diff --git a/services/implementation/src/dependency/hichain/hichain_auth_connector.cpp b/services/implementation/src/dependency/hichain/hichain_auth_connector.cpp index f0614dcf2d274501fd37080746032c47b51c4206..d6ad98d38f7e6b73383c8a02f3875f0c3346ca17 100644 --- a/services/implementation/src/dependency/hichain/hichain_auth_connector.cpp +++ b/services/implementation/src/dependency/hichain/hichain_auth_connector.cpp @@ -23,6 +23,7 @@ namespace OHOS { namespace DistributedHardware { std::shared_ptr HiChainAuthConnector::dmDeviceAuthCallback_ = nullptr; +const int32_t MAX_HICHAIN_MSG_LEN = 2000; HiChainAuthConnector::HiChainAuthConnector() { @@ -83,6 +84,10 @@ int32_t HiChainAuthConnector::ProcessAuthData(int64_t requestId, std::string aut bool HiChainAuthConnector::onTransmit(int64_t requestId, const uint8_t *data, uint32_t dataLen) { + if (data == nullptr || dataLen > MAX_HICHAIN_MSG_LEN) { + LOGE("received invaild data value."); + return false; + } LOGI("AuthDevice onTransmit, requestId %{public}" PRId64, requestId); if (dmDeviceAuthCallback_ == nullptr) { LOGE("HiChainAuthConnector::onTransmit dmDeviceAuthCallback_ is nullptr."); @@ -143,6 +148,10 @@ void HiChainAuthConnector::onError(int64_t requestId, int operationCode, int err void HiChainAuthConnector::onSessionKeyReturned(int64_t requestId, const uint8_t *sessionKey, uint32_t sessionKeyLen) { + if (sessionKey == nullptr || sessionKeyLen > MAX_HICHAIN_MSG_LEN) { + LOGE("received invaild sessionKey value."); + return; + } LOGI("HiChainAuthConnector::onSessionKeyReturned start."); if (dmDeviceAuthCallback_ == nullptr) { LOGE("HiChainAuthConnector::onSessionKeyReturned dmDeviceAuthCallback_ is nullptr."); diff --git a/services/implementation/src/dependency/hichain/hichain_connector.cpp b/services/implementation/src/dependency/hichain/hichain_connector.cpp index c1b4f837b384cf583a772ce52ddea0cf05c3bb72..b472f979306d5b157e4568ce85c7d635de18b804 100644 --- a/services/implementation/src/dependency/hichain/hichain_connector.cpp +++ b/services/implementation/src/dependency/hichain/hichain_connector.cpp @@ -1120,6 +1120,7 @@ int32_t HiChainConnector::GetRelatedGroupsCommon(const std::string &deviceId, co deviceGroupManager_->getRelatedGroups(userId, pkgName, deviceId.c_str(), &returnGroups, &groupNum); if (ret != 0) { LOGE("[HICHAIN] fail to get related groups with ret:%{public}d.", ret); + deviceGroupManager_->destroyInfo(&returnGroups); return ERR_DM_FAILED; } if (returnGroups == nullptr) { @@ -1131,6 +1132,7 @@ int32_t HiChainConnector::GetRelatedGroupsCommon(const std::string &deviceId, co return ERR_DM_FAILED; } std::string relatedGroups = std::string(returnGroups); + deviceGroupManager_->destroyInfo(&returnGroups); nlohmann::json jsonObject = nlohmann::json::parse(relatedGroups, nullptr, false); if (jsonObject.is_discarded()) { LOGE("returnGroups parse error"); @@ -1181,8 +1183,7 @@ int32_t HiChainConnector::GetRelatedGroupsCommon(int32_t userId, const std::stri deviceGroupManager_->getRelatedGroups(userId, pkgName, deviceId.c_str(), &returnGroups, &groupNum); if (ret != 0) { LOGE("[HICHAIN] fail to get related groups with ret:%{public}d.", ret); - delete[] returnGroups; - returnGroups = nullptr; + deviceGroupManager_->destroyInfo(&returnGroups); return ERR_DM_FAILED; } if (returnGroups == nullptr) { @@ -1191,13 +1192,11 @@ int32_t HiChainConnector::GetRelatedGroupsCommon(int32_t userId, const std::stri } if (groupNum == 0) { LOGE("[HICHAIN]return related goups number is zero."); - delete[] returnGroups; - returnGroups = nullptr; + deviceGroupManager_->destroyInfo(&returnGroups); return ERR_DM_FAILED; } std::string relatedGroups = std::string(returnGroups); - delete[] returnGroups; - returnGroups = nullptr; + deviceGroupManager_->destroyInfo(&returnGroups); nlohmann::json jsonObject = nlohmann::json::parse(relatedGroups, nullptr, false); if (jsonObject.is_discarded()) { LOGE("returnGroups parse error");