FIX for static analyzer tool issues 91/29391/4
authori.metelytsia <i.metelytsia@samsung.com>
Mon, 8 Apr 2019 15:38:55 +0000 (18:38 +0300)
committerAleksey Volkov <a.volkov@samsung.com>
Tue, 16 Apr 2019 10:53:59 +0000 (10:53 +0000)
Change-Id: I750d0401e0425b92c7a2004e858cf5c09734186f
Signed-off-by: i.metelytsia <i.metelytsia@samsung.com>
15 files changed:
resource/csdk/security/provisioning/sample/provisioningclient.c
resource/csdk/security/provisioning/sample/subownerclient.c
resource/csdk/security/provisioning/src/cloud/auth.c
resource/csdk/security/provisioning/src/cloud/cloudresource.c
resource/csdk/security/provisioning/src/ownershiptransfermanager.c
resource/csdk/security/provisioning/src/provisioningdatabasemanager.c
resource/csdk/security/provisioning/src/secureresourceprovider.c
resource/csdk/security/src/amaclresource.c
resource/csdk/security/src/credresource.c
resource/csdk/security/src/crlresource.c
resource/csdk/security/src/csrresource.c
resource/csdk/security/src/psinterface.c
resource/csdk/security/src/secureresourcemanager.c
resource/csdk/security/tool/json2cbor.c
resource/csdk/stack/samples/linux/secure/occlientbasicops.cpp

index 21bf3d2..7e5a5cd 100644 (file)
@@ -1500,6 +1500,11 @@ static int provisionCloudConfig(void)
     int certsize = ftell (F);
     rewind (F);
     uint8_t* cert = (uint8_t*) malloc (sizeof(char)*certsize);
+    if (!cert)
+    {
+        printf("     Failed to allocate CA\n");
+        return -1;
+    }
     int res = fread (cert, 1, certsize, F);
     /* Set our own trust anchor so that we trust certs we've issued. */
     res = OCSaveTrustCertChain((uint8_t*) cert, certsize, OIC_ENCODING_PEM, &g_caCredId);
index fa164e2..aa7a71e 100644 (file)
@@ -458,7 +458,10 @@ static int sendPutLed(void)
             return -1;
         }
 
-        waitCallbackRet();
+        if (waitCallbackRet() != 0)
+        {
+            OIC_LOG(WARNING, TAG, "waitCallbackRet failed");
+        }
     }
     else
     {
index 9f814d1..243b0b4 100644 (file)
@@ -930,19 +930,22 @@ static OCStackApplicationResult handleCloudSignInResponse(void *ctx,
             {
                 // find the interface name from UDP address of sender
                 percentChar = strchr(response->devAddr.addr, '%');
-                size_t ifLen = strlen(percentChar);
-                size_t addrLen = strlen(cloud->cis);
-                size_t cisLen = addrLen + ifLen + 3;
-
-                // fill the cloud uri with interface name inserted
-                cis = (char *)OICMalloc(sizeof(char) * cisLen);
-                OICStrcpy(cis, ipv6End - cloud->cis + 1, cloud->cis);
-                OICStrcat(cis, cisLen, "%25");
-                OICStrcat(cis, cisLen, percentChar + 1);
-                OICStrcat(cis, cisLen, ipv6End);
-
-                OICFree(cloud->cis);
-                cloud->cis = cis;
+                if (percentChar)
+                {
+                    size_t ifLen = strlen(percentChar);
+                    size_t addrLen = strlen(cloud->cis);
+                    size_t cisLen = addrLen + ifLen + 3;
+
+                    // fill the cloud uri with interface name inserted
+                    cis = (char *)OICMalloc(sizeof(char) * cisLen);
+                    OICStrcpy(cis, ipv6End - cloud->cis + 1, cloud->cis);
+                    OICStrcat(cis, cisLen, "%25");
+                    OICStrcat(cis, cisLen, percentChar + 1);
+                    OICStrcat(cis, cisLen, ipv6End);
+
+                    OICFree(cloud->cis);
+                    cloud->cis = cis;
+                }
             }
         }
 
