• New Defects reported by Coverity Scan for Synchronet

    From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, May 15, 2022 14:21:36
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DydxU_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBFuABnUyJaq9tIPnxNGHvUHfn-2FEs4rmiZ58dJJKW0Rw4vbT8vOZ-2B-2FIK2Zj4p6nKLmNHixrx22LnmeahT7mTLaFyfSOUbJ-2FO6dB7h79JrqiWOXdisq19eKvZGuP4Coh8vCBLvwXDdd-2BAUFOBu2eljufgv3fL-2FUe4FEfyP3VQC13XQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, May 19, 2022 12:55:33
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dn_Ny_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBtChI0HMBLLgbtg4iK0ZBLckadzL2rh999wqCBLjUQOAwF8dtaVz7gxU-2FnyoWZ0fYB9lz-2BAL21S4nm5ynRsrF4CzzsHAV4YDUwZ4mt7xFXW-2FLzwctZdf-2Fli0pUwuQSrp5WUr10-2FFdk45SSfJ0ONypqdlwJUuEQR8Jk7zTIeIcxqg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, May 25, 2022 12:52:05
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D1bce_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAtQDdFoFvKLSTB2a9pKZEuM8hGEkwPTR2OqdY8yoo4APy8jPEGSL9Gvq9UBEyTPVxEK9dinqx-2BmMjxYRwoDe0yfwUDa-2BRTxVs8dIFc93eZoFTQKwuwq4sQP1uVIuQyzdIt1qSzCeItfVidpehym1LOd2wYj5HS2HE4PSM4syXSfg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, May 27, 2022 12:52:09
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DvENn_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBUSHkrYkiP9AfzyBevLLyaQmAohHVfhNGBMl9LHex6nEbFzhM8spcU29jiUvTfGhPZhkYCR54IJZ0Sw4ahluPsBpq5QRFRHHEczXtvcsvikTAZiCtqssOPtycvq2lMkLo3BulnYAjLIT0Fhc4p1jN6TVdMSnbk7y7DST5QyJ7L8g-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, May 31, 2022 12:55:11
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-31-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-31-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-31-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-31-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dp1GC_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBdvk-2B0-2BIZkfCADJQR1mrKyfm2otuw-2Bb-2FMkvJzDtgojpgaDAEQMWzw6veEUc9wdmuf-2FRdkvjouIgGQqYQz65SCtWA6zbN6GERIGjrhLDEt6Da-2BnelrfKGNdjQ1vgtfwj7TvPtIFnYXYOjNuu4Sl5Iv4lIjPFztzpPfj0thtc0FnhqUQTVnOGaUal3up1MlB9Vc-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, June 07, 2022 12:55:18
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DusTJ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBOYO2aePjbiW1uaK4l54oAC4k5wjGGoVxArXl-2FmK183PD4P1v0lF-2Fd-2BeEXkAiJsZaK2dcN9gNa1ZwpHc5fiduEAFYgpPdG4vofxjwIOviEgONOVGGier7DWivKstj7NIINU4zo7yDNE1H0Jh0A6HjeJvudu9G8oyNPR9PpwohpIw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, June 10, 2022 12:55:45
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DqHqv_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAWuHsnB-2FLrspWilJhqsED2sesuNewdrhzP23PhoOY8vkHczKWlQDGJIROx7aS5epBi-2BP-2F4gixKslunCC6FmSKv-2BOxihCzB0L7dYL9GRTbFGBuEgf6CesHuUIbt47QSnz6Jvq1WFoRYAshdhIa-2BwfHur6GAuR2jJ1BdYYzz0qmFHA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, June 12, 2022 14:25:44
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DR2nt_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrArv4-2F8duyvx55KEQM-2BhUGp3PJjIGk0Lp4eH3-2F8wtn7zPLPR8UJ7iJk2wm4egz8xB2CuxzQFzJQ5padW0K5PRRwsCsOBuPaO4olMOPpyNraXO0B6AFn6a63kn1OObnGAYQcABrjus7guHkGh6Nu-2BfuVpYcfxWS6wDxr-2Fd5RW0WuNw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, June 18, 2022 12:51:28
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DMbvL_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBDYJ2f4enx1p2wCbk10ZgMqyO6BeLASC67kvvilobFV8z7xBcEruOQg1uBkbNaFscbbjeFzHBPzjQ0pOJQMqjmtChpTjNTLNHPLaWjGd0xBxTKNOAts8DNLx8-2FMJJrsS7xZ3MgmHoEqgpy2-2BYuezE9DdZtivCrRqJVPzCaVICvKw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, July 01, 2022 12:50:58
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DOVQJ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAuuz4jQMj41d405aQ6v8YzfLP7JftuVm6TLEWTHsBDleNu-2F8WlibOlzefOmmqCYELf6VUWiNjdUZeja0qhG9TkfpHiFuMZu29j7RRYRCUKhqijiVu922kbOWxUTb4hA5AX1kRyGrLkVZVo8PyH-2BBXFVXnQ-2F00V3OAdmwsL9YrtLQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, July 03, 2022 12:55:58
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DOXzq_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDm4aaeO2FdNjtneI8PJeMcsZan3lAlrX1Dl91Zhj8ct7TSEIpNfGktc3Ys0Y-2FiDD1II-2BUlqlyIMwEUhGjiF0VEqwOjWJ7zsXng0nhrHmH1wqccSOY66Vy3wyAHZozp6VeR-2BavVHe90JuxbHg54wXQxV2ueuu-2BxB7py5PATN7M-2BHQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, July 12, 2022 12:51:15
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D431d_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCLA9LjB0vw5tZyCe0LsSSDe4k7ta-2F4Q9hcGNJ58BqUgTyDr3AqGZqHGyXvp3YQZjUGrCliIghdomaFqW-2Byg0kwZGMoQBzonQ-2BKQK8wkj-2BMR-2Fann5QNhI73BYJ3yVR5FwBsFVjT9pj4mXtHZGkIVwu7Uahx3rWaEbr3KaqMJZ5i5A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, July 15, 2022 12:52:00
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D5zOH_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBHNC5gSyHJ5gJek3k-2FZt62TXKkMSkzM2yPpcOvHWpRI-2Beia-2BpXeQCZ6y2AWJaQtduznp65HyPPBeHe2Ebb9gLsQZE2qTovdoCNWCJ1iYowWHa5iCSS50sPzEbfxM3wkyI75su6WRFYPV5jsPSiX-2B2YDZK2TptGamkqlj2-2Bej2MtQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, July 21, 2022 12:53:04
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-21-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-21-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-21-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-21-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D6yWG_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCm6sJaj-2FdqFt4v4rFD08Et7-2FF6T7ATxWoC27y7XvXHm3Q0aCn-2F00XA9lhxQTK5K8340OSPZ6mWiLBApWPExiW6B28A5TNV3Dzmu5GJNXC-2Bn04NNtHEWjUBRDEagNOXtI5rwQJf7pOTla7xwAqzUruO0q8043PrdRjiQLITeWpdhQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, July 24, 2022 14:22:11
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DgmOj_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD9i414ygVdH8am0h9Qj5triXoqHSarf-2BvzPSIfmRwrwlLkpkEMn71POy9Q3-2BsaG-2BseVnbf7HbgBn22Q42aFEKXakrBGqfcSZBC-2B3AsGAb60K8YA1N8lql5DMDx0gpdy8-2B7NAv5ojeU-2B5ppJUzXNPQ8pZ28Y362pdUWKtq0xNWg-2Fw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, August 03, 2022 12:53:31
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DDArm_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBlgwMProETcJ36y3PJ-2F2HvKnYyGO-2FDAN-2F2bF9je5isurJ6nESF0nJXbMH2hpRsTEa3K6MwxfVoMrbTkYvLRXxrkRJ738qZfXzUhmgfTBe44ydnycyCvOUcsDFJ3cN-2Fh3Ibax-2Fq8oaS3-2Fa0a1iCcit4LdKKN5ZVdb-2FTjSzKBZOe-2Bw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, August 08, 2022 12:51:11
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DT_Z4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA4mrFJdqfCMRYjU2DOEluHUrdjapY-2Fn-2FrZQFhatSXX1Lw1uHttBejEI9ZRT07n5UOdpYj61ddJQlDdmPpqYD9ZHozz7ljCv64BFO6XMrViDyf6CI1aXOyQDbJp4CTGcn-2BLSPcE4nkR5YlibCA91MQEai2qlsfz0tiIm5RtkEF2-2Fcj4Ys9RMtz92Y4HOmmXYcM-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, August 10, 2022 12:53:38
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D27bs_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDT-2BJWjPHos031vxsq5w-2BCgX3t-2Fy-2BxDBi1pocEvhNbX6rFMfsmuyE-2BMya3ly-2BRAfvVQTOOXVIV2P-2FYeXutHTCTKht91xRGpuuPfeERLQuAo57FeDddDItbz9cyoitLaJhdqaPw-2BWtSVFfSRyywUqLt8SKHY5svjvH6nWkTT9sujqw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, August 14, 2022 12:55:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-14-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-14-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-14-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-14-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D1KiJ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBK9ekjkW8PTQSzsReo6xsKPbCz0EPZFO315naGFusdX6fAPgVDPuISyq2MWCaabyfPzGo11EH1gBRUm1wK1mw7QFRqv7fdhZZeyZ-2Baauu6JH-2FAl9-2F-2Bvmotdtpnti0eRnem8EDTTSmENGNibI0inRn6YiCBvtbv1mNuj1kN3f2CqQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, August 16, 2022 12:51:49
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-16-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-16-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-16-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-16-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DvVUN_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDsbak0uHllwiVD4gerWysgrStdJaKwp6VQOWDUZQgaccFtkEYVbUKDElMqrHw0bjlkrwQPepUn55Oo0O2CKHDi1dso2ejp491LFXWz9-2F2Qm7LFG8imS-2F5FxJAbdxFazb9PMD1p7AA9vBNt3NifZeafMQwBRAj17VAAtKM8944YaQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, August 19, 2022 12:52:46
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DknCE_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAm-2BQCb9-2F-2BctfHN7nes2HQ4e-2FuViwvGc838Di71od-2Fkm-2FKXnhMO2rHW9kylh0GkI6NQTh1N6urX1T3zjOe7IPrZ7KCoE0Zsyon4reJJL7TrI5yKlw7RMh1ehtrjseErARo7hZnn5BLrtGPy3WFxmvlbQ2BFfAG-2B2PaRdEhMxHj-2Ftg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, August 22, 2022 12:56:48
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-22-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-22-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-22-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-22-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DWx9y_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBlbf3dYbUyrVjHAFR-2B5ViZ12XOeiHkHyIX28VtChIp0madSLCYXyquC3w9dT2ZcMVQORGLpIXsrWXbeLk6GAowmAefmKbjlw5BqhvpRcshjH-2Bcqpb50NWBSFJxGElENTsc7JMuiGxnt-2FRiBLRyIu6HIPTTBfS4CZwUNeWkPMDTPg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, August 26, 2022 12:51:47
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D-HIn_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAxO1k1QweYJ7WrlpkJ5xVfXupLhdoHYRieWNYhqHmChE1y5g2zsuqPz5fK7W8AQOXkW9Ndk8tkoWhateyX9-2B3WzcOPHYK1PRy7kLSsRy-2Frq-2FZZLfqyrX1REWQhPSKcnAdN8UkOW8dY-2BrgS6FE2QFWASyHxXrFbY0WZ1sitY-2B55XhxS71pYOINQDPPZdDQuvN4-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From DesotoFireflite@VERT/VALHALLA to Digital Man on Friday, August 26, 2022 12:15:07
    Re: New Defects reported by Coverity Scan for Synchronet
    By: scan-admin@coverity.com to cov-scan@synchro.net on Fri Aug 26 2022 12:51 pm

    Just curious, should we avoid updating on days where coverity scan finds errors.

    SysOp: C.G. Learn, AKA: DesotoFireflite
    Valhalla Home Services! - (Synchronet) - bbs.valhallabbs.com:23
    A Gamers Paradise - Over 250 Registered Online Game Doors!

    --- Don't eat the yellow snow!
    þ Synchronet þ Valhalla Home Services þ USA þ http://valhalla.synchro.net
  • From Digital Man@VERT to DesotoFireflite on Friday, August 26, 2022 20:14:17
    Re: New Defects reported by Coverity Scan for Synchronet
    By: DesotoFireflite to Digital Man on Fri Aug 26 2022 12:15 pm

    Just curious, should we avoid updating on days where coverity scan finds errors.

    If they're new errors, then maybe so, but those same 2 errors in the js/configure stuff keep popping up and then are flagged as resolved, over and over, even though I have the 3rd party stuff excluded from scan results. Just looks like a Coverity bug in that case and you can ignore those 2 errors specifically. Someday when we upgrade the JS library, they'll likely go away.
    --
    digital man (rob)

    Rush quote #32:
    Begging hands and bleeding hearts will only cry out for more
    Norco, CA WX: 76.2øF, 59.0% humidity, 4 mph S wind, 0.00 inches rain/24hrs
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, August 28, 2022 12:52:48
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DV18K_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrACS7uZ76VULmXyroFYF1DLXVMTiDOxlzrfHYed1o03ncaWBda2dFNWW2Hixf7xngdu6i1noe7yueHIvWj1dl920Svniw5GGjW9HLBxKGX-2FSx7lz5vbhC0gtQDK5rEyh-2F2h8u3JF0w-2B6L-2FDlltOBYKBaZvwJRaNOzf1vilcObilwg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, August 30, 2022 14:03:46
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DwusC_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrADcbE1sBgjquBCUlDQ8IOfFlWO-2FDoF5mTEOilZ8VbcnOHwaFGCJQ-2F87xF-2B91bb1qcnMfoUvHg1VucAQW5Ad4ATebxmTxQgLu1XnCUwElomg2cWu9biVNGJ5X0s2Gs5BpHDdnd5l6d-2BXuiqwOiD8lZkUS-2FFPf1PhFeJp73ohdD-2FFQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, September 04, 2022 12:53:50
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-04-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-04-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-04-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-04-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DCM5X_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBSgIrsC3Mij0NNyASUuhGVC9AxF-2FzOJcOUQltHfK-2Bjpp0n8lQbKkFYfm0eFh2PxLKAZtOV-2B5wpoT-2BQoMZdBldZiNruwVm72-2FvtVfUk1MQ9aOsUOOmvQzVv5-2BSlbPEnHfwYsVPMR8LHV6nQ4QPHea23zy6vx60Tja0wY-2FrIBkZBAg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, September 08, 2022 12:52:30
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DP3zl_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBeRFTbvxO3gzf-2B9N8Hbfpe0D-2FLRT-2FfF06CkOEcbjiQMUfULpUPCZojTbaIuTdxLVjt73Bs9s2n-2FSCxd2KljBI7EGcrxyv4QJAlbCE3HgcGJc4XGXVes-2FeUSvC2mjsqD44vMASnWmHqR548W-2BGpkc0zvk5g3tc2lNCxV3s-2FmQk78w-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, September 11, 2022 14:30:09
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-11-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-11-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-11-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-11-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DIXvs_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBBszUTtWWnGJdXyT5xEm5FZnqGzRBd6CGp63wqJhdtbFGUK49b7olj1p1dZstBnn-2B9YddIU0-2FK0PPk0HckYCwbwkYRzWnJCxgUWVEj9lwLhxyW7BWmqpPTSJOQScJKqHgGXC2-2FDDpxiFm8k-2BNBfz50ziwa1HZCRT45eMNL12NEUg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, September 18, 2022 12:56:43
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DdWGy_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCpHtGnw30-2FOqvo1pAy2SGBqjQmOGKxc2EEJkp0vVrRau002dcFlZtgdGsTEGYiCIodrLO15MsdGQ-2B6R0eWF86NDylNr2VT4byUwEteXPq58ecnCSR78nNWesX-2Bpt536BZfUGrkDlzEPgkER7nzkS2aAB4ykKBf-2BRhrQlMmq8ibcw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, September 20, 2022 12:52:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-20-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-20-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-20-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-20-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dkc7D_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAbXwJrxZ-2FiWBLA-2F5YSUM2NJpS0x3r0Iqc5VSiqg4Dls8Q1sZCeIICe8tQpXazoJv3V595PwvnFnciueWucMCPiL9MlQsG9gEt3KAEXqvqved4OcAJiCYGTm-2FLaI8FvSTyL76ILjL9j7pGDGIp-2Fo2g8Ptdp6Yd3t3EP6X8t-2BBqXkA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, September 26, 2022 12:52:35
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DVguD_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDe7yavcdz60wD46odg8lieKuNPdfkVNLd7wmh7xV98FIXppP1oBjmr6vrNOB3wHG7QkCEV3-2FN286b8tc7o32cAklCia9pGrfmnO5iLkT6lxqEbP0nJ5WIw9N7hzQ8q-2FRC3-2BlOWyB-2F-2BAfIvepGd9W8VIreEGO7pxijsNPsgRaa0Qg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, September 30, 2022 12:52:47
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DG7WG_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCbriSopUouvvs-2BMzK5kV2CGZV8dyI07iePMyVIlTeusqH6SCjkj1i-2F2aVIUDy83u-2FD4333Uew0kkY2MgHuxhyLPkDBCzYS0b7U2DCAg8f6ySOhldw0qZzJYEGh-2BZjWV-2B7byadLVeFWrU4EOexczn5eE4CVwOlx7WBnGrrbcEcTlD3C5jbV9kzGLcjJfdCfEKQ-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, October 02, 2022 14:23:39
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-02-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-02-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-02-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-02-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DlsaR_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCUXpDDrIOr9yadKPlupIaVxxRIKm0rYMSQw4RjbMw0Ap2bBzGbfz6SXXKaAQy4za7zzoo1NlWcBMdSBRoPT2HHcOCyxRjWPLC1F85U-2FMjvzfc1wgNn3q9I8a3-2Bc5iGgpy7isnOh2NJ25gL-2F-2F6Gs8kbAFpbmo2s4xhkqrFTuoAEf4Nf23XsH7-2BLT9wShyBbZ2c-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, October 06, 2022 12:52:49
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-06-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-06-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-06-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-06-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dtq5x_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBUMGDQvjMRhpgRrBjlpIVG18an1EzP-2Bprex3xAnJUVK7dxEsGHPLkQ3tluaEtdpWvhqMxB8f7tHdLW-2BzuSoRMoV4kmxsmZMS1fS7etNZq3WX5P8DPddTcVcU2fpG24PwW9TtMezFApzXJ2Ly7PNDdjUAeSmsVBi9VN-2FLaE2iCGAQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, October 10, 2022 12:54:28
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D5oFr_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD3dlvBesMAqsoEiimMHM0v65-2FKTSe-2BSi0T8Lvg4KCLkzgD23bNrKInias-2BuFVh3a-2FNlOj2xWjdSCojRJ-2F26N-2B-2BOIYYSEu2tp1XQ3jpv7AGTxApeUgr-2BViT46JAOL8C7WHHoWPXowUbVFKEQXYvc2LE66yToKGX6HvQ9UYBaXegiw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, October 12, 2022 12:51:27
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D2Ut9_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD7JL2-2Bn1KQxGrSj7g3Xl4-2FF0EmdjGlaC9tdJOyOJaZ4nH90wNLOGLBSSNYSHwsg7xbbU1IzxN6nGyPlrVvu-2FQuaYl0jnTKx7NMaATng0oK7ijxUAlQGdEUzOLziQDn0EYHa9Ufqk-2Bx-2FYF-2BHiXN3yNdFjpqCLhERedKZNQ-2FzTRjqg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, October 15, 2022 12:52:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DmYLr_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAzGTomwMMKevG32kv265WTtYYihMpygby11-2BYhY9onCGXc5VdafJ1-2FoQwtKf-2FtWgrIU0MnUmTcm6N-2FD7OavauEBJLW-2Fga7xPcsebBOCaGgJDbdK3Wvdwu95ePQ53szBrlyp0RzvC3qZKo1CmI8zUhs6yOCi3rlQjqYJznUtI37rw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, October 19, 2022 12:52:36
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DHv3g_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBmo2CBarK7AeJ-2BvGybBYg1xJ2oOCrU-2BsDnnGsM4uRuGqUUsdyHSYGtuOuEqEwtBrMB1JlZpYm70nE7RJLvugAEDnIP4fuNwYpPQI9wlgF2FbUVTcDt4fyjI0kSUMY8dxhBvkpf6mUOEZ9nADL7pIqU0FWwO2q1HGTwLibHjFg8DA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, October 22, 2022 12:54:38
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 319174: Memory - corruptions (OVERRUN)
    /ansiterm.cpp: 253 in sbbs_t::ansi_getxy(int *, int *)()


    ________________________________________________________________________________________________________
    *** CID 319174: Memory - corruptions (OVERRUN)
    /ansiterm.cpp: 253 in sbbs_t::ansi_getxy(int *, int *)()
    247 }
    248 start=time(NULL);
    249 }
    250 else if(ch=='R' && rsp)
    251 break;
    252 else {
    CID 319174: Memory - corruptions (OVERRUN)
    Overrunning array "str" of 128 bytes at byte offset 128 using index "rsp + 1UL" (which evaluates to 128).
    253 str[rsp + 1] = 0;
    254 #ifdef _DEBUG
    255 char dbg[128];
    256 c_escape_str(str, dbg, sizeof(dbg), /* Ctrl-only? */true);
    257 lprintf(LOG_DEBUG, "Unexpected ansi_getxy response: '%s'", dbg);
    258 #endif


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DK_2s_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBAK7NMQrSWVEBsHKlmstIvrmkQZ4VSw65lIFsHIJE6jS1GesXnVlCsTGpLR5qUUdd80zgEid6EVHMp1cssCJZ5Tiakh2Ds7teXqaDAU0go8cndC2e-2F9xJVI0PdiCdZoL9iimHBtruzexyq-2B0TsWi7DCKM2-2BTEO2i1G-2B5X3hGWn-2BQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, October 23, 2022 14:23:16
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-23-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-23-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-23-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-23-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DwnYI_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAHddxg3ska2UzvTTb0PY1RzN2UdoywyhD8tis6P-2BvgkMNyWv6RmRyMgS3sJLl8ZpLf6WzrRJiE-2B9GO7tg9EAeHIZ4GR8nuys4umsHzAZyM3sIEhar7-2FN2OIsEB3STwn3CB2fmyNGXUj6XSQvwcMSD3tMfH0ZH3taBjLe7erlcR1snMjh3Hqpgks4HgZ72daPQ-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, October 25, 2022 12:54:42
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DdnAF_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrApVtS6Rwbu63kvpClASHCFaYIfALTUp-2BaKUo9Y3-2BlueaeG5ADtfFc-2FVev1BbaaRN9O33-2Fd5V-2BqmkLgr8Ix6rUVpri6qJWhGlhFaDO0jPJLcX3gfCivlD1R090K1YhCsXENV7MGUVxQDzE-2FZcP5k0OVNl93u-2FeYZ-2B-2BvcGCsC-2Fmgcw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, October 27, 2022 12:52:32
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D_buA_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDc5XkaNGLS5DAizQSAhxPP2fiFsD8CH8nhIKgyJVYrFYa-2F8Vp0IzMcG6NHQzke3FDchUoVZQQzOZD1LTba-2BThDJJHbigRkpopzhmCwoAB-2FNzgPhQNgXaTSERTdR0LidYupfur7MhSdTiRyMaZRuFRjjPf4EJu85-2Bqk6ooo189XLw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, October 29, 2022 12:50:30
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-29-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-29-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-29-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-29-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DNVUm_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDHjtjPH9dPJ2u17EI8n0sCIvPq9pIyYSROpekoA7Rw48AO65IxFyqHCs3NLwah22hp8sQDJFO-2BCr9fORgAhFjOvF3NUuMxC96sY-2FdSanzqVnj3VGFQLjW4q3lFLSAU12G-2BkgqEc4U-2Fgv52PKdFwYlvzm3EJ-2Bcr7ofA5XFHlIXhkA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, November 10, 2022 13:38:00
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    89 new defect(s) introduced to Synchronet found with Coverity Scan.
    14 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 89 defect(s)


