Fix coverity issuessubmit/tizen/20200226.051623 accepted/tizen/unified/20200228.123752

- Out-of-bounds access - Dereference after null check - Unused value - Unchecked return value Change-Id: I47c1548c16b7ecfa5fc964f8fcfe06053866b3c9 Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
author: Yunjin Lee <yunjin-.lee@samsung.com> 2020-02-14 17:42:17 +0900
committer: Yunjin Lee <yunjin-.lee@samsung.com> 2020-02-20 13:32:00 +0900
commit: 69769cf0513a2aedcf3b8121d94c348dc28107b3 (patch)
tree: 3fcd0b08a9e594c56b6ec1aa4991c777ef57c9ad
parent: 13a577cc7598697c4243b0a06e3078a3d9d0ab93 (diff)
download: privacy-setting-69769cf0513a2aedcf3b8121d94c348dc28107b3.tar.gz
privacy-setting-69769cf0513a2aedcf3b8121d94c348dc28107b3.tar.bz2
privacy-setting-69769cf0513a2aedcf3b8121d94c348dc28107b3.zip
4 files changed, 66 insertions, 25 deletions
diff --git a/packaging/org.tizen.privacy-setting.spec b/packaging/org.tizen.privacy-setting.spec
index b464c75..63fd999 100755
--- a/packaging/org.tizen.privacy-setting.spec
+++ b/packaging/org.tizen.privacy-setting.spec
@@ -4,7 +4,7 @@
 
 Name:    org.tizen.privacy-setting-profile_wearable
 Summary: Privacy setting ui application
-Version: 2.0.3
+Version: 2.0.4
 Release: 1
 Provides: org.tizen.privacy-setting = %{version}-%{release}
 Group:   Applications/Other
diff --git a/ui-popup/src/app_main.c b/ui-popup/src/app_main.c
index 3968ace..85c1cdf 100644
--- a/ui-popup/src/app_main.c
+++ b/ui-popup/src/app_main.c
@@ -22,6 +22,7 @@
 #include <libintl.h>
 #include <efl_extension.h>
 #include <app_info.h>
+#include <app_manager.h>
 
 #include "common_utils.h"
 #include "view.h"
@@ -77,9 +78,10 @@ static void __app_control_clone(app_control_h *clone, app_control_h app_control)
 	if (*clone)
 		app_control_destroy(*clone);
 	int ret = app_control_clone(clone, app_control);
-	if (ret != APP_CONTROL_ERROR_NONE)
-		LOGD("app_control_clone failed. ret = %d", ret);
-	else
+	if (ret != APP_CONTROL_ERROR_NONE) {
+		LOGD("app_control_clone() failed. ret = %d", ret);
+		ui_app_exit();
+	} else
 		LOGD("app control cloned");
 
 	return;
@@ -91,7 +93,7 @@ static bool __reply_requested(app_control_h caller)
 
 	int ret = app_control_is_reply_requested(caller, &requested);
 	if (ret != APP_CONTROL_ERROR_NONE)
-		LOGE("app_control_is_reply_requested failed. ret = %d", ret);
+		LOGE("app_control_is_reply_requested() failed. ret = %d", ret);
 
 	return requested;
 }
@@ -100,9 +102,15 @@ static void __send_error_reply(app_control_h caller)
 {
 	if (__reply_requested(caller)) {
 		app_control_h reply;
-		app_control_create(&reply);
-		app_control_reply_to_launch_request(reply, caller, APP_CONTROL_RESULT_FAILED);
-		app_control_destroy(reply);
+		int ret = app_control_create(&reply);
+		if (ret != APP_CONTROL_ERROR_NONE) {
+			LOGE("app_control_create() failed. ret = %d", ret);
+		} else {
+			ret = app_control_reply_to_launch_request(reply, caller, APP_CONTROL_RESULT_FAILED);
+			if (ret != APP_CONTROL_ERROR_NONE)
+				LOGE("app_control_reply_to_launch_request() failed. ret = %d", ret);
+			app_control_destroy(reply);
+		}
 	}
 	app_control_destroy(caller);
 }
@@ -121,10 +129,24 @@ static void app_control(app_control_h app_control, void *data)
 
