUuidUpdateHandler : Unexpected result(%d)", res); - } - SetResult(otmCtx, res); - } - OIC_LOG(DEBUG, TAG, "OUT OwnerUuidUpdateHandler"); exit: |