    ** CID 376409: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 376409: (SLEEP)
    /tmp/sbbs-Nov-10-2022/src/conio/sdl_con.c: 674 in sdl_add_key()
    668 setup_surfaces();
    669 return;
    670 }
    671 if(keyval <= 0xffff) {
    672 pthread_mutex_lock(&sdl_keylock);
    673 if(sdl_keynext+1==sdl_key) {
    CID 376409: (SLEEP)
    Call to "ciolib_beep" might sleep while holding lock "sdl_keylock".
    674 beep();
    675 pthread_mutex_unlock(&sdl_keylock);
    676 return;
    677 }
    678 if((sdl_keynext+2==sdl_key) && keyval > 0xff) {
    679 if(keyval==CIO_KEY_MOUSE) /tmp/sbbs-Nov-10-2022/src/conio/sdl_con.c: 682 in sdl_add_key()
    676 return;
    677 }
    678 if((sdl_keynext+2==sdl_key) && keyval > 0xff) {
    679 if(keyval==CIO_KEY_MOUSE)
    680 sdl_pending_mousekeys+=2;
    681 else
    CID 376409: (SLEEP)
    Call to "ciolib_beep" might sleep while holding lock "sdl_keylock".
    682 beep();
    683 pthread_mutex_unlock(&sdl_keylock);
    684 return;
    685 }
    686 sdl_keybuf[sdl_keynext++]=keyval & 0xff;
    687 sem_post(&sdl_key_pending);

    ** CID 376408: High impact quality (Y2K38_SAFETY)
    /con_out.cpp: 1141 in sbbs_t::ctrl_a(char)()


    ________________________________________________________________________________________________________
    *** CID 376408: High impact quality (Y2K38_SAFETY)
    /con_out.cpp: 1141 in sbbs_t::ctrl_a(char)()
    1135 ,tm.tm_hour==0 ? 12
    1136 : tm.tm_hour>12 ? tm.tm_hour-12 1137 : tm.tm_hour, tm.tm_min, tm.tm_hour>11 ? "pm":"am");
    1138 break;
    1139 case 'D': /* Date */
    1140 now=time(NULL);
    CID 376408: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->now" is cast to "time32_t".
    1141 bputs(unixtodstr(&cfg,(time32_t)now,tmp1)); 1142 break;
    1143 case ',': /* Delay 1/10 sec */
    1144 mswait(100);
    1145 break;
    1146 case ';': /* Delay 1/2 sec */

    ** CID 376407: High impact quality (Y2K38_SAFETY)
    /str.cpp: 841 in sbbs_t::timestr(long)()


    ________________________________________________________________________________________________________
    *** CID 376407: High impact quality (Y2K38_SAFETY)
    /str.cpp: 841 in sbbs_t::timestr(long)()
    835 }
    836 return(result);
    837 }
    838
    839 char* sbbs_t::timestr(time_t intime)
    840 {
    CID 376407: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "intime" is cast to "time32_t".
    841 return(::timestr(&cfg,(time32_t)intime,timestr_output));
    842 }
    843
    844 char* sbbs_t::datestr(time_t t)
    845 {
    846 return unixtodstr(&cfg, (time32_t)t, datestr_output);

    ** CID 376406: High impact quality (Y2K38_SAFETY)
    /websrvr.c: 1606 in http_logon()


    ________________________________________________________________________________________________________
    *** CID 376406: High impact quality (Y2K38_SAFETY)
    /websrvr.c: 1606 in http_logon()
    1600 else {
    1601 SAFECOPY(session->username,session->user.alias);
    1602 /* Adjust Connect and host */
    1603 SAFECOPY(session->user.modem, session->client.protocol);
    1604 SAFECOPY(session->user.comp, session->host_name);
    1605 SAFECOPY(session->user.ipaddr, session->host_ip);
    CID 376406: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "session->logon_time" is cast to "time32_t".
    1606 session->user.logontime = (time32_t)session->logon_time;
    1607 putuserdat(&scfg, &session->user);
    1608 }
    1609 session->client.user=session->username;
    1610 session->client.usernum = session->user.number;
    1611 client_on(session->socket, &session->client, /* update existing client record? */TRUE);

    ** CID 376405: High impact quality (Y2K38_SAFETY)
    /js_global.c: 827 in js_time()


    ________________________________________________________________________________________________________
    *** CID 376405: High impact quality (Y2K38_SAFETY)
    /js_global.c: 827 in js_time()
    821 return(JS_TRUE);
    822 }
    823
    824 static JSBool
    825 js_time(JSContext *cx, uintN argc, jsval *arglist)
    826 {
    CID 376405: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "uint32_t".
    827 JS_SET_RVAL(cx, arglist,UINT_TO_JSVAL((uint32_t)time(NULL))); 828 return(JS_TRUE);
    829 }
    830
    831
    832 static JSBool

    ** CID 376404: High impact quality (Y2K38_SAFETY)
    /sbbs_status.c: 638 in status_thread()


    ________________________________________________________________________________________________________
    *** CID 376404: High impact quality (Y2K38_SAFETY)
    /sbbs_status.c: 638 in status_thread()
    632 closesocket(*csock); 633 free(csock);
    634 lprintf(LOG_WARNING, "Invalid syspass: '%s'", p);
    635 pthread_mutex_lock(&status_thread_mutex);
    636 continue;
    637 }
    CID 376404: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "time32_t".
    638 client.time = time(NULL);
    639 listLock(&status_sock);
    640 listPushNode(&status_sock, csock);
    641 for (i=0; i<SERVICE_COUNT; i++) {
    642 /* SERVICE_EVENT doesn't have status, just logs */
    643 if (i == SERVICE_EVENT)

    ** CID 376403: Control flow issues (DEADCODE) /tmp/sbbs-Nov-10-2022/3rdp/src/cl/cryptses.c: 414 in sessionMessageFunction()


    ________________________________________________________________________________________________________
    *** CID 376403: Control flow issues (DEADCODE) /tmp/sbbs-Nov-10-2022/3rdp/src/cl/cryptses.c: 414 in sessionMessageFunction() 408 REQUIRES( setAttributeFunction != NULL );
    409
    410 /* Perform any protocol-specific additional checks if
    411 necessary */
    412 if( FNPTR_ISSET( sessionInfoPtr->checkAttributeFunction ) )
    413 {
    CID 376403: Control flow issues (DEADCODE)
    Execution cannot reach the expression "sessionInfoPtr->checkAttributeFunction.fnPtr" inside this statement: "checkAttributeFunction = (S...".
    414 const SES_CHECKATTRIBUTE_FUNCTION checkAttributeFunction = \
    415 ( SES_CHECKATTRIBUTE_FUNCTION ) \
    416 FNPTR_GET( sessionInfoPtr->checkAttributeFunction );
    417
    418 REQUIRES( checkAttributeFunction != NULL );
    419

    ** CID 376402: Program hangs (SLEEP) /tmp/sbbs-Nov-10-2022/src/conio/sdl_con.c: 235 in sdl_user_func()


    ________________________________________________________________________________________________________
    *** CID 376402: Program hangs (SLEEP) /tmp/sbbs-Nov-10-2022/src/conio/sdl_con.c: 235 in sdl_user_func()
    229 default:
    230 va_end(argptr);
    231 return;
    232 }
    233 va_end(argptr);
    234 while((rv = sdl.PeepEvents(&ev, 1, SDL_ADDEVENT, SDL_FIRSTEVENT, SDL_LASTEVENT))!=1)
    CID 376402: Program hangs (SLEEP)
    Call to "nanosleep" might sleep while holding lock "sdl_ufunc_mtx".
    235 YIELD();
    236 break;
    237 }
    238 pthread_mutex_unlock(&sdl_ufunc_mtx);
    239 }
    240

    ** CID 376401: (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 376401: (OVERRUN) /tmp/sbbs-Nov-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsobj.cpp: 4811 in js_DefineNativeProperty(JSContext *, JSObject *, long, const js::Value &, int (*)(JSContext *, JSObject *, long, js::Value *), int (*)(JSContext *, JSObject *, long, int, js::Value *), unsigned int, unsigned int, int, JSProperty **, unsigned int)()
    4805
    4806 /* Store valueCopy before calling addProperty, in case the latter GC's. */
    4807 if (obj->containsSlot(shape->slot))
    4808 obj->nativeSetSlot(shape->slot, valueCopy);
    4809
    4810 /* XXXbe called with lock held */
    CID 376401: (OVERRUN)
    Calling "CallAddPropertyHook" with "obj->slots" and "shape->slot" is suspicious because of the very large index, 4294967295. The index may be due to a negative parameter being interpreted as unsigned.
    4811 if (!CallAddPropertyHook(cx, clasp, obj, shape, &valueCopy)) { 4812 obj->removeProperty(cx, id);
    4813 return false;
    4814 }
    4815
    4816 if (defineHow & JSDNP_CACHE_RESULT) { /tmp/sbbs-Nov-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsobj.cpp: 4808 in js_DefineNativeProperty(JSContext *, JSObject *, long, const js::Value &, int (*)(JSContext *, JSObject *, long, js::Value *), int (*)(JSContext *, JSObject *, long, int, js::Value *), unsigned int, unsigned int, int, JSProperty **, unsigned int)()
    4802 JS_ASSERT(newshape == shape);
    4803 }
    4804 }
    4805
    4806 /* Store valueCopy before calling addProperty, in case the latter GC's. */
    4807 if (obj->containsSlot(shape->slot))
    CID 376401: (OVERRUN)
    Calling "nativeSetSlot" with "obj->slots" and "shape->slot" is suspicious because of the very large index, 4294967295. The index may be due to a negative parameter being interpreted as unsigned.
    4808 obj->nativeSetSlot(shape->slot, valueCopy);
    4809
    4810 /* XXXbe called with lock held */
    4811 if (!CallAddPropertyHook(cx, clasp, obj, shape, &valueCopy)) { 4812 obj->removeProperty(cx, id);
    4813 return false;

    ** CID 376400: Control flow issues (DEADCODE) /tmp/sbbs-Nov-10-2022/3rdp/src/cl/session/sess_attr.c: 332 in addCredential()


    ________________________________________________________________________________________________________
    *** CID 376400: Control flow issues (DEADCODE) /tmp/sbbs-Nov-10-2022/3rdp/src/cl/session/sess_attr.c: 332 in addCredential() 326 }
    327 #endif /* USE_BASE64ID */
    328
    329 /* Perform any protocol-specific additional checks if necessary */
    330 if( FNPTR_ISSET( sessionInfoPtr->checkAttributeFunction ) )
    331 {
    CID 376400: Control flow issues (DEADCODE)
    Execution cannot reach the expression "sessionInfoPtr->checkAttributeFunction.fnPtr" inside this statement: "checkAttributeFunction = (S...".
    332 const SES_CHECKATTRIBUTE_FUNCTION checkAttributeFunction = \
    333 ( SES_CHECKATTRIBUTE_FUNCTION ) \
    334 FNPTR_GET( sessionInfoPtr->checkAttributeFunction );
    335 MESSAGE_DATA msgData;
    336
    337 REQUIRES( checkAttributeFunction != NULL );

    ** CID 376399: High impact quality (Y2K38_SAFETY)
    /smbutil.c: 246 in postmsg()


    ________________________________________________________________________________________________________
    *** CID 376399: High impact quality (Y2K38_SAFETY)
    /smbutil.c: 246 in postmsg()
    240 charset = FIDO_CHARSET_ASCII;
    241 else
    242 charset = FIDO_CHARSET_CP437;
    243 }
    244
    245 memset(&msg,0,sizeof(smbmsg_t));
    CID 376399: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "uint32_t".
    246 msg.hdr.when_written.time=(uint32_t)time(NULL);
    247 msg.hdr.when_written.zone=tzone;
    248 msg.hdr.when_imported=msg.hdr.when_written;
    249
    250 if((to==NULL || stricmp(to,"All")==0) && to_address!=NULL)
    251 to=to_address;

    ** CID 376398: Memory - illegal accesses (USE_AFTER_FREE) /tmp/sbbs-Nov-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/dtoa.c: 1944 in _strtod(DtoaState *, const char *, char **)()


    ________________________________________________________________________________________________________
    *** CID 376398: Memory - illegal accesses (USE_AFTER_FREE) /tmp/sbbs-Nov-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/dtoa.c: 1944 in _strtod(DtoaState *, const char *, char **)()
    1938 bs2 -= i;
    1939 }
    1940 if (bb5 > 0) {
    1941 bs = pow5mult(PASS_STATE bs, bb5);
    1942 bb1 = mult(PASS_STATE bs, bb);
    1943 Bfree(PASS_STATE bb);
    CID 376398: Memory - illegal accesses (USE_AFTER_FREE)
    Using freed pointer "bb1".
    1944 bb = bb1;
    1945 }
    1946 if (bb2 > 0)
    1947 bb = lshift(PASS_STATE bb, bb2);
    1948 if (bd5 > 0)
    1949 bd = pow5mult(PASS_STATE bd, bd5);

    ** CID 376397: High impact quality (Y2K38_SAFETY)
    /qwk.cpp: 193 in sbbs_t::update_qwkroute(char *)()


    ________________________________________________________________________________________________________
    *** CID 376397: High impact quality (Y2K38_SAFETY)
    /qwk.cpp: 193 in sbbs_t::update_qwkroute(char *)()
    187 if((stream=fnopen(&file,str,O_WRONLY|O_CREAT|O_TRUNC))!=NULL) {
    188 t=time(NULL);
    189 t-=(90L*24L*60L*60L);
    190 for(i=0;i<total_qwknodes;i++)
    191 if(qwknode[i].time>t)
    192 fprintf(stream,"%s %s:%s\r\n" >>> CID 376397: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->qwknode[i].time" is cast to "time32_t".
    193 ,unixtodstr(&cfg,(time32_t)qwknode[i].time,str),qwknode[i].id,qwknode[i].path);
    194 fclose(stream);
    195 }
    196 else
    197 errormsg(WHERE,ERR_OPEN,str,O_WRONLY|O_CREAT|O_TRUNC);
    198 FREE_AND_NULL(qwknode);

    ** CID 376396: Memory - corruptions (OVERRUN)
    /chat.cpp: 230 in sbbs_t::multinodechat(int)()


    ________________________________________________________________________________________________________
    *** CID 376396: Memory - corruptions (OVERRUN)
    /chat.cpp: 230 in sbbs_t::multinodechat(int)()
    224 if((gurubuf=(char *)malloc((size_t)filelength(file)+1))==NULL) {
    225 close(file); 226 errormsg(WHERE,ERR_ALLOC,str
    227 ,(size_t)filelength(file)+1);
    228 break;
    229 }
    CID 376396: Memory - corruptions (OVERRUN)
    Calling "read" with "gurubuf" and "(size_t)filelength(file)" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned. [Note: The source code implementation of the function has been overridden by a builtin model.]
    230 (void)read(file,gurubuf,(size_t)filelength(file));
    231 gurubuf[filelength(file)]=0;
    232 close(file);
    233 }
    234 preusrs=usrs;
    235 if(gurubuf)

    ** CID 376395: High impact quality (Y2K38_SAFETY)
    /str.cpp: 566 in sbbs_t::inputnstime32(int *)()


    ________________________________________________________________________________________________________
    *** CID 376395: High impact quality (Y2K38_SAFETY)
    /str.cpp: 566 in sbbs_t::inputnstime32(int *)()
    560 bool sbbs_t::inputnstime32(time32_t *dt)
    561 {
    562 bool retval;
    563 time_t tmptime=*dt;
    564
    565 retval=inputnstime(&tmptime);
    CID 376395: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "tmptime" is cast to "time32_t".
    566 *dt=(time32_t)tmptime;
    567 return(retval);
    568 }
    569
    570 bool sbbs_t::inputnstime(time_t *dt)
    571 {

    ** CID 376394: High impact quality (Y2K38_SAFETY)
    /qwk.cpp: 1046 in sbbs_t::qwk_vote(char **, const char *, unsigned short, const char *, unsigned int, int)()


    ________________________________________________________________________________________________________
    *** CID 376394: High impact quality (Y2K38_SAFETY)
    /qwk.cpp: 1046 in sbbs_t::qwk_vote(char **, const char *, unsigned short, const char *, unsigned int, int)()
    1040 smbmsg_t msg;
    1041 ZERO_VAR(msg);
    1042
    1043 if((p=iniGetString(ini, section, "WhenWritten", NULL, NULL)) != NULL) {
    1044 char zone[32];
    1045 xpDateTime_t dt=isoDateTimeStr_parse(p);
    CID 376394: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "xpDateTime_to_localtime(dt)" is cast to "uint32_t".
    1046 msg.hdr.when_written.time=(uint32_t)xpDateTime_to_localtime(dt);
    1047 msg.hdr.when_written.zone=dt.zone;
    1048 sscanf(p,"%*s %s",zone);
    1049 if(zone[0])
    1050 msg.hdr.when_written.zone=(ushort)strtoul(zone,NULL,16);
    1051 }

    ** CID 376393: Memory - corruptions (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 376393: Memory - corruptions (OVERRUN) /tmp/sbbs-Nov-10-2022/src/smblib/smbfile.c: 367 in smb_addfile_withlist()
    361
    362 if(list != NULL && *list != NULL) {
    363 size_t size = strListCount(list) * 1024;
    364 metadata = calloc(1, size);
    365 if(metadata == NULL)
    366 return SMB_ERR_MEM;
    CID 376393: Memory - corruptions (OVERRUN)
    Calling "strListCombine" with "metadata" and "size - 1UL" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned.
    367 strListCombine(list, metadata, size - 1, "\r\n");
    368 }
    369 result = smb_addfile(smb, file, storage, extdesc, metadata, path);
    370 free(metadata);
    371 return result;
    372 }

    ** CID 376392: Memory - corruptions (OVERRUN)
    /unbaja.c: 298 in bruteforce()


    ________________________________________________________________________________________________________
    *** CID 376392: Memory - corruptions (OVERRUN)
    /unbaja.c: 298 in bruteforce()
    292 for(i=1;brute_buf[i];i++)
    293 brute_crc_buf[i]=ucrc32(brute_buf[i],brute_crc_buf[i-1]);
    294 /* String is pre-filled with zeros so no need to terminate */
    295 goto LOOP_END;
    296 }
    297 *pos=first_char_table[*pos];
    CID 376392: Memory - corruptions (OVERRUN)
    Calling "memset" with "brute_buf + 1" and "l - 1UL" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned. [Note: The source code implementation of the function has been overridden by a builtin model.]
    298 memset(brute_buf+1,'_',l-1);
    299 brute_crc_buf[0]=ucrc32(brute_buf[0],~0UL);
    300 for(i=1;brute_buf[i];i++)
    301 brute_crc_buf[i]=ucrc32(brute_buf[i],brute_crc_buf[i-1]);
    302
    303 LOOP_END:

    ** CID 376391: High impact quality (Y2K38_SAFETY)
    /js_filebase.c: 1128 in js_get_file_time()


    ________________________________________________________________________________________________________
    *** CID 376391: High impact quality (Y2K38_SAFETY)
    /js_filebase.c: 1128 in js_get_file_time()
    1122 return JS_TRUE;
    1123
    1124 rc=JS_SUSPENDREQUEST(cx);
    1125 if((p->smb_result = smb_loadfile(&p->smb, filename, &file, file_detail_index)) == SMB_SUCCESS) {
    1126 char path[MAX_PATH + 1];
    1127 getfilepath(scfg, &file, path);
    CID 376391: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "getfiletime(scfg, &file)" is cast to "uint32".
    1128 JS_SET_RVAL(cx, arglist, UINT_TO_JSVAL((uint32)getfiletime(scfg, &file)));
    1129 smb_freefilemem(&file);
    1130 }
    1131 JS_RESUMEREQUEST(cx, rc);
    1132 free(filename);
    1133

    ** CID 376390: High impact quality (Y2K38_SAFETY)
    /uedit/uedit.c: 1565 in edit_personal()


    ________________________________________________________________________________________________________
    *** CID 376390: High impact quality (Y2K38_SAFETY)
    /uedit/uedit.c: 1565 in edit_personal()
    1559 case 13:
    1560 /* Password */
    1561 GETUSERDAT(cfg,user);
    1562 uifc.input(WIN_MID|WIN_ACT|WIN_SAV,0,0,"Password",user->pass,LEN_PASS,K_EDIT);
    1563 if(uifc.changes) {
    1564 putuserrec(cfg,user->number,U_PASS,LEN_PASS,user->pass);
    CID 376390: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "time32_t".
    1565 user->pwmod=time(NULL);
    1566 putuserrec(cfg,user->number,U_PWMOD,8,ultoa(user->pwmod,str,16));
    1567 }
    1568 break;
    1569 case 14:
    1570 /* Note */


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dekk9_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA-2FwrhvsG-2BKheEMIte-2BKd9q2NQrRsaYgrC6kE4ewG7zSvttqnkDy-2BfltPE-2BoKdxDwGPeGgGc5fd6dRrhHAE1C1roBc0jOwtt-2F2r-2Fg12OSY18uqKQlJCAX-2BL8Tt7el7tobW8yQHa-2F74XHXpTGt3tv85aMrQZOmKFDgwH-2B0n46xFPxw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Digital Man@VERT to scan-admin@coverity.com on Friday, November 11, 2022 23:51:37
    Re: New Defects reported by Coverity Scan for Synchronet
    By: scan-admin@coverity.com to cov-scan@synchro.net on Thu Nov 10 2022 01:38 pm

    89 new defect(s) introduced to Synchronet found with Coverity Scan.