@@ -1246,19 +1249,22 @@ static OCStackApplicationResult handleCloudSignUpResponse(void *ctx,
                 {
                     // find the interface name from UDP address of sender
                     percentChar = strchr(response->devAddr.addr, '%');
-                    size_t ifLen = strlen(percentChar);
-                    size_t addrLen = strlen(cloud->redirectUri);
-                    size_t uriLen = addrLen + ifLen + 3;
-
-                    // fill the cloud uri with interface name inserted
-                    redirectUri = (char *)OICMalloc(sizeof(char) * uriLen);
-                    OICStrcpy(redirectUri, ipv6End - cloud->redirectUri + 1, cloud->redirectUri);
-                    OICStrcat(redirectUri, uriLen, "%25");
-                    OICStrcat(redirectUri, uriLen, percentChar + 1);
-                    OICStrcat(redirectUri, uriLen, ipv6End);
-
-                    OICFree(cloud->redirectUri);
-                    cloud->redirectUri = redirectUri;
+                    if (percentChar)
+                    {
+                        size_t ifLen = strlen(percentChar);
+                        size_t addrLen = strlen(cloud->redirectUri);
+                        size_t uriLen = addrLen + ifLen + 3;
+
+                        // fill the cloud uri with interface name inserted
+                        redirectUri = (char *)OICMalloc(sizeof(char) * uriLen);
+                        OICStrcpy(redirectUri, ipv6End - cloud->redirectUri + 1, cloud->redirectUri);
+                        OICStrcat(redirectUri, uriLen, "%25");
+                        OICStrcat(redirectUri, uriLen, percentChar + 1);
+                        OICStrcat(redirectUri, uriLen, ipv6End);
+
+                        OICFree(cloud->redirectUri);
+                        cloud->redirectUri = redirectUri;
+                    }
                 }
             }
 
@@ -1281,19 +1287,22 @@ static OCStackApplicationResult handleCloudSignUpResponse(void *ctx,
                 {
                     // find the interface name from UDP address of sender
                     percentChar = strchr(response->devAddr.addr, '%');
-                    size_t ifLen = strlen(percentChar);
-                    size_t addrLen = strlen(cloud->cis);
-                    size_t uriLen = addrLen + ifLen + 3;
-
-                    // fill the cloud uri with interface name inserted
-                    cis = (char *)OICMalloc(sizeof(char) * uriLen);
-                    OICStrcpy(cis, ipv6End - cloud->cis + 1, cloud->cis);
-                    OICStrcat(cis, uriLen, "%25");
-                    OICStrcat(cis, uriLen, percentChar + 1);
-                    OICStrcat(cis, uriLen, ipv6End);
-
-                    OICFree(cloud->cis);
-                    cloud->cis = cis;
+                    if (percentChar)
+                    {
+                        size_t ifLen = strlen(percentChar);
+                        size_t addrLen = strlen(cloud->cis);
+                        size_t uriLen = addrLen + ifLen + 3;
+
+                        // fill the cloud uri with interface name inserted
+                        cis = (char *)OICMalloc(sizeof(char) * uriLen);
+                        OICStrcpy(cis, ipv6End - cloud->cis + 1, cloud->cis);
+                        OICStrcat(cis, uriLen, "%25");
+                        OICStrcat(cis, uriLen, percentChar + 1);
+                        OICStrcat(cis, uriLen, ipv6End);
+
+                        OICFree(cloud->cis);
+                        cloud->cis = cis;
+                    }
                 }
             }
 
index a5685a5..7352e91 100644 (file)
@@ -468,7 +468,10 @@ static OCEntityHandlerResult HandleCloudGetRequest(OCEntityHandlerRequest *ehReq
 exit:
     response.requestHandle = ehRequest ? ehRequest->requestHandle : NULL;
     response.payload = (OCPayload *)CreateCloudGetPayload(p1);
-    response.payload->type = PAYLOAD_TYPE_REPRESENTATION;
+    if (response.payload)
+    {
+        response.payload->type = PAYLOAD_TYPE_REPRESENTATION;
+    }
     response.persistentBufferFlag = 0;
 
     if (OC_STACK_OK != OCDoResponse(&response))
index 0ba399c..aa93cd8 100644 (file)
@@ -2758,7 +2758,6 @@ OCStackResult OTMDoOwnershipTransfer(void* ctx,
         pCurDev = pCurDev->next;
     }
 
