diff --git a/interfaces/innerkits/nativetoken/include/nativetoken.h b/interfaces/innerkits/nativetoken/include/nativetoken.h index dc71d3888e53901c094f0b34747fc38c60d15294..68da04d34118d2bf80997d0c79a0279424a186ae 100644 --- a/interfaces/innerkits/nativetoken/include/nativetoken.h +++ b/interfaces/innerkits/nativetoken/include/nativetoken.h @@ -48,6 +48,7 @@ extern "C" { #define PATH_MAX_LEN 4096 #define MAX_RETRY_TIMES 1000 #define TOKEN_RANDOM_MASK ((1 << 20) - 1) +#define MAX_ARRAY_SIZE 10240 #define ATRET_FAILED 1 #define ATRET_SUCCESS 0 @@ -105,4 +106,4 @@ extern int32_t GetFileBuff(const char *cfg, char **retBuff); } #endif -#endif // NATIVE_TOKEN_H \ No newline at end of file +#endif // NATIVE_TOKEN_H diff --git a/interfaces/innerkits/nativetoken/include/nativetoken_json_oper.h b/interfaces/innerkits/nativetoken/include/nativetoken_json_oper.h index ef2146922ea412a2fd80a72118c696b5a430c645..1edd387d8291980bee1cd3efa79bc64b30c3acd0 100644 --- a/interfaces/innerkits/nativetoken/include/nativetoken_json_oper.h +++ b/interfaces/innerkits/nativetoken/include/nativetoken_json_oper.h @@ -35,10 +35,10 @@ extern uint32_t GetTokenIdFromJson(cJSON *cjsonItem, NativeTokenList *tokenNode) extern uint32_t GetAplFromJson(cJSON *cjsonItem, NativeTokenList *tokenNode); extern uint32_t GetInfoArrFromJson(cJSON *cjsonItem, char *strArr[], int32_t *strNum, StrArrayAttr *attr); extern cJSON *CreateNativeTokenJsonObject(const NativeTokenList *curr); -extern uint32_t UpdateGoalItemFromRecord(const NativeTokenList *tokenNode, cJSON *record); +extern uint32_t UpdateGoalItemFromRecord(const NativeTokenList *tokenNode, const cJSON *record); #ifdef __cplusplus } #endif -#endif // NATIVETOKEN_JSON_OPER_H \ No newline at end of file +#endif // NATIVETOKEN_JSON_OPER_H diff --git a/interfaces/innerkits/nativetoken/src/nativetoken.c b/interfaces/innerkits/nativetoken/src/nativetoken.c index 89c507868d9fb5e91e4f2b019b5d75c573e3be74..9620724d5f9dfd63176327422761811fa005b964 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken.c @@ -133,7 +133,9 @@ static int32_t GetTokenList(const cJSON *object) return ATRET_FAILED; } int32_t arraySize = cJSON_GetArraySize(object); - + if (arraySize > MAX_ARRAY_SIZE) { + return ATRET_FAILED; + } for (int32_t i = 0; i < arraySize; i++) { tmp = (NativeTokenList *)malloc(sizeof(NativeTokenList)); if (tmp == NULL) { diff --git a/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c b/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c index 7921b36cea88008651fa5a11f3d7f25ea0021c61..733410a33bcb34e556e1b3df3b1e95e685f8247e 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c @@ -77,7 +77,7 @@ uint32_t GetInfoArrFromJson(cJSON *cjsonItem, char *strArr[], int32_t *strNum, S { cJSON *strArrJson = cJSON_GetObjectItem(cjsonItem, attr->strKey); int32_t size = cJSON_GetArraySize(strArrJson); - if (size > attr->maxStrNum) { + if (size > attr->maxStrNum || size < 0) { AT_LOG_ERROR("[ATLIB-%s]:size = %d is invalid.", __func__, size); return ATRET_FAILED; } @@ -269,9 +269,12 @@ static uint32_t UpdateItemcontent(const NativeTokenList *tokenNode, cJSON *recor return ATRET_SUCCESS; } -uint32_t UpdateGoalItemFromRecord(const NativeTokenList *tokenNode, cJSON *record) +uint32_t UpdateGoalItemFromRecord(const NativeTokenList *tokenNode, const cJSON *record) { int32_t arraySize = cJSON_GetArraySize(record); + if (arraySize > MAX_ARRAY_SIZE) { + return ATRET_FAILED; + } for (int32_t i = 0; i < arraySize; i++) { cJSON *cjsonItem = cJSON_GetArrayItem(record, i); if (cjsonItem == NULL) {