    I also upgraded to the latest version of Coverity available and it includes some new bug checkers (e.g. year 2038 issue checker) which are now getting triggered. These aren't actually new defects in the code - old defects newly detected. :-)
    --
    digital man (rob)

    Sling Blade quote #19:
    Doyle: I can't so much as drink a damn glass of water around a midget
    Norco, CA WX: 55.0øF, 34.0% humidity, 0 mph ENE wind, 0.00 inches rain/24hrs ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, December 26, 2022 13:37:04
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 432266: Program hangs (ORDER_REVERSAL) /tmp/sbbs-Dec-26-2022/src/conio/sdl_con.c: 1082 in sdl_video_event_thread()


    ________________________________________________________________________________________________________
    *** CID 432266: Program hangs (ORDER_REVERSAL) /tmp/sbbs-Dec-26-2022/src/conio/sdl_con.c: 1082 in sdl_video_event_thread() 1076 void *pixels;
    1077 int pitch;
    1078 int row;
    1079 int tw, th;
    1080
    1081 sdl.RenderClear(renderer);
    CID 432266: Program hangs (ORDER_REVERSAL)
    Calling "pthread_mutex_lock" acquires lock "vstatlock" while holding lock "win_mutex" (count: 1 / 4).
    1082 pthread_mutex_lock(&vstatlock);
    1083 if (internal_scaling) {
    1084 struct graphics_buffer *gb;
    1085 int xscale, yscale;
    1086 internal_scaling_factors(cvstat.winwidth, cvstat.winheight, &xscale, &yscale);
    1087 gb = do_scale(list, xscale, yscale,


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DHBXD_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCyS5UyoQqKVmOMedFGLjn71yTeRcDL7fqmvbUSLPY1OWKWt59G-2BDzatjMcGJyCU2niQVF5GZicwHShu9rR5Tko09y26ywpI6qvkqed4WvIuyR7izNkMLacScaWBu9-2B-2FpmHIHwWZWKEjrMrksbmhc-2F9zKDxBoB1ZVQ1cTyfaA-2BEXA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, December 30, 2022 13:38:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    37 new defect(s) introduced to Synchronet found with Coverity Scan.
    24 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 37 defect(s)


    ** CID 433272: Code maintainability issues (UNUSED_VALUE)
    /useredit.cpp: 1039 in sbbs_t::maindflts(user_t *)()


    ________________________________________________________________________________________________________
    *** CID 433272: Code maintainability issues (UNUSED_VALUE)
    /useredit.cpp: 1039 in sbbs_t::maindflts(user_t *)()
    1033 putusermisc(user->number, user->misc); 1034 break;
    1035 case 'W':
    1036 if(!noyes(text[NewPasswordQ])) {
    1037 bputs(text[CurrentPassword]); 1038 console|=CON_R_ECHOX;
    CID 433272: Code maintainability issues (UNUSED_VALUE)
    Assigning value from "(char)this->getstr(str, 40UL, 1L, NULL)" to "ch" here, but that stored value is overwritten before it can be used.
    1039 ch=(char)getstr(str,LEN_PASS,K_UPPER);
    1040 console&=~(CON_R_ECHOX|CON_L_ECHOX);
    1041 if(sys_status&SS_ABORT)
    1042 break;
    1043 if(stricmp(str,user->pass)) { 1044 bputs(text[WrongPassword]);

    ** CID 433271: (RESOURCE_LEAK)
    /scfglib2.c: 658 in read_chat_cfg()
    /scfglib2.c: 759 in read_chat_cfg()
    /scfglib2.c: 679 in read_chat_cfg()
    /scfglib2.c: 687 in read_chat_cfg()
    /scfglib2.c: 651 in read_chat_cfg()
    /scfglib2.c: 718 in read_chat_cfg()
    /scfglib2.c: 752 in read_chat_cfg()
    /scfglib2.c: 725 in read_chat_cfg()


    ________________________________________________________________________________________________________
    *** CID 433271: (RESOURCE_LEAK)
    /scfglib2.c: 658 in read_chat_cfg()
    652 } else
    653 cfg->guru=NULL;
    654
    655 for(uint i=0; i<cfg->total_gurus; i++) {
    656 const char* name = list[i];
    657 if((cfg->guru[i]=(guru_t *)malloc(sizeof(guru_t)))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 658 return allocerr(error, maxerrlen, fname, "guru", sizeof(guru_t));
    659 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    660 memset(cfg->guru[i],0,sizeof(guru_t));
    661
    662 SAFECOPY(cfg->guru[i]->name, iniGetString(section, NULL, "name", name + 5, value));
    663 SAFECOPY(cfg->guru[i]->code, name + 5);
    /scfglib2.c: 759 in read_chat_cfg()
    753 } else
    754 cfg->page=NULL;
    755
    756 for(uint i=0; i<cfg->total_pages; i++) {
    757 const char* name = list[i];
    758 if((cfg->page[i]=(page_t *)malloc(sizeof(page_t)))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 759 return allocerr(error, maxerrlen, fname, "page", sizeof(page_t));
    760 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    761 memset(cfg->page[i],0,sizeof(page_t));
    762
    763 SAFECOPY(cfg->page[i]->cmd, iniGetString(section, NULL, "cmd", "", value));
    764
    /scfglib2.c: 679 in read_chat_cfg()
    673
    674 list = iniGetParsedSectionList(sections, "actions:");
    675 cfg->total_actsets = (uint16_t)strListCount(list);
    676
    677 if(cfg->total_actsets) {
    678 if((cfg->actset=(actset_t **)malloc(sizeof(actset_t *)*cfg->total_actsets))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 679 return allocerr(error, maxerrlen, fname, "actsets", sizeof(actset_t *)*cfg->total_actsets);
    680 } else
    681 cfg->actset=NULL;
    682
    683 cfg->total_chatacts = 0;
    684 for(uint i=0; i<cfg->total_actsets; i++) {
    /scfglib2.c: 687 in read_chat_cfg()
    681 cfg->actset=NULL;
    682
    683 cfg->total_chatacts = 0;
    684 for(uint i=0; i<cfg->total_actsets; i++) {
    685 const char* name = list[i];
    686 if((cfg->actset[i]=(actset_t *)malloc(sizeof(actset_t)))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 687 return allocerr(error, maxerrlen, fname, "actset", sizeof(actset_t));
    688 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    689 SAFECOPY(cfg->actset[i]->name, name + 8);
    690 str_list_t act_list = iniGetKeyList(section, NULL);
    691 for(uint j = 0; act_list != NULL && act_list[j] != NULL; j++) {
    692 chatact_t** np = realloc(cfg->chatact, sizeof(chatact_t *) * (cfg->total_chatacts + 1));
    /scfglib2.c: 651 in read_chat_cfg()
    645
    646 str_list_t list = iniGetParsedSectionList(sections, "guru:"); 647 cfg->total_gurus = (uint16_t)strListCount(list);
    648
    649 if(cfg->total_gurus) {
    650 if((cfg->guru=(guru_t **)malloc(sizeof(guru_t *)*cfg->total_gurus))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 651 return allocerr(error, maxerrlen, fname, "gurus", sizeof(guru_t *)*cfg->total_gurus);
    652 } else
    653 cfg->guru=NULL;
    654
    655 for(uint i=0; i<cfg->total_gurus; i++) {
    656 const char* name = list[i];
    /scfglib2.c: 718 in read_chat_cfg()
    712
    713 list = iniGetParsedSectionList(sections, "chan:");
    714 cfg->total_chans = (uint16_t)strListCount(list);
    715
    716 if(cfg->total_chans) {
    717 if((cfg->chan=(chan_t **)malloc(sizeof(chan_t *)*cfg->total_chans))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 718 return allocerr(error, maxerrlen, fname, "chans", sizeof(chan_t *)*cfg->total_chans);
    719 } else
    720 cfg->chan=NULL;
    721
    722 for(uint i=0; i<cfg->total_chans; i++) {
    723 const char* name = list[i];
    /scfglib2.c: 752 in read_chat_cfg()
    746
    747 list = iniGetParsedSectionList(sections, "pager:");
    748 cfg->total_pages = (uint16_t)strListCount(list);
    749
    750 if(cfg->total_pages) {
    751 if((cfg->page=(page_t **)malloc(sizeof(page_t *)*cfg->total_pages))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 752 return allocerr(error, maxerrlen, fname, "pages", sizeof(page_t *)*cfg->total_pages);
    753 } else
    754 cfg->page=NULL;
    755
    756 for(uint i=0; i<cfg->total_pages; i++) {
    757 const char* name = list[i];
    /scfglib2.c: 725 in read_chat_cfg()
    719 } else
    720 cfg->chan=NULL;
    721
    722 for(uint i=0; i<cfg->total_chans; i++) {
    723 const char* name = list[i];
    724 if((cfg->chan[i]=(chan_t *)malloc(sizeof(chan_t)))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 725 return allocerr(error, maxerrlen, fname, "chan", sizeof(chan_t));
    726 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    727 memset(cfg->chan[i],0,sizeof(chan_t));
    728
    729 cfg->chan[i]->actset = getchatactset(cfg, iniGetString(section, NULL, "actions", "", value));
    730 SAFECOPY(cfg->chan[i]->name, iniGetString(section, NULL, "name", "", value));

    ** CID 433270: Null pointer dereferences (FORWARD_NULL)
    /scfglib1.c: 420 in read_msgs_cfg()


    ________________________________________________________________________________________________________
    *** CID 433270: Null pointer dereferences (FORWARD_NULL)
    /scfglib1.c: 420 in read_msgs_cfg()
    414 continue;
    415 *p = '\0';
    416 char* code = p + 1;
    417 int grpnum = getgrpnum_from_name(cfg, group);
    418 if(!is_valid_grpnum(cfg, grpnum))
    419 continue;
    CID 433270: Null pointer dereferences (FORWARD_NULL)
    Dereferencing null pointer "cfg->sub".
    420 if((cfg->sub[i]=(sub_t *)malloc(sizeof(sub_t)))==NULL) 421 return allocerr(error, maxerrlen, fname, "sub", sizeof(sub_t));
    422 section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    423 memset(cfg->sub[i],0,sizeof(sub_t));
    424 SAFECOPY(cfg->sub[i]->code_suffix, code);
    425

    ** CID 433269: Resource leaks (RESOURCE_LEAK)
    /scfglib2.c: 117 in read_file_cfg()


    ________________________________________________________________________________________________________
    *** CID 433269: Resource leaks (RESOURCE_LEAK)
    /scfglib2.c: 117 in read_file_cfg()
    111 return allocerr(error, maxerrlen, fname, "fcomps", sizeof(fcomp_t*)*cfg->total_fcomps);
    112 } else
    113 cfg->fcomp=NULL;
    114
    115 for(uint i=0; i<cfg->total_fcomps; i++) {
    116 if((cfg->fcomp[i]=(fcomp_t *)malloc(sizeof(fcomp_t)))==NULL)
    CID 433269: Resource leaks (RESOURCE_LEAK)
    Variable "fcomp_list" going out of scope leaks the storage it points to.
    117 return allocerr(error, maxerrlen, fname, "fcomp", sizeof(fcomp_t));
    118 str_list_t section = iniGetParsedSection(sections, fcomp_list[i], /* cut: */TRUE);
    119 memset(cfg->fcomp[i],0,sizeof(fcomp_t));
    120 SAFECOPY(cfg->fcomp[i]->ext, iniGetString(section, NULL, "extension", "", value));
    121 SAFECOPY(cfg->fcomp[i]->cmd, iniGetString(section, NULL, "cmd", "", value));
    122 SAFECOPY(cfg->fcomp[i]->arstr, iniGetString(section, NULL, "ars", "", value));

    ** CID 433268: Resource leaks (RESOURCE_LEAK)
    /scfglib2.c: 194 in read_file_cfg()


    ________________________________________________________________________________________________________
    *** CID 433268: Resource leaks (RESOURCE_LEAK)
    /scfglib2.c: 194 in read_file_cfg()
    188 return allocerr(error, maxerrlen, fname, "dlevents", sizeof(dlevent_t*)*cfg->total_dlevents);
    189 } else
    190 cfg->dlevent=NULL;
    191
    192 for(uint i=0; i<cfg->total_dlevents; i++) {
    193 if((cfg->dlevent[i]=(dlevent_t *)malloc(sizeof(dlevent_t)))==NULL)
    CID 433268: Resource leaks (RESOURCE_LEAK)
    Variable "dlevent_list" going out of scope leaks the storage it points to.
    194 return allocerr(error, maxerrlen, fname, "dlevent", sizeof(dlevent_t));
    195 str_list_t section = iniGetParsedSection(sections, dlevent_list[i], /* cut: */TRUE);
    196 memset(cfg->dlevent[i],0,sizeof(dlevent_t));
    197 SAFECOPY(cfg->dlevent[i]->ext, iniGetString(section, NULL, "extension", "", value));
    198 SAFECOPY(cfg->dlevent[i]->cmd, iniGetString(section, NULL, "cmd", "", value));
    199 SAFECOPY(cfg->dlevent[i]->workstr, iniGetString(section, NULL, "working", "", value));

    ** CID 433267: Control flow issues (DEADCODE)
    /mqtt.c: 41 in mqtt_init()


    ________________________________________________________________________________________________________
    *** CID 433267: Control flow issues (DEADCODE)
    /mqtt.c: 41 in mqtt_init()
    35 mqtt->host = host;
    36 mqtt->server = server;
    37 #ifdef USE_MOSQUITTO
    38 return mosquitto_lib_init();
    39 #endif
    40 }
    CID 433267: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "return 100;".
    41 return MQTT_FAILURE;
    42 }
    43
    44 static char* format_topic(struct mqtt* mqtt, enum topic_depth depth, char* str, size_t size, const char* sbuf)
    45 {
    46 switch(depth) {

    ** CID 433266: (RESOURCE_LEAK)
    /scfglib1.c: 523 in read_msgs_cfg()
    /scfglib1.c: 381 in read_msgs_cfg()
    /scfglib1.c: 373 in read_msgs_cfg()


    ________________________________________________________________________________________________________
    *** CID 433266: (RESOURCE_LEAK)
    /scfglib1.c: 523 in read_msgs_cfg()
    517 cfg->qhub=NULL;
    518
    519 cfg->total_qhubs = 0;
    520 for(uint i=0; qhub_list[i] != NULL; i++) {
    521 const char* name = qhub_list[i];
    522 if((cfg->qhub[i]=(qhub_t *)malloc(sizeof(qhub_t)))==NULL)
    CID 433266: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 523 return allocerr(error, maxerrlen, fname, "qhub", sizeof(qhub_t));
    524 section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    525 memset(cfg->qhub[i],0,sizeof(qhub_t));
    526
    527 SAFECOPY(cfg->qhub[i]->id, name + 5);
    528 cfg->qhub[i]->time = iniGetShortInt(section, NULL, "time", 0);
    /scfglib1.c: 381 in read_msgs_cfg()
    375 cfg->grp=NULL;
    376
    377 for(uint i=0; i<cfg->total_grps; i++) {
    378
    379 const char* name = grp_list[i];
    380 if((cfg->grp[i]=(grp_t *)malloc(sizeof(grp_t)))==NULL) >>> CID 433266: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 381 return allocerr(error, maxerrlen, fname, "group", sizeof(grp_t));
    382 section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    383 memset(cfg->grp[i],0,sizeof(grp_t));
    384 SAFECOPY(cfg->grp[i]->sname, name + 4);
    385 SAFECOPY(cfg->grp[i]->lname, iniGetString(section, NULL, "description", name + 4, value));
    386 SAFECOPY(cfg->grp[i]->code_prefix, iniGetString(section, NULL, "code_prefix", "", value));
    /scfglib1.c: 373 in read_msgs_cfg()
    367
    368 str_list_t grp_list = iniGetParsedSectionList(sections, "grp:");
    369 cfg->total_grps = (uint16_t)strListCount(grp_list);
    370
    371 if(cfg->total_grps) {
    372 if((cfg->grp=(grp_t **)malloc(sizeof(grp_t *)*cfg->total_grps))==NULL)
    CID 433266: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 373 return allocerr(error, maxerrlen, fname, "groups", sizeof(grp_t *)*cfg->total_grps);
    374 } else
    375 cfg->grp=NULL;
    376
    377 for(uint i=0; i<cfg->total_grps; i++) {
    378

    ** CID 433265: (RESOURCE_LEAK)
    /scfglib1.c: 381 in read_msgs_cfg()
    /scfglib1.c: 373 in read_msgs_cfg()


    ________________________________________________________________________________________________________
    *** CID 433265: (RESOURCE_LEAK)
    /scfglib1.c: 381 in read_msgs_cfg()
    375 cfg->grp=NULL;
    376
    377 for(uint i=0; i<cfg->total_grps; i++) {
    378
    379 const char* name = grp_list[i];
    380 if((cfg->grp[i]=(grp_t *)malloc(sizeof(grp_t)))==NULL) >>> CID 433265: (RESOURCE_LEAK)
    Variable "grp_list" going out of scope leaks the storage it points to. 381 return allocerr(error, maxerrlen, fname, "group", sizeof(grp_t));
    382 section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    383 memset(cfg->grp[i],0,sizeof(grp_t));
    384 SAFECOPY(cfg->grp[i]->sname, name + 4);
    385 SAFECOPY(cfg->grp[i]->lname, iniGetString(section, NULL, "description", name + 4, value));
    386 SAFECOPY(cfg->grp[i]->code_prefix, iniGetString(section, NULL, "code_prefix", "", value));
    /scfglib1.c: 373 in read_msgs_cfg()
    367
    368 str_list_t grp_list = iniGetParsedSectionList(sections, "grp:");
    369 cfg->total_grps = (uint16_t)strListCount(grp_list);
    370
    371 if(cfg->total_grps) {
    372 if((cfg->grp=(grp_t **)malloc(sizeof(grp_t *)*cfg->total_grps))==NULL)
    CID 433265: (RESOURCE_LEAK)
    Variable "grp_list" going out of scope leaks the storage it points to. 373 return allocerr(error, maxerrlen, fname, "groups", sizeof(grp_t *)*cfg->total_grps);
    374 } else
    375 cfg->grp=NULL;
    376
    377 for(uint i=0; i<cfg->total_grps; i++) {
    378

    ** CID 433264: Memory - corruptions (REVERSE_NEGATIVE)
    /main.cpp: 2347 in output_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 433264: Memory - corruptions (REVERSE_NEGATIVE)
    /main.cpp: 2347 in output_thread(void *)()
    2341 }
    2342 }
    2343 #endif
    2344 sbbs->terminate_output_thread = false;
    2345
    2346 /* Note: do not terminate when online==FALSE, that is expected for the terminal server output_thread */
    CID 433264: Memory - corruptions (REVERSE_NEGATIVE)
    You might be using variable "sbbs->client_socket" before verifying that it is >= 0.
    2347 while (sbbs->client_socket != INVALID_SOCKET && !terminate_server && !sbbs->terminate_output_thread) {
    2348 /*
    2349 * I'd like to check the linear buffer against the highwater
    2350 * at this point, but it would get too clumsy imho - Deuce
    2351 *
    2352 * Actually, another option would just be to have the size

    ** CID 433263: (RESOURCE_LEAK)
    /scfglib1.c: 548 in read_msgs_cfg()
    /scfglib1.c: 523 in read_msgs_cfg()
    /scfglib1.c: 515 in read_msgs_cfg()
    /scfglib1.c: 546 in read_msgs_cfg()


    ________________________________________________________________________________________________________
    *** CID 433263: (RESOURCE_LEAK)
    /scfglib1.c: 548 in read_msgs_cfg()
    542 if(k) {
    543 if((cfg->qhub[i]->sub=(sub_t**)malloc(sizeof(sub_t*)*k))==NULL)
    544 return allocerr(error, maxerrlen, fname, "qhub sub", sizeof(sub_t)*k);
    545 if((cfg->qhub[i]->conf=(ushort *)malloc(sizeof(ushort)*k))==NULL)
    546 return allocerr(error, maxerrlen, fname, "qhub conf", sizeof(ushort)*k);
    547 if((cfg->qhub[i]->mode=(char *)malloc(sizeof(char)*k))==NULL)
    CID 433263: (RESOURCE_LEAK)
    Variable "qhub_list" going out of scope leaks the storage it points to. 548 return allocerr(error, maxerrlen, fname, "qhub mode", sizeof(uchar)*k);
    549 }
    550
    551 for(uint j=0;j<k;j++) {
    552 uint16_t confnum;
    553 int subnum;
    /scfglib1.c: 523 in read_msgs_cfg()
    517 cfg->qhub=NULL;
    518
    519 cfg->total_qhubs = 0;
    520 for(uint i=0; qhub_list[i] != NULL; i++) {
    521 const char* name = qhub_list[i];
    522 if((cfg->qhub[i]=(qhub_t *)malloc(sizeof(qhub_t)))==NULL)
    CID 433263: (RESOURCE_LEAK)
    Variable "qhub_list" going out of scope leaks the storage it points to. 523 return allocerr(error, maxerrlen, fname, "qhub", sizeof(qhub_t));
    524 section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    525 memset(cfg->qhub[i],0,sizeof(qhub_t));
    526
    527 SAFECOPY(cfg->qhub[i]->id, name + 5);
    528 cfg->qhub[i]->time = iniGetShortInt(section, NULL, "time", 0);
    /scfglib1.c: 515 in read_msgs_cfg()
    509 /**********/
    510 str_list_t qhub_list = iniGetParsedSectionList(sections, "qhub:");
    511 cfg->total_qhubs = (uint16_t)strListCount(qhub_list);
    512
    513 if(cfg->total_qhubs) {
    514 if((cfg->qhub=(qhub_t **)malloc(sizeof(qhub_t *)*cfg->total_qhubs))==NULL)
    CID 433263: (RESOURCE_LEAK)
    Variable "qhub_list" going out of scope leaks the storage it points to. 515 return allocerr(error, maxerrlen, fname, "qhubs", sizeof(qhub_t*)*cfg->total_qhubs);
    516 } else
    517 cfg->qhub=NULL;
    518
    519 cfg->total_qhubs = 0;
    520 for(uint i=0; qhub_list[i] != NULL; i++) {
    /scfglib1.c: 546 in read_msgs_cfg()
    540 str_list_t qsub_list = iniGetParsedSectionList(sections, str);
    541 uint k = strListCount(qsub_list);
    542 if(k) {
    543 if((cfg->qhub[i]->sub=(sub_t**)malloc(sizeof(sub_t*)*k))==NULL)
    544 return allocerr(error, maxerrlen, fname, "qhub sub", sizeof(sub_t)*k);
    545 if((cfg->qhub[i]->conf=(ushort *)malloc(sizeof(ushort)*k))==NULL)
    CID 433263: (RESOURCE_LEAK)
    Variable "qhub_list" going out of scope leaks the storage it points to. 546 return allocerr(error, maxerrlen, fname, "qhub conf", sizeof(ushort)*k);
    547 if((cfg->qhub[i]->mode=(char *)malloc(sizeof(char)*k))==NULL)
    548 return allocerr(error, maxerrlen, fname, "qhub mode", sizeof(uchar)*k);
    549 }
    550
    551 for(uint j=0;j<k;j++) {

    ** CID 433262: High impact quality (Y2K38_SAFETY)
    /qwk.cpp: 1036 in sbbs_t::qwk_vote(char **, const char *, unsigned short, const char *, unsigned int, sbbs_t::msg_filters, int)()


    ________________________________________________________________________________________________________
    *** CID 433262: High impact quality (Y2K38_SAFETY)
    /qwk.cpp: 1036 in sbbs_t::qwk_vote(char **, const char *, unsigned short, const char *, unsigned int, sbbs_t::msg_filters, int)()
    1030 smbmsg_t msg;
    1031 ZERO_VAR(msg);
    1032
    1033 if((p=iniGetString(ini, section, "WhenWritten", NULL, NULL)) != NULL) {
    1034 char zone[32];
    1035 xpDateTime_t dt=isoDateTimeStr_parse(p);
    CID 433262: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "xpDateTime_to_localtime(dt)" is cast to "uint32_t".
    1036 msg.hdr.when_written.time=(uint32_t)xpDateTime_to_localtime(dt);
    1037 msg.hdr.when_written.zone=dt.zone;
    1038 sscanf(p,"%*s %s",zone);
    1039 if(zone[0])
    1040 msg.hdr.when_written.zone=(ushort)strtoul(zone,NULL,16);
    1041 }

    ** CID 433261: (RESOURCE_LEAK)
    /scfglib2.c: 245 in read_file_cfg()
    /scfglib2.c: 252 in read_file_cfg()


    ________________________________________________________________________________________________________
    *** CID 433261: (RESOURCE_LEAK)
    /scfglib2.c: 245 in read_file_cfg()
    239
    240 str_list_t lib_list = iniGetParsedSectionList(sections, "lib:");
    241 cfg->total_libs = (uint16_t)strListCount(lib_list);
    242
    243 if(cfg->total_libs) {
    244 if((cfg->lib=(lib_t **)malloc(sizeof(lib_t *)*cfg->total_libs))==NULL)
    CID 433261: (RESOURCE_LEAK)
    Variable "lib_list" going out of scope leaks the storage it points to. 245 return allocerr(error, maxerrlen, fname, "libs", sizeof(lib_t *)*cfg->total_libs);
    246 } else
    247 cfg->lib=NULL;
    248
    249 for(uint i=0; i<cfg->total_libs; i++) {
    250 char* name = lib_list[i];
    /scfglib2.c: 252 in read_file_cfg()
    246 } else
    247 cfg->lib=NULL;
    248
    249 for(uint i=0; i<cfg->total_libs; i++) {
    250 char* name = lib_list[i];
    251 if((cfg->lib[i]=(lib_t *)malloc(sizeof(lib_t)))==NULL) >>> CID 433261: (RESOURCE_LEAK)
    Variable "lib_list" going out of scope leaks the storage it points to. 252 return allocerr(error, maxerrlen, fname, "lib", sizeof(lib_t));
    253 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    254 memset(cfg->lib[i],0,sizeof(lib_t));
    255 cfg->lib[i]->offline_dir=INVALID_DIR;
    256 SAFECOPY(cfg->lib[i]->sname, name + 4);
    257 SAFECOPY(cfg->lib[i]->lname, iniGetString(section, NULL, "description", name + 4, value));