 	__app_control_clone(&(ad->caller), app_control);
 
-	app_control_get_caller(ad->caller, &caller_appid);
+	ret = app_control_get_caller(ad->caller, &caller_appid);
+	if (ret != APP_CONTROL_ERROR_NONE) {
+		LOGE("app_control_get_caller() failed. Can't get caller info. Terminate.");
+		ui_app_exit();
+	}
 	app_info_h app_info;
-	app_info_create(caller_appid, &app_info);
-	app_info_get_package(app_info, &(ad->caller_pkgid));
+	ret = app_info_create(caller_appid, &app_info);
+	if (ret != APP_MANAGER_ERROR_NONE) {
+		LOGE("app_info_create() for caller app %s failed. ret = %d", caller_appid, ret);
+		free(caller_appid);
+		ui_app_exit();
+	}
+	ret = app_info_get_package(app_info, &(ad->caller_pkgid));
+	if (ret != APP_MANAGER_ERROR_NONE) {
+		LOGE("app_info_get_package() for caller app %s failed. ret = %d", caller_appid, ret);
+		free(caller_appid);
+		ui_app_exit();
+	}
 	app_info_destroy(app_info);
 	free(caller_appid);
 
diff --git a/ui-popup/src/popup.c b/ui-popup/src/popup.c
index 8d8398b..74af91f 100644
--- a/ui-popup/src/popup.c
+++ b/ui-popup/src/popup.c
@@ -126,7 +126,7 @@ static char* __make_privacy_string(char** privileges, int length, const char* pa
 		ret = privilege_info_get_privacy_by_privilege(privileges[i], &privacy);
 		if (ret == PRVMGR_ERR_NONE && privacy != NULL && strcmp(privacy, "N/A")) {
 			ret = privilege_info_get_privacy_display(privacy, &privacy_display);
-			if (!strstr(privacy_string, privacy_display) && (strlen(privacy_string) + strlen(padding) + strlen(privacy_display) < MAX_PRIVACY_STRING_LEN)) {
+			if (ret == PRVMGR_ERR_NONE && !strstr(privacy_string, privacy_display) && (strlen(privacy_string) + strlen(padding) + strlen(privacy_display) < MAX_PRIVACY_STRING_LEN)) {
 				strcat(privacy_string, padding);
 				strcat(privacy_string, privacy_display);
 			}
@@ -171,9 +171,21 @@ static char* __get_pkg_label(const char* pkgid)
 	pkgmgrinfo_pkginfo_h handle;
 	char* label = NULL;
 
-	pkgmgrinfo_pkginfo_get_pkginfo(pkgid, &handle);
-	pkgmgrinfo_pkginfo_get_label(handle, &label);
+	int ret = pkgmgrinfo_pkginfo_get_pkginfo(pkgid, &handle);
+	if (ret != PMINFO_R_OK) {
+		LOGE("pkgmgrinfo_pkginfo_get_pkginfo() failed. ret = %d, pkgid = %s", ret, pkgid);
+		return "";
+	}
+	ret = pkgmgrinfo_pkginfo_get_label(handle, &label);
+	if (ret != PMINFO_R_OK) {
+		LOGE("pkgmgrinfo_pkginfo_get_label() failed. ret = %d, pkgid = %s", ret, pkgid);
+		return "";
+	}
 	char* pkg_label = strdup(label);
+	if (pkg_label == NULL) {
+		LOGE("strdup() of pkg_label failed. pkgid = %s", pkgid);
+		return "";
+	}
 	pkgmgrinfo_pkginfo_destroy_pkginfo(handle);
 
 	return pkg_label;
@@ -181,14 +193,20 @@ static char* __get_pkg_label(const char* pkgid)
 
