From a1e36359a1b505198919b01409c52c568ff1f540 Mon Sep 17 00:00:00 2001
From: baoyang <baoyang9@h-partners.com>
Date: Mon, 7 Jul 2025 15:38:36 +0800
Subject: [PATCH] fix alert

Signed-off-by: baoyang <baoyang9@h-partners.com>
Change-Id: I042f041b0a3c674b5b79698ca767dacaf4d6960a
---
 frameworks/common/src/sec_comp_tool.cpp       |  2 +-
 .../src/sec_comp_client.cpp                   |  6 +++--
 .../security_component/src/sec_comp_kit.cpp   |  2 +-
 .../sa/sa_main/first_use_dialog.cpp           | 27 +++++++++++++++----
 .../sa/sa_main/sec_comp_service.cpp           |  8 ++++--
 5 files changed, 34 insertions(+), 11 deletions(-)

diff --git a/frameworks/common/src/sec_comp_tool.cpp b/frameworks/common/src/sec_comp_tool.cpp
index 8868d48..4949b03 100644
--- a/frameworks/common/src/sec_comp_tool.cpp
+++ b/frameworks/common/src/sec_comp_tool.cpp
@@ -129,7 +129,7 @@ static bool IsColorAplhaSimilar(const SecCompColor& fgColor, const SecCompColor&
     double bgAlpha = static_cast<double>(bgColor.argb.alpha) / MAX_ALPHA;
 
     double mixAlpha = fgAlpha + bgAlpha - fgAlpha * bgAlpha;
-    if (GreatNotEqual(bgAlpha / mixAlpha, MIN_CONTRAST_ALPHA)) {
+    if (IsEqual(mixAlpha, ZERO_DOUBLE) || GreatNotEqual(bgAlpha / mixAlpha, MIN_CONTRAST_ALPHA)) {
         SC_LOG_ERROR(LABEL, "FgAlpha=%{public}x BgAlpha=%{public}x is similar, check failed",
             fgColor.argb.alpha, bgColor.argb.alpha);
         return true;
diff --git a/frameworks/inner_api/security_component/src/sec_comp_client.cpp b/frameworks/inner_api/security_component/src/sec_comp_client.cpp
index a1146b6..42d39f7 100644
--- a/frameworks/inner_api/security_component/src/sec_comp_client.cpp
+++ b/frameworks/inner_api/security_component/src/sec_comp_client.cpp
@@ -37,6 +37,7 @@ static constexpr int32_t SENDREQ_FAIL_ERR = 32;
 static const std::vector<int32_t> RETRY_CODE_LIST = {
     SC_SERVICE_ERROR_SERVICE_NOT_EXIST, BR_DEAD_REPLY, BR_FAILED_REPLY, SENDREQ_FAIL_ERR };
 static constexpr int32_t SA_DIED_TIME_OUT = 500;
+constexpr int32_t SA_LOAD_TIME_OUT = 3000;
 }  // namespace
 
 SecCompClient& SecCompClient::GetInstance()
@@ -45,7 +46,8 @@ SecCompClient& SecCompClient::GetInstance()
     if (instance == nullptr) {
         std::lock_guard<std::mutex> lock(g_instanceMutex);
         if (instance == nullptr) {
-            instance = new SecCompClient();
+            SecCompClient* tmp = new (std::nothrow)SecCompClient();
+            instance = std::move(tmp);
         }
     }
     return *instance;
@@ -472,7 +474,7 @@ void SecCompClient::WaitForSecCompSa()
     // wait_for release lock and block until time out(1s) or match the condition with notice
     std::unique_lock<std::mutex> lock(cvLock_);
     auto waitStatus = secComCon_.wait_for(
-        lock, std::chrono::milliseconds(SA_ID_SECURITY_COMPONENT_SERVICE), [this]() { return readyFlag_; });
+        lock, std::chrono::milliseconds(SA_LOAD_TIME_OUT), [this]() { return readyFlag_; });
     if (!waitStatus) {
         // time out or loadcallback fail
         SC_LOG_ERROR(LABEL, "security component load sa timeout");
diff --git a/frameworks/inner_api/security_component/src/sec_comp_kit.cpp b/frameworks/inner_api/security_component/src/sec_comp_kit.cpp
index 6b77c63..f03660b 100644
--- a/frameworks/inner_api/security_component/src/sec_comp_kit.cpp
+++ b/frameworks/inner_api/security_component/src/sec_comp_kit.cpp
@@ -43,7 +43,7 @@ int32_t SecCompKit::RegisterSecurityComponent(SecCompType type,
         bmsClient.GetNameForUid(uid, bundleName);
         HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "CALLER_CHECK_FAILED",
             HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName,
-            "CALLER_PID", IPCSkeleton::GetCallingRealPid(), "CALL_SCENE", "REGITSTER");
+            "CALLER_PID", IPCSkeleton::GetCallingRealPid(), "CALL_SCENE", "REGISTER");
         return SC_SERVICE_ERROR_CALLER_INVALID;
     }
 
diff --git a/services/security_component_service/sa/sa_main/first_use_dialog.cpp b/services/security_component_service/sa/sa_main/first_use_dialog.cpp
index 2680e09..dcf82bc 100644
--- a/services/security_component_service/sa/sa_main/first_use_dialog.cpp
+++ b/services/security_component_service/sa/sa_main/first_use_dialog.cpp
@@ -16,6 +16,7 @@
 
 #include <fcntl.h>
 #include <fstream>
+#include <cstdlib>
 #include <sys/stat.h>
 #include <sys/statfs.h>
 #include <sys/types.h>
@@ -166,25 +167,41 @@ bool FirstUseDialog::IsCfgFileValid(void)
 bool FirstUseDialog::ReadCfgContent(std::string& content)
 {
     std::stringstream buffer;
-    std::ifstream i(FIRST_USE_RECORD_JSON);
+    char* canonicalPath = realpath(FIRST_USE_RECORD_JSON.c_str(), nullptr);
+    if (canonicalPath == nullptr) {
+        SC_LOG_ERROR(LABEL, "Cannot get canonical path for %{public}s, errno %{public}d.",
+            FIRST_USE_RECORD_JSON.c_str(), errno);
+        return false;
+    }
+    std::ifstream i(canonicalPath);
     if (!i.is_open()) {
-        SC_LOG_ERROR(LABEL, "cannot open file %{public}s, errno %{public}d.", FIRST_USE_RECORD_JSON.c_str(), errno);
+        SC_LOG_ERROR(LABEL, "cannot open file %{public}s, errno %{public}d.", canonicalPath, errno);
+        free(canonicalPath);
         return false;
     }
     buffer << i.rdbuf();
     content = buffer.str();
     i.close();
+    free(canonicalPath);
     return true;
 }
 
 void FirstUseDialog::WriteCfgContent(const std::string& content)
 {
-    std::ofstream out(FIRST_USE_RECORD_JSON);
+    char* canonicalPath = realpath(FIRST_USE_RECORD_JSON.c_str(), nullptr);
+    if (canonicalPath == nullptr) {
+        SC_LOG_ERROR(LABEL, "Cannot get canonical path for %{public}s, errno %{public}d.",
+            FIRST_USE_RECORD_JSON.c_str(), errno);
+        return;
+    }
+    std::ofstream out(canonicalPath);
     if (!out.is_open()) {
-        SC_LOG_ERROR(LABEL, "cannot open file %{public}s, errno %{public}d.", FIRST_USE_RECORD_JSON.c_str(), errno);
+        SC_LOG_ERROR(LABEL, "cannot open file %{public}s, errno %{public}d.", canonicalPath, errno);
+        free(canonicalPath);
         return;
     }
     out << content;
+    free(canonicalPath);
     out.close();
 }
 
@@ -226,7 +243,7 @@ void FirstUseDialog::ParseRecords(nlohmann::json& jsonRes)
         uint64_t type;
         if (!ParseRecord(recordJson, id, type)) {
             SC_LOG_ERROR(LABEL, "parse record failed.");
-            return;
+            continue;
         }
         firstUseMap_[id] = type;
     }
diff --git a/services/security_component_service/sa/sa_main/sec_comp_service.cpp b/services/security_component_service/sa/sa_main/sec_comp_service.cpp
index 557724e..5e0c020 100644
--- a/services/security_component_service/sa/sa_main/sec_comp_service.cpp
+++ b/services/security_component_service/sa/sa_main/sec_comp_service.cpp
@@ -257,11 +257,15 @@ int32_t SecCompService::RegisterSecurityComponentBody(SecCompType type,
     int32_t uid = IPCSkeleton::GetCallingUid();
     OHOS::AppExecFwk::BundleMgrClient bmsClient;
     std::string bundleName = "";
-    bmsClient.GetNameForUid(uid, bundleName);
+    if (bmsClient.GetNameForUid(uid, bundleName) != SC_OK) {
+        return res;
+    }
 
     AppExecFwk::BundleInfo bundleInfo;
     int32_t userId = uid / BASE_USER_RANGE;
-    bmsClient.GetBundleInfo(bundleName, AppExecFwk::BundleFlag::GET_BUNDLE_DEFAULT, bundleInfo, userId);
+    if (bmsClient.GetBundleInfo(bundleName, AppExecFwk::BundleFlag::GET_BUNDLE_DEFAULT, bundleInfo, userId) != SC_OK) {
+        return res;
+    }
 
     HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "REGISTER_SUCCESS",
         HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "CALLER_UID", IPCSkeleton::GetCallingUid(),
-- 
Gitee