    ** CID 433260: (RESOURCE_LEAK)
    /scfglib1.c: 546 in read_msgs_cfg()
    /scfglib1.c: 548 in read_msgs_cfg()
    /scfglib1.c: 544 in read_msgs_cfg()


    ________________________________________________________________________________________________________
    *** CID 433260: (RESOURCE_LEAK)
    /scfglib1.c: 546 in read_msgs_cfg()
    540 str_list_t qsub_list = iniGetParsedSectionList(sections, str);
    541 uint k = strListCount(qsub_list);
    542 if(k) {
    543 if((cfg->qhub[i]->sub=(sub_t**)malloc(sizeof(sub_t*)*k))==NULL)
    544 return allocerr(error, maxerrlen, fname, "qhub sub", sizeof(sub_t)*k);
    545 if((cfg->qhub[i]->conf=(ushort *)malloc(sizeof(ushort)*k))==NULL)
    CID 433260: (RESOURCE_LEAK)
    Variable "qsub_list" going out of scope leaks the storage it points to. 546 return allocerr(error, maxerrlen, fname, "qhub conf", sizeof(ushort)*k);
    547 if((cfg->qhub[i]->mode=(char *)malloc(sizeof(char)*k))==NULL)
    548 return allocerr(error, maxerrlen, fname, "qhub mode", sizeof(uchar)*k);
    549 }
    550
    551 for(uint j=0;j<k;j++) {
    /scfglib1.c: 548 in read_msgs_cfg()
    542 if(k) {
    543 if((cfg->qhub[i]->sub=(sub_t**)malloc(sizeof(sub_t*)*k))==NULL)
    544 return allocerr(error, maxerrlen, fname, "qhub sub", sizeof(sub_t)*k);
    545 if((cfg->qhub[i]->conf=(ushort *)malloc(sizeof(ushort)*k))==NULL)
    546 return allocerr(error, maxerrlen, fname, "qhub conf", sizeof(ushort)*k);
    547 if((cfg->qhub[i]->mode=(char *)malloc(sizeof(char)*k))==NULL)
    CID 433260: (RESOURCE_LEAK)
    Variable "qsub_list" going out of scope leaks the storage it points to. 548 return allocerr(error, maxerrlen, fname, "qhub mode", sizeof(uchar)*k);
    549 }
    550
    551 for(uint j=0;j<k;j++) {
    552 uint16_t confnum;
    553 int subnum;
    /scfglib1.c: 544 in read_msgs_cfg()
    538 char str[128];
    539 SAFEPRINTF(str, "qhubsub:%s:", cfg->qhub[i]->id);
    540 str_list_t qsub_list = iniGetParsedSectionList(sections, str);
    541 uint k = strListCount(qsub_list);
    542 if(k) {
    543 if((cfg->qhub[i]->sub=(sub_t**)malloc(sizeof(sub_t*)*k))==NULL)
    CID 433260: (RESOURCE_LEAK)
    Variable "qsub_list" going out of scope leaks the storage it points to. 544 return allocerr(error, maxerrlen, fname, "qhub sub", sizeof(sub_t)*k);
    545 if((cfg->qhub[i]->conf=(ushort *)malloc(sizeof(ushort)*k))==NULL)
    546 return allocerr(error, maxerrlen, fname, "qhub conf", sizeof(ushort)*k);
    547 if((cfg->qhub[i]->mode=(char *)malloc(sizeof(char)*k))==NULL)
    548 return allocerr(error, maxerrlen, fname, "qhub mode", sizeof(uchar)*k);
    549 }

    ** CID 433259: Resource leaks (RESOURCE_LEAK)
    /upgrade_to_v320.c: 463 in upgrade_users()


    ________________________________________________________________________________________________________
    *** CID 433259: Resource leaks (RESOURCE_LEAK)
    /upgrade_to_v320.c: 463 in upgrade_users()
    457 return false;
    458 }
    459
    460 int file = v31x_openuserdat(&scfg, /* for_modify */FALSE);
    461 if(file == -1) {
    462 perror("user.dat");
    CID 433259: Resource leaks (RESOURCE_LEAK)
    Variable "out" going out of scope leaks the storage it points to.
    463 return false;
    464 }
    465 for(uint i = 1; i <= last; i++) {
    466 user_t user;
    467 ZERO_VAR(user);
    468 user.number = i;

    ** CID 433258: (RESOURCE_LEAK)
    /scfglib2.c: 481 in read_xtrn_cfg()
    /scfglib2.c: 500 in read_xtrn_cfg()
    /scfglib2.c: 462 in read_xtrn_cfg()
    /scfglib2.c: 428 in read_xtrn_cfg()
    /scfglib2.c: 541 in read_xtrn_cfg()
    /scfglib2.c: 594 in read_xtrn_cfg()
    /scfglib2.c: 534 in read_xtrn_cfg()
    /scfglib2.c: 579 in read_xtrn_cfg()
    /scfglib2.c: 455 in read_xtrn_cfg()
    /scfglib2.c: 601 in read_xtrn_cfg()
    /scfglib2.c: 421 in read_xtrn_cfg()
    /scfglib2.c: 572 in read_xtrn_cfg()


    ________________________________________________________________________________________________________
    *** CID 433258: (RESOURCE_LEAK)
    /scfglib2.c: 481 in read_xtrn_cfg()
    475
    476 list = iniGetParsedSectionList(sections, "prog:");
    477 cfg->total_xtrns = (uint16_t)strListCount(list);
    478
    479 if(cfg->total_xtrns) {
    480 if((cfg->xtrn=(xtrn_t **)malloc(sizeof(xtrn_t *)*cfg->total_xtrns))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    481 return allocerr(error, maxerrlen, fname, "xtrns", sizeof(xtrn_t *)*cfg->total_xtrns);
    482 } else
    483 cfg->xtrn=NULL;
    484
    485 cfg->total_xtrns = 0;
    486 for(uint i=0; list[i] != NULL; i++) {
    /scfglib2.c: 500 in read_xtrn_cfg()
    494 char* code = p + 1;
    495 int secnum = getxtrnsec(cfg, sec);
    496 if(!is_valid_xtrnsec(cfg, secnum))
    497 continue;
    498
    499 if((cfg->xtrn[i]=(xtrn_t *)malloc(sizeof(xtrn_t)))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    500 return allocerr(error, maxerrlen, fname, "xtrn", sizeof(xtrn_t));
    501 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    502 memset(cfg->xtrn[i],0,sizeof(xtrn_t));
    503 cfg->xtrn[i]->sec = secnum;
    504
    505 SAFECOPY(cfg->xtrn[i]->name, iniGetString(section, NULL, "name", code, value));
    /scfglib2.c: 462 in read_xtrn_cfg()
    456 } else
    457 cfg->xtrnsec=NULL;
    458
    459 for(uint i=0; i<cfg->total_xtrnsecs; i++) {
    460 const char* name = list[i];
    461 if((cfg->xtrnsec[i]=(xtrnsec_t *)malloc(sizeof(xtrnsec_t)))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    462 return allocerr(error, maxerrlen, fname, "xtrnsec", sizeof(xtrnsec_t));
    463 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    464 memset(cfg->xtrnsec[i],0,sizeof(xtrnsec_t));
    465 SAFECOPY(cfg->xtrnsec[i]->code, name + 4);
    466 SAFECOPY(cfg->xtrnsec[i]->name, iniGetString(section, NULL, "name", name + 4, value));
    467 SAFECOPY(cfg->xtrnsec[i]->arstr, iniGetString(section, NULL, "ars", "", value));
    /scfglib2.c: 428 in read_xtrn_cfg()
    422 } else
    423 cfg->xedit=NULL;
    424
    425 for(uint i=0; i<cfg->total_xedits; i++) {
    426 const char* name = list[i];
    427 if((cfg->xedit[i]=(xedit_t *)malloc(sizeof(xedit_t)))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    428 return allocerr(error, maxerrlen, fname, "xedit", sizeof(xedit_t));
    429 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    430 memset(cfg->xedit[i],0,sizeof(xedit_t));
    431 SAFECOPY(cfg->xedit[i]->code, name + 7);
    432 SAFECOPY(cfg->xedit[i]->name, iniGetString(section, NULL, "name", name + 7, value));
    433 SAFECOPY(cfg->xedit[i]->rcmd, iniGetString(section, NULL, "cmd", "", value));
    /scfglib2.c: 541 in read_xtrn_cfg()
    535 } else
    536 cfg->event=NULL;
    537
    538 for(uint i=0; i<cfg->total_events; i++) {
    539 const char* name = list[i];
    540 if((cfg->event[i]=(event_t *)malloc(sizeof(event_t)))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    541 return allocerr(error, maxerrlen, fname, "event", sizeof(event_t));
    542 memset(cfg->event[i],0,sizeof(event_t));
    543 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    544
    545 SAFECOPY(cfg->event[i]->code, name + 6);
    546 SAFECOPY(cfg->event[i]->cmd, iniGetString(section, NULL, "cmd", "", value));
    /scfglib2.c: 594 in read_xtrn_cfg()
    588
    589 list = iniGetParsedSectionList(sections, "hotkey:");
    590 cfg->total_hotkeys = (uint16_t)strListCount(list);
    591
    592 if(cfg->total_hotkeys) {
    593 if((cfg->hotkey=(hotkey_t **)malloc(sizeof(hotkey_t *)*cfg->total_hotkeys))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    594 return allocerr(error, maxerrlen, fname, "hotkeys", sizeof(hotkey_t *)*cfg->total_hotkeys);
    595 } else
    596 cfg->hotkey=NULL;
    597
    598 for(uint i=0; i<cfg->total_hotkeys; i++) {
    599 const char* section = list[i];
    /scfglib2.c: 534 in read_xtrn_cfg()
    528
    529 list = iniGetParsedSectionList(sections, "event:");
    530 cfg->total_events = (uint16_t)strListCount(list);
    531
    532 if(cfg->total_events) {
    533 if((cfg->event=(event_t **)malloc(sizeof(event_t *)*cfg->total_events))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    534 return allocerr(error, maxerrlen, fname, "events", sizeof(event_t *)*cfg->total_events);
    535 } else
    536 cfg->event=NULL;
    537
    538 for(uint i=0; i<cfg->total_events; i++) {
    539 const char* name = list[i];
    /scfglib2.c: 579 in read_xtrn_cfg()
    573 } else
    574 cfg->natvpgm=NULL;
    575
    576 for(uint i=0; i<cfg->total_natvpgms; i++) {
    577 const char* name = list[i];
    578 if((cfg->natvpgm[i]=(natvpgm_t *)malloc(sizeof(natvpgm_t)))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    579 return allocerr(error, maxerrlen, fname, "natvpgm", sizeof(natvpgm_t));
    580 memset(cfg->natvpgm[i],0,sizeof(natvpgm_t));
    581 SAFECOPY(cfg->natvpgm[i]->name, name + 7);
    582 }
    583 iniFreeStringList(list);
    584
    /scfglib2.c: 455 in read_xtrn_cfg()
    449 list = iniGetParsedSectionList(sections, "sec:");
    450 cfg->total_xtrnsecs = (uint16_t)strListCount(list);
    451
    452 if(cfg->total_xtrnsecs) {
    453 if((cfg->xtrnsec=(xtrnsec_t **)malloc(sizeof(xtrnsec_t *)*cfg->total_xtrnsecs))
    454 ==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    455 return allocerr(error, maxerrlen, fname, "xtrnsecs", sizeof(xtrnsec_t *)*cfg->total_xtrnsecs);
    456 } else
    457 cfg->xtrnsec=NULL;
    458
    459 for(uint i=0; i<cfg->total_xtrnsecs; i++) {
    460 const char* name = list[i];
    /scfglib2.c: 601 in read_xtrn_cfg()
    595 } else
    596 cfg->hotkey=NULL;
    597
    598 for(uint i=0; i<cfg->total_hotkeys; i++) {
    599 const char* section = list[i];
    600 if((cfg->hotkey[i]=(hotkey_t *)malloc(sizeof(hotkey_t)))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    601 return allocerr(error, maxerrlen, fname, "hotkey", sizeof(hotkey_t));
    602 memset(cfg->hotkey[i],0,sizeof(hotkey_t));
    603
    604 cfg->hotkey[i]->key = atoi(list[i] + 7);
    605 SAFECOPY(cfg->hotkey[i]->cmd, iniGetString(ini, section, "cmd", "", value));
    606 }
    /scfglib2.c: 421 in read_xtrn_cfg()
    415
    416 str_list_t list = iniGetParsedSectionList(sections, "editor:"); 417 cfg->total_xedits = (uint16_t)strListCount(list);
    418
    419 if(cfg->total_xedits) {
    420 if((cfg->xedit=(xedit_t **)malloc(sizeof(xedit_t *)*cfg->total_xedits))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    421 return allocerr(error, maxerrlen, fname, "xedits", sizeof(xedit_t *)*cfg->total_xedits);
    422 } else
    423 cfg->xedit=NULL;
    424
    425 for(uint i=0; i<cfg->total_xedits; i++) {
    426 const char* name = list[i];
    /scfglib2.c: 572 in read_xtrn_cfg()
    566
    567 list = iniGetParsedSectionList(sections, "native:");
    568 cfg->total_natvpgms = (uint16_t)strListCount(list);
    569
    570 if(cfg->total_natvpgms) {
    571 if((cfg->natvpgm=(natvpgm_t **)malloc(sizeof(natvpgm_t *)*cfg->total_natvpgms))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    572 return allocerr(error, maxerrlen, fname, "natvpgms", sizeof(natvpgm_t *)*cfg->total_natvpgms);
    573 } else
    574 cfg->natvpgm=NULL;
    575
    576 for(uint i=0; i<cfg->total_natvpgms; i++) {
    577 const char* name = list[i];

    ** CID 433257: Null pointer dereferences (FORWARD_NULL)
    /scfglib2.c: 314 in read_file_cfg()


    ________________________________________________________________________________________________________
    *** CID 433257: Null pointer dereferences (FORWARD_NULL)
    /scfglib2.c: 314 in read_file_cfg()
    308 *p = '\0';
    309 char* code = p + 1;
    310 int libnum = getlibnum_from_name(cfg, lib);
    311 if(!is_valid_libnum(cfg, libnum))
    312 continue;
    313
    CID 433257: Null pointer dereferences (FORWARD_NULL)
    Dereferencing null pointer "cfg->dir".
    314 if((cfg->dir[i]=(dir_t *)malloc(sizeof(dir_t)))==NULL) 315 return allocerr(error, maxerrlen, fname, "dir", sizeof(dir_t));
    316 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    317 memset(cfg->dir[i],0,sizeof(dir_t));
    318 SAFECOPY(cfg->dir[i]->code_suffix, code);
    319

    ** CID 433256: Memory - corruptions (REVERSE_NEGATIVE)
    /websrvr.c: 6401 in http_output_thread()


    ________________________________________________________________________________________________________
    *** CID 433256: Memory - corruptions (REVERSE_NEGATIVE)
    /websrvr.c: 6401 in http_output_thread()
    6395 #endif
    6396
    6397 /*
    6398 * Do *not* exit on terminate_server... wait for session thread 6399 * to close the socket and set it to INVALID_SOCKET
    6400 */
    CID 433256: Memory - corruptions (REVERSE_NEGATIVE)
    You might be using variable "session->socket" before verifying that it is >= 0.
    6401 while(session->socket!=INVALID_SOCKET) {
    6402
    6403 /* Wait for something to output in the RingBuffer */ 6404 if((avail=RingBufFull(obuf))==0) { /* empty */ 6405 if(WaitForEvent(obuf->data_event, 1000) != WAIT_OBJECT_0)
    6406 continue;

    ** CID 433255: (RESOURCE_LEAK)
    /scfglib2.c: 296 in read_file_cfg()
    /scfglib2.c: 315 in read_file_cfg()


    ________________________________________________________________________________________________________
    *** CID 433255: (RESOURCE_LEAK)
    /scfglib2.c: 296 in read_file_cfg()
    290 cfg->sysop_dir=cfg->user_dir=cfg->upload_dir=INVALID_DIR;
    291 str_list_t dir_list = iniGetParsedSectionList(sections, "dir:");
    292 cfg->total_dirs = (uint16_t)strListCount(dir_list);
    293
    294 if(cfg->total_dirs) {
    295 if((cfg->dir=(dir_t **)malloc(sizeof(dir_t *)*(cfg->total_dirs+1)))==NULL)
    CID 433255: (RESOURCE_LEAK)
    Variable "dir_list" going out of scope leaks the storage it points to. 296 return allocerr(error, maxerrlen, fname, "dirs", sizeof(dir_t *)*(cfg->total_dirs+1));
    297 } else
    298 cfg->dir=NULL;
    299
    300 cfg->total_dirs = 0;
    301 for(uint i=0; dir_list[i] != NULL; i++) {
    /scfglib2.c: 315 in read_file_cfg()
    309 char* code = p + 1;
    310 int libnum = getlibnum_from_name(cfg, lib);
    311 if(!is_valid_libnum(cfg, libnum))
    312 continue;
    313
    314 if((cfg->dir[i]=(dir_t *)malloc(sizeof(dir_t)))==NULL) >>> CID 433255: (RESOURCE_LEAK)
    Variable "dir_list" going out of scope leaks the storage it points to. 315 return allocerr(error, maxerrlen, fname, "dir", sizeof(dir_t));
    316 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    317 memset(cfg->dir[i],0,sizeof(dir_t));
    318 SAFECOPY(cfg->dir[i]->code_suffix, code);
    319
    320 cfg->dir[i]->dirnum = i;

    ** CID 433254: Resource leaks (RESOURCE_LEAK)
    /scfglib2.c: 167 in read_file_cfg()


    ________________________________________________________________________________________________________
    *** CID 433254: Resource leaks (RESOURCE_LEAK)
    /scfglib2.c: 167 in read_file_cfg()
    161 return allocerr(error, maxerrlen, fname, "ftests", sizeof(ftest_t*)*cfg->total_ftests);
    162 } else
    163 cfg->ftest=NULL;
    164
    165 for(uint i=0; i<cfg->total_ftests; i++) {
    166 if((cfg->ftest[i]=(ftest_t *)malloc(sizeof(ftest_t)))==NULL)
    CID 433254: Resource leaks (RESOURCE_LEAK)
    Variable "ftest_list" going out of scope leaks the storage it points to.
    167 return allocerr(error, maxerrlen, fname, "ftest", sizeof(ftest_t));
    168 str_list_t section = iniGetParsedSection(sections, ftest_list[i], /* cut: */TRUE);
    169 memset(cfg->ftest[i],0,sizeof(ftest_t));
    170 SAFECOPY(cfg->ftest[i]->ext, iniGetString(section, NULL, "extension", "", value));
    171 SAFECOPY(cfg->ftest[i]->cmd, iniGetString(section, NULL, "cmd", "", value));
    172 SAFECOPY(cfg->ftest[i]->workstr, iniGetString(section, NULL, "working", "", value));

    ** CID 433253: High impact quality (Y2K38_SAFETY)
    /data_ovl.cpp: 85 in sbbs_t::putuserdatetime(int, user_field, long)()


    ________________________________________________________________________________________________________
    *** CID 433253: High impact quality (Y2K38_SAFETY)
    /data_ovl.cpp: 85 in sbbs_t::putuserdatetime(int, user_field, long)()
    79 }
    80 return true;
    81 }
    82
    83 bool sbbs_t::putuserdatetime(int usernumber, enum user_field fnum, time_t t)
    84 {
    CID 433253: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    85 int result = ::putuserdatetime(&cfg, usernumber, fnum, (time32_t)t);
    86 if(result != 0) {
    87 errormsg(WHERE, ERR_WRITE, USER_DATA_FILENAME, result);
    88 return false;
    89 }
    90 return true;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DKDXB_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDurF1YI6zrehre-2ByboPjRtzp0Uy9HxsPpEX6zuOHgkysGkYAIhBrTkr4fuqAJ-2FB9iKqhkl3PBoU8Vxw9H0mOzOUPRQ8hRzN0dT2QpcICdfJX0ngV6zwPKV-2B-2BuWPoh6viSCOhOEjV9OKJBVoKjy1pwkvK0uVxvk593QiNyE8GHMjw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, January 24, 2023 13:36:42
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 434885: Null pointer dereferences (FORWARD_NULL)
    /services.c: 720 in js_client_update()


    ________________________________________________________________________________________________________
    *** CID 434885: Null pointer dereferences (FORWARD_NULL)
    /services.c: 720 in js_client_update()
    714 inet_addrtop(&addr, client.addr, sizeof(client.addr)); 715 client.port=inet_addrport(&addr);
    716 }
    717
    718 if(argc>1) {
    719 JSVALUE_TO_MSTRING(cx, argv[1], cstr, NULL);
    CID 434885: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "cstr" to "strncpy", which dereferences it.
    720 SAFECOPY(client.user, cstr);
    721 }
    722
    723 if(argc>2)
    724 JSVALUE_TO_STRBUF(cx, argv[2], client.host, sizeof(client.host), NULL);
    725

    ** CID 434884: Null pointer dereferences (FORWARD_NULL)
    /services.c: 666 in js_client_add()


    ________________________________________________________________________________________________________
    *** CID 434884: Null pointer dereferences (FORWARD_NULL)
    /services.c: 666 in js_client_add()
    660 client.port=inet_addrport(&addr);
    661 }
    662
    663 if(argc>1) {
    664 JSVALUE_TO_MSTRING(cx, argv[1], cstr, NULL);
    665 HANDLE_PENDING(cx, cstr);
    CID 434884: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "cstr" to "strncpy", which dereferences it.
    666 SAFECOPY(client.user, cstr);
    667 }
    668
    669 if(argc>2)
    670 JSVALUE_TO_STRBUF(cx, argv[2], client.host, sizeof(client.host), NULL);
    671


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DvLhJ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBNa4gwWWzuH4YpejndlE5gsky18iXCI4AkB01pepljfQqe7LF9jGy-2FPzogJNdd8GOgQ3TnLbTyrrZZkhw2xvoNM46EZwpq7pxgwtgEEnxcRLT7VMF9VB0-2Ff-2B2KirIMbgwvbghsG43LiLS-2FF-2BCh68FdiTiQ6aMChynPzZbnhEv4cw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, January 25, 2023 13:37:01
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    11 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 434888: Uninitialized variables (UNINIT)
    /xtrn.cpp: 1370 in sbbs_t::external(const char *, long, const char *)()


    ________________________________________________________________________________________________________
    *** CID 434888: Uninitialized variables (UNINIT)
    /xtrn.cpp: 1370 in sbbs_t::external(const char *, long, const char *)()
    1364 if(startup_dir!=NULL && startup_dir[0]) {
    1365 SAFECOPY(str, startup_dir);
    1366 *lastchar(str) = 0;
    1367 SAFECOPY(gamedir, getfname(str));
    1368 }
    1369
    CID 434888: Uninitialized variables (UNINIT)
    Using uninitialized value "*gamedir".
    1370 if(*gamedir == 0) {
    1371 lprintf(LOG_ERR, "No startup directory configured for DOS command-line: %s", cmdline);
    1372 fclose(dosemubatfp);
    1373 return -1;
    1374 }
    1375


