From 498c84e587e49e00e9c2d3ff10f5f6a1910a167f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=8F=B2=E6=99=93=E6=99=93?= Date: Tue, 22 Jul 2025 10:04:20 +0800 Subject: [PATCH 1/9] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=91=8A=E8=AD=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 史晓晓 --- .../src/authentication/dm_auth_manager.cpp | 2 +- .../implementation/src/cryptomgr/crypto_mgr.cpp | 8 ++++++-- .../src/permission/standard/permission_manager.cpp | 14 ++++++++++---- .../src/relationshipsyncmgr/dm_comm_tool.cpp | 2 +- 4 files changed, 18 insertions(+), 8 deletions(-) diff --git a/services/implementation/src/authentication/dm_auth_manager.cpp b/services/implementation/src/authentication/dm_auth_manager.cpp index 92c7d607d..8680b9c42 100644 --- a/services/implementation/src/authentication/dm_auth_manager.cpp +++ b/services/implementation/src/authentication/dm_auth_manager.cpp @@ -1562,7 +1562,7 @@ bool DmAuthManager::IsPinCodeValid(const std::string strpin) return false; } for (size_t i = 0; i < strpin.length(); i++) { - if (!isdigit(strpin[i])) { + if (isdigit(strpin[i]) == 0) { return false; } } diff --git a/services/implementation/src/cryptomgr/crypto_mgr.cpp b/services/implementation/src/cryptomgr/crypto_mgr.cpp index 6cba98ca7..1c177e0d3 100644 --- a/services/implementation/src/cryptomgr/crypto_mgr.cpp +++ b/services/implementation/src/cryptomgr/crypto_mgr.cpp @@ -212,7 +212,10 @@ int32_t CryptoMgr::DecryptMessage(const std::string &inputMsg, std::string &outp LOGE("set key fail"); return ERR_DM_CRYPTO_OPT_FAILED; } - + if (inputMsgBytesLen < OVERHEAD_LEN) { + LOGE("invalid para"); + return ERR_DM_CRYPTO_PARA_INVALID; + } uint32_t outLen = inputMsgBytesLen - OVERHEAD_LEN + 1; /* for '\0' */ unsigned char *outData = (unsigned char *)calloc(outLen, sizeof(unsigned char)); if (outData == nullptr) { @@ -276,7 +279,8 @@ int32_t CryptoMgr::MbedAesGcmDecrypt(const AesGcmCipherKey *cipherKey, const uns int32_t CryptoMgr::DoDecryptData(AesGcmCipherKey *cipherKey, const unsigned char *input, uint32_t inLen, unsigned char *decryptData, uint32_t *decryptLen) { - if (cipherKey == NULL || input == NULL || inLen < GCM_IV_LEN || decryptData == NULL || decryptLen == NULL) { + if (cipherKey == NULL || input == NULL || inLen < GCM_IV_LEN || decryptData == NULL || decryptLen == NULL || + inLen < OVERHEAD_LEN) { return ERR_DM_CRYPTO_PARA_INVALID; } diff --git a/services/service/src/permission/standard/permission_manager.cpp b/services/service/src/permission/standard/permission_manager.cpp index 33836f1ab..622912e64 100644 --- a/services/service/src/permission/standard/permission_manager.cpp +++ b/services/service/src/permission/standard/permission_manager.cpp @@ -114,13 +114,19 @@ bool PermissionManager::CheckMonitorPermission(void) } ATokenTypeEnum tokenTypeFlag = AccessTokenKit::GetTokenTypeFlag(tokenCaller); if (tokenTypeFlag == ATokenTypeEnum::TOKEN_NATIVE) { - if (AccessTokenKit::VerifyAccessToken(tokenCaller, DM_MONITOR_DEVICE_NETWORK_STATE_PERMISSION) != + if (AccessTokenKit::VerifyAccessToken(tokenCaller, DM_MONITOR_DEVICE_NETWORK_STATE_PERMISSION) == PermissionState::PERMISSION_GRANTED) { - LOGE("DM service access is denied, please apply for corresponding permissions."); - return false; + return true; + } + } + if (tokenTypeFlag == tokenTypeFlag == ATokenTypeEnum::TOKEN_HAP) { + if (AccessTokenKit::VerifyAccessToken(tokenCaller, DM_SERVICE_ACCESS_NEWPERMISSION) == + PermissionState::PERMISSION_GRANTED) { + return true; } } - return true; + LOGE("DM service access is denied, please apply for corresponding permissions."); + return false; } int32_t PermissionManager::GetCallerProcessName(std::string &processName) diff --git a/services/service/src/relationshipsyncmgr/dm_comm_tool.cpp b/services/service/src/relationshipsyncmgr/dm_comm_tool.cpp index 09b7dbb0b..fac377c8e 100644 --- a/services/service/src/relationshipsyncmgr/dm_comm_tool.cpp +++ b/services/service/src/relationshipsyncmgr/dm_comm_tool.cpp @@ -696,7 +696,7 @@ int32_t DMCommTool::ParseUserStopMessage(const std::string &msgStr, int32_t &sto return ERR_DM_FAILED; } cJSON *stopUserIdObj = cJSON_GetObjectItem(root, USER_STOP_MSG_KEY); - if (stopUserIdObj == NULL || !cJSON_IsNumber(stopUserIdObj)) { + if (stopUserIdObj == NULL || !stopUserIdObj.is_number_integer()) { LOGE("parse stopUserId id failed."); cJSON_Delete(root); return ERR_DM_FAILED; -- Gitee From fed98ccb3a7f34572250fb00011d0aad7e52c56b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=8F=B2=E6=99=93=E6=99=93?