No Free of Third Parameter Value

This checks free statement for a parameter object from using a Tizen API such as "app_control_get_extra_data" and "app_control_get_extra_data_array".

but, function list can be modified. (we will add more and more) => this checker should be a general purpose.

thus, checker config can be like below:

{
  "code": "CHECK_FREE_STMT_THIRD_PARAM",
  "name": "Checking Free Statement for a parameter object",
  "type": "BOTH",
  "categoryName": "Tizen",
  "severityCode": "CRI",
  "version": "2.5.32",
  "description": "You should have free statement for a parameter by calling ${methodName}",
  "isActive": false,
  "properties": {
    "method-list": "app_control_get_extra_data, app_control_get_extra_data_array"
  },
  "cwe": 0
}

${methodName} : it should be replaced by a real method name that you found in a source file.
"method-list" : it should have value that divided by ','(comma). for example, "methodName1,methodName2,methodName3"
you have to check method name that divided by comma.
- so far, we have two method name : system_info_get_value_string, system_settings_get_value_string
- you can get this value by calling : String value = Your_Checker.getProperty("method-list");
- for now, we need to check just for third parameter of method
- and the free statement of two method are different.

refer to below example:

Field

Contents

Category Tizen API (Memory Management)

Severity Critical

Title

The list of interfaces user needs to release the memory allocated by "Application Control API"

Description

int app_control_get_extra_data(app_control_h app_control, const char *key, char **value)

Bad Code

char* strName = NULL;
result=app_control_get_extra_data(app_control, "view", &strName);
...
  
return;

Clean Code

char* strName = NULL;
result=app_control_get_extra_data(app_control, "view", &strName);
...
  
if(strName)
{
    free(strName);
    strName=NULL;
}