From cd1f7dd4254bbd7bbd5cf1f1172049ceebe214ea Mon Sep 17 00:00:00 2001 From: ligongshao Date: Thu, 31 Aug 2023 21:24:49 +0800 Subject: [PATCH] fix code_signature cleancode. Signed-off-by: ligongshao --- interfaces/innerkits/code_sign_utils/include/stat_utils.h | 2 +- interfaces/innerkits/code_sign_utils/src/code_sign_utils.cpp | 4 ++-- test/unittest/code_sign_utils_test.cpp | 2 +- test/unittest/multi_thread_local_sign_test.cpp | 1 - utils/src/signer_info.cpp | 3 ++- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/interfaces/innerkits/code_sign_utils/include/stat_utils.h b/interfaces/innerkits/code_sign_utils/include/stat_utils.h index 361a51b..263fad9 100644 --- a/interfaces/innerkits/code_sign_utils/include/stat_utils.h +++ b/interfaces/innerkits/code_sign_utils/include/stat_utils.h @@ -17,9 +17,9 @@ #define CODE_SIGN_STAT_UTILS_H #include +#include #include #include -#include namespace OHOS { namespace Security { diff --git a/interfaces/innerkits/code_sign_utils/src/code_sign_utils.cpp b/interfaces/innerkits/code_sign_utils/src/code_sign_utils.cpp index f92ab2a..8fa22ec 100644 --- a/interfaces/innerkits/code_sign_utils/src/code_sign_utils.cpp +++ b/interfaces/innerkits/code_sign_utils/src/code_sign_utils.cpp @@ -83,8 +83,8 @@ int32_t CodeSignUtils::EnforceCodeSignForApp(const EntryMap &entryPath, CS_ERR_FILE_PATH, "App file is invalid."); const std::string &signatureEntry = entryName + Constants::FSV_SIG_SUFFIX; - NOT_SATISFIED_RETURN( - std::find(signatureFileList.begin(), signatureFileList.end(), signatureEntry) != signatureFileList.end(), + NOT_SATISFIED_RETURN(std::find(signatureFileList.begin(), signatureFileList.end(), signatureEntry) != + signatureFileList.end(), CS_ERR_NO_SIGNATURE, "Fail to find signature for %{public}s", entryName.c_str()); std::unique_ptr signatureBuffer = nullptr; diff --git a/test/unittest/code_sign_utils_test.cpp b/test/unittest/code_sign_utils_test.cpp index 1e805c4..5acada5 100644 --- a/test/unittest/code_sign_utils_test.cpp +++ b/test/unittest/code_sign_utils_test.cpp @@ -125,7 +125,7 @@ static bool ReadSignatureFromFile(const std::string &path, ByteBuffer &data) return false; } size_t ret = fread(data.GetBuffer(), 1, fileSize, file); - fclose(file); + (void)fclose(file); return ret == fileSize; } diff --git a/test/unittest/multi_thread_local_sign_test.cpp b/test/unittest/multi_thread_local_sign_test.cpp index 673087a..d00be68 100644 --- a/test/unittest/multi_thread_local_sign_test.cpp +++ b/test/unittest/multi_thread_local_sign_test.cpp @@ -33,7 +33,6 @@ using namespace testing::mt; namespace OHOS { namespace Security { namespace CodeSign { - static constexpr uint32_t MULTI_THREAD_NUM = 10; static constexpr int64_t BUFFER_SIZE = 1024; static const std::string AN_BASE_PATH = "/data/local/ark-cache/tmp/multi_thread/"; diff --git a/utils/src/signer_info.cpp b/utils/src/signer_info.cpp index dc497b7..869d16f 100644 --- a/utils/src/signer_info.cpp +++ b/utils/src/signer_info.cpp @@ -24,6 +24,7 @@ namespace OHOS { namespace Security { namespace CodeSign { static constexpr int INVALID_SIGN_ALGORITHM_NID = -1; +static constexpr int MAX_SIGNATURE_SIZE = 1024; // 1024: max signature length bool SignerInfo::InitSignerInfo(X509 *cert, const EVP_MD *md, const ByteBuffer &contentData, bool carrySigningTime) @@ -139,7 +140,7 @@ bool SignerInfo::AddSignatureInSignerInfo(const ByteBuffer &signature) } uint32_t signatureSize = signature.GetSize(); // tmp will be free when freeing p7info_ - if (signatureSize == 0) { + if (signatureSize == 0 || signatureSize > MAX_SIGNATURE_SIZE) { return false; } uint8_t *tmp = static_cast(malloc(signatureSize)); -- Gitee