diff --git a/frameworks/cert_manager_standard/main/common/BUILD.gn b/frameworks/cert_manager_standard/main/common/BUILD.gn index b5219169c6068fe90febb0794d970e686f145daa..3ab84be2efca4c6b37bffc85488f475f49bf6ae3 100644 --- a/frameworks/cert_manager_standard/main/common/BUILD.gn +++ b/frameworks/cert_manager_standard/main/common/BUILD.gn @@ -43,6 +43,7 @@ ohos_static_library("libcert_manager_common_standard_static") { "src/cm_advsecmode_check.c", "src/cm_param.c", "src/cm_pfx.c", + "src/cm_util.c", "src/cm_x509.c", ] diff --git a/frameworks/cert_manager_standard/main/common/include/cert_manager_service_ipc_interface_code.h b/frameworks/cert_manager_standard/main/common/include/cert_manager_service_ipc_interface_code.h index 91b6a2e9f26fe231ddb9fcf20bb7683b127a7515..a6e1f1cb63845fb22a7bcf3a1c0f36ea8ebb65a3 100644 --- a/frameworks/cert_manager_standard/main/common/include/cert_manager_service_ipc_interface_code.h +++ b/frameworks/cert_manager_standard/main/common/include/cert_manager_service_ipc_interface_code.h @@ -24,7 +24,6 @@ extern "C" { enum CertManagerInterfaceCode { CM_MSG_BASE = 0, - CM_MSG_GEN_KEY = CM_MSG_BASE, CM_MSG_GET_CERTIFICATE_LIST, CM_MSG_GET_CERTIFICATE_INFO, CM_MSG_SET_CERTIFICATE_STATUS, diff --git a/frameworks/cert_manager_standard/main/common/include/cm_util.h b/frameworks/cert_manager_standard/main/common/include/cm_util.h new file mode 100644 index 0000000000000000000000000000000000000000..87b10f9843b50b5c11edec61746d0f406a4968ed --- /dev/null +++ b/frameworks/cert_manager_standard/main/common/include/cm_util.h @@ -0,0 +1,30 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CERT_UTIL_H +#define CERT_UTIL_H + +#include +#include +#ifdef __cplusplus +extern "C" { +#endif + +int32_t CmIsNumeric(const char *str, const size_t length, uint32_t *value); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/frameworks/cert_manager_standard/main/common/src/cm_util.c b/frameworks/cert_manager_standard/main/common/src/cm_util.c new file mode 100644 index 0000000000000000000000000000000000000000..b8cd499845de8eccae2b8750c27b2591af2caf9e --- /dev/null +++ b/frameworks/cert_manager_standard/main/common/src/cm_util.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_util.h" + +#include "cm_type.h" +#include "cm_log.h" + +#define CARRY 10 +#define STR_MAX_LEN 10 + +int32_t CmIsNumeric(const char *str, const size_t length, uint32_t *value) +{ + if (str == NULL || length == 0 || length > STR_MAX_LEN || value == NULL) { + CM_LOG_D("input parameter error"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + for (size_t i = 0; i < length; i++) { + if (str[i] == '\0') { + break; + } + if (i == length - 1) { + CM_LOG_D("the string does not have an terminator"); + return CMR_ERROR_INVALID_ARGUMENT; + } + } + + char *endptr = NULL; + unsigned long num = strtoul(str, &endptr, CARRY); + if (endptr == NULL || *endptr != '\0') { + CM_LOG_D("str is not numeric string"); + return CMR_ERROR_INVALID_ARGUMENT; + } else { + *value = (uint32_t)num; + return CM_SUCCESS; + } +} diff --git a/frameworks/cert_manager_standard/main/common/src/cm_x509.c b/frameworks/cert_manager_standard/main/common/src/cm_x509.c index 87eec7105cf04f184e4c44ccfdb3e3eac8cd3734..ef40a1a854661f1a1216068fc0800a9fe5f91375 100644 --- a/frameworks/cert_manager_standard/main/common/src/cm_x509.c +++ b/frameworks/cert_manager_standard/main/common/src/cm_x509.c @@ -36,7 +36,7 @@ typedef ASN1_TIME *(TIME_FUNC)(const X509 *); X509 *InitCertContext(const uint8_t *certBuf, uint32_t size) { X509 *x509 = NULL; - if (certBuf == NULL || size > MAX_LEN_CERTIFICATE) { + if (certBuf == NULL || size > MAX_LEN_CERTIFICATE || size == 0) { return NULL; } BIO *bio = BIO_new_mem_buf(certBuf, (int)size); diff --git a/frameworks/cert_manager_standard/main/os_dependency/log/cm_log.c