hotfix: correct minor bug in selection logic. Fix license report memory issue (#95)

Author: mscasso-scanoss

inc/scanoss.h

@@ -39,8 +39,9 @@
 #define WFP_LN 4
 #define WFP_REC_LN 18
 
+#define SCANOSS_VERSION "5.4.15"
+
 /* Log files */
-#define SCANOSS_VERSION "5.4.14"
 #define SCAN_LOG "/tmp/scanoss_scan.log"
 #define MAP_DUMP "/tmp/scanoss_map.dump"
 #define SLOW_QUERY_LOG "/tmp/scanoss_slow_query.log"

src/license.c

@@ -395,7 +395,7 @@ void print_licenses(component_data_t *comp)
 	}
 
 	/* Open licenses structure */
-	char result[MAX_FIELD_LN * 10] = "\0";
+	char * result = calloc(MAX_FIELD_LN * 100, 1);
 	int len = 0;
 
 	len += sprintf(result + len, "\"licenses\": [");
@@ -426,4 +426,5 @@ void print_licenses(component_data_t *comp)
 
 	asprintf(&comp->license_text, "%s]", result);
 	free(license_result.license_by_type);
+	free(result);
 }

src/match.c

@@ -351,22 +351,29 @@ static bool component_hint_date_comparation(component_data_t *a, component_data_
 			return true;
 		}
 
-		if (!purl_vendor_component_check(a) && purl_vendor_component_check(b))
-		{
-			scanlog("Component prefered by vendor+component=purl\n");
-			return true;
-		}
 		//Look for available health information
 		print_health(a);
 		print_health(b);
 		int health_a = a->health_stats[0] + a->health_stats[2]; //add forks and watchers
 		int health_b = b->health_stats[0] + b->health_stats[2];
 
+
 		if (health_b > health_a)
 		{
 			scanlog("Component prefered by health: %s = %d vs %s = %d\n", b->purls[0], health_b, a->purls[0], health_a);
 			return true;
 		}
+		else if (health_a > health_b)
+		{
+			return false;
+		}
+		
+
+		if (!purl_vendor_component_check(a) && purl_vendor_component_check(b))
+		{
+			scanlog("Component %s prefered over %s by vendor+component=purl\n", b->purls[0], a->purls[0]);
+			return true;
+		}
 
 		if (!a->purls_md5[0] && a->purls[0])
 		{
@@ -383,10 +390,16 @@ static bool component_hint_date_comparation(component_data_t *a, component_data_
 		}
 
 		if ((!a->age && b->age) || b->age > a->age)
+		{
+			scanlog("Component %s prefered over %s by purl date\n", b->purls[0], a->purls[0]);
 			return true;
+		}
 
 		if (b->age == a->age && !strcmp(a->component, b->component) && strcmp(a->version, b->version) > 0)
+		{
+			scanlog("Component %s prefered over %s by version\n", b->purls[0], a->purls[0]);
 			return true;
+		}
 	}
 	/*select the oldest release date */
 	if (strcmp(b->release_date, a->release_date) < 0)

src/quality.c

@@ -57,13 +57,14 @@ bool print_quality_item(uint8_t *key, uint8_t *subkey, int subkey_ln, uint8_t *d
 {
 
 	match_data_t * match  = (match_data_t*) ptr;
-	char *CSV = (char*) data;
+	char *CSV = strdup((char*) data);
+	CSV[datalen] = '\0';
 	char *source  = calloc(MAX_JSON_VALUE_LEN, 1);
 	char *quality = calloc(MAX_JSON_VALUE_LEN, 1);
 
 	extract_csv(source, CSV, 1, MAX_JSON_VALUE_LEN);
 	extract_csv(quality, CSV, 2, MAX_JSON_VALUE_LEN);
-
+	free(CSV);
 	int src = atoi(source);
 
 	scanlog("Fetched quality %s\n", quality);

src/url.c

@@ -418,8 +418,8 @@ bool purl_vendor_component_check(component_data_t * component)
     if (a && b)
     {
         if (a == b)
-            return false;
-        return true;
+            return true;
+        return false;
     }
     return false;
 }