From 20d0f7d59e3583f2b5466b54335300c946702216 Mon Sep 17 00:00:00 2001
From: sun_fan <sun_fan@hoperun.com>
Date: Tue, 20 Jul 2021 22:53:37 +0800
Subject: [PATCH] appspaw: modify static check

Signed-off-by: sun_fan <sun_fan@hoperun.com>
---
 services/BUILD.gn                                   |  1 +
 services/src/appspawn_message.c                     | 11 ++++++-----
 services/src/appspawn_process.c                     |  5 ++++-
 services/src/appspawn_service.c                     |  8 +++++++-
 services/test/unittest/common/message_func_test.cpp |  6 ++++++
 5 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/services/BUILD.gn b/services/BUILD.gn
index 7acdac0..c781603 100755
--- a/services/BUILD.gn
+++ b/services/BUILD.gn
@@ -46,6 +46,7 @@ executable("appspawn") {
     "${aafwk_lite_path}/interfaces/innerkits/abilitymgr_lite",
     "//third_party/bounds_checking_function/include/",
     "//third_party/cJSON",
+    "//base/startup/syspara_lite/interfaces/innerkits/native/syspara/include",
   ]
 
   deps = [
diff --git a/services/src/appspawn_message.c b/services/src/appspawn_message.c
index fc1cbad..809efe9 100644
--- a/services/src/appspawn_message.c
+++ b/services/src/appspawn_message.c
@@ -28,6 +28,7 @@
 #include "log.h"
 #include "ohos_errno.h"
 #include "securec.h"
+#include "sysparam_errno.h"
 
 static const size_t MAX_BUNDLE_NAME_LEN = 127;
 static const size_t MIN_BUNDLE_NAME_LEN = 7;
@@ -59,7 +60,7 @@ void FreeMessageSt(MessageSt* targetSt)
     }
 }
 
-static int ReadStringItem(cJSON* strItem, char** buf, size_t maxLen, size_t minLen)
+static OHOSStartUpSysParamErrorCode ReadStringItem(cJSON* strItem, char** buf, size_t maxLen, size_t minLen)
 {
     if (strItem == NULL || !cJSON_IsString(strItem)) {
         return EC_INVALID;
@@ -80,7 +81,7 @@ static int ReadStringItem(cJSON* strItem, char** buf, size_t maxLen, size_t minL
         return EC_NOMEMORY;
     }
 
-    if (strLength > 0 && memcpy_s(bufTmp, strLength, strPtr, strLength) != EOK) {
+    if (strLength > 0 && memcpy_s(bufTmp, strLength + 1, strPtr, strLength) != EOK) {
         free(bufTmp);
         bufTmp = NULL;
         return EC_FAILURE;
@@ -117,7 +118,7 @@ static int GetCaps(const cJSON* curItem, MessageSt* msgSt)
     }
 
     if (capsCnt > MAX_CAPABILITY_COUNT) {
-        HILOG_ERROR(HILOG_MODULE_HIVIEW, "[appspawn] GetCaps, too many caps[cnt %{public}d], max %{public}d",\
+        HILOG_ERROR(HILOG_MODULE_HIVIEW, "[appspawn] GetCaps, too many caps[cnt %{public}d], max %{public}d",
             capsCnt, MAX_CAPABILITY_COUNT);
         return EC_INVALID;
     }
@@ -167,7 +168,7 @@ int SplitMessage(const char* msg, unsigned int msgLen, MessageSt* msgSt)
     }
 
     cJSON* bundleNameItem = cJSON_GetObjectItem(rootJ, "bundleName");
-    int ret = ReadStringItem(bundleNameItem, &(msgSt->bundleName), MAX_BUNDLE_NAME_LEN, MIN_BUNDLE_NAME_LEN);
+    int ret = (int)ReadStringItem(bundleNameItem, &(msgSt->bundleName), MAX_BUNDLE_NAME_LEN, MIN_BUNDLE_NAME_LEN);
     if (ret != EC_SUCCESS) {
         FreeMessageSt(msgSt);
         cJSON_Delete(rootJ);
@@ -175,7 +176,7 @@ int SplitMessage(const char* msg, unsigned int msgLen, MessageSt* msgSt)
     }
 
     cJSON* identityIDItem = cJSON_GetObjectItem(rootJ, "identityID");
-    ret = ReadStringItem(identityIDItem, &(msgSt->identityID), MAX_IDENTITY_ID_LEN, MIN_IDENTITY_ID_LEN);
+    ret = (int)ReadStringItem(identityIDItem, &(msgSt->identityID), MAX_IDENTITY_ID_LEN, MIN_IDENTITY_ID_LEN);
     if (ret != EC_SUCCESS) {
         FreeMessageSt(msgSt);
         cJSON_Delete(rootJ);
diff --git a/services/src/appspawn_process.c b/services/src/appspawn_process.c
index 0a6edad..277b03f 100755
--- a/services/src/appspawn_process.c
+++ b/services/src/appspawn_process.c
@@ -150,6 +150,9 @@ pid_t CreateProcess(const MessageSt* msgSt)
 #endif // OHOS_DEBUG
 
         // set permissions
+        if (msgSt->caps == NULL) {
+            exit(0x7f); // 0x7f: user specified
+        }
         if (SetPerms(msgSt->uID, msgSt->gID, msgSt->capsCnt, msgSt->caps) != 0) {
             HILOG_ERROR(HILOG_MODULE_HIVIEW, "[appspawn] sub-process %{public}s exit!", msgSt->bundleName);
             exit(0x7f); // 0x7f: user specified
@@ -164,7 +167,7 @@ pid_t CreateProcess(const MessageSt* msgSt)
                 getpid(), errno);
         }
         // 1s = 1000000000ns
-        long timeUsed = (tmEnd.tv_sec - tmStart.tv_sec) * 1000000000 + (tmEnd.tv_nsec - tmStart.tv_nsec);
+        long timeUsed = (tmEnd.tv_sec - tmStart.tv_sec) * (long)1000000000 + (tmEnd.tv_nsec - tmStart.tv_nsec);
         HILOG_INFO(HILOG_MODULE_HIVIEW, "[appspawn] sub-process, pid %{public}d, timeused %ld ns.",\
             getpid(), timeUsed);
 #endif // OHOS_DEBUG
diff --git a/services/src/appspawn_service.c b/services/src/appspawn_service.c
index a04ce49..e861439 100755
--- a/services/src/appspawn_service.c
+++ b/services/src/appspawn_service.c
@@ -85,6 +85,9 @@ static TaskConfig GetTaskConfig(Service* service)
 #ifdef OHOS_DEBUG
 static void GetCurTime(struct timespec* tmCur)
 {
+    if (tmCur == NULL) {
+        return;
+    }
     if (clock_gettime(CLOCK_REALTIME, tmCur) != 0) {
         HILOG_ERROR(HILOG_MODULE_HIVIEW, "[appspawn] invoke, get time failed! err %{public}d", errno);
     }
@@ -93,6 +96,9 @@ static void GetCurTime(struct timespec* tmCur)
 
 static int GetMessageSt(MessageSt* msgSt, IpcIo* req)
 {
+    if (msgSt == NULL || req == NULL) {
+        return EC_FAILURE;
+    }
 #ifdef __LINUX__
     size_t len = 0;
     char* str = IpcIoPopString(req, &len);
@@ -155,7 +161,7 @@ static int Invoke(IServerProxy* iProxy, int funcId, void* origin, IpcIo* req, Ip
     GetCurTime(&tmEnd);
 
     // 1s = 1000000000ns
-    long timeUsed = (tmEnd.tv_sec - tmStart.tv_sec) * 1000000000 + (tmEnd.tv_nsec - tmStart.tv_nsec);
+    long timeUsed = (tmEnd.tv_sec - tmStart.tv_sec) * (long)1000000000 + (tmEnd.tv_nsec - tmStart.tv_nsec);
     HILOG_INFO(HILOG_MODULE_HIVIEW, "[appspawn] invoke, reply pid %{public}d, timeused %{public}ld ns.",\
         newPid, timeUsed);
 #else
diff --git a/services/test/unittest/common/message_func_test.cpp b/services/test/unittest/common/message_func_test.cpp
index 78f291e..bdea322 100644
--- a/services/test/unittest/common/message_func_test.cpp
+++ b/services/test/unittest/common/message_func_test.cpp
@@ -208,6 +208,9 @@ HWTEST_F(StartupAppspawnUTest, msgFuncFreeTest_002, TestSize.Level1)
 
 static void GetCurrentTime(struct timespec* tmCur)
 {
+    if (tmCur == NULL) {
+        return;
+    }
     if (clock_gettime(CLOCK_REALTIME, tmCur) != 0) {
         printf("[----------] StartupAppspawnUTest, get time failed! err %d.\n", errno);
     }
@@ -290,11 +293,14 @@ HWTEST_F(StartupAppspawnUTest, msgFuncSplitTest_002, TestSize.Level1)
     caps.push_back(1);    // 1, test capability
     caps.push_back(5);    // 5, test capability
 
+    EXPECT_NE(msgSt.bundleName, nullptr);
+    EXPECT_NE(msgSt.identityID, nullptr);
     EXPECT_EQ(strcmp("validName", msgSt.bundleName), 0);
     EXPECT_EQ(strcmp("135", msgSt.identityID), 0);
     EXPECT_EQ(TEST_UID, msgSt.uID);
     EXPECT_EQ(TEST_GID, msgSt.gID);
     EXPECT_EQ(caps.size(), msgSt.capsCnt);
+    EXPECT_NE(msgSt.caps, nullptr);
     for (size_t i = 0; i < caps.size(); ++i) {
         EXPECT_EQ(caps[i], msgSt.caps[i]);
     }
-- 
Gitee