b/frameworks/cert_manager_standard/main/os_dependency/log/cm_log.c index 51356f91e66c5d2b6ac168f68838b41eb592f3de..94e2e5ca9667944f861bd8fc1fcd31ced810ce01 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/log/cm_log.c +++ b/frameworks/cert_manager_standard/main/os_dependency/log/cm_log.c @@ -24,12 +24,7 @@ void CmLog(uint32_t logLevel, const char *funcName, uint32_t lineNo, const char *format, ...) { - char *buf = (char *)CmMalloc(MAX_LOG_BUFF_LEN); - if (buf == NULL) { - HILOG_ERROR(LOG_CORE, "certificate manager log malloc fail"); - return; - } - (void)memset_s(buf, MAX_LOG_BUFF_LEN, 0, MAX_LOG_BUFF_LEN); + char buf[MAX_LOG_BUFF_LEN] = {0}; va_list ap; va_start(ap, format); @@ -37,7 +32,6 @@ void CmLog(uint32_t logLevel, const char *funcName, uint32_t lineNo, const char va_end(ap); if (ret < 0) { HILOG_ERROR(LOG_CORE, "certificate manager log concatenate error."); - CM_FREE_PTR(buf); return; } @@ -55,9 +49,6 @@ void CmLog(uint32_t logLevel, const char *funcName, uint32_t lineNo, const char HILOG_DEBUG(LOG_CORE, "%{public}s[%{public}u]: %{private}s\n", funcName, lineNo, buf); break; default: - CM_FREE_PTR(buf); return; } - - CM_FREE_PTR(buf); } diff --git a/interfaces/kits/napi/include/dialog/cm_napi_dialog_common.h b/interfaces/kits/napi/include/dialog/cm_napi_dialog_common.h index acfc4e0e4f5dcd77581000527a72d812fb24a104..a53473f4f70340423689ea3000c94d6bdeb23fb5 100644 --- a/interfaces/kits/napi/include/dialog/cm_napi_dialog_common.h +++ b/interfaces/kits/napi/include/dialog/cm_napi_dialog_common.h @@ -40,13 +40,6 @@ napi_value GenerateBusinessError(napi_env env, int32_t errorCode); void GeneratePromise(napi_env env, napi_deferred deferred, int32_t resultCode, napi_value *result, int32_t length); -inline napi_value GetNull(napi_env env) -{ - napi_value result = nullptr; - NAPI_CALL(env, napi_get_null(env, &result)); - return result; -} - inline napi_value GetInt32(napi_env env, int32_t value) { napi_value result = nullptr; diff --git a/interfaces/kits/napi/src/cm_napi_grant.cpp b/interfaces/kits/napi/src/cm_napi_grant.cpp index f1923c5b25a0562bd50ce9ea91506b796229e4af..693cb72b01f49dd9c0be59aa32002ef91469d737 100644 --- a/interfaces/kits/napi/src/cm_napi_grant.cpp +++ b/interfaces/kits/napi/src/cm_napi_grant.cpp @@ -22,6 +22,7 @@ #include "cm_mem.h" #include "cm_type.h" #include "cm_napi_common.h" +#include "cm_util.h" namespace CMNapi { namespace { @@ -76,8 +77,9 @@ static napi_value ParseString2Uint32(napi_env env, napi_value object, uint32_t & { struct CmBlob *blob = nullptr; napi_value result = ParseString(env, object, blob); - if (result == nullptr) { - CM_LOG_E("parse string to blob failed"); + if (result == nullptr || + CmIsNumeric(reinterpret_cast(blob->data), static_cast(blob->size), &value) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed"); if (blob != nullptr) { CM_FREE_PTR(blob->data); CmFree(blob); @@ -85,7 +87,6 @@ static napi_value ParseString2Uint32(napi_env env, napi_value object, uint32_t & return nullptr; } - value = static_cast(atoi(reinterpret_cast(blob->data))); CM_FREE_PTR(blob->data); CM_FREE_PTR(blob); return GetInt32(env, 0); diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c index c704364b92f53b6f11fa3ec85d699de76341b94d..7a3a0ed981e4bac1cd2fb400cd58cc4f06aa4b5a 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c @@ -32,6 +32,7 @@ #include "cm_log.h" #include "cm_type.h" #include "cm_x509.h" +#include "cm_util.h" #include "securec.h" @@ -772,7 +773,13 @@ int32_t CmBackupRemove(uint32_t userId, const char *path, const struct CmBlob *c return CMR_ERROR_INVALID_ARGUMENT; } - uint32_t uid = (uint32_t)atoi(basename((char *)path)); + uint32_t uid = 0; + char *uidStr = basename((char *)path); + if (CmIsNumeric(uidStr, strlen(uidStr) + 1, &uid) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + