diff --git a/interfaces/kits/napi/include/cm_napi_common.h b/interfaces/kits/napi/include/cm_napi_common.h index ea0b3339d834a36dcd2e31c695defcc0f94f8236..015722cdfb569ed39e871819f8b30b64ad6da201 100644 --- a/interfaces/kits/napi/include/cm_napi_common.h +++ b/interfaces/kits/napi/include/cm_napi_common.h @@ -66,6 +66,7 @@ napi_value ParseUint32(napi_env env, napi_value object, uint32_t &store); napi_value ParseBoolean(napi_env env, napi_value object, bool &status); napi_value ParseCertAlias(napi_env env, napi_value napiObj, CmBlob *&certAlias); napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob); +napi_value ParsePasswd(napi_env env, napi_value object, CmBlob *&stringBlob); napi_value GetUint8Array(napi_env env, napi_value object, CmBlob &arrayBlob); napi_ref GetCallback(napi_env env, napi_value object); diff --git a/interfaces/kits/napi/src/cm_napi_common.cpp b/interfaces/kits/napi/src/cm_napi_common.cpp index 58da3a826fa9ba6405ecb774dac30a4f625a8d8b..dc44680283e2576f9a403df4e6adfd1d10b9e8d1 100644 --- a/interfaces/kits/napi/src/cm_napi_common.cpp +++ b/interfaces/kits/napi/src/cm_napi_common.cpp @@ -148,7 +148,7 @@ napi_value ParseCertAlias(napi_env env, napi_value napiObj, CmBlob *&certAlias) return GetInt32(env, 0); } -napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob) +static napi_value ParseStringCommon(napi_env env, napi_value object, CmBlob *&stringBlob, bool canBeEmpty) { napi_valuetype valueType = napi_undefined; NAPI_CALL(env, napi_typeof(env, object, &valueType)); @@ -164,9 +164,14 @@ napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob) return nullptr; } + // add max length check + if (length > CM_MAX_DATA_LEN) { + CM_LOG_E("input string length is too large, length: %d", length); + return nullptr; + } // add 0 length check - if ((length == 0) || (length > CM_MAX_DATA_LEN)) { - CM_LOG_E("input string length is 0 or too large, length: %d", length); + if (!canBeEmpty && length == 0) { + CM_LOG_E("input string length is 0"); return nullptr; } @@ -200,6 +205,16 @@ napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob) return GetInt32(env, 0); } +napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob) +{ + return ParseStringCommon(env, object, stringBlob, false); +} + +napi_value ParsePasswd(napi_env env, napi_value object, CmBlob *&stringBlob) +{ + return ParseStringCommon(env, object, stringBlob, true); +} + napi_value GetUint8Array(napi_env env, napi_value object, CmBlob &arrayBlob) { napi_typedarray_type arrayType; diff --git a/interfaces/kits/napi/src/cm_napi_install_app_cert_common.cpp b/interfaces/kits/napi/src/cm_napi_install_app_cert_common.cpp index f05e49be808795a47ed25a5b1b871bb7633a5893..0c57219f9fd7d9ed59020fff41a98d5d1d24078b 100644 --- a/interfaces/kits/napi/src/cm_napi_install_app_cert_common.cpp +++ b/interfaces/kits/napi/src/cm_napi_install_app_cert_common.cpp @@ -126,7 +126,7 @@ napi_value InstallAppCertParseParams( } index++; - result = ParseString(env, argv[index], context->keystorePwd); + result = ParsePasswd(env, argv[index], context->keystorePwd); if (result == nullptr) { ThrowError(env, PARAM_ERROR, "keystore Pwd is not a string or the length is 0 or too long."); CM_LOG_E("could not get keystore Pwd"); diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c index 42b930b7c05ed013ede984432a4690640503e71f..1906d1d4278bfabdf9867e6022a35f7a868eb9a1 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c @@ -134,11 +134,12 @@ static int32_t CmCheckAppCertPwd(const struct CmBlob *appCertPwd) return CMR_ERROR_INVALID_ARGUMENT; } - if (CheckUri(appCertPwd) != CM_SUCCESS) { - CM_LOG_E("appCertPwd data check fail"); - return CMR_ERROR_INVALID_ARGUMENT; + for (uint32_t i = 0; i < appCertPwd->size; i++) { /* from index 1 has '\0' */ + if (appCertPwd->data[i] == 0) { + return CM_SUCCESS; + } } - return CM_SUCCESS; + return CMR_ERROR_INVALID_ARGUMENT; } static bool AppCertCheckBlobValid(const struct CmBlob *data)