-    SetDosState(DOS_RFPRO);
     OCStackResult res = StartOwnershipTransfer(otmCtx, selectedDevicelist);
 
     OIC_LOG(DEBUG, TAG, "OUT OTMDoOwnershipTransfer");
index 02a9ae7..db5afb1 100644 (file)
@@ -295,6 +295,12 @@ static OCStackResult getIdForUUID(const OicUuid_t *UUID , int *id)
 {
     OIC_LOG_V(DEBUG, TAG, "IN %s", __func__);
 
+    if (NULL == UUID || NULL == id)
+    {
+        OIC_LOG_V(ERROR, TAG, "%s params is NULL", __func__);
+        return OC_STACK_INVALID_PARAM;
+    }
+
     CHECK_PDM_INIT();
 
     sqlite3_stmt *stmt = 0;
@@ -307,7 +313,7 @@ static OCStackResult getIdForUUID(const OicUuid_t *UUID , int *id)
     PDM_VERIFY_SQLITE_OK(TAG, res, ERROR, OC_STACK_ERROR);
 
     OIC_LOG(DEBUG, TAG, "Binding Done");
-    while (SQLITE_ROW == sqlite3_step(stmt))
+    if (SQLITE_ROW == sqlite3_step(stmt))
     {
         int tempId = sqlite3_column_int(stmt, PDM_FIRST_INDEX);
         OIC_LOG_V(DEBUG, TAG, "ID is %d", tempId);
@@ -663,6 +669,12 @@ static OCStackResult getUUIDforId(int id, OicUuid_t *uid, bool *result)
 {
     OIC_LOG_V(DEBUG, TAG, "IN %s", __func__);
 
+    if (NULL == uid)
+    {
+        OIC_LOG_V(ERROR, TAG, "%s uid param is NULL", __func__);
+        return OC_STACK_INVALID_PARAM;
+    }
+
     CHECK_PDM_INIT();
 
     sqlite3_stmt *stmt = 0;
@@ -674,25 +686,14 @@ static OCStackResult getUUIDforId(int id, OicUuid_t *uid, bool *result)
     res = sqlite3_bind_int(stmt, PDM_BIND_INDEX_FIRST, id);
     PDM_VERIFY_SQLITE_OK(TAG, res, ERROR, OC_STACK_ERROR);
 
-    while (SQLITE_ROW == sqlite3_step(stmt))
+    if (SQLITE_ROW == sqlite3_step(stmt))
     {
         const void *ptr = sqlite3_column_blob(stmt, PDM_FIRST_INDEX);
         memcpy(uid, ptr, sizeof(OicUuid_t));
-
-        int temp = sqlite3_column_int(stmt, PDM_SECOND_INDEX);
-        if(PDM_DEVICE_STALE == temp)
-        {
-            if(result)
-            {
-                *result = true;
-            }
-        }
-        else
+        if (NULL != result)
         {
-            if(result)
-            {
-                *result = false;
-            }
+            *result = (PDM_DEVICE_STALE == sqlite3_column_int(stmt, PDM_SECOND_INDEX)) ?
+                        true : false;
         }
         sqlite3_finalize(stmt);
         return OC_STACK_OK;
index c68b8d2..2fae065 100644 (file)
@@ -2145,23 +2145,22 @@ static void registerResultForUnlinkDevices(UnlinkData_t *unlinkData, OCStackResu
         OIC_LOG_V(INFO, TAG, "Stack result :: %d", stackresult);
 