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Di5Wp_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCu-2BeyEJW9rE8BW4LDJPQ2W2Wvs6n0p1O-2Fo9AM1iUao-2F2dlnwxD-2FRtUP2nmCEvhxiitStz1ds8-2B9EaUt0OTDXr5sDsyoKOngliXhJ9VISshWIOON7LUlF3dVpV2T8YLPOtt-2BDQXU15hmmSHz-2FmlMcFUnz-2Fr7tGDaZQcVs-2F9URbkGQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, January 30, 2023 13:36:32
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 435652: High impact quality (Y2K38_SAFETY)
    /logfile.cpp: 46 in hacklog()


    ________________________________________________________________________________________________________
    *** CID 435652: High impact quality (Y2K38_SAFETY)
    /logfile.cpp: 46 in hacklog()
    40 return false;
    41
    42 inet_addrtop(addr, ip, sizeof(ip));
    43 fprintf(fp,"SUSPECTED %s HACK ATTEMPT for user '%s' on %.24s%sUsing port %u at %s [%s]%s"
    44 ,prot
    45 ,user
    CID 435652: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "now" is cast to "time32_t".
    46 ,timestr(cfg, (time32_t)now, tstr)
    47 ,log_line_ending
    48 ,inet_addrport(addr)
    49 ,host
    50 ,ip
    51 ,log_line_ending

    ** CID 435651: High impact quality (Y2K38_SAFETY)
    /logfile.cpp: 102 in spamlog()


    ________________________________________________________________________________________________________
    *** CID 435651: High impact quality (Y2K38_SAFETY)
    /logfile.cpp: 102 in spamlog()
    96 if(from==NULL)
    97 from=host;
    98
    99 fprintf(fp, "SUSPECTED %s SPAM %s on %.24s%sHost: %s [%s]%sFrom: %.128s %s%s"
    100 ,prot
    101 ,action
    CID 435651: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "now" is cast to "time32_t".
    102 ,timestr(cfg, (time32_t)now, tstr)
    103 ,log_line_ending
    104 ,host
    105 ,ip_addr
    106 ,log_line_ending
    107 ,from


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DrmwL_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD1h-2BJFDuaPIzN3MjUxXvYYHQg-2Fq-2FfU-2Fa0iL0wmBIUr-2BFn-2Bh5d5qL-2FdY2FQedxymvZp-2Fl55lN-2BSO3rsaz-2BpIvPpEo8wZX8gGIoIufwknwcoNkG-2FC8e4PiByeZMHapM18xVRoUJvvlaXk0sHvmcwKAwJTorTghaXM6HlUMk6GBouCg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, February 13, 2023 13:37:11
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 436064: Error handling issues (CHECKED_RETURN)
    /scfg/scfg.c: 2266 in bail()


    ________________________________________________________________________________________________________
    *** CID 436064: Error handling issues (CHECKED_RETURN)
    /scfg/scfg.c: 2266 in bail()
    2260 if(code) {
    2261 printf("\nHit enter to continue...");
    2262 (void)getchar();
    2263 }
    2264 else if(forcesave) {
    2265 load_main_cfg(&cfg, error, sizeof(error));
    CID 436064: Error handling issues (CHECKED_RETURN)
    Calling "load_msgs_cfg" without checking return value (as is done elsewhere 4 out of 5 times).
    2266 load_msgs_cfg(&cfg, error, sizeof(error));
    2267 load_file_cfg(&cfg, error, sizeof(error));
    2268 load_chat_cfg(&cfg, error, sizeof(error));
    2269 load_xtrn_cfg(&cfg, error, sizeof(error));
    2270 cfg.new_install=new_install;
    2271 save_main_cfg(&cfg,backup_level);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DD5MO_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDTaDtSmOw-2Bk-2F2GY9-2Fd2mdj1kV98qMuZQMWgSaq-2FKJTpW1JmDNOWTqgrbhAT5Uu1FeAUx9pihjmNzRCgsVATSDaJVNi1-2Fy70syPCKRY-2FmYivvscQV3ejVXXYul1-2BVLFI3iZ6Tr68ZR3M-2FuWbVS2FOTtToDy4GMZVGnWexi0ASRqfA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, February 19, 2023 13:37:56
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    21 new defect(s) introduced to Synchronet found with Coverity Scan.
    16 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 21 defect(s)


    ** CID 436320: (SIGN_EXTENSION)
    /writemsg.cpp: 679 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    /writemsg.cpp: 680 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    /writemsg.cpp: 657 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    /writemsg.cpp: 294 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    /writemsg.cpp: 656 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 436320: (SIGN_EXTENSION)
    /writemsg.cpp: 679 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    673 *editor = "Synchronet msgeditor " GIT_BRANCH "/" GIT_HASH;
    674
    675 buf[0]=0;
    676 if(linesquoted || draft_restored) {
    677 if((file=nopen(msgtmp,O_RDONLY))!=-1) {
    678 length=(long)filelength(file);
    CID 436320: (SIGN_EXTENSION)
    Suspicious implicit sign extension: "this->cfg.level_linespermsg[useron_level]" with type "uint16_t" (16 bits, unsigned) is promoted in "this->cfg.level_linespermsg[useron_level] * (this->cols - 1) - 1" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "this->cfg.level_linespermsg[useron_level] * (this->cols - 1) - 1" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
    679 l=length>(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-1
    680 ? (cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-1 : length;
    681 lread(file,buf,l);
    682 buf[l]=0;
    683 close(file);
    684 // remove(msgtmp);
    /writemsg.cpp: 680 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    674
    675 buf[0]=0;
    676 if(linesquoted || draft_restored) {
    677 if((file=nopen(msgtmp,O_RDONLY))!=-1) {
    678 length=(long)filelength(file);
    679 l=length>(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-1
    CID 436320: (SIGN_EXTENSION)
    Suspicious implicit sign extension: "this->cfg.level_linespermsg[useron_level]" with type "uint16_t" (16 bits, unsigned) is promoted in "this->cfg.level_linespermsg[useron_level] * (this->cols - 1) - 1" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "this->cfg.level_linespermsg[useron_level] * (this->cols - 1) - 1" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
    680 ? (cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-1 : length;
    681 lread(file,buf,l);
    682 buf[l]=0;
    683 close(file);
    684 // remove(msgtmp);
    685 }
    /writemsg.cpp: 657 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    651 free(buf);
    652 return false;
    653 }
    654 l=strlen((char *)buf); /* reserve space for top and terminating null */
    655 /* truncate if too big */
    656 if(length>(long)((cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1))) {
    CID 436320: (SIGN_EXTENSION)
    Suspicious implicit sign extension: "this->cfg.level_linespermsg[useron_level]" with type "uint16_t" (16 bits, unsigned) is promoted in "this->cfg.level_linespermsg[useron_level] * (this->cols - 1)" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "this->cfg.level_linespermsg[useron_level] * (this->cols - 1)" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
    657 length=(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1);
    658 bputs(text[OutOfBytes]);
    659 }
    660 long rd = read(file,buf+l,length);
    661 close(file);
    662 if(rd != length) {
    /writemsg.cpp: 294 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    288
    289 useron_level=useron.level;
    290
    291 if(editor!=NULL)
    292 *editor=NULL;
    293
    CID 436320: (SIGN_EXTENSION)
    Suspicious implicit sign extension: "this->cfg.level_linespermsg[useron_level]" with type "uint16_t" (16 bits, unsigned) is promoted in "this->cfg.level_linespermsg[useron_level] * (this->cols - 1) + 1" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "this->cfg.level_linespermsg[useron_level] * (this->cols - 1) + 1" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
    294 if((buf=(char*)malloc((cfg.level_linespermsg[useron_level]*MAX_LINE_LEN) + 1))
    295 ==NULL) {
    296 errormsg(WHERE,ERR_ALLOC,fname
    297 ,(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN) +1);
    298 return(false);
    299 }
    /writemsg.cpp: 656 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    650 errormsg(WHERE, ERR_LEN, msgtmp, length);
    651 free(buf);
    652 return false;
    653 }
    654 l=strlen((char *)buf); /* reserve space for top and terminating null */
    655 /* truncate if too big */
    CID 436320: (SIGN_EXTENSION)
    Suspicious implicit sign extension: "this->cfg.level_linespermsg[useron_level]" with type "uint16_t" (16 bits, unsigned) is promoted in "this->cfg.level_linespermsg[useron_level] * (this->cols - 1)" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "this->cfg.level_linespermsg[useron_level] * (this->cols - 1)" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
    656 if(length>(long)((cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1))) {
    657 length=(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1);
    658 bputs(text[OutOfBytes]);
    659 }
    660 long rd = read(file,buf+l,length);
    661 close(file);

    ** CID 436319: High impact quality (Y2K38_SAFETY)
    /qwktomsg.cpp: 49 in qwk_parse_header_list(sbbs_t *, unsigned int, smbmsg_t *, char ***, bool, bool)()


    ________________________________________________________________________________________________________
    *** CID 436319: High impact quality (Y2K38_SAFETY)
    /qwktomsg.cpp: 49 in qwk_parse_header_list(sbbs_t *, unsigned int, smbmsg_t *, char ***, bool, bool)()
    43 msg->hdr.auxattr |= MSG_HFIELDS_UTF8;
    44 }
    45
    46 if((p=iniPopKey(headers,ROOT_SECTION,"WhenWritten",value))!=NULL) {
    47 xpDateTime_t dt=isoDateTimeStr_parse(p);
    48
    CID 436319: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "xpDateTime_to_localtime(dt)" is cast to "uint32_t".
    49 msg->hdr.when_written.time=(uint32_t)xpDateTime_to_localtime(dt);
    50 msg->hdr.when_written.zone=dt.zone;
    51 sscanf(p,"%*s %s",zone);
    52 if(zone[0])
    53 msg->hdr.when_written.zone=(ushort)strtoul(zone,NULL,16);
    54 }

    ** CID 436318: Error handling issues (CHECKED_RETURN)
    /tmp_xfer.cpp: 88 in sbbs_t::create_filelist(const char *, int)()


    ________________________________________________________________________________________________________
    *** CID 436318: Error handling issues (CHECKED_RETURN)
    /tmp_xfer.cpp: 88 in sbbs_t::create_filelist(const char *, int)()
    82 if(k)
    83 bprintf(text[CreatedFileList],name);
    84 else {
    85 if(online == ON_REMOTE)
    86 bputs(text[NoFiles]);
    87 SAFEPRINTF2(str,"%s%s",cfg.temp_dir,name);
    CID 436318: Error handling issues (CHECKED_RETURN)
    Calling "remove(str)" without checking return value. This library function may fail and return an error code.
    88 remove(str);
    89 }
    90 return(k);
    91 }
    92
    93 /****************************************************************************/

    ** CID 436317: High impact quality (Y2K38_SAFETY)
    /qwktomsg.cpp: 198 in sbbs_t::qwk_new_msg(unsigned int, smbmsg_t *, char *, int, char **, bool)()


    ________________________________________________________________________________________________________
    *** CID 436317: High impact quality (Y2K38_SAFETY)
    /qwktomsg.cpp: 198 in sbbs_t::qwk_new_msg(unsigned int, smbmsg_t *, char *, int, char **, bool)()
    192 tm.tm_year=((hdrblk[14]&0xf)*10)+(hdrblk[15]&0xf);
    193 if(tm.tm_year<Y2K_2DIGIT_WINDOW)
    194 tm.tm_year+=100;
    195 tm.tm_hour=((hdrblk[16]&0xf)*10)+(hdrblk[17]&0xf);
    196 tm.tm_min=((hdrblk[19]&0xf)*10)+(hdrblk[20]&0xf);
    197
    CID 436317: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "sane_mktime(&tm)" is cast to "uint32_t".
    198 msg->hdr.when_written.time=(uint32_t)sane_mktime(&tm); 199 }
    200
    201 if(msg->to==NULL)
    202 smb_hfield_str(msg,RECIPIENT,strip_ctrl(to, to));
    203

    ** CID 436316: Error handling issues (CHECKED_RETURN)
    /netmail.cpp: 1382 in sbbs_t::qnetmail(const char *, const char *, int, smb_t *, smbmsg_t *)()


    ________________________________________________________________________________________________________
    *** CID 436316: Error handling issues (CHECKED_RETURN)
    /netmail.cpp: 1382 in sbbs_t::qnetmail(const char *, const char *, int, smb_t *, smbmsg_t *)()
    1376 smb_close(&smb);
    1377 smb_stack(&smb,SMB_STACK_POP);
    1378 errormsg(WHERE,ERR_OPEN,msgpath,O_RDONLY|O_BINARY); 1379 return(false);
    1380 }
    1381
    CID 436316: Error handling issues (CHECKED_RETURN)
    Calling "fseeko(this->smb.sdt_fp, offset, 0)" without checking return value. This library function may fail and return an error code.
    1382 fseeko(smb.sdt_fp,offset,SEEK_SET);
    1383 xlat=XLAT_NONE;
    1384 fwrite(&xlat,2,1,smb.sdt_fp);
    1385 x=SDT_BLOCK_LEN-2; /* Don't read/write more than 255 */
    1386 while(!feof(instream)) {
    1387 memset(buf,0,x);

    ** CID 436315: Code maintainability issues (UNUSED_VALUE)
    /str.cpp: 406 in sbbs_t::sof(char *, char *, int)()


    ________________________________________________________________________________________________________
    *** CID 436315: Code maintainability issues (UNUSED_VALUE)
    /str.cpp: 406 in sbbs_t::sof(char *, char *, int)()
    400 max=max*10+(buf[++m]&0xf);
    401 }
    402 if(buf[m+1]=='.' && IS_DIGIT(buf[m+2])) {
    403 m++;
    404 min=buf[++m]&0xf;
    405 if(IS_DIGIT(buf[m+1]))
    CID 436315: Code maintainability issues (UNUSED_VALUE)
    Assigning value from "min * 10 + (buf[++m] & 0xf)" to "min" here, but that stored value is overwritten before it can be used.
    406 min=min*10+(buf[++m]&0xf);
    407 }
    408 if(buf[m+1]=='"') {
    409 max=0;
    410 m++;
    411 while(buf[++m]!='"' && max<80)

    ** CID 436314: (RESOURCE_LEAK)
    /xtrn.cpp: 1692 in sbbs_t::external(const char *, int, const char *)() /xtrn.cpp: 1692 in sbbs_t::external(const char *, int, const char *)()


    ________________________________________________________________________________________________________
    *** CID 436314: (RESOURCE_LEAK)
    /xtrn.cpp: 1692 in sbbs_t::external(const char *, int, const char *)()
    1686 dup2(fd, STDOUT_FILENO);
    1687 if(!(mode&EX_NOLOG))
    1688 dup2(fd, STDERR_FILENO);
    1689 if (fd > 2)
    1690 close(fd);
    1691 }
    CID 436314: (RESOURCE_LEAK)
    Handle variable "fd" going out of scope leaks the handle.
    1692 }
    1693
    1694 if(mode&EX_BG) /* background execution, detach child */
    1695 {
    1696 lprintf(LOG_INFO,"Detaching external process"); 1697 daemon(TRUE,FALSE);
    /xtrn.cpp: 1692 in sbbs_t::external(const char *, int, const char *)()
    1686 dup2(fd, STDOUT_FILENO);
    1687 if(!(mode&EX_NOLOG))
    1688 dup2(fd, STDERR_FILENO);
    1689 if (fd > 2)
    1690 close(fd);
    1691 }
    CID 436314: (RESOURCE_LEAK)
    Handle variable "fd" going out of scope leaks the handle.
    1692 }
    1693
    1694 if(mode&EX_BG) /* background execution, detach child */
    1695 {
    1696 lprintf(LOG_INFO,"Detaching external process"); 1697 daemon(TRUE,FALSE);

    ** CID 436313: (OVERRUN)
    /main.cpp: 4367 in node_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 436313: (OVERRUN)
    /main.cpp: 4383 in node_thread(void *)()
    4377
    4378 curshell=sbbs->useron.shell;
    4379 sbbs->main_csi.ip=sbbs->main_csi.cs; 4380 sbbs->menu_dir[0]=0;
    4381 sbbs->menu_file[0]=0;
    4382 }
    CID 436313: (OVERRUN)
    Calling "exec" with "sbbs->main_csi.cs" and "sbbs->main_csi.length" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned.
    4383 if(sbbs->exec(&sbbs->main_csi))
    4384 break;
    4385 }
    4386 listRemoveTaggedNode(&current_logins, sbbs->cfg.node_num, /* free_data */TRUE);
    4387 }
    4388
    /main.cpp: 4367 in node_thread(void *)()
    4361 close(file);
    4362 sbbs->errormsg(WHERE,ERR_ALLOC,str,sbbs->main_csi.length);
    4363 sbbs->hangup();
    4364 break;
    4365 }
    4366
    CID 436313: (OVERRUN)
    Calling "read" with "sbbs->main_csi.cs" and "sbbs->main_csi.length" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned. [Note: The source code implementation of the function has been overridden by a builtin model.]
    4367 if(lread(file,sbbs->main_csi.cs,sbbs->main_csi.length)
    4368 !=(int)sbbs->main_csi.length) { 4369 sbbs->errormsg(WHERE,ERR_READ,str,sbbs->main_csi.length);
    4370 close(file);
    4371 free(sbbs->main_csi.cs);
    4372 sbbs->main_csi.cs=NULL;

    ** CID 436312: Error handling issues (CHECKED_RETURN)
    /xtrn.cpp: 1750 in sbbs_t::external(const char *, int, const char *)()


    ________________________________________________________________________________________________________
    *** CID 436312: Error handling issues (CHECKED_RETURN)
    /xtrn.cpp: 1750 in sbbs_t::external(const char *, int, const char *)()
    1744 write(in_pipe[1],buf,wr);
    1745 }
    1746
    1747 bp=buf;
    1748 i=0;
    1749 if(mode&EX_NOLOG)
    CID 436312: Error handling issues (CHECKED_RETURN)
    Calling "poll(fds, 1UL, 1)" without checking return value. This library function may fail and return an error code. [Note: The source code implementation of the function has been overridden by a builtin model.]
    1750 poll(fds, 1, 1);
    1751 else {
    1752 while (poll(fds, 2, 1) > 0 && (fds[1].revents)
    1753 && (i < (int)sizeof(buf) - 1)) { 1754 if((rd=read(err_pipe[0],bp,1))>0) {
    1755 i+=rd;

    ** CID 436311: (OVERRUN)
    /exec.cpp: 812 in sbbs_t::exec_bin(const char *, csi_t *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 436311: (OVERRUN)
    /exec.cpp: 812 in sbbs_t::exec_bin(const char *, csi_t *, const char *)()
    806 }
    807 if((bin.cs=(uchar *)malloc(bin.length))==NULL) {
    808 close(file);
    809 errormsg(WHERE,ERR_ALLOC,str,bin.length);
    810 return(-1);
    811 }
    CID 436311: (OVERRUN)
    Calling "read" with "bin.cs" and "bin.length" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned. [Note: The source code implementation of the function has been overridden by a builtin model.]
    812 if(lread(file,bin.cs,bin.length)!=(ssize_t)bin.length) {
    813 close(file);
    814 errormsg(WHERE,ERR_READ,str,bin.length);
    815 free(bin.cs);
    816 return(-1);
    817 }
    /exec.cpp: 825 in sbbs_t::exec_bin(const char *, csi_t *, const char *)()
    819
    820 bin.ip=bin.cs;
    821 bin.rets=0;
    822 bin.cmdrets=0;
    823 bin.misc=0;
    824
    CID 436311: (OVERRUN)
    Calling "exec" with "bin.cs" and "bin.length" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned.
    825 while(exec(&bin)==0)
    826 if(!(bin.misc&CS_OFFLINE_EXEC)) {
    827 checkline();
    828 if(!online)
    829 break;
    830 }

    ** CID 436310: High impact quality (Y2K38_SAFETY)
    /xtrn_sec.cpp: 1114 in sbbs_t::moduserdat(unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 436310: High impact quality (Y2K38_SAFETY)
    /xtrn_sec.cpp: 1114 in sbbs_t::moduserdat(unsigned int)()
    1108 useron.level=(uint8_t)i;
    1109 putuserdec32(useron.number, USER_LEVEL, useron.level);
    1110 }
    1111 lseek(file,75,SEEK_CUR); /* read in expiration date */
    1112 read(file,&i,2); /* convert from julian to unix */
    1113 i = LE_INT(i);
    CID 436310: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "juliantounix(i)" is cast to "time32_t".
    1114 useron.expire=(time32_t)juliantounix(i);
    1115 putuserdatetime(useron.number, USER_EXPIRE, useron.expire);
    1116 }
    1117 close(file);
    1118 }
    1119 return;

    ** CID 436309: Error handling issues (CHECKED_RETURN)
    /qwk.cpp: 294 in sbbs_t::qwk_success(unsigned int, char, char)()


    ________________________________________________________________________________________________________
    *** CID 436309: Error handling issues (CHECKED_RETURN)
    /qwk.cpp: 294 in sbbs_t::qwk_success(unsigned int, char, char)()
    288 SAFECOPY(str, "downloaded QWK packet");
    289 logline("D-",str);
    290 posts_read+=msgcnt;
    291
    292 sprintf(str,"%sfile/%04u.qwk",cfg.data_dir,useron.number);
    293 if(fexistcase(str))
    CID 436309: Error handling issues (CHECKED_RETURN)
    Calling "remove(str)" without checking return value. This library function may fail and return an error code.
    294 remove(str);
    295
    296 if(!bi) {
    297 batch_download(-1);
    298 delfiles(cfg.temp_dir,ALLFILES);
    299 }

    ** CID 436308: (CHECKED_RETURN)
    /pack_qwk.cpp: 619 in sbbs_t::pack_qwk(char *, unsigned int *, bool)() /pack_qwk.cpp: 745 in sbbs_t::pack_qwk(char *, unsigned int *, bool)() /pack_qwk.cpp: 733 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()


    ________________________________________________________________________________________________________
    *** CID 436308: (CHECKED_RETURN)
    /pack_qwk.cpp: 619 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    613 fclose(voting);
    614 }
    615 if(personal) {
    616 fclose(personal); /* close PERSONAL.NDX */
    617 SAFEPRINTF(str,"%sPERSONAL.NDX",cfg.temp_dir);
    618 if(!flength(str))
    CID 436308: (CHECKED_RETURN)
    Calling "remove(str)" without checking return value. This library function may fail and return an error code.
    619 remove(str);
    620 }
    621 CRLF;
    622
    623 if(!prepack && online!=ON_LOCAL && ((sys_status&SS_ABORT) || !online)) {
    624 bputs(text[Aborted]);
    /pack_qwk.cpp: 745 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    739 if(file_count < 0)
    740 lprintf(LOG_ERR, "libarchive error (%s) creating %s", error, packet);
    741 else
    742 lprintf(LOG_INFO, "libarchive created %s from %d files", packet, file_count);
    743 }
    744 if(flength(packet) < 1) {
    CID 436308: (CHECKED_RETURN)
    Calling "remove(packet)" without checking return value. This library function may fail and return an error code.
    745 remove(packet);
    746 if((i = external(cmdstr(temp_cmd(),packet,path,NULL), ex|EX_WILDCARD)) != 0)
    747 errormsg(WHERE,ERR_EXEC,cmdstr(temp_cmd(),packet,path,NULL),i);
    748 if(flength(packet) < 1) {
    749 bputs(text[QWKCompressionFailed]);
    750 return(false);
    /pack_qwk.cpp: 733 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    727 }
    728 }
    729
    730 /*******************/
    731 /* Compress Packet */
    732 /*******************/
    CID 436308: (CHECKED_RETURN)
    Calling "remove(packet)" without checking return value. This library function may fail and return an error code.
    733 remove(packet);
    734 SAFEPRINTF2(path,"%s%s",cfg.temp_dir,ALLFILES);
    735 if(strListFind((str_list_t)supported_archive_formats, useron.tmpext, /* case_sensitive */FALSE) >= 0) {
    736 str_list_t file_list = directory(path);
    737 int file_count = create_archive(packet, useron.tmpext, /* with_path: */false, file_list, error, sizeof(error));
    738 strListFree(&file_list);