 static char* __get_message(const char* padding, papp_data_s *ad)
 {
+	char* label = __get_pkg_label(ad->caller_pkgid);
+	char* privacy_string = __make_privacy_string(ad->privileges, ad->length, padding);
+	char* message = NULL;
 	if (!strcmp(ad->launch_type, "use")) { /* use */
 		if (ad->feature)
-			return __make_message(MSG_POPUP_USE, ad->feature, __get_pkg_label(ad->caller_pkgid), __make_privacy_string(ad->privileges, ad->length, padding), padding);
+			message = __make_message(MSG_POPUP_USE, ad->feature, label, privacy_string, padding);
 		else
-			return __make_message(MSG_POPUP_USE, __get_pkg_label(ad->caller_pkgid), __get_pkg_label(ad->caller_pkgid), __make_privacy_string(ad->privileges, ad->length, padding), padding);
+			message = __make_message(MSG_POPUP_USE, label, label, privacy_string, padding);
 	} else { /* open */
-		return __make_message(MSG_POPUP_OPEN, __get_pkg_label(ad->caller_pkgid), __get_pkg_label(ad->caller_pkgid), __make_privacy_string(ad->privileges, ad->length, padding), padding);
+		message = __make_message(MSG_POPUP_OPEN, label, label, privacy_string, padding);
 	}
+	free(label);
+	free(privacy_string);
+	return message;
 }
 
 /*Privacy List*/
diff --git a/ui/src/package_list_view.c b/ui/src/package_list_view.c
index f48b182..b73d5b7 100644
--- a/ui/src/package_list_view.c
+++ b/ui/src/package_list_view.c
@@ -31,6 +31,8 @@
 #include <pkgmgr-info.h>
 #include <string.h>
 
+#define PRIVACY_LIST_LEN 512
+
 static void gl_realized_cb(void *data, Evas_Object *obj, void *event_info)
 {
 	app_data_s* ad = data;
@@ -46,8 +48,8 @@ static char* gl_text_get_cb(void *data, Evas_Object *obj, const char *part)
 	if (!strcmp(part, "elm.text")) {
 		return strdup(apd->pkg_label);
 	} else if (!strcmp(part, "elm.text.1")) {
-		char privacy_list_string[512];
-		memset(privacy_list_string, 0x00, 512);
+		char privacy_list_string[PRIVACY_LIST_LEN];
+		memset(privacy_list_string, 0x00, PRIVACY_LIST_LEN);
 		int len = 0;
 		GList* l;
 		for (l = apd->pd_list; l != NULL; l = l->next) {
@@ -59,9 +61,9 @@ static char* gl_text_get_cb(void *data, Evas_Object *obj, const char *part)
 					LOGE("file to get privacy display for %s", pd->privacy);
 
 				if (len == 0) {
-					len += snprintf(privacy_list_string, 512, "%s", privacy_display);;
-				} else {
-					len += snprintf(privacy_list_string+len, 512, ", %s", privacy_display);
+					len += snprintf(privacy_list_string, PRIVACY_LIST_LEN, "%s", privacy_display);;
+				} else if (len > 0 && len < PRIVACY_LIST_LEN) {
+					len += snprintf(privacy_list_string + len, PRIVACY_LIST_LEN - len, ", %s", privacy_display);
 				}
 			}
 		}
@@ -81,9 +83,8 @@ static char* gl_title_text_get_cb(void *data, Evas_Object *obj, const char *part
 static void gl_del_cb(void *data, Evas_Object *obj)
 {
 	app_data_s* ad = (app_data_s*)data;
-	if (ad == NULL)
-		LOGE("ad is null. can not free null.");
-	free_app_data(ad);
+	if (ad != NULL)
+		free_app_data(ad);
 	ui_app_exit();
 }
author	Yunjin Lee <yunjin-.lee@samsung.com>	2020-02-14 17:42:17 +0900
committer	Yunjin Lee <yunjin-.lee@samsung.com>	2020-02-20 13:32:00 +0900
commit	69769cf0513a2aedcf3b8121d94c348dc28107b3 (patch)
tree	3fcd0b08a9e594c56b6ec1aa4991c777ef57c9ad
parent	13a577cc7598697c4243b0a06e3078a3d9d0ab93 (diff)
download	privacy-setting-69769cf0513a2aedcf3b8121d94c348dc28107b3.tar.gz privacy-setting-69769cf0513a2aedcf3b8121d94c348dc28107b3.tar.bz2 privacy-setting-69769cf0513a2aedcf3b8121d94c348dc28107b3.zip