!1 #I1UOXK IsValidKey 不安全函数strlen替换

Merge pull request !1 from redhat008/master

!1 #I1UOXK IsValidKey 不安全函数strlen替换
Merge pull request !1 from redhat008/master
43ee8f18 · blue.xiaofeng · Gitee · ba5808ec · 9bff9b31 · 43ee8f18
隐藏空白更改
内联并排

Showing with 9 addition and 2 deletion

kv_store/src/kvstore_common/kvstore_common.c kv_store/src/kvstore_common/kvstore_common.c +9 -2

未找到文件。
--- a/kv_store/src/kvstore_common/kvstore_common.c
+++ b/kv_store/src/kvstore_common/kvstore_common.c
@@ -35,9 +35,15 @@ boolean IsValidChar(const char ch)

 boolean IsValidValue(const char* value, unsigned int len)
 {
-    if ((value == NULL) || !strlen(value) || (strlen(value) >= len)) {
+    if (value == NULL) {
        return FALSE;
    }
+
+    size_t valueLen = strnlen(value, MAX_VALUE_LEN);
+    if (valueLen <= 0 || valueLen >= MAX_VALUE_LEN || valueLen >= len) {
+        return FALSE;
+    }
+    
    return TRUE;
 }

@@ -46,7 +52,8 @@ boolean IsValidKey(const char* key)
    if (!IsValidValue(key, MAX_KEY_LEN)) {
        return FALSE;
    }
-    int keyLen = strlen(key);
+
+    int keyLen = strnlen(key, MAX_KEY_LEN);
    for (int i = 0; i < keyLen; i++) {
        if (!IsValidChar(key[i])) {
            return FALSE;