提交 39a1d399 编写于 作者: O openharmony_ci 提交者: Gitee

!399 fix security alarm

Merge pull request !399 from 余明星/cherry-pick-1628654200
...@@ -334,6 +334,7 @@ HWTEST_F(IoTest, testVasprintf, Function | MediumTest | Level1) ...@@ -334,6 +334,7 @@ HWTEST_F(IoTest, testVasprintf, Function | MediumTest | Level1)
ret = FormatVasprintf(&buf, "%f and %c as well as %ld\n", 2.2, 'c', 6); ret = FormatVasprintf(&buf, "%f and %c as well as %ld\n", 2.2, 'c', 6);
EXPECT_EQ(ret, 28); EXPECT_EQ(ret, 28);
EXPECT_STREQ(buf, "2.200000 and c as well as 6\n"); EXPECT_STREQ(buf, "2.200000 and c as well as 6\n");
free(buf);
} }
/** /**
......
...@@ -297,8 +297,10 @@ HWTEST_F(ActsMemApiTest, testMemmem_0100, Function | MediumTest | Level1) { ...@@ -297,8 +297,10 @@ HWTEST_F(ActsMemApiTest, testMemmem_0100, Function | MediumTest | Level1) {
LogPrint(" memmem *haystack:='%s' size_haystack:='%d' ", srcStr, strlen(srcStr)); LogPrint(" memmem *haystack:='%s' size_haystack:='%d' ", srcStr, strlen(srcStr));
LogPrint("*needle:='%s' size_needle:='%d',\n", srcSubStr, strlen(srcSubStr)); LogPrint("*needle:='%s' size_needle:='%d',\n", srcSubStr, strlen(srcSubStr));
if (strlen(srcStr) >= strlen(srcSubStr)) {
pos = (char *)memmem(srcStr, strlen(srcStr), srcSubStr, strlen(srcSubStr)); pos = (char *)memmem(srcStr, strlen(srcStr), srcSubStr, strlen(srcSubStr));
LogPrint(" --> return pos:='%x'\n", pos); LogPrint(" --> return pos:='%x'\n", pos);
}
ASSERT_TRUE(pos) ASSERT_TRUE(pos)
<< "ErrInfo: memmem *haystack:='" << srcStr << " size_haystack:='" << "ErrInfo: memmem *haystack:='" << srcStr << " size_haystack:='"
...@@ -316,6 +318,9 @@ HWTEST_F(ActsMemApiTest, testMemmem_1000, Function | MediumTest | Level1) { ...@@ -316,6 +318,9 @@ HWTEST_F(ActsMemApiTest, testMemmem_1000, Function | MediumTest | Level1) {
char srcSubStr[] = "strb"; char srcSubStr[] = "strb";
char *pos = nullptr; char *pos = nullptr;
if (strlen(srcStr) < strlen(srcSubStr)) {
FAIL();
}
pos = (char *)memmem(srcStr, strlen(srcStr), srcSubStr, strlen(srcSubStr)); pos = (char *)memmem(srcStr, strlen(srcStr), srcSubStr, strlen(srcSubStr));
LogPrint(" memmem *haystack:='%s' size_haystack:='%d' ", srcStr, strlen(srcStr)); LogPrint(" memmem *haystack:='%s' size_haystack:='%d' ", srcStr, strlen(srcStr));
LogPrint("*needle:='%s' size_needle:='%d',\n", srcSubStr, strlen(srcSubStr)); LogPrint("*needle:='%s' size_needle:='%d',\n", srcSubStr, strlen(srcSubStr));
......
...@@ -236,7 +236,7 @@ static void* SampleTcpServerTask(void *p) ...@@ -236,7 +236,7 @@ static void* SampleTcpServerTask(void *p)
WAIT(); WAIT();
static char bufrec[BUF_SIZE + 1] = {0}; static char bufrec[BUF_SIZE + 1] = {0};
memset_s(bufrec, BUF_SIZE, 0, BUF_SIZE); memset_s(bufrec, sizeof(bufrec), 0, BUF_SIZE);
memset_s(&msg, sizeof(msg), 0, sizeof(msg)); memset_s(&msg, sizeof(msg), 0, sizeof(msg));
msg.msg_name = &clnAddr; msg.msg_name = &clnAddr;
msg.msg_namelen = sizeof(clnAddr); msg.msg_namelen = sizeof(clnAddr);
...@@ -331,7 +331,7 @@ static void* SampleTcpClientTask(void *p) ...@@ -331,7 +331,7 @@ static void* SampleTcpClientTask(void *p)
WAIT(); WAIT();
static char bufrec[BUF_SIZE + 1] = {0}; static char bufrec[BUF_SIZE + 1] = {0};
memset_s(bufrec, BUF_SIZE, 0, BUF_SIZE); memset_s(bufrec, sizeof(bufrec), 0, BUF_SIZE);
memset_s(&msg, sizeof(msg), 0, sizeof(msg)); memset_s(&msg, sizeof(msg), 0, sizeof(msg));
msg.msg_name = &clnAddr; msg.msg_name = &clnAddr;
msg.msg_namelen = sizeof(clnAddr); msg.msg_namelen = sizeof(clnAddr);
...@@ -340,7 +340,7 @@ static void* SampleTcpClientTask(void *p) ...@@ -340,7 +340,7 @@ static void* SampleTcpClientTask(void *p)
iov[0].iov_base = bufrec; iov[0].iov_base = bufrec;
iov[0].iov_len = sizeof(bufrec); iov[0].iov_len = sizeof(bufrec);
ret = recvmsg(clnFd, &msg, 0); ret = recvmsg(clnFd, &msg, 0);
if (len * strlen(g_srvMsg) == (unsigned int)ret) { if (len * strlen(g_srvMsg) == (unsigned int)ret && ret >= 0) {
bufrec[ret] = 0; bufrec[ret] = 0;
printf("[tcp client]recvmsg, ret=%d, msg[%s]\n", ret, bufrec); printf("[tcp client]recvmsg, ret=%d, msg[%s]\n", ret, bufrec);
} else { } else {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册