char userCertConfigFilePath[CERT_MAX_PATH_LEN] = { 0 }; int32_t ret = CmGetCertConfPath(userId, uid, certUri, userCertConfigFilePath, CERT_MAX_PATH_LEN); if (ret != CM_SUCCESS) { @@ -841,7 +848,12 @@ static int32_t RemoveAllConfUidDir(uint32_t userId, const char *uidPath) return CMR_ERROR_INVALID_ARGUMENT; } char configUidDirPath[CERT_MAX_PATH_LEN] = { 0 }; - uint32_t uid = (uint32_t)atoi(basename((char *)uidPath)); + uint32_t uid = 0; + char *uidStr = basename((char *)uidPath); + if (CmIsNumeric(uidStr, strlen(uidStr) + 1, &uid) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } int32_t ret = CmGetCertConfUidDir(userId, uid, configUidDirPath, CERT_MAX_PATH_LEN); if (ret != CM_SUCCESS) { diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_app_cert_process.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_app_cert_process.c index 45d7a54bd7c461e49ebfb3a91795440a6cadc24b..cee0f4df05b9928dec0d886d36aa343b6fd58420 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_app_cert_process.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_app_cert_process.c @@ -32,7 +32,6 @@ #include "cert_manager_mem.h" #include "cert_manager_storage.h" #include "cert_manager_crypto_operation.h" -#include "cert_manager.h" #include "cert_manager_service.h" #include "cert_manager_uri.h" #include "cm_log.h" diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_auth_mgr.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_auth_mgr.c index 31a2436a13c4db04a840e10e93b9b2fd4ef05ebf..d0fd8c609cc360cad60b6993b900df99ce77c1af 100755 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_auth_mgr.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_auth_mgr.c @@ -26,6 +26,7 @@ #include "cert_manager_crypto_operation.h" #include "cert_manager_uri.h" #include "cm_log.h" +#include "cm_util.h" #define MAC_SHA256_LEN 32 @@ -109,8 +110,14 @@ static int32_t GetAndCheckUriObj(struct CMUri *uriObj, const struct CmBlob *uri, static int32_t CheckCallerIsProducer(const struct CmContext *context, const struct CMUri *uriObj) { /* check caller is Producer: user and app has been checked not null */ - uint32_t userId = (uint32_t)atoi(uriObj->user); - uint32_t uid = (uint32_t)atoi(uriObj->app); + uint32_t userId = 0; + uint32_t uid = 0; + if (CmIsNumeric(uriObj->user, strlen(uriObj->user) + 1, &userId) != CM_SUCCESS || + CmIsNumeric(uriObj->app, strlen(uriObj->app) + 1, &uid) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + if ((userId == context->userId) && (uid == context->uid)) { CM_LOG_D("caller is producer."); return CM_SUCCESS; @@ -468,7 +475,12 @@ static int32_t CheckIsAuthorizedApp(const struct CMUri *uriObj) /* calc uri mac */ uint8_t macData[MAC_SHA256_LEN] = {0}; struct CmBlob mac = { sizeof(macData), macData }; - uint32_t clientUid = (uint32_t)atoi(uriObj->clientApp); + uint32_t clientUid = 0; + if (CmIsNumeric(uriObj->clientApp, strlen(uriObj->clientApp) + 1, &clientUid) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + ret = CalcUriMac(uriObj, clientUid, &mac, false); if (ret != CM_SUCCESS) { CM_LOG_E("calc uri mac failed, ret = %d", ret); @@ -683,7 +695,12 @@ static int32_t CheckCommonPermission(const struct CmContext *context, const stru return CMR_ERROR_PERMISSION_DENIED; } - uint32_t clientUid = (uint32_t)atoi(uriObj->clientApp); + uint32_t clientUid = 0; + if (CmIsNumeric(uriObj->clientApp, strlen(uriObj->clientApp) + 1, &clientUid) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (clientUid != context->uid) { CM_LOG_E("caller uid not match client uid"); return CMR_ERROR_PERMISSION_DENIED; diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c index 622222c1089854ef8a175f7fff7f1ffd65b3a864..ceb52fafee066b0f5e74b35520317772795b23fe 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c @@ -21,6 +21,7 @@ #include "cert_manager_permission_check.h" #include "cert_manager_uri.h" #include "cm_log.h" +#include "cm_util.h" int32_t CheckUri(const struct CmBlob *keyUri) { @@ -268,8 +269,14 @@ static int32_t checkCallerAndUri(struct CmContext *cmContext, const struct CmBlo return CMR_ERROR_INVALID_ARGUMENT; } - uint32_t userId = (uint32_t)atoi(uriObj.user); - uint32_t uid = (uint32_t)atoi(uriObj.app); + uint32_t userId = 0; + uint32_t uid = 0; + if (CmIsNumeric(uriObj.user, strlen(uriObj.user) + 1, &userId) != CM_SUCCESS || + CmIsNumeric(uriObj.app, strlen(uriObj.app) + 1, &uid) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + (void)CertManagerFreeUri(&uriObj); if ((cmContext->userId != 0) && (cmContext->userId != userId)) { CM_LOG_E("caller userid is not producer"); diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c index 491b306c27feac11f1c2312f87c28ff6d1164425..e784f0a7883bb38de226f1b697b55e2ed5157b1d 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c @@ -38,6 +38,7 @@ #include "cm_log.h" #include "cm_type.h" #include "cm_x509.h" +#include "cm_util.h" #include "cert_manager_file_operator.h" #include "cert_manager_updateflag.h" @@ -152,7 +153,7 @@ int32_t CmServiceGetAppCert(const struct CmContext *context, uint32_t store, int32_t CmServiceGrantAppCertificate(const struct CmContext *context, const struct CmBlob *keyUri, uint32_t appUid, struct CmBlob *authUri) { - if (CheckUri(keyUri) != CM_SUCCESS || CmCheckBlob(authUri) != CM_SUCCESS) { + if (CheckUri(keyUri) != CM_SUCCESS || CmCheckBlob(authUri) != CM_SUCCESS || context == NULL) { CM_LOG_E("invalid input arguments"); return CMR_ERROR_INVALID_ARGUMENT; } @@ -227,7 +228,12 @@ static int32_t CheckAndGetStore(const struct CmContext *context, const struct Cm } uint32_t type = uriObj.type; - uint32_t userId = (uint32_t)atoi(uriObj.user); + uint32_t userId = 0; + if (CmIsNumeric(uriObj.user, strlen(uriObj.user) + 1, &userId) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + (void)CertManagerFreeUri(&uriObj); if (type == CM_URI_TYPE_SYS_KEY) { if (!CmHasSystemAppPermission()) { @@ -667,14 +673,23 @@ static int32_t CmComparisonCallerIdWithUri(const struct CmContext *context, (void)CertManagerFreeUri(&uriObj); return CMR_ERROR_INVALID_ARGUMENT; } - uint32_t userId = (uint32_t)atoi(uriObj.user); + uint32_t userId = 0; + if (CmIsNumeric(uriObj.user, strlen(uriObj.user) + 1, &userId) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } if (uriObj.app == NULL) { CM_LOG_E("uri app invalid"); (void)CertManagerFreeUri(&uriObj); return CMR_ERROR_INVALID_ARGUMENT; } - uint32_t uid = (uint32_t)atoi(uriObj.app); + uint32_t uid = 0; + if (CmIsNumeric(uriObj.app, strlen(uriObj.app) + 1, &uid) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + if ((context->userId == userId) && (context->uid == uid)) { ret = CM_SUCCESS; } else { diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_updateflag.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_updateflag.c index f135fe832d31019c659320a0453bac6e1f3ea1c7..a2aaea31d4e76da24329f30352a98c12564e65f7 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_updateflag.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_updateflag.c @@ -32,6 +32,7 @@ #include "cm_log.h" #include "cm_x509.h" #include "securec.h" +#include "cm_util.h" #ifdef __cplusplus extern "C" { @@ -218,8 +219,13 @@ int32_t CmConstructContextFromUri(const char *certUri, struct CmContext *context ret = CMR_ERROR_INVALID_ARGUMENT; break; } - context->userId = (uint32_t)atoi(cmUri.user); - context->uid = (uint32_t)atoi(cmUri.app); + + if (CmIsNumeric(cmUri.user, strlen(cmUri.user) + 1, &(context->userId)) != CM_SUCCESS || + CmIsNumeric(cmUri.app, strlen(cmUri.app) + 1, &(context->uid)) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (snprintf_s(context->packageName, sizeof(context->packageName), sizeof(context->packageName) - 