diff --git a/common/utils/include/constants.h b/common/utils/include/constants.h index 0612aa86f2613216910a5cc0346ae2f98f2fa0ab..7fe1b66635ef1953bd7457c3dd4f571871f3b40a 100644 --- a/common/utils/include/constants.h +++ b/common/utils/include/constants.h @@ -24,6 +24,13 @@ namespace DistributedHardware { constexpr int32_t LOG_MAX_LEN = 4096; constexpr int32_t ENABLE_TIMEOUT_MS = 1000; constexpr int32_t DISABLE_TIMEOUT_MS = 500; + constexpr uint32_t MAX_STRING_LEN = 40 * 1024 * 1024; + constexpr uint32_t MAX_ID_LEN = 256; + constexpr uint32_t MAX_TOPIC_SIZE = 128; + constexpr uint32_t MAX_LISTENER_SIZE = 256; + constexpr uint32_t MAX_COMP_SIZE = 128; + constexpr uint32_t MAX_DB_DATA_SIZE = 10000; + constexpr uint32_t MAX_ONLINE_DEVICE_SIZE = 10000; const std::u16string DHMS_STUB_INTERFACE_TOKEN = u"ohos.distributedhardware.accessToken"; const std::string COMPONENTSLOAD_PROFILE_PATH = R"(/vendor/etc/distributedhardware/distributed_hardware_components_cfg.json)"; diff --git a/common/utils/include/distributed_hardware_errno.h b/common/utils/include/distributed_hardware_errno.h index 224e6be5f04acc5bf6b4515eb4cdc07e46861ec5..d5aa39cce3f85a25d3ecd400747a51d785bffb92 100644 --- a/common/utils/include/distributed_hardware_errno.h +++ b/common/utils/include/distributed_hardware_errno.h @@ -61,6 +61,7 @@ namespace DistributedHardware { constexpr int32_t ERR_DH_FWK_RESOURCE_SYNC_VERSIONINFO_FAIL = -10411; constexpr int32_t ERR_DH_FWK_RESOURCE_DEVICE_ID_NOT_EXIST = -10412; constexpr int32_t ERR_DH_FWK_RESOURCE_UUID_NOT_FOUND = -10413; + constexpr int32_t ERR_DH_FWK_RESOURCE_RES_DB_DATA_INVALID = -10414; /* DistributedHardwareManager errno, range: [-10500, -10599] */ constexpr int32_t ERR_DH_FWK_HARDWARE_MANAGER_DEVICE_REPEAT_ONLINE = -10500; @@ -69,7 +70,7 @@ namespace DistributedHardware { /* ComponentLoader errno, range: [-10600, -10699] */ constexpr int32_t ERR_DH_FWK_LOADER_HANDLER_IS_NULL = -10600; - constexpr int32_t ERR_DH_FWK_LOADER_COMPONENT_PROFILE_IS_EMPTY = -10601; + constexpr int32_t ERR_DH_FWK_LOADER_CONFIG_JSON_INVALID = -10601; constexpr int32_t ERR_DH_FWK_LOADER_GET_LOCAL_VERSION_FAIL = -10602; constexpr int32_t ERR_DH_FWK_LOADER_DLCLOSE_FAIL = -10603; @@ -85,6 +86,7 @@ namespace DistributedHardware { constexpr int32_t ERR_DH_FWK_SERVICE_WRITE_TOKEN_FAIL = -10805; constexpr int32_t ERR_DH_FWK_SERVICE_REMOTE_IS_NULL = -10806; constexpr int32_t ERR_DH_FWK_SERVICE_WRITE_INFO_FAIL = -10807; + constexpr int32_t ERR_DH_FWK_SERVICE_MSG_INVALID = -10808; /* AccessManager errno, range: [-10900, -10999] */ constexpr int32_t ERR_DH_FWK_ACCESS_INIT_DM_FAILED = -10900; @@ -99,6 +101,7 @@ namespace DistributedHardware { /* DHFWK Publisher errno, range: [-11100, -11199] */ constexpr int32_t ERR_DH_FWK_PUBLISH_MSG_FAILED = -11100; + constexpr uint32_t ERR_DH_FWK_PUBLISH_LISTENER_OVER_SIZE = -11101; } // namespace DistributedHardware } // namespace OHOS #endif // OHOS_DISTRIBUTED_HARDWARE_ERRNO diff --git a/interfaces/inner_kits/include/ipc/distributed_hardware_proxy.h b/interfaces/inner_kits/include/ipc/distributed_hardware_proxy.h index 5bd57379b8b28d3c336c3c25a3399d8facb2891d..bf3b38e59efd72aa97f18e5578f3df87b7eae1d5 100644 --- a/interfaces/inner_kits/include/ipc/distributed_hardware_proxy.h +++ b/interfaces/inner_kits/include/ipc/distributed_hardware_proxy.h @@ -37,7 +37,6 @@ public: int32_t PublishMessage(const DHTopic topic, const std::string &msg) override; private: - std::unordered_map FromJson(const std::string &json) const; static inline BrokerDelegator delegator_; }; } // namespace DistributedHardware diff --git a/interfaces/inner_kits/src/distributed_hardware_fwk_kit.cpp b/interfaces/inner_kits/src/distributed_hardware_fwk_kit.cpp index 18038a0ee250f903d1ff9688d167f280b7dbf04c..e36884e43491ae6127234afdab7604d115603229 100644 --- a/interfaces/inner_kits/src/distributed_hardware_fwk_kit.cpp +++ b/interfaces/inner_kits/src/distributed_hardware_fwk_kit.cpp @@ -17,6 +17,7 @@ #include +#include "constants.h" #include "dhfwk_sa_manager.h" #include "distributed_hardware_errno.h" #include "distributed_hardware_log.h" @@ -53,6 +54,10 @@ int32_t DistributedHardwareFwkKit::RegisterPublisherListener(const DHTopic topic } else { DHLOGI("DHFWK not online, or get proxy failed, save listener temporary"); std::lock_guard lock(listenerMutex_); + if (listenerMap_.size() >= MAX_TOPIC_SIZE || listenerMap_[topic].size() >= MAX_LISTENER_SIZE) { + DHLOGE("listeners are over size!"); + return ERR_DH_FWK_PUBLISH_LISTENER_OVER_SIZE; + } listenerMap_[topic].insert(listener); } @@ -83,7 +88,11 @@ int32_t DistributedHardwareFwkKit::PublishMessage(const DHTopic topic, const std { DHLOGI("Publish message, topic: %" PRIu32 ", msg: %s", (uint32_t)topic, message.c_str()); if (!IsDHTopicValid(topic)) { - DHLOGE("Topic invalid, topic: " PRIu32 , (uint32_t)topic); + DHLOGE("Topic invalid, topic: " PRIu32, (uint32_t)topic); + return ERR_DH_FWK_PARA_INVALID; + } + if (message.empty() || message.size() > MAX_STRING_LEN) { + DHLOGE("Message size is invalid!"); return ERR_DH_FWK_PARA_INVALID; } diff --git a/interfaces/inner_kits/src/ipc/distributed_hardware_proxy.cpp b/interfaces/inner_kits/src/ipc/distributed_hardware_proxy.cpp index 46eda26b5d1a98394a12832e0e060094657ae191..9e72d853e70d3939ac88d97fd99bd2b4121f9ea0 100644 --- a/interfaces/inner_kits/src/ipc/distributed_hardware_proxy.cpp +++ b/interfaces/inner_kits/src/ipc/distributed_hardware_proxy.cpp @@ -41,6 +41,10 @@ int32_t DistributedHardwareProxy::RegisterPublisherListener(const DHTopic topic, DHLOGE("remote service is null"); return ERR_DH_FWK_SERVICE_REMOTE_IS_NULL; } + if (DHTopic::TOPIC_MIN > topic || topic > DHTopic::TOPIC_MAX) { + DHLOGE("Topic is invalid!"); + return ERR_DH_FWK_PARA_INVALID; + } MessageParcel data; MessageParcel reply; @@ -81,6 +85,10 @@ int32_t DistributedHardwareProxy::UnregisterPublisherListener(const DHTopic topi DHLOGE("remote service is null"); return ERR_DH_FWK_SERVICE_REMOTE_IS_NULL; } + if (DHTopic::TOPIC_MIN > topic || topic > DHTopic::TOPIC_MAX) { + DHLOGE("Topic is invalid!"); + return ERR_DH_FWK_PARA_INVALID; + } MessageParcel data; MessageParcel reply; @@ -120,6 +128,14 @@ int32_t DistributedHardwareProxy::PublishMessage(const DHTopic topic, const std: DHLOGE("remote service is null"); return ERR_DH_FWK_SERVICE_REMOTE_IS_NULL; } + if (DHTopic::TOPIC_MIN > topic || topic > DHTopic::TOPIC_MAX) { + DHLOGE("Topic is invalid!"); + return ERR_DH_FWK_PARA_INVALID; + } + if (msg.empty() || msg.size() > MAX_STRING_LEN) { + DHLOGE("Msg is invalid"); + return ERR_DH_FWK_SERVICE_MSG_INVALID; + } MessageParcel data; MessageParcel reply; @@ -151,21 +167,5 @@ int32_t DistributedHardwareProxy::PublishMessage(const DHTopic topic, const std: return ret; } - -void from_json(const nlohmann::json &jsonObj, std::unordered_map &versionMap) -{ - for (const auto &item : jsonObj.value(DH_COMPONENT_VERSIONS, nlohmann::json {})) { - DHType dhType = (DH_TYPE_SET.find(item.value(DH_COMPONENT_TYPE, DHType::UNKNOWN)) != DH_TYPE_SET.end()) ? - item.value(DH_COMPONENT_TYPE, DHType::UNKNOWN) : - DHType::UNKNOWN; - std::string sinkVersion = item.value(DH_COMPONENT_SINK_VER, DH_COMPONENT_DEFAULT_VERSION); - versionMap.emplace(std::pair(dhType, sinkVersion)); - } -} - -std::unordered_map DistributedHardwareProxy::FromJson(const std::string &json) const -{ - return nlohmann::json::parse(json).get>(); -} } // namespace DistributedHardware } // namespace OHOS diff --git a/interfaces/inner_kits/src/ipc/publisher_listener_stub.cpp b/interfaces/inner_kits/src/ipc/publisher_listener_stub.cpp index 84be82c9bf252ed85f21368f129d2448c653a58f..5ba2c8c535f85d6b3301d46ae9df50a92a734250 100644 --- a/interfaces/inner_kits/src/ipc/publisher_listener_stub.cpp +++ b/interfaces/inner_kits/src/ipc/publisher_listener_stub.cpp @@ -15,6 +15,7 @@ #include "publisher_listener_stub.h" +#include "constants.h" #include "distributed_hardware_errno.h" #include "distributed_hardware_log.h" @@ -39,7 +40,15 @@ int32_t PublisherListenerStub::OnRemoteRequest( switch (msgCode) { case IPublisherListener::Message::ON_MESSAGE: { DHTopic topic = (DHTopic)data.ReadUint32(); + if (DHTopic::TOPIC_MIN > topic || topic > DHTopic::TOPIC_MAX) { + DHLOGE("Topic is invalid!"); + return ERR_INVALID_DATA; + } std::string message = data.ReadString(); + if (message.empty() || message.size() > MAX_STRING_LEN) { + DHLOGE("Message is invalid!"); + return ERR_INVALID_DATA; + } OnMessage(topic, message); break; } diff --git a/services/distributedhardwarefwkservice/include/distributed_hardware_stub.h b/services/distributedhardwarefwkservice/include/distributed_hardware_stub.h index f549c24e7faa762dcdcb980b8c60067cd4c846b6..cabb412e4255fc7acdb702bc2c8b331cfe9b172c 100644 --- a/services/distributedhardwarefwkservice/include/distributed_hardware_stub.h +++ b/services/distributedhardwarefwkservice/include/distributed_hardware_stub.h @@ -31,7 +31,6 @@ private: int32_t UnregisterPublisherListenerInner(MessageParcel &data, MessageParcel &reply); int32_t PublishMessageInner(MessageParcel &data, MessageParcel &reply); bool ValidTopic(uint32_t topic); - std::string ToJson(const std::unordered_map &versionMap) const; }; } // namespace DistributedHardware } // namespace OHOS diff --git a/services/distributedhardwarefwkservice/include/resourcemanager/db_adapter.h b/services/distributedhardwarefwkservice/include/resourcemanager/db_adapter.h index 6a27272c1c3b157fecd3f7901454343a686de26d..f2d052d1f267c6ff8d8f7f09814e7fb57bc40b81 100644 --- a/services/distributedhardwarefwkservice/include/resourcemanager/db_adapter.h +++ b/services/distributedhardwarefwkservice/include/resourcemanager/db_adapter.h @@ -55,7 +55,7 @@ public: void SyncCompleted(const std::map &results) override; int32_t GetDataByKey(const std::string &key, std::string &data); int32_t GetDataByKeyPrefix(const std::string &keyPrefix, std::vector &values); - int32_t PutData(const std::string &key, std::string &value); + int32_t PutData(const std::string &key, const std::string &value); int32_t PutDataBatch(const std::vector &keys, const std::vector &values); void CreateManualSyncCount(const std::string &deviceId); void RemoveManualSyncCount(const std::string &deviceId); diff --git a/services/distributedhardwarefwkservice/src/accessmanager/access_manager.cpp b/services/distributedhardwarefwkservice/src/accessmanager/access_manager.cpp index 085c792573833692b61ec87c99be84a022b159c0..cf11db69ed6e084b7469a4758270d1f986c405ac 100644 --- a/services/distributedhardwarefwkservice/src/accessmanager/access_manager.cpp +++ b/services/distributedhardwarefwkservice/src/accessmanager/access_manager.cpp @@ -131,13 +131,17 @@ void AccessManager::OnDeviceOffline(const DmDeviceInfo &deviceInfo) GetAnonyString(deviceInfo.deviceName).c_str(), deviceInfo.deviceTypeId); auto networkId = std::string(deviceInfo.deviceId); // deviceId of DM actually is networkId + if (networkId.size() == 0 || networkId.size() > MAX_ID_LEN) { + DHLOGE("NetworkId is invalid!"); + return; + } auto uuid = GetUUIDBySoftBus(networkId); // when other device restart, the device receives online and offline messages in sequence // uuid is empty call by GetUUIDBySoftBus function. So, get uuid by memory cache when other device restart uuid = uuid.empty() ? DHContext::GetInstance().GetUUIDByNetworkId(networkId) : uuid; - if (uuid.empty()) { - DHLOGI("uuid is empty!"); + if (uuid.size() == 0 || uuid.size() > MAX_ID_LEN) { + DHLOGE("Uuid is invalid!"); return; } @@ -153,8 +157,16 @@ void AccessManager::OnDeviceReady(const DmDeviceInfo &deviceInfo) DHLOGI("start, networkId = %s, deviceName = %s, deviceTypeId = %d", GetAnonyString(deviceInfo.deviceId).c_str(), GetAnonyString(deviceInfo.deviceName).c_str(), deviceInfo.deviceTypeId); - auto networkId = std::string(deviceInfo.deviceId); // deviceId of DM actually is networkId + auto networkId = std::string(deviceInfo.deviceId); + if (networkId.size() == 0 || networkId.size() > MAX_ID_LEN) { + DHLOGE("NetworkId is invalid!"); + return; + } auto uuid = GetUUIDBySoftBus(networkId); + if (uuid.size() == 0 || uuid.size() > MAX_ID_LEN) { + DHLOGE("Uuid is invalid!"); + return; + } auto ret = DistributedHardwareManagerFactory::GetInstance().SendOnLineEvent(networkId, uuid, deviceInfo.deviceTypeId); DHLOGI("online result = %d, networkId = %s, uuid = %s", ret, GetAnonyString(networkId).c_str(), @@ -171,6 +183,10 @@ void AccessManager::SendTrustedDeviceOnline() { std::vector deviceList; DeviceManager::GetInstance().GetTrustedDeviceList(DH_FWK_PKG_NAME, "", deviceList); + if (deviceList.size() == 0 || deviceList.size() > MAX_ONLINE_DEVICE_SIZE) { + DHLOGE("DeviceList size is invalid!"); + return; + } for (const auto &deviceInfo : deviceList) { const auto networkId = std::string(deviceInfo.deviceId); const auto uuid = GetUUIDBySoftBus(networkId); diff --git a/services/distributedhardwarefwkservice/src/componentloader/component_loader.cpp b/services/distributedhardwarefwkservice/src/componentloader/component_loader.cpp index a31fd0d5e44a41edecef29a7c920902a302efb6b..cf932fa9f89a96b091566a4316fae9632ae7419b 100644 --- a/services/distributedhardwarefwkservice/src/componentloader/component_loader.cpp +++ b/services/distributedhardwarefwkservice/src/componentloader/component_loader.cpp @@ -122,7 +122,11 @@ int32_t ComponentLoader::GetCompPathAndVersion(const std::string &jsonStr, std:: std::vector vecJsnCfg = jsonCfg.at(COMPONENTSLOAD_DISTRIBUTED_COMPONENTS).get>(); DHLOGI("get distributed_components CompConfig size is %d", vecJsnCfg.size()); - for (std::vector::iterator iter = vecJsnCfg.begin(); iter != vecJsnCfg.end(); ++iter) { + if (vecJsnCfg.size() == 0 || vecJsnCfg.size() > MAX_COMP_SIZE) { + DHLOGE("CompConfig size is invalid!"); + return ERR_DH_FWK_PARA_INVALID; + } + for (auto iter = vecJsnCfg.begin(); iter != vecJsnCfg.end(); ++iter) { dhtypeMap.insert(std::pair((*iter).type, (*iter))); localDHVersion_.compVersions.insert( std::pair((*iter).type, GetCompVersionFromComConfig(*iter))); @@ -156,10 +160,6 @@ void ComponentLoader::StoreLocalDHVersionInDB() void *ComponentLoader::GetHandler(const std::string &soName) { - if (soName.length() <= 0) { - DHLOGE("%s soName length is 0", soName.c_str()); - return nullptr; - } char path[PATH_MAX + 1] = {0x00}; if (soName.length() == 0 || (LIB_LOAD_PATH.length() + soName.length()) > PATH_MAX || realpath((LIB_LOAD_PATH + soName).c_str(), path) == nullptr) { @@ -190,6 +190,11 @@ void ComponentLoader::GetAllHandler(std::map &dhtypeMap) int32_t ComponentLoader::GetHardwareHandler(const DHType dhType, IHardwareHandler *&hardwareHandlerPtr) { + if (compHandlerMap_.find(dhType) == compHandlerMap_.end()) { + DHLOGE("DHType not exist, dhType: " PRIu32, (uint32_t)dhType); + return ERR_DH_FWK_LOADER_HANDLER_IS_NULL; + } + if (compHandlerMap_[dhType].hardwareHandler == nullptr) { DHLOGE("hardwareHandler is null."); return ERR_DH_FWK_LOADER_HANDLER_IS_NULL; @@ -209,6 +214,11 @@ int32_t ComponentLoader::GetHardwareHandler(const DHType dhType, IHardwareHandle int32_t ComponentLoader::GetSource(const DHType dhType, IDistributedHardwareSource *&sourcePtr) { + if (compHandlerMap_.find(dhType) == compHandlerMap_.end()) { + DHLOGE("DHType not exist, dhType: " PRIu32, (uint32_t)dhType); + return ERR_DH_FWK_LOADER_HANDLER_IS_NULL; + } + if (compHandlerMap_[dhType].sourceHandler == nullptr) { DHLOGE("sourceHandler is null."); return ERR_DH_FWK_LOADER_HANDLER_IS_NULL; @@ -228,6 +238,11 @@ int32_t ComponentLoader::GetSource(const DHType dhType, IDistributedHardwareSour int32_t ComponentLoader::GetSink(const DHType dhType, IDistributedHardwareSink *&sinkPtr) { + if (compHandlerMap_.find(dhType) == compHandlerMap_.end()) { + DHLOGE("DHType not exist, dhType: " PRIu32, (uint32_t)dhType); + return ERR_DH_FWK_LOADER_HANDLER_IS_NULL; + } + if (compHandlerMap_[dhType].sinkHandler == nullptr) { DHLOGE("sinkHandler is null."); return ERR_DH_FWK_LOADER_HANDLER_IS_NULL; @@ -269,9 +284,9 @@ int32_t ComponentLoader::ParseConfig() int32_t ret; DHLOGI("ParseConfig start"); std::string jsonStr = Readfile(COMPONENTSLOAD_PROFILE_PATH); - if (jsonStr.length() == 0) { - DHLOGE("profile is empty return"); - return ERR_DH_FWK_LOADER_COMPONENT_PROFILE_IS_EMPTY; + if (jsonStr.length() == 0 || jsonStr.size() > MAX_STRING_LEN) { + DHLOGE("ConfigJson size is invalid!"); + return ERR_DH_FWK_LOADER_CONFIG_JSON_INVALID; } ret = GetCompPathAndVersion(jsonStr, dhtypeMap); if (ret != DH_FWK_SUCCESS) { diff --git a/services/distributedhardwarefwkservice/src/componentmanager/component_disable.cpp b/services/distributedhardwarefwkservice/src/componentmanager/component_disable.cpp index 4314457e67b5eb3edbb53bd48a72febe7edbc792..392c40aa0ab6680bd87afd607f324eb1d4ee58c5 100644 --- a/services/distributedhardwarefwkservice/src/componentmanager/component_disable.cpp +++ b/services/distributedhardwarefwkservice/src/componentmanager/component_disable.cpp @@ -67,6 +67,11 @@ int32_t ComponentDisable::Disable(const std::string &networkId, const std::strin int32_t ComponentDisable::OnUnregisterResult(const std::string &networkId, const std::string &dhId, int32_t status, const std::string &data) { + if (networkId.size() == 0 || networkId.size() > MAX_ID_LEN || dhId.size() == 0 || dhId.size() > MAX_ID_LEN || + data.size() == 0 || data.size() > MAX_STRING_LEN) { + DHLOGE("Param is invalid!"); + return ERR_DH_FWK_PARA_INVALID; + } if (status == DH_FWK_SUCCESS) { DHLOGI("disable success, networkId = %s, dhId = %s, data = %s.", GetAnonyString(networkId).c_str(), GetAnonyString(dhId).c_str(), data.c_str()); diff --git a/services/distributedhardwarefwkservice/src/componentmanager/component_enable.cpp b/services/distributedhardwarefwkservice/src/componentmanager/component_enable.cpp index 5a05ae655e26335efccda6ac4ed93f9871fd05ca..b53f12c57222caa0a7bd0b71bbbe63c3ac3839d9 100644 --- a/services/distributedhardwarefwkservice/src/componentmanager/component_enable.cpp +++ b/services/distributedhardwarefwkservice/src/componentmanager/component_enable.cpp @@ -67,6 +67,11 @@ int32_t ComponentEnable::Enable(const std::string &networkId, const std::string int32_t ComponentEnable::OnRegisterResult(const std::string &networkId, const std::string &dhId, int32_t status, const std::string &data) { + if (networkId.size() == 0 || networkId.size() > MAX_ID_LEN || dhId.size() == 0 || dhId.size() > MAX_ID_LEN || + data.size() == 0 || data.size() > MAX_STRING_LEN) { + DHLOGE("Param is invalid!"); + return ERR_DH_FWK_PARA_INVALID; + } if (status == DH_FWK_SUCCESS) { DHLOGI("enable success, networkId = %s, dhId = %s, data = %s.", GetAnonyString(networkId).c_str(), GetAnonyString(dhId).c_str(), data.c_str()); diff --git a/services/distributedhardwarefwkservice/src/distributed_hardware_manager.cpp b/services/distributedhardwarefwkservice/src/distributed_hardware_manager.cpp index a44c44e5db1bdfbbfe4e8671771a23deb93b8791..49c826be0e7f92dd63ed82062108c104ec849b0c 100644 --- a/services/distributedhardwarefwkservice/src/distributed_hardware_manager.cpp +++ b/services/distributedhardwarefwkservice/src/distributed_hardware_manager.cpp @@ -83,13 +83,9 @@ int32_t DistributedHardwareManager::SendOnLineEvent(const std::string &networkId { (void)deviceType; - if (networkId.empty()) { - DHLOGE("networkId is empty"); - return ERR_DH_FWK_REMOTE_NETWORK_ID_IS_EMPTY; - } - if (uuid.empty()) { - DHLOGE("uuid is empty, networkId = %s", GetAnonyString(networkId).c_str()); - return ERR_DH_FWK_REMOTE_DEVICE_ID_IS_EMPTY; + if (networkId.size() == 0 || networkId.size() > MAX_ID_LEN || uuid.size() == 0 || uuid.size() > MAX_ID_LEN) { + DHLOGE("NetworkId or uuid is invalid"); + return ERR_DH_FWK_PARA_INVALID; } DHLOGI("networkId = %s, uuid = %s", GetAnonyString(networkId).c_str(), GetAnonyString(uuid).c_str()); @@ -114,14 +110,9 @@ int32_t DistributedHardwareManager::SendOffLineEvent(const std::string &networkI { (void)deviceType; - if (networkId.empty()) { - DHLOGE("networkId is empty"); - return ERR_DH_FWK_REMOTE_NETWORK_ID_IS_EMPTY; - } - - if (uuid.empty()) { - DHLOGW("uuid is empty"); - return ERR_DH_FWK_REMOTE_DEVICE_ID_IS_EMPTY; + if (networkId.empty() || networkId.size() > MAX_ID_LEN || uuid.empty() || uuid.size() > MAX_ID_LEN) { + DHLOGE("NetworkId or uuid is invalid"); + return ERR_DH_FWK_PARA_INVALID; } DHLOGI("networkId = %s, uuid = %s", GetAnonyString(networkId).c_str(), GetAnonyString(uuid).c_str()); diff --git a/services/distributedhardwarefwkservice/src/distributed_hardware_manager_factory.cpp b/services/distributedhardwarefwkservice/src/distributed_hardware_manager_factory.cpp index ca7629ab49a170014d3848c0d071ac009ee44d91..1ed0dfd802cfb0db5e949def129045f4e0d2cc32 100644 --- a/services/distributedhardwarefwkservice/src/distributed_hardware_manager_factory.cpp +++ b/services/distributedhardwarefwkservice/src/distributed_hardware_manager_factory.cpp @@ -71,8 +71,8 @@ void DistributedHardwareManagerFactory::CheckExitSAOrNot() { std::vector deviceList; DeviceManager::GetInstance().GetTrustedDeviceList(DH_FWK_PKG_NAME, "", deviceList); - if (deviceList.size() == 0) { - DHLOGI("DM report devices offline, exit sa process"); + if (deviceList.size() == 0 || deviceList.size() > MAX_ONLINE_DEVICE_SIZE) { + DHLOGI("DM report devices offline or deviceList is over size, exit sa process"); HiSysEventWriteMsg(DHFWK_EXIT_END, OHOS::HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "dhfwk sa exit end."); @@ -99,14 +99,9 @@ bool DistributedHardwareManagerFactory::IsInit() int32_t DistributedHardwareManagerFactory::SendOnLineEvent(const std::string &networkId, const std::string &uuid, uint16_t deviceType) { - if (networkId.empty()) { - DHLOGE("networkId is empty"); - return ERR_DH_FWK_REMOTE_NETWORK_ID_IS_EMPTY; - } - - if (uuid.empty()) { - DHLOGE("uuid is empty"); - return ERR_DH_FWK_REMOTE_DEVICE_ID_IS_EMPTY; + if (networkId.size() == 0 || networkId.size() > MAX_ID_LEN || uuid.size() == 0 || uuid.size() > MAX_ID_LEN) { + DHLOGE("NetworkId or uuid is invalid"); + return ERR_DH_FWK_PARA_INVALID; } if (DHContext::GetInstance().IsDeviceOnline(uuid)) { @@ -132,14 +127,9 @@ int32_t DistributedHardwareManagerFactory::SendOnLineEvent(const std::string &ne int32_t DistributedHardwareManagerFactory::SendOffLineEvent(const std::string &networkId, const std::string &uuid, uint16_t deviceType) { - if (networkId.empty()) { - DHLOGE("networkId is empty"); - return ERR_DH_FWK_REMOTE_NETWORK_ID_IS_EMPTY; - } - - if (uuid.empty()) { - DHLOGE("uuid is empty"); - return ERR_DH_FWK_REMOTE_DEVICE_ID_IS_EMPTY; + if (networkId.empty() || networkId.size() > MAX_ID_LEN || uuid.empty() || uuid.size() > MAX_ID_LEN) { + DHLOGE("NetworkId or uuid is invalid"); + return ERR_DH_FWK_PARA_INVALID; } if (!isInit && !Init()) { diff --git a/services/distributedhardwarefwkservice/src/distributed_hardware_service.cpp b/services/distributedhardwarefwkservice/src/distributed_hardware_service.cpp index 389d742cf721c9f68073b92709afbfd70947a106..ab92ed6e775ea2ec121c870a47188f7abdd02efe 100644 --- a/services/distributedhardwarefwkservice/src/distributed_hardware_service.cpp +++ b/services/distributedhardwarefwkservice/src/distributed_hardware_service.cpp @@ -71,7 +71,7 @@ bool DistributedHardwareService::Init() } auto ret = AccessManager::GetInstance()->Init(); if (ret != DH_FWK_SUCCESS) { - DHLOGI("DistributedHardwareService::Init failed."); + DHLOGE("DistributedHardwareService::Init failed."); HiSysEventWriteErrCodeMsg(DHFWK_INIT_FAIL, OHOS::HiviewDFX::HiSysEvent::EventType::FAULT, ret, "dhfwk sa AccessManager init fail."); return false; diff --git a/services/distributedhardwarefwkservice/src/distributed_hardware_stub.cpp b/services/distributedhardwarefwkservice/src/distributed_hardware_stub.cpp index e1fcee7ed68c787e303ed5aed2ea4c33cf7ea78d..ab04426f32ff4ffbc697a0327542915845364ca5 100644 --- a/services/distributedhardwarefwkservice/src/distributed_hardware_stub.cpp +++ b/services/distributedhardwarefwkservice/src/distributed_hardware_stub.cpp @@ -116,20 +116,7 @@ bool DistributedHardwareStub::ValidTopic(uint32_t topic) if (topic <= (uint32_t)DHTopic::TOPIC_MIN || topic >= (uint32_t)DHTopic::TOPIC_MAX) { return false; } - return true; } - -std::string DistributedHardwareStub::ToJson(const std::unordered_map &versionMap) const -{ - nlohmann::json jsonObj; - for (const auto &item : versionMap) { - nlohmann::json json; - json[DH_COMPONENT_TYPE] = item.first; - json[DH_COMPONENT_SINK_VER] = item.second; - jsonObj[DH_COMPONENT_VERSIONS].emplace_back(json); - } - return jsonObj.dump(); -} } // namespace DistributedHardware } // namespace OHOS diff --git a/services/distributedhardwarefwkservice/src/ipc/publisher_listener_proxy.cpp b/services/distributedhardwarefwkservice/src/ipc/publisher_listener_proxy.cpp index 704675e932e03b7157f5d2e86c11acb326c69f09..aad58fbed115d9808ae1a9c170d11af3d35d91bd 100644 --- a/services/distributedhardwarefwkservice/src/ipc/publisher_listener_proxy.cpp +++ b/services/distributedhardwarefwkservice/src/ipc/publisher_listener_proxy.cpp @@ -13,8 +13,9 @@ * limitations under the License. */ -#include "publisher_listener_proxy.h" +#include "constants.h" #include "distributed_hardware_log.h" +#include "publisher_listener_proxy.h" namespace OHOS { namespace DistributedHardware { @@ -34,6 +35,14 @@ void PublisherListenerProxy::OnMessage(const DHTopic topic, const std::string& m DHLOGE("Get Remote IRemoteObject failed"); return; } + if (DHTopic::TOPIC_MIN > topic || topic > DHTopic::TOPIC_MAX) { + DHLOGE("Topic is invalid!"); + return; + } + if (message.size() == 0 || message.size() > MAX_STRING_LEN) { + DHLOGE("Message is invalid"); + return; + } MessageParcel data; MessageParcel reply; diff --git a/services/distributedhardwarefwkservice/src/localhardwaremanager/local_hardware_manager.cpp b/services/distributedhardwarefwkservice/src/localhardwaremanager/local_hardware_manager.cpp index 3ab0ae501128cd1c0a37bb860da73aac6bfa230b..52faf9f42be820af601561f7319b8e8613b7dc43 100644 --- a/services/distributedhardwarefwkservice/src/localhardwaremanager/local_hardware_manager.cpp +++ b/services/distributedhardwarefwkservice/src/localhardwaremanager/local_hardware_manager.cpp @@ -152,6 +152,10 @@ void LocalHardwareManager::CheckNonExistCapabilityInfo(const std::vector void LocalHardwareManager::GetLocalCapabilityMapByPrefix(const DHType dhType, CapabilityInfoMap &capabilityInfoMap) { std::string localDeviceId = DHContext::GetInstance().GetDeviceInfo().deviceId; + if (localDeviceId.size() == 0 || localDeviceId.size() > MAX_ID_LEN) { + DHLOGE("LocalDeviceId is invalid"); + return; + } if (DHTypePrefixMap.find(dhType) == DHTypePrefixMap.end()) { DHLOGE("DHTypePrefixMap can not find dhType: %#X", dhType); return; diff --git a/services/distributedhardwarefwkservice/src/localhardwaremanager/plugin_listener_impl.cpp b/services/distributedhardwarefwkservice/src/localhardwaremanager/plugin_listener_impl.cpp index b5a3c57a037c01f6b62973c0459fce289e3cee47..f908b9745f060a44272ff034bb5c19e2f58f48c5 100644 --- a/services/distributedhardwarefwkservice/src/localhardwaremanager/plugin_listener_impl.cpp +++ b/services/distributedhardwarefwkservice/src/localhardwaremanager/plugin_listener_impl.cpp @@ -18,6 +18,7 @@ #include "anonymous_string.h" #include "capability_info.h" #include "capability_info_manager.h" +#include "constants.h" #include "dh_context.h" #include "distributed_hardware_errno.h" #include "distributed_hardware_log.h" @@ -29,6 +30,10 @@ namespace DistributedHardware { void PluginListenerImpl::PluginHardware(const std::string &dhId, const std::string &attrs) { + if (dhId.size() == 0 || dhId.size() > MAX_ID_LEN || attrs.size() == 0 || attrs.size() > MAX_STRING_LEN) { + DHLOGE("Param is invalid!"); + return; + } DHLOGI("plugin start, dhId: %s", GetAnonyString(dhId).c_str()); std::vector> capabilityInfos; std::string deviceId = DHContext::GetInstance().GetDeviceInfo().deviceId; @@ -44,6 +49,10 @@ void PluginListenerImpl::PluginHardware(const std::string &dhId, const std::stri void PluginListenerImpl::UnPluginHardware(const std::string &dhId) { + if (dhId.size() == 0 || dhId.size() > MAX_ID_LEN) { + DHLOGE("DhId is invalid!"); + return; + } DHLOGI("unplugin start, dhId: %s", GetAnonyString(dhId).c_str()); std::string deviceId = DHContext::GetInstance().GetDeviceInfo().deviceId; std::shared_ptr capability = nullptr; diff --git a/services/distributedhardwarefwkservice/src/publisher/publisher_item.cpp b/services/distributedhardwarefwkservice/src/publisher/publisher_item.cpp index 1ce2e5c8fdc044c13631b00cb5ba9f14f54c39ff..ff896f7f9c26f877753dfb059640369dac6bd3c8 100644 --- a/services/distributedhardwarefwkservice/src/publisher/publisher_item.cpp +++ b/services/distributedhardwarefwkservice/src/publisher/publisher_item.cpp @@ -13,8 +13,8 @@ * limitations under the License. */ +#include "constants.h" #include "publisher_item.h" - #include "distributed_hardware_log.h" namespace OHOS { @@ -64,6 +64,10 @@ void PublisherItem::RemoveListener(const sptr &listener) void PublisherItem::PublishMessage(const std::string &message) { + if (message.size() == 