         OicUuid_t *pUuid = &unlinkData->unlinkRes[(unlinkData->numOfResults)].deviceId;
-        if (pUuid && pUuid->id)
+
+        // Set result in the result array according to the position (devNum).
+        if (idx != IDX_DB_UPDATE_RES)
         {
-            // Set result in the result array according to the position (devNum).
-            if (idx != IDX_DB_UPDATE_RES)
+            if (unlinkData->unlinkDev[idx].doxm)
             {
-                if (unlinkData->unlinkDev[idx].doxm)
-                {
-                    memcpy(pUuid->id, unlinkData->unlinkDev[idx].doxm->deviceID.id, sizeof(pUuid->id));
-                }
-            }
-            else
-            {   // When deivce ID is 000... this means it's the result of database update.
-                memset(pUuid->id, 0, sizeof(pUuid->id));
+                memcpy(pUuid->id, unlinkData->unlinkDev[idx].doxm->deviceID.id, sizeof(pUuid->id));
             }
-            unlinkData->unlinkRes[(unlinkData->numOfResults)].res = stackresult;
-            ++(unlinkData->numOfResults);
         }
+        else
+        {   // When deivce ID is 000... this means it's the result of database update.
+            memset(pUuid->id, 0, sizeof(pUuid->id));
+        }
+        unlinkData->unlinkRes[(unlinkData->numOfResults)].res = stackresult;
+        ++(unlinkData->numOfResults);
+
         OIC_LOG (INFO, TAG, "Out registerResultForUnlinkDevices");
     }
 }
index adb2dc0..95b8b96 100644 (file)
@@ -452,7 +452,11 @@ static OCEntityHandlerResult AmaclEntityHandler (OCEntityHandlerFlag flag,
 
             default:
                 ehRet = OC_EH_ERROR;
-                SendSRMResponse(ehRequest, ehRet, NULL, 0);
+                if (OC_STACK_OK != SendSRMResponse(ehRequest, ehRet, NULL, 0))
+                {
+                    OIC_LOG_V(ERROR, TAG, "%s : SendSRMResponse failed!", __func__);
+                }
+                break;
         }
     }
 
@@ -518,7 +522,11 @@ OCStackResult InitAmaclResource(void)
 
 void DeInitAmaclResource(void)
 {
-    OCDeleteResource(gAmaclHandle);
+    OCStackResult res = OCDeleteResource(gAmaclHandle);
+    if (OC_STACK_OK != res)
+    {
+        OIC_LOG_V(WARNING, TAG, "Failed to delete resource: %d", res);
+    }
     gAmaclHandle = NULL;
 
