From 25643fb020a4b0baf801d5898c93be1062a96cb6 Mon Sep 17 00:00:00 2001 From: biju-vi <151033276+biju-vi@users.noreply.github.com> Date: Wed, 4 Mar 2026 09:10:21 +0000 Subject: [PATCH] RDKB-63310 - Fix IDM coverity issue RDKB-63310 - Fix IDM coverity issue RDKB-63310 - Fix IDM coverity issue RDKB-63310 - Fix IDM coverity issue RDKB-63310 - Fix IDM coverity issue RDKB-63310 - Fix IDM coverity issue --- source/InterDeviceManager/Idm_TCP_apis.c | 8 +++---- .../InterDeviceManager/Idm_call_back_apis.c | 19 ++++++++++++--- source/InterDeviceManager/Idm_data.c | 12 +++++++--- source/InterDeviceManager/Idm_msg_process.c | 24 ++++++++++++------- source/InterDeviceManager/Idm_rbus.c | 5 ++++ source/InterDeviceManager/Idm_utils.c | 2 ++ .../inter_device_manager_main.c | 12 +++++----- 7 files changed, 58 insertions(+), 24 deletions(-) diff --git a/source/InterDeviceManager/Idm_TCP_apis.c b/source/InterDeviceManager/Idm_TCP_apis.c index 541dff5..0522bfb 100644 --- a/source/InterDeviceManager/Idm_TCP_apis.c +++ b/source/InterDeviceManager/Idm_TCP_apis.c @@ -593,11 +593,11 @@ int open_remote_connection(connection_config_t* connectionConf, int (*connection char* getFile_to_remote(connection_info_t* conn_info,void *payload) { CcspTraceDebug(("Inside %s:%d\n",__FUNCTION__,__LINE__)); - FILE* fptr; - payload_t *Data; - char* buffer; + FILE* fptr = NULL; + payload_t *Data = NULL; + char* buffer = NULL; int bytes = 0; - uint32_t length; + uint32_t length = 0; #ifndef IDM_DEBUG if(conn_info->enc.ssl == NULL){ diff --git a/source/InterDeviceManager/Idm_call_back_apis.c b/source/InterDeviceManager/Idm_call_back_apis.c index fe7d661..01a5b84 100644 --- a/source/InterDeviceManager/Idm_call_back_apis.c +++ b/source/InterDeviceManager/Idm_call_back_apis.c @@ -215,6 +215,11 @@ int connection_cb(device_info_t* Device, connection_info_t* conn_info, uint encr //TODO: Send request all parameters of remote device //Send request to get Capabilities + + if(Device == NULL || conn_info == NULL) + { + return -1; + } idm_send_msg_Params_t param; memset(¶m, 0, sizeof(param)); strncpy(param.Mac_dest, Device->mac_addr, sizeof(param.Mac_dest)-1); @@ -476,9 +481,17 @@ int discovery_cb(device_info_t* Device, uint discovery_status, uint authenticati int iErrorCode = 0; Discovery_cb_threadargs *threadArgs = malloc(sizeof(Discovery_cb_threadargs)); - strncpy(threadArgs->device.mac_addr, Device->mac_addr, MAC_ADDR_SIZE); - strncpy(threadArgs->device.ipv4_addr, Device->ipv4_addr, IPv4_ADDR_SIZE); - strncpy(threadArgs->device.ipv6_addr, Device->ipv6_addr, IPv6_ADDR_SIZE); + + if(threadArgs == NULL) + { + CcspTraceInfo(("%s %d - Failed to allocate threadArgs\n", __FUNCTION__, __LINE__ )); + return -1; + } + + memset((char*)threadArgs, 0 , sizeof(Discovery_cb_threadargs)); + strncpy(threadArgs->device.mac_addr, Device->mac_addr, sizeof(threadArgs->device.mac_addr) - 1); + strncpy(threadArgs->device.ipv4_addr, Device->ipv4_addr, sizeof(threadArgs->device.ipv4_addr) - 1); + strncpy(threadArgs->device.ipv6_addr, Device->ipv6_addr, sizeof(threadArgs->device.ipv6_addr) - 1); threadArgs->discovery_status = discovery_status; threadArgs->auth_status = authentication_status; diff --git a/source/InterDeviceManager/Idm_data.c b/source/InterDeviceManager/Idm_data.c index 9637362..4e40c15 100644 --- a/source/InterDeviceManager/Idm_data.c +++ b/source/InterDeviceManager/Idm_data.c @@ -51,7 +51,10 @@ static int IdmMgr_get_IDM_ParametersFromPSM() if (retPsmGet == CCSP_SUCCESS) { - AnscCopyString(pidmDmlInfo->stConnectionInfo.Capabilities, param_value); + if(strlen(param_value) > 0) + { + strncpy(pidmDmlInfo->stConnectionInfo.Capabilities, param_value, sizeof(pidmDmlInfo->stConnectionInfo.Capabilities) - 1); + } } _ansc_memset(param_name, 0, sizeof(param_name)); @@ -62,7 +65,10 @@ static int IdmMgr_get_IDM_ParametersFromPSM() if (retPsmGet == CCSP_SUCCESS) { - AnscCopyString(pidmDmlInfo->stConnectionInfo.Interface, param_value); + if(strlen(param_value) > 0) + { + strncpy(pidmDmlInfo->stConnectionInfo.Interface, param_value, sizeof(pidmDmlInfo->stConnectionInfo.Interface) - 1); + } } _ansc_memset(param_name, 0, sizeof(param_name)); @@ -205,7 +211,7 @@ void IdmMgr_SetConfigData_Default() pidmDmlInfo->stRemoteInfo.ulDeviceNumberOfEntries = 0; pidmDmlInfo->stRemoteInfo.Port = IDM_DEVICE_MESSAGING_PORT; pidmDmlInfo->stRemoteInfo.max_file_size = DEFAULT_MAX_FT_SIZE; - AnscCopyString(pidmDmlInfo->stRemoteInfo.ft_status,FT_SUCCESS); + strncpy(pidmDmlInfo->stRemoteInfo.ft_status, FT_SUCCESS, sizeof(pidmDmlInfo->stRemoteInfo.ft_status) - 1); } } diff --git a/source/InterDeviceManager/Idm_msg_process.c b/source/InterDeviceManager/Idm_msg_process.c index ce4f0f3..6cc17c8 100644 --- a/source/InterDeviceManager/Idm_msg_process.c +++ b/source/InterDeviceManager/Idm_msg_process.c @@ -189,7 +189,7 @@ ANSC_STATUS IDM_sendFile_to_Remote_device(char* Mac_dest,char* filename,char* ou memset(&payload, 0, sizeof(payload_t)); payload.operation = SFT; payload.msgType = SFT; - strncpy(payload.Mac_source, localDevice->stRemoteDeviceInfo.MAC,MAC_ADDR_SIZE-1); + strncpy(payload.Mac_source, localDevice->stRemoteDeviceInfo.MAC,sizeof(payload.Mac_source)-1); strncpy(payload.param_name,filename,sizeof(payload.param_name)-1); CcspTraceDebug(("Inside %s:%d peer MAC=%s\n",__FUNCTION__,__LINE__,Mac_dest)); send_status = sendFile_to_remote(&remoteDevice->stRemoteDeviceInfo.conn_info, &payload,output_location); @@ -729,14 +729,14 @@ static void IDM_Rbus_subscriptionEventHandler(rbusHandle_t handle, rbusEvent_t c char* IDM_SFT_receive(connection_info_t* conn_info,void* payload) { CcspTraceDebug(("Inside %s:%d\n",__FUNCTION__,__LINE__)); - char* buf; + char* buf = NULL; int bytes=0,length=0,total_bytes=0; #ifndef IDM_DEBUG SSL* ssl= NULL; #else int conn=0; #endif - payload_t *Data; + payload_t *Data = NULL; PIDM_DML_INFO pidmDmlInfo = IdmMgr_GetConfigData_locked(); if( pidmDmlInfo == NULL ) { @@ -800,7 +800,7 @@ char* IDM_SFT_receive(connection_info_t* conn_info,void* payload) return FT_INVALID_FILE_SIZE; } IdmMgrDml_GetConfigData_release(pidmDmlInfo); - FILE* fptr; + FILE* fptr = NULL; fptr = fopen(Data->param_name,"wb"); if(!fptr){ CcspTraceError(("file not found\n")); @@ -898,6 +898,11 @@ int IDM_Incoming_Request_handler(payload_t * payload) CcspTraceInfo(("%s %d - \n", __FUNCTION__, __LINE__)); rbusError_t err= RBUS_ERROR_SUCCESS; + if(payload == NULL) + { + return -1; + } + if(payload->operation == IDM_SUBS) { /*Create entry in incoming subscription list */ @@ -1033,8 +1038,8 @@ void *IDM_Incoming_req_handler_thread() payload.reqID = ReqEntry->reqId; payload.operation = ReqEntry->operation; payload.msgType = GFT; - strncpy(payload.Mac_source,remoteDevice->stRemoteDeviceInfo.MAC,MAC_ADDR_SIZE); - strncpy(payload.param_name,ReqEntry->param_name,sizeof(payload.param_name)); + strncpy(payload.Mac_source,remoteDevice->stRemoteDeviceInfo.MAC,sizeof(payload.Mac_source) - 1); + strncpy(payload.param_name,ReqEntry->param_name,sizeof(payload.param_name) - 1); //Find the device using MAC while(remoteDevice!