From 36eb4021277e375bdb179970bac24553cfc0cde9 Mon Sep 17 00:00:00 2001
From: "sangwan.kwon" <sangwan.kwon@samsung.com>
Date: Mon, 1 Aug 2016 17:17:54 +0900
Subject: Fix svace defects

* null check to return value
* overflow check on array
* fix dead code (it seem to typo, (++ptr))

Change-Id: I184b29a184812c745a8ee192632ea101e349b10d
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
---
 src/bn.c        | 2 +-
 src/templates.c | 2 +-
 src/xmldsig.c   | 1 +
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/bn.c b/src/bn.c
index b5333c9c..48fb990a 100644
--- a/src/bn.c
+++ b/src/bn.c
@@ -252,7 +252,7 @@ xmlSecBnFromString(xmlSecBnPtr bn, const xmlChar* str, xmlSecSize base) {
                 continue;
         }
 
-        xmlSecAssert2(ch <= sizeof(xmlSecBnLookupTable), -1);
+        xmlSecAssert2(ch < sizeof(xmlSecBnLookupTable) / sizeof(xmlSecBnLookupTable[0]), -1);
         nn = xmlSecBnLookupTable[ch];
         if((nn < 0) || ((xmlSecSize)nn > base)) {
                 xmlSecError(XMLSEC_ERRORS_HERE,
diff --git a/src/templates.c b/src/templates.c
index 8764da40..88bed3dd 100644
--- a/src/templates.c
+++ b/src/templates.c
@@ -2065,7 +2065,7 @@ xmlSecTmplNodeWriteNsList(xmlNodePtr parentNode, const xmlChar** nsList) {
         } else {
             prefix = (*ptr);
         }
-        if((++ptr) == NULL) {
+        if(*(++ptr) == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
                         NULL,
diff --git a/src/xmldsig.c b/src/xmldsig.c
index 7d8760b7..61e35074 100644
--- a/src/xmldsig.c
+++ b/src/xmldsig.c
@@ -2333,6 +2333,7 @@ xmlSecDSigReferenceCtxProcessNodeEx(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNod
 
     /* read attributes first */
     dsigRefCtx->uri = xmlGetProp(node, xmlSecAttrURI);
+    xmlSecAssert2(dsigRefCtx->uri != NULL, -1);
 
     while(pNextTmp[i] != NULL) {
         len =  strlen(pNextTmp[i]);
-- 
cgit v1.2.3