    ** CID 436307: High impact quality (Y2K38_SAFETY)
    /main.cpp: 4407 in node_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 436307: High impact quality (Y2K38_SAFETY)
    /main.cpp: 4407 in node_thread(void *)()
    4401 time_t now = time(NULL);
    4402 SAFEPRINTF(str, "%sclient.ini", sbbs->cfg.node_dir);
    4403 FILE* fp = fopen(str, "at");
    4404 if(fp != NULL) {
    4405 fprintf(fp, "user=%u\n", sbbs->useron.number);
    4406 fprintf(fp, "name=%s\n", sbbs->useron.alias);
    CID 436307: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "now" is cast to "uint".
    4407 fprintf(fp, "done=%u\n", (uint)now);
    4408 fclose(fp);
    4409 }
    4410
    4411 if(sbbs->sys_status&SS_DAILY) { // New day, run daily events/maintenance
    4412 sbbs->daily_maint();

    ** CID 436306: High impact quality (Y2K38_SAFETY)
    /atcodes.cpp: 1235 in sbbs_t::atcode(char *, char *, unsigned long, int *, bool, JSObject *)()


    ________________________________________________________________________________________________________
    *** CID 436306: High impact quality (Y2K38_SAFETY)
    /atcodes.cpp: 1235 in sbbs_t::atcode(char *, char *, unsigned long, int *, bool, JSObject *)()
    1229 f = (float)useron.dls / useron.uls;
    1230 safe_snprintf(str, maxlen, "%u", f ? (uint)(100 / f) : 0);
    1231 return str;
    1232 }
    1233
    1234 if(!strcmp(sp,"LASTNEW"))
    CID 436306: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->ns_time" is cast to "time32_t".
    1235 return(unixtodstr(&cfg,(time32_t)ns_time,str));
    1236
    1237 if(strncmp(sp, "LASTNEW:", 8) == 0) {
    1238 sp += 8;
    1239 c_unescape_str(sp);
    1240 memset(&tm, 0, sizeof(tm));

    ** CID 436305: (Y2K38_SAFETY)
    /pack_qwk.cpp: 128 in sbbs_t::pack_qwk(char *, unsigned int *, bool)() /pack_qwk.cpp: 598 in sbbs_t::pack_qwk(char *, unsigned int *, bool)() /pack_qwk.cpp: 603 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()


    ________________________________________________________________________________________________________
    *** CID 436305: (Y2K38_SAFETY)
    /pack_qwk.cpp: 128 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    122 errormsg(WHERE,ERR_OPEN,str,0);
    123 return(false);
    124 }
    125
    126 now=time(NULL);
    127 if(localtime_r(&now,&tm)==NULL) {
    CID 436305: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->now" is cast to "uint".
    128 errormsg(WHERE, ERR_CHK, "time", (uint)now); 129 return(false);
    130 }
    131
    132 fprintf(stream,"%s\r\n%s\r\n%s\r\n%s, Sysop\r\n0000,%s\r\n"
    133 "%02u-%02u-%u,%02u:%02u:%02u\r\n" /pack_qwk.cpp: 598 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    592 byte_estimate_to_str(ftell(qwk), tmp, sizeof(tmp), 1024, 1);
    593 if(online == ON_REMOTE)
    594 bprintf("\r\n\r\n\1n\1hPacked %u messages (%s bytes) in %u seconds "
    595 "(%lu messages/second)."
    596 ,(*msgcnt)+mailmsgs
    597 ,tmp
    CID 436305: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "elapsed" is cast to "uint".
    598 ,(uint)elapsed
    599 ,((*msgcnt)+mailmsgs) / elapsed);
    600 lprintf(LOG_INFO, "packed %u messages (%s bytes) in %u seconds (%u msgs/sec)"
    601 ,(*msgcnt)+mailmsgs
    602 ,tmp
    603 ,(uint)elapsed
    /pack_qwk.cpp: 603 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    597 ,tmp
    598 ,(uint)elapsed
    599 ,((*msgcnt)+mailmsgs) / elapsed);
    600 lprintf(LOG_INFO, "packed %u messages (%s bytes) in %u seconds (%u msgs/sec)"
    601 ,(*msgcnt)+mailmsgs
    602 ,tmp
    CID 436305: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "elapsed" is cast to "uint".
    603 ,(uint)elapsed
    604 ,(uint)(((*msgcnt)+mailmsgs)/elapsed));
    605 }
    606
    607 BOOL voting_data = FALSE;
    608 fclose(qwk); /* close MESSAGE.DAT */

    ** CID 436304: Error handling issues (CHECKED_RETURN)
    /writemsg.cpp: 242 in sbbs_t::process_edited_file(const char *, const char *, int, unsigned int *, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 436304: Error handling issues (CHECKED_RETURN)
    /writemsg.cpp: 242 in sbbs_t::process_edited_file(const char *, const char *, int, unsigned int *, unsigned int)()
    236 if((fp=fopen(src,"rb"))==NULL) {
    237 free(buf);
    238 return -3;
    239 }
    240
    241 memset(buf,0,len+1);
    CID 436304: Error handling issues (CHECKED_RETURN)
    "fread(void * restrict, size_t, size_t, FILE * restrict)" returns the number of bytes read, but it is ignored.
    242 fread(buf,len,sizeof(char),fp);
    243 fclose(fp);
    244
    245 if((fp=fopen(dest,"wb"))!=NULL) {
    246 len=process_edited_text(buf, fp, mode, lines, maxlines);
    247 fclose(fp);

    ** CID 436303: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 436303: Uninitialized variables (UNINIT)
    /readmsgs.cpp: 218 in sbbs_t::loadposts(unsigned int *, unsigned int, unsigned int, int, unsigned int *, unsigned int *)()
    212 if(idx.to!=namecrc && idx.from!=namecrc
    213 && idx.to!=aliascrc && idx.from!=aliascrc
    214 && (useron.number!=1 || idx.to!=sysop)) 215 continue;
    216 msg.idx=idx;
    217 if(!smb_lockmsghdr(&smb,&msg)) {
    CID 436303: Uninitialized variables (UNINIT)
    Using uninitialized value "msg.idx_offset" when calling "smb_getmsghdr".
    218 if(!smb_getmsghdr(&smb,&msg)) {
    219 if(stricmp(msg.to,useron.alias) 220 && stricmp(msg.from,useron.alias)
    221 && stricmp(msg.to,useron.name)
    222 && stricmp(msg.from,useron.name)
    223 && (useron.number!=1 || stricmp(msg.to,"sysop")

    ** CID 436302: Memory - illegal accesses (STRING_NULL)
    /telgate.cpp: 194 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char *, char *, char *)()


    ________________________________________________________________________________________________________
    *** CID 436302: Memory - illegal accesses (STRING_NULL)
    /telgate.cpp: 194 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char *, char *, char *)()
    188 l=K_CHAT;
    189 if(!(mode&TG_ECHO))
    190 l|=K_NOECHO;
    191 rd=getstr((char*)buf,sizeof(buf)-1,l);
    192 if(!rd)
    193 continue;
    CID 436302: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
    194 SAFECAT(buf,crlf);
    195 rd+=2;
    196 gotline=true;
    197 }
    198 if((mode&TG_CRLF) && buf[rd-1]=='\r') 199 buf[rd++]='\n';

    ** CID 436301: Insecure data handling (TAINTED_SCALAR)


    ________________________________________________________________________________________________________
    *** CID 436301: Insecure data handling (TAINTED_SCALAR)
    /writemsg.cpp: 752 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    746 while(!feof(tag)) {
    747 if(!fgets(str,sizeof(str),tag)) 748 break;
    749 truncsp(str);
    750 if(utf8) {
    751 char buf[sizeof(str)*4];
    CID 436301: Insecure data handling (TAINTED_SCALAR)
    Passing tainted expression "str" to "cp437_to_utf8_str", which uses it as an offset.
    752 cp437_to_utf8_str(str, buf, sizeof(buf) - 1, /* minval: */'\x02');
    753 l+=fprintf(stream,"%s\r\n", buf);
    754 } else
    755 l+=fprintf(stream,"%s\r\n",str);
    756 lines++; /* line counter */
    757 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Drgn4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBgI3c58nn-2BM3pe4vcfOmT008rEPNCgcySL-2BxLmEpv67QM-2F5FYfBWKXdLuapzG8Uw08lzNE-2FII55Z3TUX6jcFlwAq3AECQ-2BNvq5LcItSQXmz87wTP5IweENV-2Fec52OWXZ5z-2Bkfj7gccdDWHh5Lsy5qHClX0MJc5hcJeyhGduvOrMQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, February 21, 2023 13:36:08
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 436563: High impact quality (Y2K38_SAFETY) /tmp/sbbs-Feb-21-2023/src/smblib/smblib.c: 2033 in smb_create()


    ________________________________________________________________________________________________________
    *** CID 436563: High impact quality (Y2K38_SAFETY) /tmp/sbbs-Feb-21-2023/src/smblib/smblib.c: 2033 in smb_create()
    2027 rewind(smb->sid_fp);
    2028 if(chsize(fileno(smb->sid_fp),0L) != 0)
    2029 return SMB_ERR_TRUNCATE;
    2030
    2031 SAFEPRINTF(str,"%s.ini",smb->file);
    2032 if((fp = fopen(str, "w")) != NULL) {
    CID 436563: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "int".
    2033 fprintf(fp, "Created = 0x%x\n", (int)time(NULL));
    2034 fclose(fp);
    2035 }
    2036 SAFEPRINTF(str,"%s.sda",smb->file);
    2037 (void)remove(str); /* if it exists, delete it */
    2038 SAFEPRINTF(str,"%s.sha",smb->file);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D6NZ4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrB-2BSws-2BCbxlcVNPlCMlu3BJhlBm9ihxGUC5HVYM0IVOs04Kz9bZ0eoogx9vF3V4RK7H-2FAqguVEOaGqUDhn-2BkizHNIhtSAreEeh-2FFRCp4Cd-2BnjQP8DEfNeZ9f9ZPjHBz4mF3SSPlmrjqNIqJn1YzLbAFkkez3JgMfD0h7jKBCjInFw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, March 05, 2023 13:47:46
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 446269: Error handling issues (CHECKED_RETURN)
    /download.cpp: 118 in sbbs_t::protocol(prot_t *, XFER_TYPE, const char *, const char *, bool, bool, long *)()


    ________________________________________________________________________________________________________
    *** CID 446269: Error handling issues (CHECKED_RETURN)
    /download.cpp: 118 in sbbs_t::protocol(prot_t *, XFER_TYPE, const char *, const char *, bool, bool, long *)()
    112 char msg[256];
    113 int i;
    114 long ex_mode;
    115 FILE* stream;
    116
    117 SAFEPRINTF(protlog,"%sPROTOCOL.LOG",cfg.node_dir);
    CID 446269: Error handling issues (CHECKED_RETURN)
    Calling "remove(protlog)" without checking return value. This library function may fail and return an error code.
    118 remove(protlog); /* Deletes the protocol log */
    119 autohang=false;
    120 if(autohangup) {
    121 if(useron.misc&AUTOHANG)
    122 autohang=true;
    123 else if(text[HangUpAfterXferQ][0])

    ** CID 446268: High impact quality (Y2K38_SAFETY)
    /download.cpp: 75 in sbbs_t::notdownloaded(long, long)()


    ________________________________________________________________________________________________________
    *** CID 446268: High impact quality (Y2K38_SAFETY)
    /download.cpp: 75 in sbbs_t::notdownloaded(long, long)()
    69 /****************************************************************************/
    70 void sbbs_t::notdownloaded(off_t size, time_t elapsed)
    71 {
    72 char str[256],tmp2[256];
    73 char tmp[512];
    74
    CID 446268: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "elapsed" is cast to "uint".
    75 SAFEPRINTF2(str,"Estimated Time: %s Transfer Time: %s"
    76 ,sectostr(cur_cps ? (uint)(size/cur_cps) : 0,tmp)
    77 ,sectostr((uint)(elapsed),tmp2));
    78 logline(nulstr,str);
    79 if(cfg.leech_pct && cur_cps /* leech detection */
    80 && elapsed>=cfg.leech_sec


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D0CIb_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDsLibgv2fl5LZs5fAQNGsZiCzF58zgFnZOT-2BlAwIBwcfoIFtkbk55EV3j6VxmkZw2I9Fj-2BLI35zSUrIN0KShaRGuiHzricb5Wsx-2BB-2BhnhGtOrWPGOz2109TMcJgLBqc5aFWaJOutaTnzR1bYeWA4E8s00cQ8HSd2ZyQUokgP9TtQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, March 21, 2023 12:39:57
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 451020: Resource leaks (RESOURCE_LEAK)
    /pack_qwk.cpp: 130 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()


    ________________________________________________________________________________________________________
    *** CID 451020: Resource leaks (RESOURCE_LEAK)
    /pack_qwk.cpp: 130 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    124 return(false);
    125 }
    126
    127 now=time(NULL);
    128 if(localtime_r(&now,&tm)==NULL) {
    129 errormsg(WHERE, ERR_CHK, "time", (uint)now); >>> CID 451020: Resource leaks (RESOURCE_LEAK)
    Variable "stream" going out of scope leaks the storage it points to. 130 return(false);
    131 }
    132
    133 fprintf(stream,"%s\r\n%s\r\n%s\r\n%s, Sysop\r\n0000,%s\r\n"
    134 "%02u-%02u-%u,%02u:%02u:%02u\r\n"
    135 ,cfg.sys_name

    ** CID 451019: (NEGATIVE_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 451019: (NEGATIVE_RETURNS)
    /main.cpp: 3434 in sbbs_t::init()()
    3428 }
    3429
    3430 /* Shared NODE files */
    3431 SAFEPRINTF2(str,"%s%s",cfg.ctrl_dir,"node.dab");
    3432 pthread_mutex_lock(&nodefile_mutex);
    3433 if((nodefile=nopen(str,O_DENYNONE|O_RDWR|O_CREAT))==-1) {
    CID 451019: (NEGATIVE_RETURNS)
    "this->client_socket" is passed to a parameter that cannot be negative. 3434 errormsg(WHERE, ERR_OPEN, str, cfg.node_num);
    3435 pthread_mutex_unlock(&nodefile_mutex);
    3436 return(false);
    3437 }
    3438 memset(&node,0,sizeof(node_t)); /* write NULL to node struct */
    3439 node.status=NODE_OFFLINE;
    /main.cpp: 3443 in sbbs_t::init()()
    3437 }
    3438 memset(&node,0,sizeof(node_t)); /* write NULL to node struct */
    3439 node.status=NODE_OFFLINE;
    3440 while(filelength(nodefile)<(int)(cfg.sys_nodes*sizeof(node_t))) {
    3441 lseek(nodefile,0L,SEEK_END);
    3442 if(write(nodefile,&node,sizeof(node_t))!=sizeof(node_t)) {
    CID 451019: (NEGATIVE_RETURNS)
    "this->client_socket" is passed to a parameter that cannot be negative. 3443 errormsg(WHERE,ERR_WRITE,str,sizeof(node_t)); 3444 break;
    3445 }
    3446 }
    3447 if(chsize(nodefile, (off_t)(cfg.sys_nodes*sizeof(node_t))) != 0)
    3448 errormsg(WHERE, ERR_LEN, str, cfg.sys_nodes*sizeof(node_t));

    ** CID 451018: (LOCK)
    /xtrn_sec.cpp: 1437 in sbbs_t::exec_xtrn(unsigned int, bool)()
    /xtrn_sec.cpp: 1437 in sbbs_t::exec_xtrn(unsigned int, bool)()


    ________________________________________________________________________________________________________
    *** CID 451018: (LOCK)
    /xtrn_sec.cpp: 1437 in sbbs_t::exec_xtrn(unsigned int, bool)()
    1431 ,cfg.xtrn[xtrnnum]->path);
    1432 end=time(NULL);
    1433
    1434 if(cfg.xtrn[xtrnnum]->misc&FREETIME)
    1435 starttime+=end-start;
    1436 if(cfg.xtrn[xtrnnum]->clean[0]) {
    CID 451018: (LOCK)
    "external" locks "this->input_thread_mutex" while it is locked.
    1437 external(cmdstr(cfg.xtrn[xtrnnum]->clean, drop_file, startup_dir, NULL, mode)
    1438 ,mode&~(EX_STDIN|EX_CONIO), cfg.xtrn[xtrnnum]->path);
    1439 }
    1440 max_socket_inactivity = startup->max_session_inactivity;
    1441 /* Re-open the logfile */
    1442 if(logfile_fp==NULL) {
    /xtrn_sec.cpp: 1437 in sbbs_t::exec_xtrn(unsigned int, bool)()
    1431 ,cfg.xtrn[xtrnnum]->path);
    1432 end=time(NULL);
    1433
    1434 if(cfg.xtrn[xtrnnum]->misc&FREETIME)
    1435 starttime+=end-start;
    1436 if(cfg.xtrn[xtrnnum]->clean[0]) {
    CID 451018: (LOCK)
    "external" unlocks "this->input_thread_mutex" while it is unlocked. 1437 external(cmdstr(cfg.xtrn[xtrnnum]->clean, drop_file, startup_dir, NULL, mode)
    1438 ,mode&~(EX_STDIN|EX_CONIO), cfg.xtrn[xtrnnum]->path);
    1439 }
    1440 max_socket_inactivity = startup->max_session_inactivity;
    1441 /* Re-open the logfile */
    1442 if(logfile_fp==NULL) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DwQj4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDdlFiTOYvOJ3q-2BXCmV5b82oIz6FZIN1OLfaOQTbpP8Gh-2F1BFBTVkQlZPmP-2FlpwdRVEElckq3ePaiX56HFlC4oTk3mo4UgkSGq0kVxPTfv2czS2IOfkwROgSnRu-2B3z34jIHguj-2BgdMQEhL57e4KO1qNvBjyCV-2FH1A5pF0aNBb218Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, March 26, 2023 12:39:18
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 451057: Uninitialized variables (UNINIT) /tmp/sbbs-Mar-26-2023/src/uifc/uifcx.c: 218 in ulist()


    ________________________________________________________________________________________________________
    *** CID 451057: Uninitialized variables (UNINIT) /tmp/sbbs-Mar-26-2023/src/uifc/uifcx.c: 218 in ulist()
    212 cur = &tmpcur;
    213
    214 for(opts=0;opts<MAX_OPTS;opts++)
    215 if(option[opts]==NULL || option[opts][0]==0)
    216 break;
    217
    CID 451057: Uninitialized variables (UNINIT)
    Using uninitialized value "*cur".
    218 if((*cur)>=opts)
    219 (*cur)=opts-1; /* returned after scrolled */ 220
    221 if((*cur)<0)
    222 (*cur)=0;
    223

    ** CID 451056: Error handling issues (CHECKED_RETURN)
    /umonitor/umonitor.c: 872 in main()


    ________________________________________________________________________________________________________
    *** CID 451056: Error handling issues (CHECKED_RETURN)
    /umonitor/umonitor.c: 872 in main()
    866 );
    867
    868 /* close .ini file here */
    869 if(fp!=NULL)
    870 fclose(fp);
    871
    CID 451056: Error handling issues (CHECKED_RETURN)
    Calling "chdir" without checking return value (as is done elsewhere 18 out of 21 times).
    872 chdir(bbs_startup.ctrl_dir);
    873
    874 /* Read .cfg files here */
    875 memset(&cfg,0,sizeof(cfg));
    876 cfg.size=sizeof(cfg);
    877 SAFECOPY(cfg.ctrl_dir,bbs_startup.ctrl_dir);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DQ4kK_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDg36x62girPn1zYBhcccXwhYdDfdMRepLksuDfaAvd4bat4-2FUDdrJDqZKFgkT5rhTEpd1i-2F-2F-2Bt12VuLwisIe8fgC5UgDGF2gzRbivh2YT2HQfxF8BKGqVwBOdsLqq8RDB0gsCQJzB5reNTbkfkMIUprGduJhT4EnW8bblt9BSyQw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, March 27, 2023 12:40:01
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 451084: Error handling issues (CHECKED_RETURN)
    /scfg/scfg.c: 2498 in bail()


    ________________________________________________________________________________________________________
    *** CID 451084: Error handling issues (CHECKED_RETURN)
    /scfg/scfg.c: 2498 in bail()
    2492 ,&web_startup
    2493 ,&run_mail
    2494 ,&mail_startup
    2495 ,&run_services
    2496 ,&services_startup
    2497 );
    CID 451084: Error handling issues (CHECKED_RETURN)
    Calling "sbbs_write_ini" without checking return value (as is done elsewhere 6 out of 7 times).
    2498 sbbs_write_ini(
    2499 fp
    2500 ,&cfg
    2501 ,&global_startup
    2502 ,run_bbs
    2503 ,&bbs_startup


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DnMb9_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD976-2FEjTE38STs1icREVMHniwNML6xZBdisRM-2BSa9a9nOxrT2-2FUUbpxDSqWvLS9bN6TGb-2FePVmC2NMTMzChJMlqHPiU-2Bv9-2FtIhNAHUUgzS1WPYTXv043GMHq3ZP4-2FQ5jrThKDjIa1z5hefsmxu160ET8xl2XIZjs04KQ8YG62aAw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, April 01, 2023 12:40:10
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 451182: Null pointer dereferences (NULL_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 451182: Null pointer dereferences (NULL_RETURNS)
    /scfg/scfgnode.c: 50 in adjust_last_node()
    44 uint last_node = iniGetUInteger(ini, section, key, cfg.sys_nodes);
    45 char prompt[128];
    46 SAFEPRINTF(prompt, "Update Terminal Server 'LastNode' value to %u", cfg.sys_nodes);
    47 if(last_node < cfg.sys_nodes && uifc.confirm(prompt)) {
    48 fp = iniOpenFile(ini_fname, /* modify */true);
    49 iniSetUInteger(&ini, section, key, cfg.sys_nodes, NULL);
    CID 451182: Null pointer dereferences (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "fp" when calling "iniWriteFile".
    50 iniWriteFile(fp, ini);
    51 iniCloseFile(fp);
    52 }
    53 iniFreeStringList(ini);
    54 }
    55


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DpuyQ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAa7nggF92-2FRxsLcvm87CK4-2Bto78Azi3yyX9qWek6JmUtnehJGAtrvzJBvO1d9nD-2Bg0GKKa4GqYzEva6Siznl2xJXy-2FjPn1uZ-2BKvYX68NoiQd5tzVJKUFlPrALUGvlehbzHDUYDbzILFgmSfjOdYWlAKHa0sR-2FUDtT5FufQM-2BrMyA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, April 14, 2023 12:38:41
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 452331: Incorrect expression (SIZEOF_MISMATCH)
    /writemsg.cpp: 936 in sbbs_t::msgeditor(char *, const char *, char *, unsigned int, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 452331: Incorrect expression (SIZEOF_MISMATCH)
    /writemsg.cpp: 936 in sbbs_t::msgeditor(char *, const char *, char *, unsigned int, unsigned int)()
    930 }
    931
    932 rioctl(IOCM|ABORT);
    933 rioctl(IOCS|ABORT);
    934
    935 if((str = strListDivide(NULL, buf, "\n")) == NULL) {
    CID 452331: Incorrect expression (SIZEOF_MISMATCH)
    Passing argument "getfname("writemsg.cpp")" of type "char *" and argument "8UL /* sizeof (char *) */ * (maxlines + 1)" to function "errormsg" is suspicious.
    936 errormsg(WHERE,ERR_ALLOC,"msgeditor",sizeof(char *)*(maxlines+1));
    937 return(0);
    938 }
    939 lines = strListCount(str);
    940 while(lines > maxlines)
    941 free(str[--lines]);

