Commit 9d1604c2 authored by Andrii Shtompel's avatar Andrii Shtompel Committed by Randeep

Fix issues reported by SVACE tool in Security module

Change-Id: I04966f191eb8d0c1a11c7b51b9f209688874a047
Signed-off-by: default avatarAndrii Shtompel <a.shtompel@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/5303Tested-by: default avatarjenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Randeep's avatarRandeep Singh <randeep.s@samsung.com>
parent 5cb1d4c4
......@@ -375,7 +375,7 @@ OicSecCred_t * JSONToCredBin(const char * jsonStr)
jsonObj = cJSON_GetObjectItem(jsonCred, OIC_JSON_OWNERS_NAME);
VERIFY_NON_NULL(TAG, jsonObj, ERROR);
VERIFY_SUCCESS(TAG, cJSON_Array == jsonObj->type, ERROR);
cred->ownersLen = cJSON_GetArraySize(jsonObj);
cred->ownersLen = (size_t)cJSON_GetArraySize(jsonObj);
VERIFY_SUCCESS(TAG, cred->ownersLen > 0, ERROR);
cred->owners = (OicUuid_t*)OICCalloc(cred->ownersLen, sizeof(OicUuid_t));
VERIFY_NON_NULL(TAG, (cred->owners), ERROR);
......@@ -1188,18 +1188,20 @@ static OCStackResult GetCAPublicKeyData(CADtlsX509Creds_t *credInfo){
static OCStackResult GetCertCredPublicData(CADtlsX509Creds_t *credInfo, OicSecCred_t *cred)
{
OCStackResult ret = OC_STACK_ERROR;
cJSON *jsonRoot = NULL;
VERIFY_NON_NULL(TAG, credInfo, ERROR);
VERIFY_NON_NULL(TAG, cred, ERROR);
VERIFY_NON_NULL(TAG, cred->publicData.data, ERROR);
//VERIFY_SUCCESS(TAG, NULL == credInfo->certificateChain.data, ERROR);
cJSON *jsonRoot = cJSON_Parse(cred->publicData.data);
jsonRoot = cJSON_Parse(cred->publicData.data);
VERIFY_NON_NULL(TAG, jsonRoot, ERROR);
//Get certificate chain
cJSON *jsonObj = cJSON_GetObjectItem(jsonRoot, CERTIFICATE);//TODO define field names constants
VERIFY_SUCCESS(TAG, NULL != jsonObj && cJSON_Array == jsonObj->type, ERROR);
size_t certChainLen = cJSON_GetArraySize(jsonObj);
size_t certChainLen = (size_t)cJSON_GetArraySize(jsonObj);
credInfo->chainLen = certChainLen;
VERIFY_SUCCESS(TAG, MAX_CHAIN_LEN >= certChainLen, ERROR);
......@@ -1207,6 +1209,7 @@ static OCStackResult GetCertCredPublicData(CADtlsX509Creds_t *credInfo, OicSecCr
for (size_t i = 0; i < certChainLen; ++i)
{
cJSON *item = cJSON_GetArrayItem(jsonObj, i);
VERIFY_NON_NULL(TAG, item, ERROR);
VERIFY_SUCCESS(TAG, cJSON_String == item->type, ERROR);
uint32_t appendedLen = appendCert2Chain(credInfo->certificateChain + len, item->valuestring,
MAX_CERT_MESSAGE_LEN - len);
......@@ -1224,10 +1227,11 @@ exit:
static OCStackResult GetCertCredPrivateData(CADtlsX509Creds_t *credInfo, OicSecCred_t *cred)
{
OCStackResult ret = OC_STACK_ERROR;
cJSON *jsonRoot = NULL;
VERIFY_NON_NULL(TAG, credInfo, ERROR);
VERIFY_NON_NULL(TAG, cred, ERROR);
VERIFY_NON_NULL(TAG, cred->privateData.data, ERROR);
cJSON *jsonRoot = cJSON_Parse(cred->privateData.data);
jsonRoot = cJSON_Parse(cred->privateData.data);
VERIFY_NON_NULL(TAG, jsonRoot, ERROR);
cJSON *jsonObj = cJSON_GetObjectItem(jsonRoot, PRIVATE_KEY);//TODO define field names constants
......
......@@ -93,7 +93,7 @@ char *BinToCrlJSON(const OicSecCrl_t *crl)
//ThisUpdate -- Mandatory
outLen = 0;
base64CRLLen = B64ENCODE_OUT_SAFESIZE(crl->ThisUpdate.len);
base64CRLLen = (uint32_t)B64ENCODE_OUT_SAFESIZE(crl->ThisUpdate.len);
base64Buff = OICMalloc(base64CRLLen);
b64Ret = b64Encode(crl->ThisUpdate.data, crl->ThisUpdate.len, base64Buff,
base64CRLLen, &outLen);
......@@ -103,7 +103,7 @@ char *BinToCrlJSON(const OicSecCrl_t *crl)
//CRLData -- Mandatory
outLen = 0;
base64CRLLen = B64ENCODE_OUT_SAFESIZE(crl->CrlData.len);
base64CRLLen = (uint32_t)B64ENCODE_OUT_SAFESIZE(crl->CrlData.len);
base64Buff = OICMalloc(base64CRLLen);
b64Ret = b64Encode(crl->CrlData.data, crl->CrlData.len, base64Buff,
base64CRLLen, &outLen);
......@@ -186,7 +186,7 @@ OicSecCrl_t *JSONToCrlBin(const char * jsonStr)
else // PUT/POST JSON will not have ThisUpdate so set it to the gCRList->ThisUpdate
{
VERIFY_NON_NULL(TAG, gCrl, ERROR);
outLen = gCrl->ThisUpdate.len;
outLen = (uint32_t)gCrl->ThisUpdate.len;
crl->ThisUpdate.data = OICMalloc(outLen + 1);
memcpy(crl->ThisUpdate.data, gCrl->ThisUpdate.data, outLen);
crl->ThisUpdate.len = outLen;
......@@ -220,7 +220,7 @@ OicSecCrl_t *JSONToCrlBin(const char * jsonStr)
else // PUT/POST JSON will not have CRLData so set it to the gCRList->CRLData
{
VERIFY_NON_NULL(TAG, gCrl, ERROR);
outLen = gCrl->CrlData.len;
outLen = (uint32_t)gCrl->CrlData.len;
crl->CrlData.data = OICMalloc(outLen + 1);
memcpy(crl->CrlData.data, gCrl->CrlData.data, outLen);
crl->CrlData.len = outLen;
......@@ -278,10 +278,7 @@ static OCEntityHandlerResult HandleCRLPostRequest(const OCEntityHandlerRequest *
cJSON *jsonObj = cJSON_Parse(jsonCRL);
OicSecCrl_t *crl = NULL;
crl = JSONToCrlBin(jsonCRL);
if (!crl)
{
OIC_LOG(ERROR, TAG, "Error JSONToCrlBin");
}
VERIFY_NON_NULL(TAG, crl, ERROR);
gCrl->CrlId = crl->CrlId;
......@@ -304,8 +301,9 @@ static OCEntityHandlerResult HandleCRLPostRequest(const OCEntityHandlerRequest *
}
DeleteCrlBinData(crl);
cJSON_Delete(jsonObj);
exit:
cJSON_Delete(jsonObj);
}
// Send payload to request originator
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment