From 504966b13a357445404d25553b799c556583227d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=82=B9=E5=8F=8B=E6=9D=BE?= Date: Tue, 8 Jul 2025 15:25:09 +0800 Subject: [PATCH 1/3] =?UTF-8?q?codex=20Signed-off-by:=20=E9=82=B9=E5=8F=8B?= =?UTF-8?q?=E6=9D=BE=20?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../feature/update/model/check/src/check_result.cpp | 4 ++-- .../inner_api/feature/update/model/common/parcel_common.h | 1 + .../feature/update/model/policy/src/upgrade_policy.cpp | 4 ++-- .../inner_api/feature/update/model/task/src/task_body.cpp | 8 ++++---- .../update/model/upgrade_info/src/business_error.cpp | 4 ++-- .../current_version/src/current_version_info.cpp | 4 ++-- .../description/src/version_description_info.cpp | 4 ++-- .../version_info/new_version/src/new_version_info.cpp | 4 ++-- 8 files changed, 17 insertions(+), 16 deletions(-) diff --git a/interfaces/inner_api/feature/update/model/check/src/check_result.cpp b/interfaces/inner_api/feature/update/model/check/src/check_result.cpp index f4288215..3c043305 100644 --- a/interfaces/inner_api/feature/update/model/check/src/check_result.cpp +++ b/interfaces/inner_api/feature/update/model/check/src/check_result.cpp @@ -23,8 +23,8 @@ bool CheckResult::ReadFromParcel(Parcel &parcel) newVersionInfo.versionDigestInfo.versionDigest = Str16ToStr8(parcel.ReadString16()); int32_t size = parcel.ReadInt32(); - if (size > MAX_VECTOR_SIZE) { - ENGINE_LOGE("ReadVersionComponents size is over MAX_VECTOR_SIZE, size=%{public}d", size); + if ((size < MIN_VECTOR_SIZE) || (size > MAX_VECTOR_SIZE)) { + ENGINE_LOGE("Invalid versionComponent size=%{public}d", size); return false; } diff --git a/interfaces/inner_api/feature/update/model/common/parcel_common.h b/interfaces/inner_api/feature/update/model/common/parcel_common.h index 25b0dad1..1c0e3980 100644 --- a/interfaces/inner_api/feature/update/model/common/parcel_common.h +++ b/interfaces/inner_api/feature/update/model/common/parcel_common.h @@ -18,5 +18,6 @@ namespace OHOS::UpdateService { static constexpr int32_t MAX_VECTOR_SIZE = 128; +static constexpr int32_t MIN_VECTOR_SIZE = 0; } // OHOS::UpdateService #endif // UPDATE_SERVICE_PARCEL_COMMON_H diff --git a/interfaces/inner_api/feature/update/model/policy/src/upgrade_policy.cpp b/interfaces/inner_api/feature/update/model/policy/src/upgrade_policy.cpp index 66cd2a71..49d4ba4a 100644 --- a/interfaces/inner_api/feature/update/model/policy/src/upgrade_policy.cpp +++ b/interfaces/inner_api/feature/update/model/policy/src/upgrade_policy.cpp @@ -26,8 +26,8 @@ bool UpgradePolicy::ReadFromParcel(Parcel &parcel) customPolicyType = static_cast(parcel.ReadInt32()); size_t size = static_cast(parcel.ReadInt32()); size_t arraySize = COUNT_OF(autoUpgradePeriods); - if (size > MAX_VECTOR_SIZE) { - ENGINE_LOGE("ReadUpgradePolicy size is over MAX_VECTOR_SIZE, size=%{public}zu", size); + if ((size < MIN_VECTOR_SIZE) || (size > MAX_VECTOR_SIZE)) { + ENGINE_LOGE("Invalid autoUpgradePeriods size=%{public}zu", size); return -1; } for (size_t i = 0; (i < size) && (i < arraySize); i++) { diff --git a/interfaces/inner_api/feature/update/model/task/src/task_body.cpp b/interfaces/inner_api/feature/update/model/task/src/task_body.cpp index c3ad60c1..c534bd55 100644 --- a/interfaces/inner_api/feature/update/model/task/src/task_body.cpp +++ b/interfaces/inner_api/feature/update/model/task/src/task_body.cpp @@ -83,8 +83,8 @@ bool TaskBody::ReadFromParcel(Parcel &parcel) installMode = parcel.ReadInt32(); int32_t errorMessageSize = parcel.ReadInt32(); - if (errorMessageSize > MAX_VECTOR_SIZE) { - ENGINE_LOGE("ReadErrorMessages size