RDK-60307 [RRD] RDK Coverity Defect Resolution for Device Management

Author: mtirum011

src/rrdEventProcess.c

@@ -173,22 +173,26 @@ static void processIssueType(data_buf *rbuf)
                         size_t dynamicstrlen = strlen(dynamicprofiledata->command);
                         if (staticstrlen > 0 && staticprofiledata->command[staticstrlen - 1] == '"') {
                             staticprofiledata->command[staticstrlen - 1] = '\0';
+                            staticstrlen--; // Update length after removing trailing quote
                         }
                         if (dynamicprofiledata->command[0] == '"') {
                             dynamicprofiledata->command[0] = COMMAND_DELIM;
                         }
                         RDK_LOG(RDK_LOG_DEBUG, LOG_REMDEBUG, "[%s:%d]: Static Profile Commands: %s, Dynamic Profile Commands: %s\n", __FUNCTION__, __LINE__, staticprofiledata->command, dynamicprofiledata->command);
 
-                        size_t appendstrlen = ((staticstrlen - 1) + dynamicstrlen + 1);
+                        size_t appendstrlen = (staticstrlen + dynamicstrlen + 1);
                         char *appendcommandstr = (char *)realloc(staticprofiledata->command, appendstrlen);
                         if (appendcommandstr == NULL) {
-                            RDK_LOG(RDK_LOG_DEBUG, LOG_REMDEBUG, "[%s:%d]: Memory Allocation Failed... \n", __FUNCTION__, __LINE__);
+                            RDK_LOG(RDK_LOG_ERROR, LOG_REMDEBUG, "[%s:%d]: Memory Allocation Failed... \n", __FUNCTION__, __LINE__);
                         }
-                        strcat(appendcommandstr, dynamicprofiledata->command);
-                        staticprofiledata->command = appendcommandstr;
-                        RDK_LOG(RDK_LOG_INFO, LOG_REMDEBUG, "[%s:%d]: Updated command after append from dynamic and static profile: %s \n", __FUNCTION__, __LINE__, staticprofiledata->command);
-                        RDK_LOG(RDK_LOG_DEBUG,LOG_REMDEBUG,"[%s:%d]: Executing Commands in Runtime Service... \n",__FUNCTION__,__LINE__);
-                        checkIssueNodeInfo(pIssueNode, NULL, rbuf, false, staticprofiledata); 
+                        else
+                        {
+                            strcat(appendcommandstr, dynamicprofiledata->command);
+                            staticprofiledata->command = appendcommandstr;
+                            RDK_LOG(RDK_LOG_INFO, LOG_REMDEBUG, "[%s:%d]: Updated command after append from dynamic and static profile: %s \n", __FUNCTION__, __LINE__, staticprofiledata->command);
+                            RDK_LOG(RDK_LOG_DEBUG,LOG_REMDEBUG,"[%s:%d]: Executing Commands in Runtime Service... \n",__FUNCTION__,__LINE__);
+                            checkIssueNodeInfo(pIssueNode, NULL, rbuf, false, staticprofiledata);
+                        } 
                     }
                 }
 	    }	    

src/rrdJsonParser.c

@@ -96,7 +96,22 @@ char * readJsonFile(char *jsonfile)
     }
     fseek(fp, 0, SEEK_SET);
     jsonfile_content = (char *) malloc(sizeof(char) * (ch_count + 1));
-    fread(jsonfile_content, 1, ch_count,fp);
+    if (jsonfile_content == NULL)
+    {
+        RDK_LOG(RDK_LOG_ERROR,LOG_REMDEBUG,"[%s:%d]: Memory allocation failed for json file %s \n",__FUNCTION__,__LINE__,jsonfile);
+        fclose(fp);
+        return NULL;
+    }
+    
+    size_t bytes_read = fread(jsonfile_content, 1, ch_count, fp);
+    if (bytes_read != (size_t)ch_count)
+    {
+        RDK_LOG(RDK_LOG_ERROR,LOG_REMDEBUG,"[%s:%d]: Failed to read json file %s. Expected %d bytes, read %zu bytes \n",__FUNCTION__,__LINE__,jsonfile,ch_count,bytes_read);
+        free(jsonfile_content);
+        fclose(fp);
+        return NULL;
+    }
+    
     jsonfile_content[ch_count] ='\0';
     fclose(fp);
 
@@ -486,6 +501,14 @@ void checkIssueNodeInfo(issueNodeData *issuestructNode, cJSON *jsoncfg, data_buf
     struct tm *ltime;
     rfcbuf = strdup(buff->mdata);
 