    ** CID 452330: Control flow issues (NO_EFFECT)
    /writemsg.cpp: 966 in sbbs_t::msgeditor(char *, const char *, char *, unsigned int, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 452330: Control flow issues (NO_EFFECT)
    /writemsg.cpp: 966 in sbbs_t::msgeditor(char *, const char *, char *, unsigned int, unsigned int)()
    960 cleartoeol(); /* delete to end of line */
    961 CRLF;
    962 }
    963 sync();
    964 rioctl(IOSM|ABORT);
    965 while(online) {
    CID 452330: Control flow issues (NO_EFFECT)
    This less-than-zero comparison of an unsigned value is never true. "line < 0U".
    966 if(line < 0)
    967 line = 0;
    968 if((int)line>(int)maxlines-10) {
    969 if(line >= maxlines)
    970 bprintf(text[NoMoreLines],line);
    971 else


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DXYWj_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCe3xJD-2By2cfraguiJlF6Q3ggv-2BQewqXHCAM-2Fbq0fOod1rV0SghwSJAQLLY7JR2Xg22UoJpTPmAA7i9XkIaQJXzZ-2BbJXoY-2BCdAkcnvE60sKg-2BPS6l7v-2FKFZFOwbcriVbnnje-2BbNcxdGeVrvLCQd8h-2BSecIZPgzSL8PiXCCNGI8f5Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, April 22, 2023 12:39:06
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 452566: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Apr-22-2023/src/conio/sdl_con.c: 636 in setup_surfaces_locked()


    ________________________________________________________________________________________________________
    *** CID 452566: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Apr-22-2023/src/conio/sdl_con.c: 636 in setup_surfaces_locked()
    630 sdl.SetHint(SDL_HINT_RENDER_SCALE_QUALITY, internal_scaling ? "0" : "2");
    631
    632 if (win == NULL) {
    633 // SDL2: This is slow sometimes... not sure why.
    634 if (sdl.CreateWindowAndRenderer(vs->winwidth, vs->winheight, flags, &win, &renderer) == 0) {
    635 sdl.GetWindowSize(win, &idealw, &idealh);
    CID 452566: Concurrent data access violations (MISSING_LOCK)
    Accessing "vs->winwidth" without holding lock "vstatlock". Elsewhere, "video_stats.winwidth" is accessed with "vstatlock" held 6 out of 9 times (1 of these accesses strongly imply that it is necessary).
    636 vs->winwidth = idealw;
    637 vs->winheight = idealh;
    638 sdl.RenderClear(renderer);
    639 if (internal_scaling)
    640 newtexture = sdl.CreateTexture(renderer, SDL_PIXELFORMAT_ARGB8888, SDL_TEXTUREACCESS_STREAMING, idealw, idealh);
    641 else


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DN0Qc_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDLFN7DabHG6aWM4wdfcqyFofwc0J38vQSMkCa4C-2Fn1N6Wj9IncPgqMVdR4cE24U-2FJpH1QYRv5aOH5-2FuiKTSVbfEwso1DL4WyWml5jydp92Rz-2B7A9cEiM6tQVeXRTuV4CWEOD86K4lmM1ZvAA4wQOq8iO6E2w2DDJuKvkIRCppQ5A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, April 24, 2023 12:38:45
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    7 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 7 of 7 defect(s)


    ** CID 452578: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 288 in bitmap_vmem_puttext_locked()


    ________________________________________________________________________________________________________
    *** CID 452578: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 288 in bitmap_vmem_puttext_locked()
    282 for(x=sx-1;x<ex;x++) {
    283 memcpy(&vmem_ptr->vmem[y*cio_textinfo.screenwidth+x], fill++, sizeof(*fill));
    284 bitmap_draw_one_char(x+1, y+1);
    285 }
    286 }
    287 pthread_mutex_lock(&vstatlock);
    CID 452578: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    288 release_vmem(vmem_ptr);
    289 pthread_mutex_unlock(&vstatlock);
    290 return(1);
    291 }
    292
    293 static void

    ** CID 452577: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 850 in update_from_vmem()


    ________________________________________________________________________________________________________
    *** CID 452577: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 850 in update_from_vmem()
    844 bitmap_draw_one_char(x+1,y+1);
    845 }
    846 pos++;
    847 }
    848 }
    849 pthread_mutex_lock(&vstatlock);
    CID 452577: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    850 release_vmem(vmem_ptr);
    851 pthread_mutex_unlock(&vstatlock);
    852
    853 vs = vstat;
    854
    855 return(0);

    ** CID 452576: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 1239 in bitmap_movetext()


    ________________________________________________________________________________________________________
    *** CID 452576: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 1239 in bitmap_movetext()
    1233 }
    1234
    1235 bitmap_movetext_screen(&screena, x, y, tox, toy, direction, height, width);
    1236 bitmap_movetext_screen(&screenb, x, y, tox, toy, direction, height, width);
    1237
    1238 pthread_mutex_lock(&vstatlock);
    CID 452576: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    1239 release_vmem(vmem_ptr);
    1240 pthread_mutex_unlock(&vstatlock);
    1241 pthread_mutex_unlock(&blinker_lock);
    1242
    1243 return(1);
    1244 }

    ** CID 452575: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 1264 in bitmap_clreol()


    ________________________________________________________________________________________________________
    *** CID 452575: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 1264 in bitmap_clreol()
    1258 pthread_mutex_unlock(&vstatlock);
    1259 for(x=cio_textinfo.curx+cio_textinfo.winleft-2; x<cio_textinfo.winright; x++) {
    1260 set_vmem_cell(vmem_ptr, pos+x, fill, ciolib_fg, ciolib_bg);
    1261 bitmap_draw_one_char(x+1, row);
    1262 }
    1263 pthread_mutex_lock(&vstatlock);
    CID 452575: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    1264 release_vmem(vmem_ptr);
    1265 pthread_mutex_unlock(&vstatlock);
    1266 pthread_mutex_unlock(&blinker_lock);
    1267 }
    1268
    1269 void bitmap_clrscr(void)

    ** CID 452574: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 1289 in bitmap_clrscr()


    ________________________________________________________________________________________________________
    *** CID 452574: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 1289 in bitmap_clrscr()
    1283 for(x=cio_textinfo.winleft-1; x<cio_textinfo.winright && x < cols; x++) {
    1284 set_vmem_cell(vmem_ptr, y*cio_textinfo.screenwidth+x, fill, ciolib_fg, ciolib_bg);
    1285 bitmap_draw_one_char(x+1, y+1);
    1286 }
    1287 }
    1288 pthread_mutex_lock(&vstatlock);
    CID 452574: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    1289 release_vmem(vmem_ptr);
    1290 pthread_mutex_unlock(&vstatlock);
    1291 pthread_mutex_unlock(&blinker_lock);
    1292 }
    1293
    1294 void bitmap_getcustomcursor(int *s, int *e, int *r, int *b, int *v)

    ** CID 452573: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 882 in bitmap_puttext()


    ________________________________________________________________________________________________________
    *** CID 452573: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 882 in bitmap_puttext()
    876 for(x=sx-1;x<ex;x++) {
    877 set_vmem_cell(vmem_ptr, y*cio_textinfo.screenwidth+x, *(buf++), 0x00ffffff, 0x00ffffff);
    878 bitmap_draw_one_char(x+1, y+1);
    879 }
    880 }
    881 pthread_mutex_lock(&vstatlock);
    CID 452573: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    882 release_vmem(vmem_ptr);
    883 pthread_mutex_unlock(&vstatlock);
    884 pthread_mutex_unlock(&blinker_lock);
    885 return ret;
    886 }
    887

    ** CID 452572: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 931 in bitmap_vmem_gettext()


    ________________________________________________________________________________________________________
    *** CID 452572: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 931 in bitmap_vmem_gettext()
    925 pthread_mutex_unlock(&vstatlock);
    926 for(y=sy-1;y<ey;y++) {
    927 for(x=sx-1;x<ex;x++)
    928 memcpy(fill++, &vmem_ptr->vmem[y*cio_textinfo.screenwidth+x], sizeof(*fill));
    929 }
    930 pthread_mutex_lock(&vstatlock);
    CID 452572: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    931 release_vmem(vmem_ptr);
    932 pthread_mutex_unlock(&vstatlock);
    933 pthread_mutex_unlock(&blinker_lock);
    934 return(1);
    935 }
    936


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dr6L5_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCXbrQFMtiQ7qKe-2BTRon-2FCE8v1liTsiFwBEYDEbQeWWd5eZFVeKpMGKUHmhD6LW8krne8DUx7vgGCgrnLZMbGKkkWrW3z-2FgyVLPDteaRWQpPZNj5xcazMwdijg8SS9WNZMtlsLir5gcOguFdBqjgvNYLOs-2BIw-2BtaMoNy3gAeALwzA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, April 25, 2023 12:57:18
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 452582: (ATOMICITY)
    /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 562 in bitmap_draw_one_char() /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 647 in bitmap_draw_one_char() /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 584 in bitmap_draw_one_char()


    ________________________________________________________________________________________________________
    *** CID 452582: (ATOMICITY)
    /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 562 in bitmap_draw_one_char()
    556 break;
    557 case 16:
    558 this_font = (unsigned char *)conio_fontdata[vmem_ptr->vmem[vmo].font].eight_by_sixteen;
    559 break;
    560 default:
    561 pthread_mutex_lock(&vstatlock); >>> CID 452582: (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    562 release_vmem(vmem_ptr);
    563 pthread_mutex_unlock(&vstatlock);
    564 return(-1);
    565 }
    566 }
    567 }
    /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 647 in bitmap_draw_one_char()
    641 if (x & 0x07)
    642 fontoffset++;
    643 pixeloffset += rsz;
    644 }
    645 pthread_mutex_unlock(&screenlock);
    646 pthread_mutex_lock(&vstatlock);
    CID 452582: (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    647 release_vmem(vmem_ptr);
    648 pthread_mutex_unlock(&vstatlock);
    649
    650 return(0);
    651 }
    652
    /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 584 in bitmap_draw_one_char()
    578 return(-1);
    579 }
    580
    581 if((!screena.rect) || (!screenb.rect)) {
    582 pthread_mutex_unlock(&screenlock);
    583 pthread_mutex_lock(&vstatlock);
    CID 452582: (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    584 release_vmem(vmem_ptr);
    585 pthread_mutex_unlock(&vstatlock);
    586 return(-1);
    587 }
    588
    589 pixeloffset = PIXEL_OFFSET(screena, xoffset, yoffset);

    ** CID 452581: Program hangs (ORDER_REVERSAL)


    ________________________________________________________________________________________________________
    *** CID 452581: Program hangs (ORDER_REVERSAL) /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 1608 in bitmap_replace_font() 1602 conio_fontdata[id].desc=name;
    1603 break;
    1604 default:
    1605 free(name);
    1606 free(data);
    1607 }
    CID 452581: Program hangs (ORDER_REVERSAL)
    Calling "request_redraw" acquires lock "vstatlock" while holding lock "screenlock" (count: 1 / 2).
    1608 request_redraw();
    1609 pthread_mutex_unlock(&screenlock);
    1610 }
    1611
    1612 int bitmap_setpalette(uint32_t index, uint16_t r, uint16_t g, uint16_t b)
    1613 {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DUSpV_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDmDz-2FisU4CybMTa4AFdNqjWoDadrImI2uOf58ArG-2FffJ7seqZM-2Bl84or1w-2BzxkvZYcPQITxGrgDJGv16GZTsMIutD2gv437SrvMcUM-2F5l3-2BKCAbVD4eiDR8izGVmzfzthTmQymbENGNMMEUITS2aGvAfi-2BZKEdNWTnMrEIlvUiBQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, May 06, 2023 12:39:53
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 453600: (NULL_RETURNS)
    /tmp/sbbs-May-06-2023/src/conio/genmap.c: 88 in main() /tmp/sbbs-May-06-2023/src/conio/genmap.c: 89 in main() /tmp/sbbs-May-06-2023/src/conio/genmap.c: 69 in main() /tmp/sbbs-May-06-2023/src/conio/genmap.c: 78 in main()


    ________________________________________________________________________________________________________
    *** CID 453600: (NULL_RETURNS)
    /tmp/sbbs-May-06-2023/src/conio/genmap.c: 88 in main()
    82 "#include <inttypes.h>\n"
    83 "\n"
    84 "extern const uint32_t r2y[16777216];\n"
    85 "extern const uint32_t y2r[16777216];\n"
    86 "\n"
    87 "#endif\n");
    CID 453600: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "r" when calling "fwrite". 88 fwrite(r2y, 4, 1 << 24, r);
    89 fwrite(y2r, 4, 1 << 24, y);
    90 fclose(s);
    91 fclose(h);
    92 fclose(r);
    93 fclose(y);
    94 return 0;
    /tmp/sbbs-May-06-2023/src/conio/genmap.c: 89 in main()
    83 "\n"
    84 "extern const uint32_t r2y[16777216];\n"
    85 "extern const uint32_t y2r[16777216];\n"
    86 "\n"
    87 "#endif\n");
    88 fwrite(r2y, 4, 1 << 24, r);
    CID 453600: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "y" when calling "fwrite". 89 fwrite(y2r, 4, 1 << 24, y);
    90 fclose(s);
    91 fclose(h);
    92 fclose(r);
    93 fclose(y);
    94 return 0;
    /tmp/sbbs-May-06-2023/src/conio/genmap.c: 69 in main()
    63 char *mangle = "";
    64
    65 init_r2y();
    66 if (argc > 1 && strcmp(argv[1], "win32") == 0)
    67 mangle = "_";
    68
    CID 453600: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "s" when calling "fprintf". [Note: The source code implementation of the function has been overridden by a builtin model.]
    69 fprintf(s,
    70 ".section .rodata\n"
    71 ".global %sr2y\n"
    72 ".global %sy2r\n"
    73 ".align 4\n"
    74 "%sr2y:\n"
    /tmp/sbbs-May-06-2023/src/conio/genmap.c: 78 in main()
    72 ".global %sy2r\n"
    73 ".align 4\n"
    74 "%sr2y:\n"
    75 " .incbin \"r2y.bin\"\n"
    76 "%sy2r:\n"
    77 " .incbin \"y2r.bin\"\n", mangle, mangle, mangle, mangle);
    CID 453600: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "h" when calling "fprintf". [Note: The source code implementation of the function has been overridden by a builtin model.]
    78 fprintf(h,
    79 "#ifndef RGBMAP_H\n"
    80 "#define RGBMAP_H\n"
    81 "\n"
    82 "#include <inttypes.h>\n"
    83 "\n"


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D2OWw_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA5TNjzrU6Rq5Mo9xdbzDwsTpy-2Bb09EocMoAjAvUXI0dqN9FjhoAs2WQX-2BupKjspvk11pluxiTxKgTDHQAhwzsXbwAERPEnGsAxkUULs14dstkoKyyk63U-2FI43vTGDPDLB-2BN8f1fqC8LeCf2cycw746w3RIwm3fIqgqrnx-2F8Y8WZA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, May 07, 2023 14:09:59
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 453850: Memory - corruptions (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 453850: Memory - corruptions (OVERRUN)
    /main.cpp: 2135 in input_thread(void *)()
    2129 else
    2130 wrbuf=telnet_interpret(sbbs, inbuf, rd, telbuf, wr);
    2131 if(wr > (int)sizeof(telbuf))
    2132 lprintf(LOG_ERR,"!TELBUF OVERFLOW (%d>%d)",wr,(int)sizeof(telbuf));
    2133
    2134 if(!(sbbs->console & CON_RAW_IN))
    CID 453850: Memory - corruptions (OVERRUN)
    Overrunning buffer pointed to by "wrbuf" of 4000 bytes by passing it to a function which accesses it at byte offset 4000 using argument "wr" (which evaluates to 4001).
    2135 sbbs->translate_input(wrbuf, wr);
    2136
    2137 if(sbbs->passthru_socket_active == true) {
    2138 BOOL writable = FALSE;
    2139 if(socket_check(sbbs->passthru_socket, NULL, &writable, 1000) && writable)
    2140 (void)sendsocket(sbbs->passthru_socket, (char*)wrbuf, wr);

    ** CID 453849: (STRING_SIZE)
    /tmp/sbbs-May-07-2023/src/conio/genmap.c: 72 in main() /tmp/sbbs-May-07-2023/src/conio/genmap.c: 74 in main() /tmp/sbbs-May-07-2023/src/conio/genmap.c: 68 in main() /tmp/sbbs-May-07-2023/src/conio/genmap.c: 70 in main()


    ________________________________________________________________________________________________________
    *** CID 453849: (STRING_SIZE)
    /tmp/sbbs-May-07-2023/src/conio/genmap.c: 72 in main()
    66 return EXIT_FAILURE;
    67 }
    68 sprintf(path, "%s/rgbmap.s", argv[2]);
    69 s = fopen(path, "w");
    70 sprintf(path, "%s/rgbmap.h", argv[2]);
    71 h = fopen(path, "w");
    CID 453849: (STRING_SIZE)
    Passing string "argv[2]" of unknown size to "sprintf".
    72 sprintf(path, "%s/r2y.bin", argv[2]);
    73 r = fopen(path, "wb");
    74 sprintf(path, "%s/y2r.bin", argv[2]);
    75 y = fopen(path, "wb");
    76 init_r2y();
    77 if (argc > 1 && strcmp(argv[1], "win32") == 0) /tmp/sbbs-May-07-2023/src/conio/genmap.c: 74 in main()
    68 sprintf(path, "%s/rgbmap.s", argv[2]);
    69 s = fopen(path, "w");
    70 sprintf(path, "%s/rgbmap.h", argv[2]);
    71 h = fopen(path, "w");
    72 sprintf(path, "%s/r2y.bin", argv[2]);
    73 r = fopen(path, "wb");
    CID 453849: (STRING_SIZE)
    Passing string "argv[2]" of unknown size to "sprintf".
    74 sprintf(path, "%s/y2r.bin", argv[2]);
    75 y = fopen(path, "wb");
    76 init_r2y();
    77 if (argc > 1 && strcmp(argv[1], "win32") == 0)
    78 mangle = "_";
    79
    /tmp/sbbs-May-07-2023/src/conio/genmap.c: 68 in main()
    62 char *mangle = "";
    63
    64 if (argc != 3) {
    65 fprintf(stderr, "Usage: %s <os> <path>\n", argv[0]);
    66 return EXIT_FAILURE;
    67 }
    CID 453849: (STRING_SIZE)
    Passing string "argv[2]" of unknown size to "sprintf".
    68 sprintf(path, "%s/rgbmap.s", argv[2]);
    69 s = fopen(path, "w");
    70 sprintf(path, "%s/rgbmap.h", argv[2]);
    71 h = fopen(path, "w");
    72 sprintf(path, "%s/r2y.bin", argv[2]);
    73 r = fopen(path, "wb");
    /tmp/sbbs-May-07-2023/src/conio/genmap.c: 70 in main()
    64 if (argc != 3) {
    65 fprintf(stderr, "Usage: %s <os> <path>\n", argv[0]);
    66 return EXIT_FAILURE;
    67 }
    68 sprintf(path, "%s/rgbmap.s", argv[2]);
    69 s = fopen(path, "w");
    CID 453849: (STRING_SIZE)
    Passing string "argv[2]" of unknown size to "sprintf".
    70 sprintf(path, "%s/rgbmap.h", argv[2]);
    71 h = fopen(path, "w");
    72 sprintf(path, "%s/r2y.bin", argv[2]);
    73 r = fopen(path, "wb");
    74 sprintf(path, "%s/y2r.bin", argv[2]);
    75 y = fopen(path, "wb");

    ** CID 453848: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-May-07-2023/src/conio/x_events.c: 562 in video_init()


    ________________________________________________________________________________________________________
    *** CID 453848: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-May-07-2023/src/conio/x_events.c: 562 in video_init()
    556 if (x_cvstat.scaling < 1 || vstat.scaling < 1)
    557 x_cvstat.scaling = vstat.scaling = 1;
    558 pthread_mutex_unlock(&vstatlock);
    559 /* Initialize mode 3 (text, 80x25, 16 colors) */
    560 if(load_vmode(&vstat, ciolib_initial_mode))
    561 return(-1);
    CID 453848: Concurrent data access violations (MISSING_LOCK)
    Accessing "x_cvstat" without holding lock "vstatlock". Elsewhere, "x_cvstat" is accessed with "vstatlock" held 3 out of 4 times (1 of these accesses strongly imply that it is necessary).
    562 x_cvstat = vstat;
    563 if(init_window())
    564 return(-1);
    565 bitmap_drv_init(x11_drawrect, x11_flush);
    566 pthread_mutex_lock(&vstatlock);
    567 bitmap_drv_init_mode(vstat.mode, NULL, NULL, 0, 0);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DHCK2_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCrnxZlR95qbad06mHzW16hipyALzV0mFuj3ay6pFxYR0eStfRzX4PFZA0tGWVeDEIjb6ggx0scvHBcaLMTSmWKTHh-2BY-2F-2FJXVJUS-2FMWWRke5EcHM57k-2F70xISfOM2XGn-2F4aK35uR43soY3XaxM-2BxoxpO-2BmFSex4uKhKezwAhOx42w-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, May 12, 2023 12:39:17
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 454698: Incorrect expression (IDENTICAL_BRANCHES) /tmp/sbbs-May-12-2023/src/conio/x_events.c: 336 in map_window()


    ________________________________________________________________________________________________________
    *** CID 454698: Incorrect expression (IDENTICAL_BRANCHES) /tmp/sbbs-May-12-2023/src/conio/x_events.c: 336 in map_window()
    330 }
    331
    332 bitmap_get_scaled_win_size(x_cvstat.scaling, &sh->base_width, &sh->base_height, 0, 0);
    333 bitmap_get_scaled_win_size(1.0, &sh->min_width, &sh->min_height, 0, 0);
    334 pthread_mutex_unlock(&vstatlock);
    335
    CID 454698: Incorrect expression (IDENTICAL_BRANCHES)
    The same code is executed regardless of whether "x_cvstat.aspect_width != 0 && x_cvstat.aspect_height != 0" is true, because the 'then' and 'else' branches are identical. Should one of the branches be modified, or the entire 'if' statement replaced?
    336 if (x_cvstat.aspect_width != 0 && x_cvstat.aspect_height != 0) {
    337 sh->min_aspect.x = sh->max_aspect.x = sh->min_width; 338 sh->min_aspect.y = sh->max_aspect.y = sh->min_height; 339 }
    340 else {
    341 sh->min_aspect.x = sh->max_aspect.x = sh->min_width;

    ** CID 454697: Program hangs (LOCK) /tmp/sbbs-May-12-2023/src/conio/x_events.c: 565 in video_init()


    ________________________________________________________________________________________________________
    *** CID 454697: Program hangs (LOCK) /tmp/sbbs-May-12-2023/src/conio/x_events.c: 565 in video_init()
    559 if (ciolib_initial_scaling != 0.0)
    560 x_cvstat.scaling = vstat.scaling = ciolib_initial_scaling;
    561 if (x_cvstat.scaling < 1.0 || vstat.scaling < 1.0)
    562 x_cvstat.scaling = vstat.scaling = 1;
    563 /* Initialize mode 3 (text, 80x25, 16 colors) */
    564 if(load_vmode(&vstat, ciolib_initial_mode))
    CID 454697: Program hangs (LOCK)
    Returning without unlocking "vstatlock".
    565 return(-1);
    566 x_cvstat = vstat;
    567 pthread_mutex_unlock(&vstatlock);
    568 if(init_window())
    569 return(-1);
    570 bitmap_drv_init(x11_drawrect, x11_flush);

