From 1eb220e45d362849310afe088ea4b31ab498e739 Mon Sep 17 00:00:00 2001
From: tan-qingliu <lealtan@163.com>
Date: Tue, 25 Mar 2025 20:57:20 +0800
Subject: [PATCH] =?UTF-8?q?=E6=94=AF=E6=8C=81=E5=AE=89=E8=A3=85=E6=97=A0?=
 =?UTF-8?q?=E5=AF=86=E7=A0=81=E7=9A=84=E5=87=AD=E6=8D=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: tan-qingliu <lealtan@163.com>
Change-Id: Idf04131ce6518e1362a01eeb91494ff765c710eb
---
 interfaces/kits/napi/include/cm_napi_common.h |  1 +
 interfaces/kits/napi/src/cm_napi_common.cpp   | 21 ++++++++++++++++---
 .../src/cm_napi_install_app_cert_common.cpp   |  2 +-
 .../main/core/src/cert_manager_check.c        |  9 ++++----
 4 files changed, 25 insertions(+), 8 deletions(-)

diff --git a/interfaces/kits/napi/include/cm_napi_common.h b/interfaces/kits/napi/include/cm_napi_common.h
index ea0b333..015722c 100644
--- a/interfaces/kits/napi/include/cm_napi_common.h
+++ b/interfaces/kits/napi/include/cm_napi_common.h
@@ -66,6 +66,7 @@ napi_value ParseUint32(napi_env env, napi_value object, uint32_t &store);
 napi_value ParseBoolean(napi_env env, napi_value object, bool &status);
 napi_value ParseCertAlias(napi_env env, napi_value napiObj, CmBlob *&certAlias);
 napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob);
+napi_value ParsePasswd(napi_env env, napi_value object, CmBlob *&stringBlob);
 napi_value GetUint8Array(napi_env env, napi_value object, CmBlob &arrayBlob);
 
 napi_ref GetCallback(napi_env env, napi_value object);
diff --git a/interfaces/kits/napi/src/cm_napi_common.cpp b/interfaces/kits/napi/src/cm_napi_common.cpp
index 58da3a8..dc44680 100644
--- a/interfaces/kits/napi/src/cm_napi_common.cpp
+++ b/interfaces/kits/napi/src/cm_napi_common.cpp
@@ -148,7 +148,7 @@ napi_value ParseCertAlias(napi_env env, napi_value napiObj, CmBlob *&certAlias)
     return GetInt32(env, 0);
 }
 
-napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob)
+static napi_value ParseStringCommon(napi_env env, napi_value object, CmBlob *&stringBlob, bool canBeEmpty)
 {
     napi_valuetype valueType = napi_undefined;
     NAPI_CALL(env, napi_typeof(env, object, &valueType));
@@ -164,9 +164,14 @@ napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob)
         return nullptr;
     }
 
+    // add max length check
+    if (length > CM_MAX_DATA_LEN) {
+        CM_LOG_E("input string length is too large, length: %d", length);
+        return nullptr;
+    }
     // add 0 length check
-    if ((length == 0) || (length > CM_MAX_DATA_LEN)) {
-        CM_LOG_E("input string length is 0 or too large, length: %d", length);
+    if (!canBeEmpty && length == 0) {
+        CM_LOG_E("input string length is 0");
         return nullptr;
     }
 
@@ -200,6 +205,16 @@ napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob)
     return GetInt32(env, 0);
 }
 
+napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob)
+{
+    return ParseStringCommon(env, object, stringBlob, false);
+}
+
+napi_value ParsePasswd(napi_env env, napi_value object, CmBlob *&stringBlob)
+{
+    return ParseStringCommon(env, object, stringBlob, true);
+}
+
 napi_value GetUint8Array(napi_env env, napi_value object, CmBlob &arrayBlob)
 {
     napi_typedarray_type arrayType;
diff --git a/interfaces/kits/napi/src/cm_napi_install_app_cert_common.cpp b/interfaces/kits/napi/src/cm_napi_install_app_cert_common.cpp
index f05e49b..0c57219 100644
--- a/interfaces/kits/napi/src/cm_napi_install_app_cert_common.cpp
+++ b/interfaces/kits/napi/src/cm_napi_install_app_cert_common.cpp
@@ -126,7 +126,7 @@ napi_value InstallAppCertParseParams(
     }
 
     index++;
-    result = ParseString(env, argv[index], context->keystorePwd);
+    result = ParsePasswd(env, argv[index], context->keystorePwd);
     if (result == nullptr) {
         ThrowError(env, PARAM_ERROR, "keystore Pwd is not a string or the length is 0 or too long.");
         CM_LOG_E("could not get keystore Pwd");
diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c
index 42b930b..1906d1d 100644
--- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c
+++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c
@@ -134,11 +134,12 @@ static int32_t CmCheckAppCertPwd(const struct CmBlob *appCertPwd)
         return CMR_ERROR_INVALID_ARGUMENT;
     }
 
-    if (CheckUri(appCertPwd) != CM_SUCCESS) {
-        CM_LOG_E("appCertPwd data check fail");
-        return CMR_ERROR_INVALID_ARGUMENT;
+    for (uint32_t i = 0; i < appCertPwd->size; i++) { /* from index 1 has '\0' */
+        if (appCertPwd->data[i] == 0) {
+            return CM_SUCCESS;
+        }
     }
-    return CM_SUCCESS;
+    return CMR_ERROR_INVALID_ARGUMENT;
 }
 
 static bool AppCertCheckBlobValid(const struct CmBlob *data)
-- 
Gitee