+    if (rfcbuf == NULL)
+    {
+        RDK_LOG(RDK_LOG_ERROR,LOG_REMDEBUG,"[%s:%d]: Memory allocation failed for rfcbuf\n",__FUNCTION__,__LINE__);
+        free(buff->mdata); // free rfc data
+        free(buff->jsonPath); // free rrd path info
+        return;
+    }
+
     // Creating Directory for MainNode under /tmp/rrd Folder
     ctime = time (NULL);
     ltime = localtime (&ctime);
@@ -500,6 +523,7 @@ void checkIssueNodeInfo(issueNodeData *issuestructNode, cJSON *jsoncfg, data_buf
     if (mkdir(outdir,0777) != 0)
     {
         RDK_LOG(RDK_LOG_ERROR,LOG_REMDEBUG,"[%s:%d]: %s Directory creation failed!!!\n",__FUNCTION__,__LINE__,outdir);
+        free(rfcbuf); // free duplicated rfc data
         free(buff->mdata); // free rfc data
         free(buff->jsonPath); // free rrd path info
         return;
@@ -552,12 +576,22 @@ void checkIssueNodeInfo(issueNodeData *issuestructNode, cJSON *jsoncfg, data_buf
                     RDK_LOG(RDK_LOG_INFO,LOG_REMDEBUG,"[%s:%d]: RRD Upload Script Execution Success...\n",__FUNCTION__,__LINE__);
                 }
             }
+            if (rfcbuf != NULL)
+            {
+                free(rfcbuf); // free duplicated rfc data
+            }
             free(buff->mdata); // free rfc data
             free(buff->jsonPath); // free rrd path info
 	}
 	else
 	{
             RDK_LOG(RDK_LOG_ERROR,LOG_REMDEBUG,"[%s:%d]: No Command excuted as RRD Failed to change directory:%s\n",__FUNCTION__,__LINE__,outdir);
+            if (rfcbuf != NULL)
+            {
+                free(rfcbuf); // free duplicated rfc data
+            }
+            free(buff->mdata); // free rfc data
+            free(buff->jsonPath); // free rrd path info
 	}
     }
 }
@@ -634,7 +668,7 @@ bool processAllDebugCommand(cJSON *jsoncfg, issueNodeData *issuestructNode, char
 	         }
 	    }
         }
-        free(rfcbuf); // free rfc value
+        // Note: rfcbuf is owned by caller and will be freed there
     }
     else
     {

src/rrdRunCmdThread.c

@@ -40,7 +40,9 @@ static cacheData *cacheDataNode = NULL;
 void initCache(void)
 {
     pthread_mutex_init(&rrdCacheMut, NULL);
+    pthread_mutex_lock(&rrdCacheMut);
     cacheDataNode = NULL;
+    pthread_mutex_unlock(&rrdCacheMut);
 }
 
 /*
@@ -375,8 +377,9 @@ bool executeCommands(issueData *cmdinfo)
             /*Executing Commands using systemd-run*/
             RDK_LOG(RDK_LOG_INFO,LOG_REMDEBUG,"[%s:%d]: Executing following commands using systemd-run:\n \"%s\"\n",__FUNCTION__,__LINE__,cmdData->command);
 
-            strncpy(remoteDebuggerServiceStr, remoteDebuggerPrefix, strlen(remoteDebuggerPrefix) + 1);
-	    strncat(remoteDebuggerServiceStr, cmdData->rfcvalue, strlen(cmdData->rfcvalue));
+            strncpy(remoteDebuggerServiceStr, remoteDebuggerPrefix, sizeof(remoteDebuggerServiceStr) - 1);
+            remoteDebuggerServiceStr[sizeof(remoteDebuggerServiceStr) - 1] = '\0';
+	    strncat(remoteDebuggerServiceStr, cmdData->rfcvalue, sizeof(remoteDebuggerServiceStr) - strlen(remoteDebuggerServiceStr) - 1);
 
 	    removeQuotes(cmdData->command);
 
@@ -389,8 +392,8 @@ bool executeCommands(issueData *cmdinfo)
             {
                 RDK_LOG(RDK_LOG_INFO,LOG_REMDEBUG,"[%s:%d]: Starting remote_debugger_%s service success...\n",__FUNCTION__,__LINE__,cmdData->rfcvalue);
 		copyDebugLogDestFile(systemdfp, filePointer);
+                v_secure_pclose(systemdfp);
             }
-            v_secure_pclose(systemdfp);
 
             /*Logging output using journalctl to Output file*/
             RDK_LOG(RDK_LOG_INFO,LOG_REMDEBUG,"[%s:%d]: Using journalctl to log command output...\n",__FUNCTION__,__LINE__);
@@ -403,9 +406,8 @@ bool executeCommands(issueData *cmdinfo)
             {
                 RDK_LOG(RDK_LOG_INFO,LOG_REMDEBUG,"[%s:%d]: journalctl remote_debugger_%s service success...\n",__FUNCTION__,__LINE__,cmdData->rfcvalue);
 		copyDebugLogDestFile(journalctlfp, filePointer);
+                v_secure_pclose(journalctlfp);
             }
-            
-	    v_secure_pclose(journalctlfp);
 
 	    /* Close debug_output.txt file*/
 	    fclose(filePointer);