0 || message.size() > MAX_STRING_LEN) { + DHLOGE("Message is invalid"); + return; + } std::lock_guard lock(mutex_); for (const auto &listener : listeners_) { listener->OnMessage(topic_, message); diff --git a/services/distributedhardwarefwkservice/src/resourcemanager/capability_info.cpp b/services/distributedhardwarefwkservice/src/resourcemanager/capability_info.cpp index 50eefa1a51e66e7256317d551be9aa815e7d8d09..215521227793a5377400df7abe46eecb924d19e3 100644 --- a/services/distributedhardwarefwkservice/src/resourcemanager/capability_info.cpp +++ b/services/distributedhardwarefwkservice/src/resourcemanager/capability_info.cpp @@ -162,22 +162,24 @@ void ToJson(nlohmann::json &jsonObject, const CapabilityInfo &capability) void FromJson(const nlohmann::json &jsonObject, CapabilityInfo &capability) { - if (jsonObject.find(DH_ID) != jsonObject.end()) { + if (jsonObject.find(DH_ID) != jsonObject.end() && jsonObject[DH_ID].is_string()) { capability.SetDHId(jsonObject.at(DH_ID).get()); } - if (jsonObject.find(DEV_ID) != jsonObject.end()) { + if (jsonObject.find(DEV_ID) != jsonObject.end() && jsonObject[DH_ID].is_string()) { capability.SetDeviceId(jsonObject.at(DEV_ID).get()); } - if (jsonObject.find(DEV_NAME) != jsonObject.end()) { + if (jsonObject.find(DEV_NAME) != jsonObject.end() && jsonObject[DH_ID].is_string()) { capability.SetDeviceName(jsonObject.at(DEV_NAME).get()); } - if (jsonObject.find(DEV_TYPE) != jsonObject.end()) { + if (jsonObject.find(DEV_TYPE) != jsonObject.end() && jsonObject[DEV_TYPE].is_number_unsigned() && + jsonObject[DEV_TYPE] <= UINT16_MAX) { capability.SetDeviceType(jsonObject.at(DEV_TYPE).get()); } - if (jsonObject.find(DH_TYPE) != jsonObject.end()) { + if (jsonObject.find(DH_TYPE) != jsonObject.end() && jsonObject[DEV_TYPE].is_number_unsigned() && + jsonObject[DEV_TYPE] <= DHType::MAX_DH) { capability.SetDHType(jsonObject.at(DH_TYPE).get()); } - if (jsonObject.find(DH_ATTRS) != jsonObject.end()) { + if (jsonObject.find(DH_ATTRS) != jsonObject.end() && jsonObject[DH_ATTRS].is_string()) { capability.SetDHAttrs(jsonObject.at(DH_ATTRS).get()); } } diff --git a/services/distributedhardwarefwkservice/src/resourcemanager/capability_info_manager.cpp b/services/distributedhardwarefwkservice/src/resourcemanager/capability_info_manager.cpp index 46ee957bb72da9ba2a6a43ca096b57062eebe5c3..8bb76ab4f2f87bea6d99dd984087bc6ff9588cf0 100644 --- a/services/distributedhardwarefwkservice/src/resourcemanager/capability_info_manager.cpp +++ b/services/distributedhardwarefwkservice/src/resourcemanager/capability_info_manager.cpp @@ -94,6 +94,10 @@ int32_t CapabilityInfoManager::SyncDeviceInfoFromDB(const std::string &deviceId) DHLOGE("Query data from DB by deviceId failed, id: %s", GetAnonyString(deviceId).c_str()); return ERR_DH_FWK_RESOURCE_DB_ADAPTER_OPERATION_FAIL; } + if (dataVector.size() == 0 || dataVector.size() > MAX_DB_DATA_SIZE) { + DHLOGE("DataVector size is invalid!"); + return ERR_DH_FWK_RESOURCE_RES_DB_DATA_INVALID; + } for (const auto &data : dataVector) { std::shared_ptr capabilityInfo; if (CapabilityUtils::GetCapabilityByValue(data, capabilityInfo) != DH_FWK_SUCCESS) { @@ -118,6 +122,10 @@ int32_t CapabilityInfoManager::SyncRemoteCapabilityInfos() DHLOGE("Query all data from DB failed"); return ERR_DH_FWK_RESOURCE_DB_ADAPTER_OPERATION_FAIL; } + if (dataVector.size() == 0 || dataVector.size() > MAX_DB_DATA_SIZE) { + DHLOGE("DataVector size is invalid!"); + return ERR_DH_FWK_RESOURCE_RES_DB_DATA_INVALID; + } for (const auto &data : dataVector) { std::shared_ptr capabilityInfo; if (CapabilityUtils::GetCapabilityByValue(data, capabilityInfo) != DH_FWK_SUCCESS) { @@ -131,8 +139,7 @@ int32_t CapabilityInfoManager::SyncRemoteCapabilityInfos() continue; } if (!DHContext::GetInstance().IsDeviceOnline(deviceId)) { - DHLOGE("offline device, no need sync to memory, deviceId : %s ", - GetAnonyString(deviceId).c_str()); + DHLOGE("offline device, no need sync to memory, deviceId : %s ", GetAnonyString(deviceId).c_str()); continue; } globalCapInfoMap_[capabilityInfo->GetKey()] = capabilityInfo; @@ -142,6 +149,10 @@ int32_t CapabilityInfoManager::SyncRemoteCapabilityInfos() int32_t CapabilityInfoManager::AddCapability(const std::vector> &resInfos) { + if (resInfos.size() == 0 || resInfos.size() > MAX_DB_DATA_SIZE) { + DHLOGE("ResInfos size is invalid!"); + return ERR_DH_FWK_RESOURCE_RES_DB_DATA_INVALID; + } std::lock_guard lock(capInfoMgrMutex_); if (dbAdapterPtr_ == nullptr) { DHLOGE("dbAdapterPtr_ is null"); @@ -152,7 +163,7 @@ int32_t CapabilityInfoManager::AddCapability(const std::vectorGetKey(); @@ -181,7 +192,7 @@ int32_t CapabilityInfoManager::AddCapabilityInMem(const std::vector lock(capInfoMgrMutex_); for (auto &resInfo : resInfos) { - if (!resInfo) { + if (resInfo != nullptr) { continue; } const std::string key = resInfo->GetKey(); @@ -193,16 +204,16 @@ int32_t CapabilityInfoManager::AddCapabilityInMem(const std::vector MAX_ID_LEN) { + DHLOGE("DeviceId is invalid!"); + return ERR_DH_FWK_PARA_INVALID; + } DHLOGI("Remove capability device info, deviceId: %s", GetAnonyString(deviceId).c_str()); std::lock_guard lock(capInfoMgrMutex_); if (dbAdapterPtr_ == nullptr) { DHLOGE("dbAdapterPtr_ is null"); return ERR_DH_FWK_RESOURCE_DB_ADAPTER_POINTER_NULL; } - if (deviceId.empty()) { - DHLOGE("RemoveCapabilityInfoInDB failed, deviceId is empty"); - return ERR_DH_FWK_PARA_INVALID; - } // 1. Clear the cache in the memory. for (auto iter = globalCapInfoMap_.begin(); iter != globalCapInfoMap_.end();) { if (!CapabilityUtils::IsCapKeyMatchDeviceId(iter->first, deviceId)) { @@ -228,10 +239,6 @@ int32_t CapabilityInfoManager::RemoveCapabilityInfoByKey(const std::string &key) DHLOGE("dbAdapterPtr_ is null"); return ERR_DH_FWK_RESOURCE_DB_ADAPTER_POINTER_NULL; } - if (key.empty()) { - DHLOGE("key