1, "%s", cmUri.object) < 0) { CM_LOG_E("Failed to fill context->packageName"); @@ -396,7 +402,11 @@ static int32_t UpdateUserCerts(uint32_t userId, const char *userIdPath) uint32_t uid = 0; /* Update certificate file */ - uid = (uint32_t)atoi(dire->d_name); + if (CmIsNumeric(dire->d_name, strlen(dire->d_name) + 1, &uid) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + ret = UpdateUserCert(userId, uid, (const char *)certFilePath->data); if (ret != CM_SUCCESS) { CM_LOG_E("Failed to update cert file for the certFilePath"); @@ -443,7 +453,11 @@ static int32_t UpdateAllUserCerts(void) } /* Updates all certificates for the specified user */ - userId = (uint32_t)atoi(dire->d_name); + if (CmIsNumeric(dire->d_name, strlen(dire->d_name) + 1, &userId) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + int32_t ret = UpdateUserCerts(userId, userIdPath); if (ret != CM_SUCCESS) { CM_LOG_E("Failed to update all certificates for the userIdPath"); diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_uri.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_uri.c index 796aeed18e7136c45ab13fc78bd8168018c75356..38dc9bb7a2d97e720e66163551906524aa6fb322 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_uri.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_uri.c @@ -22,6 +22,7 @@ #include "securec.h" #include "cm_log.h" +#include "cm_util.h" #ifdef __cplusplus extern "C" { @@ -549,7 +550,11 @@ int32_t CertManagerGetUidFromUri(const struct CmBlob *uri, uint32_t *uid) return CMR_ERROR_INVALID_ARGUMENT; } - *uid = (uint32_t)atoi(uriObj.app); + if (CmIsNumeric(uriObj.app, strlen(uriObj.app) + 1, uid) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + (void)CertManagerFreeUri(&uriObj); return CM_SUCCESS; } diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cm_event_process.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cm_event_process.c index f2d98e9ef4bd612b7c603aa3a5f7ee6e617c28a9..d90d39bf8bbb9360f7f8d87589d2408dc173badb 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cm_event_process.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cm_event_process.c @@ -29,6 +29,7 @@ #include "cert_manager_storage.h" #include "cm_log.h" #include "cm_type.h" +#include "cm_util.h" static void DeleteAuth(const struct CmContext *context, const char *fileName, bool isDeleteByUid) { @@ -228,7 +229,12 @@ static int32_t CmTraversalUidLayerDir(const struct CmContext *context, const cha static int32_t TraversalUserIdLayerDir(const struct CmContext *context, const char *userIdPath, const char *direName, const uint32_t store, bool isUserDeleteEvent) { - uint32_t uid = (uint32_t)atoi(direName); + uint32_t uid = 0; + if (CmIsNumeric(direName, strlen(direName) + 1, &uid) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + CM_LOG_D("CmTraversalUserIdLayerDir userId:%u, uid:%u", context->userId, uid); int32_t ret = CM_SUCCESS; @@ -304,6 +310,7 @@ static int32_t CmTraversalDir(const struct CmContext *context, const char *path, return CMR_ERROR_OPEN_FILE_FAIL; } + uint32_t uid = 0; struct dirent *dire = readdir(dir); while (dire != NULL) { char deletePath[CM_MAX_FILE_NAME_LEN] = { 0 }; @@ -312,8 +319,13 @@ static int32_t CmTraversalDir(const struct CmContext *context, const char *path, return CMR_ERROR_INVALID_OPERATION; } + if (CmIsNumeric(dire->d_name, strlen(dire->d_name) + 1, &uid) != CM_SUCCESS) { + CM_LOG_E("parse string to uint32 failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (dire->d_type == DT_DIR && (strcmp("..", dire->d_name) != 0) && (strcmp(".", dire->d_name) != 0) && - ((uint32_t)atoi(dire->d_name) == context->userId)) { + (uid == context->userId)) { ret = CmTraversalUserIdLayerDir(context, deletePath, store); } else if (dire->d_type != DT_DIR) { (void)remove(deletePath);