= Date: Tue, 22 Jul 2025 10:10:00 +0800 Subject: [PATCH 2/9] =?UTF-8?q?=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 史晓晓 --- services/service/src/permission/standard/permission_manager.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/service/src/permission/standard/permission_manager.cpp b/services/service/src/permission/standard/permission_manager.cpp index 622912e64..9c7c4c4af 100644 --- a/services/service/src/permission/standard/permission_manager.cpp +++ b/services/service/src/permission/standard/permission_manager.cpp @@ -119,7 +119,7 @@ bool PermissionManager::CheckMonitorPermission(void) return true; } } - if (tokenTypeFlag == tokenTypeFlag == ATokenTypeEnum::TOKEN_HAP) { + if (tokenTypeFlag == ATokenTypeEnum::TOKEN_HAP) { if (AccessTokenKit::VerifyAccessToken(tokenCaller, DM_SERVICE_ACCESS_NEWPERMISSION) == PermissionState::PERMISSION_GRANTED) { return true; -- Gitee From 03b547b7a0a167b1fd2a9ebfb63c3c7455f64089 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=8F=B2=E6=99=93=E6=99=93?= Date: Tue, 22 Jul 2025 10:16:57 +0800 Subject: [PATCH 3/9] =?UTF-8?q?=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 史晓晓 --- services/service/src/permission/standard/permission_manager.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/service/src/permission/standard/permission_manager.cpp b/services/service/src/permission/standard/permission_manager.cpp index 9c7c4c4af..020b5e881 100644 --- a/services/service/src/permission/standard/permission_manager.cpp +++ b/services/service/src/permission/standard/permission_manager.cpp @@ -120,7 +120,7 @@ bool PermissionManager::CheckMonitorPermission(void) } } if (tokenTypeFlag == ATokenTypeEnum::TOKEN_HAP) { - if (AccessTokenKit::VerifyAccessToken(tokenCaller, DM_SERVICE_ACCESS_NEWPERMISSION) == + if (AccessTokenKit::VerifyAccessToken(tokenCaller, DM_SERVICE_ACCESS_PERMISSION) == PermissionState::PERMISSION_GRANTED) { return true; } -- Gitee From a1d6f69d1d83ced06577470d272265154c857729 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=8F=B2=E6=99=93=E6=99=93?= Date: Tue, 22 Jul 2025 14:12:08 +0800 Subject: [PATCH 4/9] =?UTF-8?q?=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 史晓晓 --- services/implementation/src/authentication/dm_auth_manager.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/implementation/src/authentication/dm_auth_manager.cpp b/services/implementation/src/authentication/dm_auth_manager.cpp index 8680b9c42..92c7d607d 100644 --- a/services/implementation/src/authentication/dm_auth_manager.cpp +++ b/services/implementation/src/authentication/dm_auth_manager.cpp @@ -1562,7 +1562,7 @@ bool DmAuthManager::IsPinCodeValid(const std::string strpin) return false; } for (size_t i = 0; i < strpin.length(); i++) { - if (isdigit(strpin[i]) == 0) { + if (!isdigit(strpin[i])) { return false; } } -- Gitee From bf4759b061a8a7078e33f94b7af266864a6f1c52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=8F=B2=E6=99=93=E6=99=93?= Date: Tue, 22 Jul 2025 14:15:00 +0800 Subject: [PATCH 5/9] =?UTF-8?q?=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 史晓晓 --- services/service/src/relationshipsyncmgr/dm_comm_tool.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/service/src/relationshipsyncmgr/dm_comm_tool.cpp b/services/service/src/relationshipsyncmgr/dm_comm_tool.cpp index fac377c8e..09b7dbb0b 100644 --- a/services/service/src/relationshipsyncmgr/dm_comm_tool.cpp +++ b/services/service/src/relationshipsyncmgr/dm_comm_tool.cpp @@ -696,7 +696,7 @@ int32_t DMCommTool::ParseUserStopMessage(const std::string &msgStr, int32_t &sto return ERR_DM_FAILED; } cJSON *stopUserIdObj = cJSON_GetObjectItem(root, USER_STOP_MSG_KEY); - if (stopUserIdObj == NULL || !stopUserIdObj.is_number_integer()) { + if (stopUserIdObj == NULL || !cJSON_IsNumber(stopUserIdObj)) { LOGE("parse stopUserId id failed."); cJSON_Delete(root); return ERR_DM_FAILED; -- Gitee From 194d62c157c67e4952cdc37513fd3cacb728e8e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=8F=B2=E6=99=93=E6=99=93?