diff --git a/services/sink/transport/src/distributed_input_sink_transport.cpp b/services/sink/transport/src/distributed_input_sink_transport.cpp index bbe6ffb09e4d8285ed46b0fde478cba8ba2a985d..abf5118c971d936c9e9e52e2314e2902f8d60c53 100644 --- a/services/sink/transport/src/distributed_input_sink_transport.cpp +++ b/services/sink/transport/src/distributed_input_sink_transport.cpp @@ -463,6 +463,14 @@ void DistributedInputSinkTransport::HandleData(int32_t sessionId, const std::str } nlohmann::json recMsg = nlohmann::json::parse(message, nullptr, false); + if (recMsg.is_discarded()) { + DHLOGE("recMsg parse failed!"); + return; + } + if (!IsUInt32(recMsg, DINPUT_SOFTBUS_KEY_CMD_TYPE)) { + DHLOGE("softbus cmd key is invalid"); + return; + } uint32_t cmdType = recMsg[DINPUT_SOFTBUS_KEY_CMD_TYPE]; auto iter = memberFuncMap_.find(cmdType); if (iter == memberFuncMap_.end()) { diff --git a/services/source/transport/src/distributed_input_source_transport.cpp b/services/source/transport/src/distributed_input_source_transport.cpp index 841b8cb370325d493edb2084ead5e525739a666d..e8676da751ed75805c69aadd3bdfb08d22526257 100644 --- a/services/source/transport/src/distributed_input_source_transport.cpp +++ b/services/source/transport/src/distributed_input_source_transport.cpp @@ -1470,6 +1470,14 @@ void DistributedInputSourceTransport::HandleData(int32_t sessionId, const std::s } nlohmann::json recMsg = nlohmann::json::parse(message, nullptr, false); + if (recMsg.is_discarded()) { + DHLOGE("recMsg parse failed!"); + return; + } + if (!IsUInt32(recMsg, DINPUT_SOFTBUS_KEY_CMD_TYPE)) { + DHLOGE("softbus cmd key is invalid"); + return; + } uint32_t cmdType = recMsg[DINPUT_SOFTBUS_KEY_CMD_TYPE]; auto iter = memberFuncMap_.find(cmdType); if (iter == memberFuncMap_.end()) { diff --git a/services/transportbase/src/distributed_input_transport_base.cpp b/services/transportbase/src/distributed_input_transport_base.cpp index f667a55dbabb02c235c923d0039a43831c218e3c..fb058e183b917f214fca05d776ff140b2e26e138 100644 --- a/services/transportbase/src/distributed_input_transport_base.cpp +++ b/services/transportbase/src/distributed_input_transport_base.cpp @@ -412,6 +412,14 @@ void DistributedInputTransportBase::HandleSession(int32_t sessionId, const std:: return; } nlohmann::json recMsg = nlohmann::json::parse(message, nullptr, false); + if (recMsg.is_discarded()) { + DHLOGE("recMsg parse failed!"); + return; + } + if (!IsUInt32(recMsg, DINPUT_SOFTBUS_KEY_CMD_TYPE)) { + DHLOGE("softbus cmd key is invalid"); + return; + } uint32_t cmdType = recMsg[DINPUT_SOFTBUS_KEY_CMD_TYPE]; DHLOGI("HandleSession cmdType %u.", cmdType); if (cmdType < TRANS_MSG_SRC_SINK_SPLIT) { diff --git a/utils/src/dinput_utils_tool.cpp b/utils/src/dinput_utils_tool.cpp index 48fc18638cff4f93a199fdc35b64ae94237c7962..0cda783c3d8c0137cb0ba7f5aad1b02168809f37 100644 --- a/utils/src/dinput_utils_tool.cpp +++ b/utils/src/dinput_utils_tool.cpp @@ -45,6 +45,7 @@ namespace { constexpr int32_t WIDTH = 4; constexpr unsigned char MASK = 0x0F; constexpr int32_t DOUBLE_TIMES = 2; + constexpr int32_t INT32_STRING_LENGTH = 40; } DevInfo GetLocalDeviceInfo() { @@ -248,7 +249,6 @@ std::string GetAnonyString(const std::string &value) std::string GetAnonyInt32(const int32_t value) { - constexpr int32_t INT32_STRING_LENGTH = 40; char tempBuffer[INT32_STRING_LENGTH] = ""; int32_t secRet = sprintf_s(tempBuffer, INT32_STRING_LENGTH, "%d", value); if (secRet <= 0) {