     DeleteAmaclList(gAmacl);
index 14b7d87..f83922a 100644 (file)
@@ -3268,7 +3268,10 @@ OCStackResult AddTmpPskWithPIN(const OicUuid_t* tmpSubject, OicSecCredType_t cre
     ret = AddCredential(cred);
     if( OC_STACK_OK != ret)
     {
-        RemoveCredential(tmpSubject);
+        if(OC_STACK_RESOURCE_DELETED != RemoveCredential(tmpSubject))
+        {
+            OIC_LOG(WARNING, TAG, "Failed to remove credential!");
+        }
         OIC_LOG(ERROR, TAG, "GeneratePskWithPIN() : Failed to add credential");
     }
     OIC_LOG(DEBUG, TAG, "AddTmpPskWithPIN OUT");
@@ -3439,62 +3442,57 @@ OCStackResult FillCertChain(ByteArrayLL_t * chain, OicSecCred_t * temp)
     if (pemCertNum > 0)  // PEM or BASE64 certificates processing
     {
         uint8_t * begin = (uint8_t *) strstr((const char *)temp->publicData.data, PEM_BEGIN_CRT);
-        uint8_t * end = (uint8_t *) strstr((const char *)begin, PEM_END_CRT);
-        for (int i = 0; i < pemCertNum; i++)
+        if (begin)
         {
-            if (NULL != begin && NULL != end)
+            uint8_t * end = (uint8_t *) strstr((const char *)begin, PEM_END_CRT);
+            if (end)
             {
-                ByteArray_t * item = (ByteArray_t *) OICMalloc (sizeof(ByteArray_t));
-                if (NULL == item)
-                {
-                    OIC_LOG(ERROR, TAG, "Failed to allocate memory");
-                    return OC_STACK_ERROR;
-                }
-                item->len = end - begin + sizeof(PEM_END_CRT);
-                item->data = (uint8_t *) OICMalloc (item->len);
-                if (NULL == item->data)
-                {
-                    OIC_LOG(ERROR, TAG, "Failed to allocate memory");
-                    OICFree(item);
-                    return OC_STACK_ERROR;
-                }
-                memcpy(item->data, begin, item->len - 1);
-                item->data[item->len - 1] = '\0'; // adding null terminator at the end of the cert (required by mbedtls_x509_crt_parse)
-                if (chain->cert == NULL)
-                {
-                    chain->cert = item;
-                }
-                else
+                for (int i = 0; i < pemCertNum; i++)
                 {
-                    ByteArrayLL_t * tmp = (ByteArrayLL_t *) OICMalloc (sizeof(ByteArrayLL_t));
-                    if (NULL == tmp)
+                    ByteArray_t * item = (ByteArray_t *) OICMalloc (sizeof(ByteArray_t));
+                    if (NULL == item)
+                    {
+                        OIC_LOG(ERROR, TAG, "Failed to allocate memory");
+                        return OC_STACK_ERROR;
+                    }
+                    item->len = end - begin + sizeof(PEM_END_CRT);
+                    item->data = (uint8_t *) OICMalloc (item->len);
+                    if (NULL == item->data)
                     {
                         OIC_LOG(ERROR, TAG, "Failed to allocate memory");
-                        OICFree(item->data);
                         OICFree(item);
                         return OC_STACK_ERROR;
                     }
-                    tmp->cert = item;
-                    LL_APPEND(chain, tmp);
+                    memcpy(item->data, begin, item->len - 1);
+                    item->data[item->len - 1] = '\0'; // adding null terminator at the end of the cert (required by mbedtls_x509_crt_parse)
+                    if (chain->cert == NULL)
+                    {
+                        chain->cert = item;
+                    }
+                    else
+                    {
+                        ByteArrayLL_t * tmp = (ByteArrayLL_t *) OICMalloc (sizeof(ByteArrayLL_t));
+                        if (NULL == tmp)
+                        {
+                            OIC_LOG(ERROR, TAG, "Failed to allocate memory");
+                            OICFree(item->data);
+                            OICFree(item);
+                            return OC_STACK_ERROR;
+                        }
+                        tmp->cert = item;
+                        LL_APPEND(chain, tmp);
+                    }
+
+                    if (!(begin = (uint8_t*)strstr((const char*)end, PEM_BEGIN_CRT)))
+                    {
+                        break;
+                    }
+                    if (!(end = (uint8_t*)strstr((const char*)begin, PEM_END_CRT)))
+                    {
+                        break;
+                    }
                 }
             }
-            if (NULL != end)
-            {
-                begin = (uint8_t *) strstr((const char *)end, PEM_BEGIN_CRT);
-            }
-            else
-            {
-                begin = NULL;
-            }
-            if (NULL == begin)
-            {
-                break;
-            }
-            end = (uint8_t *) strstr((const char *)begin, PEM_END_CRT);
-            if (NULL == end)
-            {
-                break;
-            }
         }
     }
     else // DER certificates processing
index aa8f8ec..25d0b92 100644 (file)
@@ -598,8 +598,14 @@ static OCEntityHandlerResult CRLEntityHandler(OCEntityHandlerFlag flag,
                 break;
 
             default:
-                ehRet = OC_EH_ERROR;
-                SendSRMResponse(ehRequest, ehRet, NULL, 0);
+                {
+                    ehRet = OC_EH_ERROR;
+                    if (OC_STACK_OK != SendSRMResponse(ehRequest, ehRet, NULL, 0))
+                    {
+                        OIC_LOG_V(WARNING, TAG, "%s : SendSRMResponse failed!", __func__);
+                    }
+                }
+                break;
         }
     }
 
index 915b67a..752067a 100644 (file)
@@ -121,7 +121,7 @@ static OCStackResult CSRToCBORPayload(const uint8_t *csr, size_t csrLen, OicEnco
 
     CborError cborEncoderResult = CborNoError;
     uint8_t *outPayload = NULL;
-    size_t cborLen = *cborSize;
+    size_t cborLen = 0;
     CborEncoder encoder;
     CborEncoder csrRootMap;
     const char *strEncoding = NULL;
@@ -136,14 +136,14 @@ static OCStackResult CSRToCBORPayload(const uint8_t *csr, size_t csrLen, OicEnco
         return OC_STACK_INVALID_PARAM;
     }
 
-    *cborSize = 0;
-    *cborPayload = NULL;
-
-    if (0 == cborLen)
+    if (0 == (cborLen = *cborSize))
     {
         cborLen = CBOR_SIZE;
     }
 