= Date: Tue, 22 Jul 2025 14:16:57 +0800 Subject: [PATCH 6/9] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=BC=E5=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 史晓晓 --- services/implementation/src/cryptomgr/crypto_mgr.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/services/implementation/src/cryptomgr/crypto_mgr.cpp b/services/implementation/src/cryptomgr/crypto_mgr.cpp index 1c177e0d3..fb37b56ac 100644 --- a/services/implementation/src/cryptomgr/crypto_mgr.cpp +++ b/services/implementation/src/cryptomgr/crypto_mgr.cpp @@ -212,6 +212,7 @@ int32_t CryptoMgr::DecryptMessage(const std::string &inputMsg, std::string &outp LOGE("set key fail"); return ERR_DM_CRYPTO_OPT_FAILED; } + if (inputMsgBytesLen < OVERHEAD_LEN) { LOGE("invalid para"); return ERR_DM_CRYPTO_PARA_INVALID; -- Gitee From 93e237beaec3a4352d009f51eb12518bae93f17b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=8F=B2=E6=99=93=E6=99=93?= Date: Tue, 22 Jul 2025 14:27:20 +0800 Subject: [PATCH 7/9] =?UTF-8?q?=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 史晓晓 --- services/implementation/src/cryptomgr/crypto_mgr.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/services/implementation/src/cryptomgr/crypto_mgr.cpp b/services/implementation/src/cryptomgr/crypto_mgr.cpp index fb37b56ac..999d7f1a7 100644 --- a/services/implementation/src/cryptomgr/crypto_mgr.cpp +++ b/services/implementation/src/cryptomgr/crypto_mgr.cpp @@ -280,8 +280,7 @@ int32_t CryptoMgr::MbedAesGcmDecrypt(const AesGcmCipherKey *cipherKey, const uns int32_t CryptoMgr::DoDecryptData(AesGcmCipherKey *cipherKey, const unsigned char *input, uint32_t inLen, unsigned char *decryptData, uint32_t *decryptLen) { - if (cipherKey == NULL || input == NULL || inLen < GCM_IV_LEN || decryptData == NULL || decryptLen == NULL || - inLen < OVERHEAD_LEN) { + if (cipherKey == NULL || input == NULL || inLen < OVERHEAD_LEN || decryptData == NULL || decryptLen == NULL) { return ERR_DM_CRYPTO_PARA_INVALID; } -- Gitee From b2a98f4c720c81ac5a30ea74abbd4425bac50b46 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=8F=B2=E6=99=93=E6=99=93?= Date: Tue, 22 Jul 2025 15:18:28 +0800 Subject: [PATCH 8/9] =?UTF-8?q?=E4=BF=AE=E6=94=B9ut?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 史晓晓 --- test/commonunittest/UTTest_permission_manager.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/commonunittest/UTTest_permission_manager.cpp b/test/commonunittest/UTTest_permission_manager.cpp index 1ddd7830f..1cb44f5f9 100644 --- a/test/commonunittest/UTTest_permission_manager.cpp +++ b/test/commonunittest/UTTest_permission_manager.cpp @@ -169,7 +169,7 @@ HWTEST_F(PermissionManagerTest, CheckMonitorPermission_001, testing::ext::TestSi EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(1001)); EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_TYPE_BUTT)); ret = PermissionManager::GetInstance().CheckMonitorPermission(); - ASSERT_TRUE(ret); + ASSERT_FALSE(ret); EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(1001)); EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_NATIVE)); -- Gitee From 661899e576c82feddfad4199584666bf1f1461e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=8F=B2=E6=99=93=E6=99=93?= Date: Tue, 29 Jul 2025 09:35:35 +0800 Subject: [PATCH 9/9] =?UTF-8?q?=E4=B9=A0=E6=83=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 史晓晓 --- services/implementation/src/cryptomgr/crypto_mgr.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/implementation/src/cryptomgr/crypto_mgr.cpp b/services/implementation/src/cryptomgr/crypto_mgr.cpp index 999d7f1a7..908c19b1e 100644 --- a/services/implementation/src/cryptomgr/crypto_mgr.cpp +++ b/services/implementation/src/cryptomgr/crypto_mgr.cpp @@ -214,7 +214,7 @@ int32_t CryptoMgr::DecryptMessage(const std::string &inputMsg, std::string &outp } if (inputMsgBytesLen < OVERHEAD_LEN) { - LOGE("invalid para"); + LOGE("invalid para."); return ERR_DM_CRYPTO_PARA_INVALID; } uint32_t outLen = inputMsgBytesLen - OVERHEAD_LEN + 1; /* for '\0' */ -- Gitee