is over MAX_VECTOR_SIZE, size=%{public}d", errorMessageSize); + if ((errorMessageSize < MIN_VECTOR_SIZE) || (errorMessageSize > MAX_VECTOR_SIZE)) { + ENGINE_LOGE("Invalid errorMessage size=%{public}d", errorMessageSize); return false; } @@ -99,8 +99,8 @@ bool TaskBody::ReadFromParcel(Parcel &parcel) } int32_t componentSize = parcel.ReadInt32(); - if (componentSize > MAX_VECTOR_SIZE) { - ENGINE_LOGE("ReadVersionComponents size is over MAX_VECTOR_SIZE, size=%{public}d", componentSize); + if ((componentSize < MIN_VECTOR_SIZE) || (componentSize > MAX_VECTOR_SIZE)) { + ENGINE_LOGE("Invalid componentSize size=%{public}d", componentSize); return false; } diff --git a/interfaces/inner_api/feature/update/model/upgrade_info/src/business_error.cpp b/interfaces/inner_api/feature/update/model/upgrade_info/src/business_error.cpp index 41ab1292..9d2b39d8 100644 --- a/interfaces/inner_api/feature/update/model/upgrade_info/src/business_error.cpp +++ b/interfaces/inner_api/feature/update/model/upgrade_info/src/business_error.cpp @@ -23,8 +23,8 @@ bool BusinessError::ReadFromParcel(Parcel &parcel) errorNum = static_cast(parcel.ReadInt32()); int32_t errorMessageSize = parcel.ReadInt32(); - if (errorMessageSize > MAX_VECTOR_SIZE) { - ENGINE_LOGE("ReadErrorMessages size is over MAX_VECTOR_SIZE, size=%{public}d", errorMessageSize); + if ((errorMessageSize < MIN_VECTOR_SIZE) || (errorMessageSize > MAX_VECTOR_SIZE)) { + ENGINE_LOGE("Invalid error message size =%{public}d", errorMessageSize); return false; } diff --git a/interfaces/inner_api/feature/update/model/version_info/current_version/src/current_version_info.cpp b/interfaces/inner_api/feature/update/model/version_info/current_version/src/current_version_info.cpp index 49e92a33..3134b44f 100644 --- a/interfaces/inner_api/feature/update/model/version_info/current_version/src/current_version_info.cpp +++ b/interfaces/inner_api/feature/update/model/version_info/current_version/src/current_version_info.cpp @@ -25,8 +25,8 @@ bool CurrentVersionInfo::ReadFromParcel(Parcel &parcel) deviceName = Str16ToStr8(parcel.ReadString16()); int32_t size = parcel.ReadInt32(); - if (size > MAX_VECTOR_SIZE) { - ENGINE_LOGE("ReadVersionComponents size is over MAX_VECTOR_SIZE, size=%{public}d", size); + if ((size < MIN_VECTOR_SIZE) || (size > MAX_VECTOR_SIZE)) { + ENGINE_LOGE("Invalid versionComponent size=%{public}d", size); return false; } diff --git a/interfaces/inner_api/feature/update/model/version_info/description/src/version_description_info.cpp b/interfaces/inner_api/feature/update/model/version_info/description/src/version_description_info.cpp index 57919d5c..c8559b7e 100644 --- a/interfaces/inner_api/feature/update/model/version_info/description/src/version_description_info.cpp +++ b/interfaces/inner_api/feature/update/model/version_info/description/src/version_description_info.cpp @@ -23,8 +23,8 @@ namespace OHOS::UpdateService { bool VersionDescriptionInfo::ReadFromParcel(Parcel &parcel) { int32_t componentDescriptionsSize = parcel.ReadInt32(); - if (componentDescriptionsSize > MAX_VECTOR_SIZE) { - ENGINE_LOGE("size is over MAX_VECTOR_SIZE, size=%{public}d", componentDescriptionsSize); + if ((componentDescriptionsSize < MIN_VECTOR_SIZE) || (componentDescriptionsSize > MAX_VECTOR_SIZE)) { + ENGINE_LOGE("Invalid componentDescriptions size =%{public}d", componentDescriptionsSize); return false; } diff --git a/interfaces/inner_api/feature/update/model/version_info/new_version/src/new_version_info.cpp b/interfaces/inner_api/feature/update/model/version_info/new_version/src/new_version_info.cpp index 682c75f0..43e1776a 100644 --- a/interfaces/inner_api/feature/update/model/version_info/new_version/src/new_version_info.cpp +++ b/interfaces/inner_api/feature/update/model/version_info/new_version/src/new_version_info.cpp @@ -23,8 +23,8 @@ bool NewVersionInfo::ReadFromParcel(Parcel &parcel) { versionDigestInfo.versionDigest = Str16ToStr8(parcel.ReadString16()); int32_t size = parcel.ReadInt32(); - if (size > MAX_VECTOR_SIZE) { - ENGINE_LOGE("ReadVersionComponents size is over MAX_VECTOR_SIZE, size=%{public}d", size); + if ((size < MIN_VECTOR_SIZE) || (size > MAX_VECTOR_SIZE)) { + ENGINE_LOGE("Invalid versionDigestInfo size =%{public}d", size); return false; } -- Gitee From ac419fa4f7ba8cea7d6065a79f2d990623f9dd5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=82=B9=E5=8F=8B=E6=9D=BE?= Date: Wed, 9 Jul 2025 03:42:05 +0000 Subject: [PATCH 2/3] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=B1=BB=E5=9E=8B?= =?UTF-8?q?=E5=8C=B9=E9=85=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 邹友松 --- .../feature/update/model/policy/src/upgrade_policy.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/interfaces/inner_api/feature/update/model/policy/src/upgrade_policy.cpp b/interfaces/inner_api/feature/update/model/policy/src/upgrade_policy.cpp index 49d4ba4a..fe82ce76 100644 --- a/interfaces/inner_api/feature/update/model/policy/src/upgrade_policy.cpp +++ b/interfaces/inner_api/feature/update/model/policy/src/upgrade_policy.cpp @@ -24,13 +24,13 @@ bool UpgradePolicy::ReadFromParcel(Parcel &parcel) downloadStrategy = static_cast(parcel.ReadBool()); autoUpgradeStrategy = static_cast(parcel.ReadBool()); customPolicyType = static_cast(parcel.ReadInt32()); - size_t size = static_cast(parcel.ReadInt32()); + int32_t size = parcel.ReadInt32(); size_t arraySize = COUNT_OF(autoUpgradePeriods); if ((size < MIN_VECTOR_SIZE) || (size > MAX_VECTOR_SIZE)) { ENGINE_LOGE("Invalid autoUpgradePeriods size=%{public}zu", size); return -1; } - for (size_t i = 0; (i < size) && (i < arraySize); i++) { + for (size_t i = 0; (i < static_cast(size)) && (i < arraySize); i++) { autoUpgradePeriods[i].start = parcel.ReadUint32(); autoUpgradePeriods[i].end = parcel.ReadUint32(); } -- Gitee From 61540942e71351ce84fe3fa8524a56196fc4400b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=82=B9=E5=8F=8B=E6=9D=BE?= Date: Thu, 10 Jul 2025 03:15:54 +0000 Subject: [PATCH 3/3] =?UTF-8?q?=E5=8E=BB=E6=8E=89=E6=95=8F=E6=84=9F?= =?UTF-8?q?=E4=BF=A1=E6=81=AF=E6=89=93=E5=8D=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 邹友松 --- services/core/ability/utils/src/sha256_utils.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/core/ability/utils/src/sha256_utils.cpp b/services/core/ability/utils/src/sha256_utils.cpp index 7fe206c9..d451c38b 100644 --- a/services/core/ability/utils/src/sha256_utils.cpp +++ b/services/core/ability/utils/src/sha256_utils.cpp @@ -45,7 +45,7 @@ std::string Sha256Utils::CalculateHashCode(std::string inputStr) bool Sha256Utils::CheckFileSha256String(const std::string &fileName, const std::string &sha256String) { if (!FileUtils::IsFileExist(fileName)) { - ENGINE_LOGE("check file sha256 failed, fileName = %{public}s is not exist", fileName.c_str()); + ENGINE_LOGE("check file sha256 failed, file not exist"); return false; } char sha256Result[SHA256_STRING_LEN] = {0}; // sha256Result len is 65 @@ -75,7 +75,7 @@ bool Sha256Utils::GetDigestFromFile(const char *fileName, unsigned char digest[] { char realPath[PATH_MAX] = {}; if (realpath(fileName, realPath) == NULL) { - ENGINE_LOGI("%{private}s is not exist or invalid", fileName); + ENGINE_LOGI("file not exist or invalid"); return false; } -- Gitee