+    *cborSize = 0;
+    *cborPayload = NULL;
+
     outPayload = (uint8_t *)OICCalloc(1, cborLen);
     VERIFY_NOT_NULL_RETURN(TAG, outPayload, ERROR, OC_STACK_NO_MEMORY);
     cbor_encoder_init(&encoder, outPayload, cborLen, 0);
index 38f1bfd..ea77c30 100644 (file)
@@ -825,8 +825,10 @@ OCStackResult CreateResetProfile(void)
             resetPfCborLen = cbor_encoder_get_buffer_size(&encoder, resetPfCbor);
         }
 
-        UpdateSecureResourceInPS(OIC_JSON_RESET_PF_NAME, resetPfCbor, resetPfCborLen);
-
+        if (OC_STACK_OK != UpdateSecureResourceInPS(OIC_JSON_RESET_PF_NAME, resetPfCbor, resetPfCborLen))
+        {
+            OIC_LOG_V(WARNING, TAG, "%s : UpdateSecureResourceInPS failed!", __func__);
+        }
     }
     OIC_LOG(DEBUG, TAG, "CreateResetProfile OUT");
 
index 2a6db92..8f55a0e 100644 (file)
@@ -169,7 +169,6 @@ static void SetDiscoverableAndOcSecureFlags(SRMRequestContext_t *context)
     if (NULL == context)
     {
         OIC_LOG_V(ERROR, TAG, "%s: Null context.", __func__);
-        context->discoverable = DISCOVERABLE_NOT_KNOWN;
         return;
     }
     if (NULL == context->resourceUri)
@@ -478,9 +477,18 @@ OCStackResult SRMInitSecureResources(void)
         OIC_LOG(ERROR, TAG, "Failed to revert TLS credential handler.");
         ret = OC_STACK_ERROR;
     }
-    CAregisterPkixInfoHandler(GetPkixInfo);
-    CAregisterIdentityHandler(GetIdentityHandler);
-    CAregisterGetCredentialTypesHandler(InitCipherSuiteList);
+    if (CA_STATUS_OK != CAregisterPkixInfoHandler(GetPkixInfo))
+    {
+        OIC_LOG_V(WARNING, TAG, "%s : CAregisterPkixInfoHandler failed!", __func__);
+    }
+    if (CA_STATUS_OK != CAregisterIdentityHandler(GetIdentityHandler))
+    {
+        OIC_LOG_V(WARNING, TAG, "%s : CAregisterIdentityHandler failed!", __func__);
+    }
+    if (CA_STATUS_OK != CAregisterGetCredentialTypesHandler(InitCipherSuiteList))
+    {
+        OIC_LOG_V(WARNING, TAG, "%s : CAregisterGetCredentialTypesHandler failed!", __func__);
+    }
     CAregisterSslDisconnectCallback(DeleteRolesCB);
 #endif // __WITH_DTLS__ or __WITH_TLS__
     return ret;
index 6745d70..213a22c 100644 (file)
@@ -1450,7 +1450,7 @@ static OicSecCred_t *JSONToCredBinWithRowner(const char *jsonStr,OicUuid_t *rown
             jsonObj = cJSON_GetObjectItem(jsonCred, OIC_JSON_CREDUSAGE_NAME);
             if (NULL != jsonObj)
             {
-                jsonObjLen = strlen(jsonObj->valuestring);
+//                jsonObjLen = strlen(jsonObj->valuestring);
                 cred->credUsage = OICStrdup(jsonObj->valuestring);
                 VERIFY_NOT_NULL(TAG, (cred->credUsage), ERROR);
             }
index 049caf6..a5841c3 100644 (file)
@@ -219,7 +219,7 @@ OCStackApplicationResult discoveryReqCB(void *, OCDoHandle,
                          && (0 == strcmp(COAPS_STR, resource->eps->tps)))
                     {
                         OCDevAddr* endpoint = &clientResponse->devAddr;
-                        strcpy(endpoint->addr, resource->eps->addr);
+                        strncpy(endpoint->addr, resource->eps->addr, MAX_ADDR_STR_SIZE);
                         endpoint->port = resource->eps->port;
                         endpoint->flags = resource->eps->family;