=NULL) { @@ -1119,9 +1124,12 @@ void IDM_Broadcast_LocalDeviceInfo() payload.reqID = -1; //It's an Async message reqID not avaiable. payload.operation = IDM_REQUEST; payload.msgType = RES; - strncpy(payload.Mac_source,remoteDevice->stRemoteDeviceInfo.MAC,sizeof(payload.Mac_source)-1); - remoteDevice=remoteDevice->next; + if(remoteDevice) + { + strncpy(payload.Mac_source,remoteDevice->stRemoteDeviceInfo.MAC,sizeof(payload.Mac_source)-1); + remoteDevice=remoteDevice->next; + } while(remoteDevice!=NULL) { if(remoteDevice->stRemoteDeviceInfo.Status == DEVICE_CONNECTED) diff --git a/source/InterDeviceManager/Idm_rbus.c b/source/InterDeviceManager/Idm_rbus.c index 184165c..73a89ed 100644 --- a/source/InterDeviceManager/Idm_rbus.c +++ b/source/InterDeviceManager/Idm_rbus.c @@ -984,6 +984,11 @@ rbusError_t X_RDK_Connection_SetHandler(rbusHandle_t handle, rbusProperty_t prop { (void)opts; char const* name = rbusProperty_GetName(prop); + + if(name == NULL) + { + return RBUS_ERROR_BUS_ERROR; + } rbusValue_t value = rbusProperty_GetValue(prop); rbusValueType_t type = rbusValue_GetType(value); diff --git a/source/InterDeviceManager/Idm_utils.c b/source/InterDeviceManager/Idm_utils.c index 80a10c2..8b51052 100644 --- a/source/InterDeviceManager/Idm_utils.c +++ b/source/InterDeviceManager/Idm_utils.c @@ -348,8 +348,10 @@ ANSC_STATUS IDM_UpdateLocalDeviceData() CcspTraceInfo(("[%s: %d] Update Local Device Data. Iface(%s)\n", __FUNCTION__, __LINE__, pidmDmlInfo->stConnectionInfo.Interface)); /* get Interface MAC */ platform_hal_GetBaseMacAddress(wan_mac); + memset(localDevice->stRemoteDeviceInfo.MAC, 0, sizeof(localDevice->stRemoteDeviceInfo.MAC)); strncpy(localDevice->stRemoteDeviceInfo.MAC, wan_mac, sizeof(localDevice->stRemoteDeviceInfo.MAC)-1); platform_hal_GetModelName(localDevice->stRemoteDeviceInfo.ModelNumber); + memset(localDevice->stRemoteDeviceInfo.Capabilities, 0, sizeof(localDevice->stRemoteDeviceInfo.Capabilities)); strncpy(localDevice->stRemoteDeviceInfo.Capabilities, pidmDmlInfo->stConnectionInfo.Capabilities, sizeof(localDevice->stRemoteDeviceInfo.Capabilities)-1); localDevice->stRemoteDeviceInfo.HelloInterval = pidmDmlInfo->stConnectionInfo.HelloInterval; } diff --git a/source/InterDeviceManager/inter_device_manager_main.c b/source/InterDeviceManager/inter_device_manager_main.c index e324263..bb51f60 100644 --- a/source/InterDeviceManager/inter_device_manager_main.c +++ b/source/InterDeviceManager/inter_device_manager_main.c @@ -35,7 +35,7 @@ cap_user appcaps; #define DEBUG_INI_NAME "/etc/debug.ini" -char g_Subsystem[32] = {0}; +char g_Subsystem[32] = {0}; extern char* pComponentName; char g_sslCert[128]; @@ -170,12 +170,10 @@ int main(int argc, char* argv[]) BOOL bRunAsDaemon = TRUE; int idx = 0; int ind = -1; - int cmdChar = 0; - DmErr_t err; + int cmdChar = 0; char *subSys = NULL; appcaps.caps = NULL; appcaps.user_name = NULL; - char buf[8] = {'\0'}; #ifdef FEATURE_SUPPORT_RDKLOG RDK_LOGGER_INIT(); @@ -192,8 +190,10 @@ int main(int argc, char* argv[]) { if((idx + 1) < argc) { - if ( AnscSizeOfString(argv[idx+1]) < sizeof(g_Subsystem)) - AnscCopyString(g_Subsystem, (char *)argv[idx+1]); + if (strlen(argv[idx+1]) > 0) + { + snprintf(g_Subsystem, sizeof(g_Subsystem), "%s", argv[idx+1]); + } } else {