diff --git a/interfaces/kits/napi/include/cm_napi_common.h b/interfaces/kits/napi/include/cm_napi_common.h index 37215ef39eef80b2e914bf12cc2b016fe33093d7..44f919f6e15001d42776366bea201612db7e9cbe 100644 --- a/interfaces/kits/napi/include/cm_napi_common.h +++ b/interfaces/kits/napi/include/cm_napi_common.h @@ -67,6 +67,7 @@ napi_value ParseUint32(napi_env env, napi_value object, uint32_t &store); napi_value ParseBoolean(napi_env env, napi_value object, bool &status); napi_value ParseCertAlias(napi_env env, napi_value napiObj, CmBlob *&certAlias); napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob); +napi_value ParsePasswd(napi_env env, napi_value object, CmBlob *&stringBlob); napi_value GetUint8Array(napi_env env, napi_value object, CmBlob &arrayBlob); napi_ref GetCallback(napi_env env, napi_value object); diff --git a/interfaces/kits/napi/src/cm_napi_common.cpp b/interfaces/kits/napi/src/cm_napi_common.cpp index 24fb21dded961b4523dc6dabcc1b13c2621c2f30..0f1f8ed0c8ccd2eb11b6f64c82c0d10e8a9c6fe3 100644 --- a/interfaces/kits/napi/src/cm_napi_common.cpp +++ b/interfaces/kits/napi/src/cm_napi_common.cpp @@ -148,7 +148,7 @@ napi_value ParseCertAlias(napi_env env, napi_value napiObj, CmBlob *&certAlias) return GetInt32(env, 0); } -napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob) +static napi_value ParseStringCommon(napi_env env, napi_value object, CmBlob *&stringBlob, bool canBeEmpty) { napi_valuetype valueType = napi_undefined; NAPI_CALL(env, napi_typeof(env, object, &valueType)); @@ -164,9 +164,14 @@ napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob) return nullptr; } + // add max length check + if (length > CM_MAX_DATA_LEN) { + CM_LOG_E("input string length is too large, length: %d", length); + return nullptr; + } // add 0 length check - if ((length == 0) || (length > CM_MAX_DATA_LEN)) { - CM_LOG_E("input string length is 0 or too large, length: %d", length); + if (!canBeEmpty && length == 0) { + CM_LOG_E("input string length is 0"); return nullptr; } @@ -200,6 +205,16 @@ napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob) return GetInt32(env, 0); } +napi_value ParseString(napi_env env, napi_value object, CmBlob *&stringBlob) +{ + return ParseStringCommon(env, object, stringBlob, false); +} + +napi_value ParsePasswd(napi_env env, napi_value object, CmBlob *&stringBlob) +{ + return ParseStringCommon(env, object, stringBlob, true); +} + napi_value GetUint8Array(napi_env env, napi_value object, CmBlob &arrayBlob) { napi_typedarray_type arrayType; diff --git a/interfaces/kits/napi/src/cm_napi_install_app_cert_common.cpp b/interfaces/kits/napi/src/cm_napi_install_app_cert_common.cpp index 150a1d41018db595da30cd90177d993ed624fbfe..b89e7b696f68c5bf75f0be755a634b6b15ce78bf 100644 --- a/interfaces/kits/napi/src/cm_napi_install_app_cert_common.cpp +++ b/interfaces/kits/napi/src/cm_napi_install_app_cert_common.cpp @@ -105,7 +105,7 @@ napi_value InstallAppCertParseParams( } index++; - result = ParseString(env, argv[index], context->keystorePwd); + result = ParsePasswd(env, argv[index], context->keystorePwd); if (result == nullptr) { ThrowError(env, PARAM_ERROR, "keystore Pwd is not a string or the length is 0 or too long."); CM_LOG_E("could not get keystore Pwd"); diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c index 622222c1089854ef8a175f7fff7f1ffd65b3a864..2f58614abbe30b23db15bce29c37ad9e6e592339 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c @@ -133,11 +133,12 @@ static int32_t CmCheckAppCertPwd(const struct CmBlob *appCertPwd) return CMR_ERROR_INVALID_ARGUMENT; } - if (CheckUri(appCertPwd) != CM_SUCCESS) { - CM_LOG_E("appCertPwd data check fail"); - return CMR_ERROR_INVALID_ARGUMENT; + for (uint32_t i = 0; i < appCertPwd->size; i++) { /* from index 1 has '\0' */ + if (appCertPwd->data[i] == 0) { + return CM_SUCCESS; + } } - return CM_SUCCESS; + return CMR_ERROR_INVALID_ARGUMENT; } static bool AppCertCheckBlobValid(const struct CmBlob *data)