is empty"); - return ERR_DH_FWK_RESOURCE_KEY_IS_EMPTY; - } // 1. Clear the cache in the memory. globalCapInfoMap_.erase(key); @@ -247,10 +254,6 @@ int32_t CapabilityInfoManager::RemoveCapabilityInfoInMem(const std::string &devi { DHLOGI("remove capability device info in memory, deviceId: %s", GetAnonyString(deviceId).c_str()); std::lock_guard lock(capInfoMgrMutex_); - if (deviceId.empty()) { - DHLOGE("RemoveCapabilityInfoInMem failed, deviceId is empty"); - return ERR_DH_FWK_PARA_INVALID; - } for (auto iter = globalCapInfoMap_.begin(); iter != globalCapInfoMap_.end();) { if (!CapabilityUtils::IsCapKeyMatchDeviceId(iter->first, deviceId)) { iter++; @@ -319,15 +322,18 @@ int32_t CapabilityInfoManager::ManualSync(const std::string &networkId) void CapabilityInfoManager::OnChange(const DistributedKv::ChangeNotification &changeNotification) { DHLOGI("CapabilityInfoManager: DB data OnChange"); - if (!changeNotification.GetInsertEntries().empty()) { + if (!changeNotification.GetInsertEntries().empty() || + changeNotification.GetInsertEntries().size() <= MAX_DB_DATA_SIZE) { DHLOGI("Handle capability data add change"); HandleCapabilityAddChange(changeNotification.GetInsertEntries()); } - if (!changeNotification.GetUpdateEntries().empty()) { + if (!changeNotification.GetUpdateEntries().empty() || + changeNotification.GetUpdateEntries().size() <= MAX_DB_DATA_SIZE) { DHLOGI("Handle capability data update change"); HandleCapabilityUpdateChange(changeNotification.GetUpdateEntries()); } - if (!changeNotification.GetDeleteEntries().empty()) { + if (!changeNotification.GetDeleteEntries().empty() || + changeNotification.GetDeleteEntries().size() <= MAX_DB_DATA_SIZE) { DHLOGI("Handle capability data delete change"); HandleCapabilityDeleteChange(changeNotification.GetDeleteEntries()); } @@ -521,7 +527,7 @@ int32_t CapabilityInfoManager::GetDataByKeyPrefix(const std::string &keyPrefix, { std::lock_guard lock(capInfoMgrMutex_); if (dbAdapterPtr_ == nullptr) { - DHLOGI("dbAdapterPtr_ is null"); + DHLOGE("dbAdapterPtr is null"); return ERR_DH_FWK_RESOURCE_DB_ADAPTER_POINTER_NULL; } std::vector dataVector; @@ -529,6 +535,10 @@ int32_t CapabilityInfoManager::GetDataByKeyPrefix(const std::string &keyPrefix, DHLOGE("Query capability info from db failed, key: %s", GetAnonyString(keyPrefix).c_str()); return ERR_DH_FWK_RESOURCE_DB_ADAPTER_OPERATION_FAIL; } + if (dataVector.size() == 0 || dataVector.size() > MAX_DB_DATA_SIZE) { + DHLOGE("DataVector size is invalid!"); + return ERR_DH_FWK_RESOURCE_RES_DB_DATA_INVALID; + } for (const auto &data : dataVector) { std::shared_ptr capabilityInfo; if (CapabilityUtils::GetCapabilityByValue(data, capabilityInfo) != DH_FWK_SUCCESS) { diff --git a/services/distributedhardwarefwkservice/src/resourcemanager/db_adapter.cpp b/services/distributedhardwarefwkservice/src/resourcemanager/db_adapter.cpp index c95e9399e9cb4607303e82d26fadf11fd40596ea..78e461d18320f658bd864b161c22d44e00a5fa34 100644 --- a/services/distributedhardwarefwkservice/src/resourcemanager/db_adapter.cpp +++ b/services/distributedhardwarefwkservice/src/resourcemanager/db_adapter.cpp @@ -125,6 +125,10 @@ int32_t DBAdapter::ReInit() void DBAdapter::SyncCompleted(const std::map &results) { DHLOGI("DBAdapter SyncCompleted start"); + if (results.size() == 0 || results.size() > MAX_DB_DATA_SIZE) { + DHLOGE("Results size is invalid!"); + return; + } std::lock_guard lock(dbAdapterMutex_); for (const auto &result : results) { std::string deviceId = result.first; @@ -188,14 +192,22 @@ int32_t DBAdapter::GetDataByKeyPrefix(const std::string &keyPrefix, std::vector< GetAnonyString(keyPrefix).c_str()); return ERR_DH_FWK_RESOURCE_KV_STORAGE_OPERATION_FAIL; } + if (allEntries.size() == 0 || allEntries.size() > MAX_DB_DATA_SIZE) { + DHLOGE("AllEntries size is invalid!"); + return ERR_DH_FWK_PARA_INVALID; + } for (const auto& item : allEntries) { values.push_back(item.value.ToString()); } return DH_FWK_SUCCESS; } -int32_t DBAdapter::PutData(const std::string &key, std::string &value) +int32_t DBAdapter::PutData(const std::string &key, const std::string &value) { + if (key.empty() || key.size() > MAX_STRING_LEN || value.empty() || value.size() > MAX_STRING_LEN) { + DHLOGI("Param is invalid!"); + return ERR_DH_FWK_PARA_INVALID; + } std::lock_guard lock(dbAdapterMutex_); if (kvStoragePtr_ == nullptr) { DHLOGE("kvStoragePtr_ is null"); @@ -218,12 +230,8 @@ int32_t DBAdapter::PutDataBatch(const std::vector &keys, const std: DHLOGE("kvStoragePtr_ is null"); return ERR_DH_FWK_RESOURCE_KV_STORAGE_POINTER_NULL; } - if (keys.size() != values.size()) { - DHLOGE("Param invalid"); - return ERR_DH_FWK_PARA_INVALID; - } - if (keys.empty() || values.empty()) { - DHLOGE("keys or values is empty!"); + if (keys.size() != values.size() || keys.empty() || values.empty()) { + DHLOGE("Param is invalid!"); return ERR_DH_FWK_PARA_INVALID; } std::vector entries; diff --git a/services/distributedhardwarefwkservice/src/resourcemanager/version_info.cpp b/services/distributedhardwarefwkservice/src/resourcemanager/version_info.cpp index 649f3519e15f60809248e2fc125e83a4aed6917e..c64ced43f461564839ed4bc46886ae40534ce9fa 100644 --- a/services/distributedhardwarefwkservice/src/resourcemanager/version_info.cpp +++ b/services/distributedhardwarefwkservice/src/resourcemanager/version_info.cpp @@ -63,30 +63,31 @@ void ToJson(nlohmann::json &jsonObject, const VersionInfo &versionInfo) void FromJson(const nlohmann::json &jsonObject, CompVersion &compVer) { - if (jsonObject.find(NAME) != jsonObject.end()) { + if (jsonObject.find(NAME) != jsonObject.end() && jsonObject[NAME].is_string()) { compVer.name = jsonObject.at(NAME).get(); } - if (jsonObject.find(TYPE) != jsonObject.end()) { + if (jsonObject.find(TYPE) != jsonObject.end() && jsonObject[TYPE].is_number_unsigned() && + jsonObject[TYPE] <= DHType::MAX_DH) { compVer.dhType = jsonObject.at(TYPE).get(); } - if (jsonObject.find(HANDLER) != jsonObject.end()) { + if (jsonObject.find(HANDLER) != jsonObject.end() && jsonObject[HANDLER].is_string()) { compVer.handlerVersion = jsonObject.at(HANDLER).get(); } - if (jsonObject.find(SOURCE_VER) != jsonObject.end()) { + if (jsonObject.find(SOURCE_VER) != jsonObject.end() && jsonObject[SOURCE_VER].is_string()) { compVer.sourceVersion = jsonObject.at(SOURCE_VER).get(); } - if (jsonObject.find(SINK_VER) != jsonObject.end()) { + if (jsonObject.find(SINK_VER) != jsonObject.end() && jsonObject[SINK_VER].is_string()) { compVer.sinkVersion = jsonObject.at(SINK_VER).get(); } } void FromJson(const nlohmann::json &jsonObject, VersionInfo &versionInfo) { - if (jsonObject.find(DEV_ID) != jsonObject.end()) { + if (jsonObject.find(DEV_ID) != jsonObject.end() && jsonObject[DEV_ID].is_string()) { versionInfo.deviceId = jsonObject.at(DEV_ID).get(); } - if (jsonObject.find(DH_VER) != jsonObject.end()) { + if (jsonObject.find(DH_VER) != jsonObject.end() && jsonObject[DH_VER].is_string()) { versionInfo.dhVersion = jsonObject.at(DH_VER).get(); } diff --git a/services/distributedhardwarefwkservice/src/resourcemanager/version_info_manager.cpp b/services/distributedhardwarefwkservice/src/resourcemanager/version_info_manager.cpp index d9e3d109e878e311e531fcb20050d1ce3460c35c..c0af01169eb559b71fe1ab26bb5b105a646eacd3 100644 --- a/services/distributedhardwarefwkservice/src/resourcemanager/version_info_manager.cpp +++ b/services/distributedhardwarefwkservice/src/resourcemanager/version_info_manager.cpp @@ -194,7 +194,10 @@ int32_t VersionInfoManager::SyncRemoteVersionInfos() DHLOGE("Query all data from DB failed"); return ERR_DH_FWK_RESOURCE_DB_ADAPTER_OPERATION_FAIL; } - + if (dataVector.size() == 0 || dataVector.size() > MAX_DB_DATA_SIZE) { + DHLOGE("DataVector Size is invalid!"); + return ERR_DH_FWK_RESOURCE_RES_DB_DATA_INVALID; + } for (const auto &data : dataVector) { VersionInfo versionInfo; versionInfo.FromJsonString(data); @@ -252,15 +255,18 @@ int32_t VersionInfoManager::ManualSync(const std::string &networkId) void VersionInfoManager::OnChange(const DistributedKv::ChangeNotification &changeNotification) { DHLOGI("DB data OnChange"); - if (!changeNotification.GetInsertEntries().empty()) { + if (!changeNotification.GetInsertEntries().empty() || + changeNotification.GetInsertEntries().size() <= MAX_DB_DATA_SIZE) { DHLOGI("Handle version data add change"); HandleVersionAddChange(changeNotification.GetInsertEntries()); } - if (!changeNotification.GetUpdateEntries().empty()) { + if (!changeNotification.GetUpdateEntries().empty() || + changeNotification.GetUpdateEntries().size() <= MAX_DB_DATA_SIZE) { DHLOGI("Handle version data update change"); HandleVersionUpdateChange(changeNotification.GetUpdateEntries()); } - if (!changeNotification.GetDeleteEntries().empty()) { + if (!changeNotification.GetDeleteEntries().empty() || + changeNotification.GetDeleteEntries().size() <= MAX_DB_DATA_SIZE) { DHLOGI("Handle version data delete change"); HandleVersionDeleteChange(changeNotification.GetDeleteEntries()); } diff --git a/services/distributedhardwarefwkservice/src/task/task_executor.cpp b/services/distributedhardwarefwkservice/src/task/task_executor.cpp index 45316ea519326b415b54a774e9d0d7aa7345a9fc..0d8a649e29974859bec1c64e9fc44a23e45f07ad 100644 --- a/services/distributedhardwarefwkservice/src/task/task_executor.cpp +++ b/services/distributedhardwarefwkservice/src/task/task_executor.cpp @@ -23,6 +23,9 @@ namespace OHOS { namespace DistributedHardware { +namespace { + const uint32_t MAX_TASK_QUEUE_LENGTH = 256; +} IMPLEMENT_SINGLE_INSTANCE(TaskExecutor); TaskExecutor::TaskExecutor() : taskThreadFlag_(true) { @@ -46,6 +49,10 @@ void TaskExecutor::PushTask(const std::shared_ptr& task) { DHLOGI("Push task: %s", task->GetId().c_str()); std::unique_lock lock(taskQueueMtx_); + if (taskQueue_.size() > MAX_TASK_QUEUE_LENGTH) { + DHLOGE("Task queue is full"); + return; + } taskQueue_.push(task); } diff --git a/services/distributedhardwarefwkservice/src/utils/dh_context.cpp b/services/distributedhardwarefwkservice/src/utils/dh_context.cpp index 8f48c19963251863810cfa194b0bc3eba5354d9b..a897fd3a63cebf2cfb8288486b4c2f3004a28b9e 100644 --- a/services/distributedhardwarefwkservice/src/utils/dh_context.cpp +++ b/services/distributedhardwarefwkservice/src/utils/dh_context.cpp @@ -15,8 +15,8 @@ #include +#include "constants.h" #include "dh_context.h" - #include "dh_utils_tool.h" #include "distributed_hardware_errno.h" #include "distributed_hardware_log.h" @@ -52,10 +52,12 @@ const DeviceInfo& DHContext::GetDeviceInfo() void DHContext::AddOnlineDevice(const std::string &uuid, const std::string &networkId) { std::unique_lock lock(onlineDevMutex_); - if (!uuid.empty() && !networkId.empty()) { - onlineDeviceMap_[uuid] = networkId; - deviceIdUUIDMap_[GetDeviceIdByUUID(uuid)] = uuid; + if (onlineDeviceMap_.size() > MAX_ONLINE_DEVICE_SIZE || deviceIdUUIDMap_.size() > MAX_ONLINE_DEVICE_SIZE) { + DHLOGE("OnlineDeviceMap or deviceIdUUIDMap is over size!"); + return; } + onlineDeviceMap_[uuid] = networkId; + deviceIdUUIDMap_[GetDeviceIdByUUID(uuid)] = uuid; } void DHContext::RemoveOnlineDevice(const std::string &uuid) diff --git a/utils/src/dh_utils_tool.cpp b/utils/src/dh_utils_tool.cpp index 0fb238b37b30a84f77383647789933548a97aef7..8b49ad54ff5594c193453dd6c0cd6104f26d0d01 100644 --- a/utils/src/dh_utils_tool.cpp +++ b/utils/src/dh_utils_tool.cpp @@ -82,6 +82,10 @@ std::string GetUUIDBySoftBus(const std::string &networkId) std::string GetDeviceIdByUUID(const std::string &uuid) { + if (uuid.size() == 0 || uuid.size() > MAX_ID_LEN) { + DHLOGE("uuid is invalid!"); + return ""; + } return Sha256(uuid); }