diff --git a/frameworks/accesstoken/src/native_token_info_parcel.cpp b/frameworks/accesstoken/src/native_token_info_parcel.cpp index 50795dc3639b7582487c11128d8cae684313bc98..5b10bb77da1eea06a63a1289bf36addc48361a25 100644 --- a/frameworks/accesstoken/src/native_token_info_parcel.cpp +++ b/frameworks/accesstoken/src/native_token_info_parcel.cpp @@ -38,7 +38,10 @@ bool NativeTokenInfoParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteUint32(this->nativeTokenInfoParams.tokenID)); RETURN_IF_FALSE(out.WriteUint32(this->nativeTokenInfoParams.tokenAttr)); - int dcapSize = (int)(this->nativeTokenInfoParams.dcap).size(); + if ((this->nativeTokenInfoParams.dcap).size() > INT32_MAX) { + return false; + } + int dcapSize = static_cast((this->nativeTokenInfoParams.dcap).size()); RETURN_IF_FALSE(out.WriteInt32(dcapSize)); for (auto dcapItem : this->nativeTokenInfoParams.dcap) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index dcfec1f30770d2a22a44516b41acfae390c42589..2749e16215a088e643a2cb0bd33f2260d77241e0 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -183,7 +183,7 @@ ATokenTypeEnum AccessTokenManagerClient::GetTokenType(AccessTokenID tokenID) ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); return TOKEN_INVALID; } - return (ATokenTypeEnum)(proxy->GetTokenType(tokenID)); + return static_cast(proxy->GetTokenType(tokenID)); } int AccessTokenManagerClient::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) @@ -280,12 +280,11 @@ sptr AccessTokenManagerClient::GetProxy() return nullptr; } - auto proxy = iface_cast(accesstokenSa); - if (proxy == nullptr) { + proxy_ = iface_cast(accesstokenSa); + if (proxy_ == nullptr) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: iface_cast get null", __func__); return nullptr; } - proxy_ = proxy; } } diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index 5ff41acf1aba1e8728baaec5537cb900eab22f5f..1cb0699839d497f67b02014dfeaed535785d7d29 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -23,14 +23,14 @@ using namespace testing::ext; using namespace OHOS::Security::AccessToken; namespace { -static PermissionStateFull g_grantPermissionReq = { +PermissionStateFull g_grantPermissionReq = { .permissionName = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", .isGeneral = true, .resDeviceID = {"device"}, .grantStatus = {PermissionState::PERMISSION_GRANTED}, .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED} }; -static PermissionStateFull g_revokePermissionReq = { +PermissionStateFull g_revokePermissionReq = { .permissionName = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", .isGeneral = true, .resDeviceID = {"device"}, @@ -38,7 +38,7 @@ static PermissionStateFull g_revokePermissionReq = { .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED} }; -static PermissionDef g_infoManagerTestPermDef1 = { +PermissionDef g_infoManagerTestPermDef1 = { .permissionName = "ohos.permission.test1", .bundleName = "accesstoken_test", .grantMode = 1, @@ -49,7 +49,7 @@ static PermissionDef g_infoManagerTestPermDef1 = { .availableLevel = APL_NORMAL }; -static PermissionDef g_infoManagerTestPermDef2 = { +PermissionDef g_infoManagerTestPermDef2 = { .permissionName = "ohos.permission.test2", .bundleName = "accesstoken_test", .grantMode = 1, @@ -60,7 +60,7 @@ static PermissionDef g_infoManagerTestPermDef2 = { .availableLevel = APL_NORMAL }; -static PermissionStateFull g_infoManagerTestState1 = { +PermissionStateFull g_infoManagerTestState1 = { .grantFlags = {1}, .grantStatus = {PermissionState::PERMISSION_GRANTED}, .isGeneral = true, @@ -68,7 +68,7 @@ static PermissionStateFull g_infoManagerTestState1 = { .resDeviceID = {"local"} }; -static PermissionStateFull g_infoManagerTestState2 = { +PermissionStateFull g_infoManagerTestState2 = { .permissionName = "ohos.permission.test2", .isGeneral = false, .grantFlags = {1, 2}, @@ -76,28 +76,28 @@ static PermissionStateFull g_infoManagerTestState2 = { .resDeviceID = {"device 1", "device 2"} }; -static HapInfoParams g_infoManagerTestInfoParms = { +HapInfoParams g_infoManagerTestInfoParms = { .bundleName = "accesstoken_test", .userID = 1, .instIndex = 0, .appIDDesc = "testtesttesttest" }; -static HapPolicyParams g_infoManagerTestPolicyPrams = { +HapPolicyParams g_infoManagerTestPolicyPrams = { .apl = APL_NORMAL, .domain = "test.domain", .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2}, .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2} }; -static HapInfoParams g_infoManagerTestInfoParmsBak = { +HapInfoParams g_infoManagerTestInfoParmsBak = { .bundleName = "accesstoken_test", .userID = 1, .instIndex = 0, .appIDDesc = "testtesttesttest" }; -static HapPolicyParams g_infoManagerTestPolicyPramsBak = { +HapPolicyParams g_infoManagerTestPolicyPramsBak = { .apl = APL_NORMAL, .domain = "test.domain", .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2}, diff --git a/interfaces/innerkits/nativetoken/src/nativetoken.c b/interfaces/innerkits/nativetoken/src/nativetoken.c index f39d36eefd2275572dcf8810b6e97002c4d9561d..35152e804909fd8f6a4f2a30e116f13d5e4692a6 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken.c @@ -21,7 +21,6 @@ int32_t g_isNativeTokenInited = 0; int32_t GetFileBuff(const char *cfg, char **retBuff) { struct stat fileStat; - int32_t ret; char filePath[PATH_MAX_LEN + 1] = {0}; if (realpath(cfg, filePath) == NULL) { @@ -39,12 +38,13 @@ int32_t GetFileBuff(const char *cfg, char **retBuff) return ATRET_FAILED; } - int32_t fileSize = (int32_t)fileStat.st_size; - if ((fileSize < 0) || (fileSize > MAX_JSON_FILE_LEN)) { + if ((fileStat.st_size < 0) || (fileStat.st_size > MAX_JSON_FILE_LEN)) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:stat file size is invalid.", __func__); return ATRET_FAILED; } + int32_t fileSize = (int32_t)fileStat.st_size; + FILE *cfgFd = fopen(filePath, "r"); if (cfgFd == NULL) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:fopen file failed.", __func__); @@ -58,19 +58,17 @@ int32_t GetFileBuff(const char *cfg, char **retBuff) return ATRET_FAILED; } - if (fread(buff, (size_t)fileSize, 1, cfgFd) != 1) { + if (fread(buff, fileSize, 1, cfgFd) != 1) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:fread failed.", __func__); free(buff); buff = NULL; - ret = ATRET_FAILED; - } else { - buff[fileSize] = '\0'; - *retBuff = buff; - ret = ATRET_SUCCESS; + fclose(cfgFd); + return ATRET_FAILED; } - + buff[fileSize] = '\0'; + *retBuff = buff; fclose(cfgFd); - return ret; + return ATRET_SUCCESS; } void FreeDcaps(char *dcaps[MAX_DCAPS_NUM], int32_t num) @@ -165,6 +163,7 @@ int32_t GetTokenList(const cJSON *object) NativeTokenList *tmp = NULL; if (object == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:object is null.", __func__); return ATRET_FAILED; } arraySize = cJSON_GetArraySize(object); @@ -195,7 +194,7 @@ int32_t GetTokenList(const cJSON *object) return ATRET_SUCCESS; } -int32_t ParseTokenInfoFromCfg(const char *filename) +int32_t ParseTokenInfo(const char *filename) { char *fileBuff = NULL; cJSON *record = NULL; @@ -230,7 +229,7 @@ int32_t AtlibInit(void) } g_tokenListHead->next = NULL; - int32_t ret = ParseTokenInfoFromCfg(TOKEN_ID_CFG_FILE_PATH); + int32_t ret = ParseTokenInfo(TOKEN_ID_CFG_FILE_PATH); if (ret != ATRET_SUCCESS) { free(g_tokenListHead); g_tokenListHead = NULL;