    ** CID 454696: Control flow issues (UNREACHABLE) /tmp/sbbs-May-12-2023/src/conio/sdl_con.c: 346 in window_can_scale_internally()


    ________________________________________________________________________________________________________
    *** CID 454696: Control flow issues (UNREACHABLE) /tmp/sbbs-May-12-2023/src/conio/sdl_con.c: 346 in window_can_scale_internally() 340 {
    341 double ival;
    342 double fval = modf(vstat.scaling, &ival);
    343
    344 // TODO: Add toggle for software scaling
    345 return true;
    CID 454696: Control flow issues (UNREACHABLE)
    This code cannot be reached: "if (fval == 0.)
    return true;".
    346 if (fval == 0.0)
    347 return true;
    348 return false;
    349 }
    350
    351 static int sdl_init_mode(int mode, bool init)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DX8P7_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCo7meCvjTSwgjNWxh8U4aDHxfQHmMxsciENSIBRXp67uLEWOz8jwu3lZFR4uCjFHkbCONAY52JqWDBe66S35SQOx1f4wXv2LsZa7IQA5vCXFuyr8zmKHpG3m8Wuig8iyc7ux-2BQD0YVshzWBetWEqE7uzFZr9D2LkWv7T-2FSd8bmyg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, June 03, 2023 12:40:58
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    7 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 7 of 7 defect(s)


    ** CID 462165: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-03-2023/src/conio/x_events.c: 904 in local_draw_rect()


    ________________________________________________________________________________________________________
    *** CID 462165: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-03-2023/src/conio/x_events.c: 904 in local_draw_rect()
    898 x11.XFillRectangle(dpy, win, gc, 0, yoff, xoff, yoff + xim->height);
    899 x11.XFillRectangle(dpy, win, gc, xoff+xim->width, yoff, w, yoff + xim->height);
    900 x11.XFillRectangle(dpy, win, gc, 0, yoff + xim->height, w, h);
    901 }
    902 if (x_internal_scaling || xrender_found == false) {
    903 if (last == NULL)
    CID 462165: Null pointer dereferences (FORWARD_NULL)
    Dereferencing null pointer "source".
    904 x11.XPutImage(dpy, win, gc, xim, 0, 0, xoff, yoff, source->w, source->h);
    905 else {
    906 release_buffer(last);
    907 last = NULL;
    908 }
    909 }

    ** CID 462164: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Jun-03-2023/src/conio/sdl_con.c: 448 in internal_setwinsize()


    ________________________________________________________________________________________________________
    *** CID 462164: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Jun-03-2023/src/conio/sdl_con.c: 448 in internal_setwinsize()
    442 pthread_mutex_lock(&win_mutex);
    443 sdl.GetWindowSize(win, &w, &h);
    444 pthread_mutex_unlock(&win_mutex);
    445 if (w != vs->winwidth || h != vs->winheight)
    446 changed = true;
    447 pthread_mutex_unlock(&vstatlock);
    CID 462164: Concurrent data access violations (MISSING_LOCK)
    Accessing "vstat.scaling" without holding lock "vstatlock". Elsewhere, "video_stats.scaling" is accessed with "vstatlock" held 13 out of 18 times (1 of these accesses strongly imply that it is necessary).
    448 vstat.scaling = sdl_getscaling();
    449 }
    450 if (changed)
    451 setup_surfaces(vs);
    452 }
    453

    ** CID 462163: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Jun-03-2023/src/conio/sdl_con.c: 408 in update_cvstat()


    ________________________________________________________________________________________________________
    *** CID 462163: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Jun-03-2023/src/conio/sdl_con.c: 408 in update_cvstat()
    402 }
    403
    404 static void
    405 update_cvstat(struct video_stats *vs)
    406 {
    407 if (vs != NULL && vs != &vstat) {
    CID 462163: Concurrent data access violations (MISSING_LOCK)
    Accessing "vstat.scaling" without holding lock "vstatlock". Elsewhere, "video_stats.scaling" is accessed with "vstatlock" held 13 out of 18 times (1 of these accesses strongly imply that it is necessary).
    408 vstat.scaling = sdl_getscaling();
    409 pthread_mutex_lock(&vstatlock);
    410 *vs = vstat;
    411 pthread_mutex_unlock(&vstatlock);
    412 }
    413 }

    ** CID 462162: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Jun-03-2023/src/conio/sdl_con.c: 657 in setup_surfaces()


    ________________________________________________________________________________________________________
    *** CID 462162: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Jun-03-2023/src/conio/sdl_con.c: 657 in setup_surfaces()
    651 else if(sdl_init_good) {
    652 ev.type=SDL_QUIT;
    653 sdl_exitcode=1;
    654 sdl.PeepEvents(&ev, 1, SDL_ADDEVENT, SDL_FIRSTEVENT, SDL_LASTEVENT);
    655 }
    656 pthread_mutex_unlock(&win_mutex);
    CID 462162: Concurrent data access violations (MISSING_LOCK)
    Accessing "vstat.scaling" without holding lock "vstatlock". Elsewhere, "video_stats.scaling" is accessed with "vstatlock" held 13 out of 18 times (1 of these accesses strongly imply that it is necessary).
    657 vstat.scaling = sdl_getscaling();
    658 }
    659
    660 /* Called from event thread only */
    661 static void sdl_add_key(unsigned int keyval, struct video_stats *vs) 662 {

    ** CID 462161: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 511 in x_init()


    ________________________________________________________________________________________________________
    *** CID 462161: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 511 in x_init()
    505 xp_dlclose(dl);
    506 return(-1);
    507 }
    508 #ifdef WITH_XRENDER
    509 xrender_found = true;
    510 if ((dl2 = xp_dlopen(libnames2,RTLD_LAZY,7)) == NULL) {
    CID 462161: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "dl2" to "dlclose", which dereferences it.
    511 xp_dlclose(dl2);
    512 xrender_found = false;
    513 }
    514 if (xrender_found && ((x11.XRenderFindStandardFormat = xp_dlsym(dl2, XRenderFindStandardFormat)) == NULL)) {
    515 xp_dlclose(dl);
    516 xrender_found = false;

    ** CID 462160: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-03-2023/src/conio/x_events.c: 589 in init_window()


    ________________________________________________________________________________________________________
    *** CID 462160: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-03-2023/src/conio/x_events.c: 589 in init_window()
    583 if (classhints) {
    584 classhints->res_name = (char *)ciolib_initial_program_name;
    585 classhints->res_class = (char *)ciolib_initial_program_class;
    586 }
    587 wmhints=x11.XAllocWMHints();
    588 wmhints->flags = 0;
    CID 462160: Null pointer dereferences (REVERSE_INULL)
    Null-checking "wmhints" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    589 if(wmhints) {
    590 wmhints->initial_state=NormalState;
    591 wmhints->flags |= (StateHint | InputHint);
    592 wmhints->input = True;
    593 set_icon(ciolib_initial_icon, ciolib_initial_icon_width, wmhints);
    594 x11.XSetWMProperties(dpy, win, NULL, NULL, 0, 0, NULL, wmhints, classhints);

    ** CID 462159: (RESOURCE_LEAK)
    /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 591 in x_init() /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 552 in x_init() /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 552 in x_init() /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 557 in x_init() /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 552 in x_init() /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 563 in x_init() /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 570 in x_init()


    ________________________________________________________________________________________________________
    *** CID 462159: (RESOURCE_LEAK)
    /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 591 in x_init()
    585 xp_dlclose(dl);
    586 sem_destroy(&pastebuf_set);
    587 sem_destroy(&pastebuf_used);
    588 sem_destroy(&init_complete);
    589 sem_destroy(&mode_set);
    590 pthread_mutex_destroy(&copybuf_mutex);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    591 return(-1);
    592 }
    593 _beginthread(x11_mouse_thread,1<<16,NULL);
    594 cio_api.options |= CONIO_OPT_SET_TITLE | CONIO_OPT_SET_NAME | CONIO_OPT_SET_ICON;
    595 return(0);
    596 }
    /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 552 in x_init()
    546 #endif
    547 setlocale(LC_ALL, "");
    548 x11.XSetLocaleModifiers("@im=none");
    549
    550 if(sem_init(&pastebuf_set, 0, 0)) {
    551 xp_dlclose(dl);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    552 return(-1);
    553 }
    554 if(sem_init(&pastebuf_used, 0, 0)) {
    555 xp_dlclose(dl);
    556 sem_destroy(&pastebuf_set);
    557 return(-1);
    /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 552 in x_init()
    546 #endif
    547 setlocale(LC_ALL, "");
    548 x11.XSetLocaleModifiers("@im=none");
    549
    550 if(sem_init(&pastebuf_set, 0, 0)) {
    551 xp_dlclose(dl);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    552 return(-1);
    553 }
    554 if(sem_init(&pastebuf_used, 0, 0)) {
    555 xp_dlclose(dl);
    556 sem_destroy(&pastebuf_set);
    557 return(-1);
    /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 557 in x_init()
    551 xp_dlclose(dl);
    552 return(-1);
    553 }
    554 if(sem_init(&pastebuf_used, 0, 0)) {
    555 xp_dlclose(dl);
    556 sem_destroy(&pastebuf_set);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    557 return(-1);
    558 }
    559 if(sem_init(&init_complete, 0, 0)) {
    560 xp_dlclose(dl);
    561 sem_destroy(&pastebuf_set);
    562 sem_destroy(&pastebuf_used); /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 552 in x_init()
    546 #endif
    547 setlocale(LC_ALL, "");
    548 x11.XSetLocaleModifiers("@im=none");
    549
    550 if(sem_init(&pastebuf_set, 0, 0)) {
    551 xp_dlclose(dl);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    552 return(-1);
    553 }
    554 if(sem_init(&pastebuf_used, 0, 0)) {
    555 xp_dlclose(dl);
    556 sem_destroy(&pastebuf_set);
    557 return(-1);
    /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 563 in x_init()
    557 return(-1);
    558 }
    559 if(sem_init(&init_complete, 0, 0)) {
    560 xp_dlclose(dl);
    561 sem_destroy(&pastebuf_set);
    562 sem_destroy(&pastebuf_used);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    563 return(-1);
    564 }
    565 if(sem_init(&mode_set, 0, 0)) {
    566 xp_dlclose(dl);
    567 sem_destroy(&pastebuf_set);
    568 sem_destroy(&pastebuf_used); /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 570 in x_init()
    564 }
    565 if(sem_init(&mode_set, 0, 0)) {
    566 xp_dlclose(dl);
    567 sem_destroy(&pastebuf_set);
    568 sem_destroy(&pastebuf_used);
    569 sem_destroy(&init_complete);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    570 return(-1);
    571 }
    572
    573 if(pthread_mutex_init(&copybuf_mutex, 0)) {
    574 xp_dlclose(dl);
    575 sem_destroy(&pastebuf_set);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DIG4__g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBPyDfdctenEpBqzGZNVHs42ttgLTzzOGVhZnCvXDhpCF9jzW-2Bs67lHgn4mRJqKpKp0lKywESuC-2B8aPwq-2BHoGo6NvVv2XtDxVwk0ttDNXD70ZWDHBkynCZQ-2FnfDOJmi8gjr3lodcSxrI82eFAdcseucYkY4oNbs56dG5-2FpY2OKpzQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, June 04, 2023 12:43:02
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    6 new defect(s) introduced to Synchronet found with Coverity Scan.
    9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 6 of 6 defect(s)


    ** CID 462184: (RESOURCE_LEAK)
    /smbutil.c: 1166 in packmsgs()
    /smbutil.c: 1161 in packmsgs()
    /smbutil.c: 1249 in packmsgs()


    ________________________________________________________________________________________________________
    *** CID 462184: (RESOURCE_LEAK)
    /smbutil.c: 1166 in packmsgs()
    1160 if(fread(&hdr,1,sizeof(smbhdr_t),smb.shd_fp) < 1)
    1161 return;
    1162 fwrite(&hdr,1,sizeof(smbhdr_t),tmp_shd);
    1163 fwrite(&(smb.status),1,sizeof(smbstatus_t),tmp_shd);
    1164 for(l=sizeof(smbhdr_t)+sizeof(smbstatus_t);l<smb.status.header_offset;l++) {
    1165 if(fread(&ch,1,1,smb.shd_fp) < 1) /* copy additional base header records */
    CID 462184: (RESOURCE_LEAK)
    Variable "datoffset" going out of scope leaks the storage it points to. 1166 return;
    1167 fwrite(&ch,1,1,tmp_shd);
    1168 }
    1169 total=0;
    1170 for(l=0;l<smb.status.total_msgs;l++) {
    1171 ZERO_VAR(msg);
    /smbutil.c: 1161 in packmsgs()
    1155 fclose(tmp_sid);
    1156 fprintf(errfp,"\n%s!Error allocating memory\n",beep); 1157 return;
    1158 }
    1159 fseek(smb.shd_fp,0L,SEEK_SET);
    1160 if(fread(&hdr,1,sizeof(smbhdr_t),smb.shd_fp) < 1)
    CID 462184: (RESOURCE_LEAK)
    Variable "datoffset" going out of scope leaks the storage it points to. 1161 return;
    1162 fwrite(&hdr,1,sizeof(smbhdr_t),tmp_shd);
    1163 fwrite(&(smb.status),1,sizeof(smbstatus_t),tmp_shd);
    1164 for(l=sizeof(smbhdr_t)+sizeof(smbstatus_t);l<smb.status.header_offset;l++) {
    1165 if(fread(&ch,1,1,smb.shd_fp) < 1) /* copy additional base header records */
    1166 return;
    /smbutil.c: 1249 in packmsgs()
    1243
    1244 /* Actually copy the data */
    1245
    1246 n=smb_datblocks(m);
    1247 for(m=0;m<n;m++) {
    1248 if(fread(buf,1,SDT_BLOCK_LEN,smb.sdt_fp) < 1)
    CID 462184: (RESOURCE_LEAK)
    Variable "datoffset" going out of scope leaks the storage it points to. 1249 return;
    1250 if(!m && *(ushort *)buf!=XLAT_NONE && *(ushort *)buf!=XLAT_LZH) {
    1251 printf("\nUnsupported translation type (%04X)\n"
    1252 ,*(ushort *)buf);
    1253 break;
    1254 }

    ** CID 462183: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 564 in x_init()


    ________________________________________________________________________________________________________
    *** CID 462183: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 564 in x_init()
    558 xrender_found = false;
    559 }
    560 #endif
    561 #ifdef WITH_XINERAMA
    562 xinerama_found = true;
    563 if ((dl3 = xp_dlopen(libnames3,RTLD_LAZY,1)) == NULL) {
    CID 462183: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "dl3" to "dlclose", which dereferences it.
    564 xp_dlclose(dl3);
    565 xinerama_found = false;
    566 }
    567 if (xinerama_found && ((x11.XineramaQueryVersion = xp_dlsym(dl3, XineramaQueryVersion)) == NULL)) {
    568 xp_dlclose(dl3);
    569 xinerama_found = false;

    ** CID 462182: (RESOURCE_LEAK)
    /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 619 in x_init() /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 608 in x_init() /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 613 in x_init() /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 626 in x_init() /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 647 in x_init()


    ________________________________________________________________________________________________________
    *** CID 462182: (RESOURCE_LEAK)
    /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 619 in x_init()
    613 return(-1);
    614 }
    615 if(sem_init(&init_complete, 0, 0)) {
    616 xp_dlclose(dl);
    617 sem_destroy(&pastebuf_set);
    618 sem_destroy(&pastebuf_used);
    CID 462182: (RESOURCE_LEAK)
    Variable "dl4" going out of scope leaks the storage it points to.
    619 return(-1);
    620 }
    621 if(sem_init(&mode_set, 0, 0)) {
    622 xp_dlclose(dl);
    623 sem_destroy(&pastebuf_set);
    624 sem_destroy(&pastebuf_used); /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 608 in x_init()
    602 #endif
    603 setlocale(LC_ALL, "");
    604 x11.XSetLocaleModifiers("@im=none");
    605
    606 if(sem_init(&pastebuf_set, 0, 0)) {
    607 xp_dlclose(dl);
    CID 462182: (RESOURCE_LEAK)
    Variable "dl4" going out of scope leaks the storage it points to.
    608 return(-1);
    609 }
    610 if(sem_init(&pastebuf_used, 0, 0)) {
    611 xp_dlclose(dl);
    612 sem_destroy(&pastebuf_set);
    613 return(-1);
    /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 613 in x_init()
    607 xp_dlclose(dl);
    608 return(-1);
    609 }
    610 if(sem_init(&pastebuf_used, 0, 0)) {
    611 xp_dlclose(dl);
    612 sem_destroy(&pastebuf_set);
    CID 462182: (RESOURCE_LEAK)
    Variable "dl4" going out of scope leaks the storage it points to.
    613 return(-1);
    614 }
    615 if(sem_init(&init_complete, 0, 0)) {
    616 xp_dlclose(dl);
    617 sem_destroy(&pastebuf_set);
    618 sem_destroy(&pastebuf_used); /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 626 in x_init()
    620 }
    621 if(sem_init(&mode_set, 0, 0)) {
    622 xp_dlclose(dl);
    623 sem_destroy(&pastebuf_set);
    624 sem_destroy(&pastebuf_used);
    625 sem_destroy(&init_complete);
    CID 462182: (RESOURCE_LEAK)
    Variable "dl4" going out of scope leaks the storage it points to.
    626 return(-1);
    627 }
    628
    629 if(pthread_mutex_init(&copybuf_mutex, 0)) {
    630 xp_dlclose(dl);
    631 sem_destroy(&pastebuf_set); /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 647 in x_init()
    641 xp_dlclose(dl);
    642 sem_destroy(&pastebuf_set);
    643 sem_destroy(&pastebuf_used);
    644 sem_destroy(&init_complete);
    645 sem_destroy(&mode_set);
    646 pthread_mutex_destroy(&copybuf_mutex);
    CID 462182: (RESOURCE_LEAK)
    Variable "dl4" going out of scope leaks the storage it points to.
    647 return(-1);
    648 }
    649 _beginthread(x11_mouse_thread,1<<16,NULL);
    650 cio_api.options |= CONIO_OPT_SET_TITLE | CONIO_OPT_SET_NAME | CONIO_OPT_SET_ICON;
    651 return(0);
    652 }

    ** CID 462181: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 608 in x_init()


    ________________________________________________________________________________________________________
    *** CID 462181: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 608 in x_init()
    602 #endif
    603 setlocale(LC_ALL, "");
    604 x11.XSetLocaleModifiers("@im=none");
    605
    606 if(sem_init(&pastebuf_set, 0, 0)) {
    607 xp_dlclose(dl);
    CID 462181: Resource leaks (RESOURCE_LEAK)
    Variable "dl3" going out of scope leaks the storage it points to.
    608 return(-1);
    609 }
    610 if(sem_init(&pastebuf_used, 0, 0)) {
    611 xp_dlclose(dl);
    612 sem_destroy(&pastebuf_set);
    613 return(-1);

    ** CID 462180: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 579 in x_init()


    ________________________________________________________________________________________________________
    *** CID 462180: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 579 in x_init()
    573 xinerama_found = false;
    574 }
    575 #endif
    576 #ifdef WITH_XRANDR
    577 xrandr_found = true;
    578 if ((dl4 = xp_dlopen(libnames4,RTLD_LAZY,2)) == NULL) {
    CID 462180: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "dl4" to "dlclose", which dereferences it.
    579 xp_dlclose(dl4);
    580 xrandr_found = false;
    581 }
    582 if (xinerama_found && ((x11.XRRQueryVersion = xp_dlsym(dl4, XRRQueryVersion)) == NULL)) {
    583 xp_dlclose(dl4);
    584 xrandr_found = false;

    ** CID 462179: Control flow issues (DEADCODE) /tmp/sbbs-Jun-04-2023/src/conio/x_events.c: 304 in fullscreen_geometry()


    ________________________________________________________________________________________________________
    *** CID 462179: Control flow issues (DEADCODE) /tmp/sbbs-Jun-04-2023/src/conio/x_events.c: 304 in fullscreen_geometry()
    298 *height = xrrci->height;
    299 if (xrrci != NULL)
    300 x11.XRRFreeCrtcInfo(xrrci);
    301 return true;
    302 }
    303 if (xrrci != NULL)
    CID 462179: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "x11.XRRFreeCrtcInfo(xrrci);". 304 x11.XRRFreeCrtcInfo(xrrci);
    305 }
    306 #endif
    307 #ifdef WITH_XINERAMA
    308 if (xinerama_found) {
    309 // NOTE: Xinerama is limited to a short for the entire screen dimensions.


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DlE0W_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCCsYoL8-2BRAB8pSd-2BoykiJD4ftNgwReCmSBDHZUsIOaydl7n91VpHFpH-2B-2B6udD22Zx0rJjM18W-2BwzJlbPPHAhfNuJskDA1GbbK5bVcFums-2B-2FM-2F0YW6XnLxiKz5gFyKgOgNGYfroq20XOP9rDSr4aT-2Fr9-2BqXnGFlm6brcyj727rBsg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, June 06, 2023 12:40:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    6 new defect(s) introduced to Synchronet found with Coverity Scan.
    38 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 6 of 6 defect(s)


    ** CID 462239: (CHECKED_RETURN) /tmp/sbbs-Jun-06-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 428 in dlmmap_locked()
    /tmp/sbbs-Jun-06-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 416 in dlmmap_locked()


    ________________________________________________________________________________________________________
    *** CID 462239: (CHECKED_RETURN) /tmp/sbbs-Jun-06-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 428 in dlmmap_locked()
    422
    423 start = mmap (start, length, prot, flags, execfd, offset);
    424
    425 if (start == MFAIL)
    426 {
    427 munmap (ptr, length);
    CID 462239: (CHECKED_RETURN)
    Calling "ftruncate" without checking return value (as is done elsewhere 45 out of 52 times).
    428 ftruncate (execfd, offset);
    429 return start;
    430 }
    431
    432 mmap_exec_offset ((char *)start, length) = (char*)ptr - (char*)start; 433 /tmp/sbbs-Jun-06-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 416 in dlmmap_locked()
    410 {
    411 if (!offset)
    412 {
    413 close (execfd);
    414 goto retry_open;
    415 }
    CID 462239: (CHECKED_RETURN)
    Calling "ftruncate" without checking return value (as is done elsewhere 45 out of 52 times).
    416 ftruncate (execfd, offset);
    417 return MFAIL;
    418 }
    419 else if (!offset
    420 && open_temp_exec_file_opts[open_temp_exec_file_opts_idx].repeat)
    421 open_temp_exec_file_opts_next ();

    ** CID 462238: (RESOURCE_LEAK)
    /writemsg.cpp: 1731 in sbbs_t::editmsg(smb_t *, smbmsg_t *)()
    /writemsg.cpp: 1717 in sbbs_t::editmsg(smb_t *, smbmsg_t *)()


    ________________________________________________________________________________________________________
    *** CID 462238: (RESOURCE_LEAK)
    /writemsg.cpp: 1731 in sbbs_t::editmsg(smb_t *, smbmsg_t *)()
    1725 if(j>1 && (j!=x || feof(instream)) && buf[j-1]==LF && buf[j-2]==CR)
    1726 buf[j-1]=buf[j-2]=0; /* Convert to NULL */ 1727 if(fwrite(buf,j,1,smb->sdt_fp) != 1) {
    1728 errormsg(WHERE, ERR_WRITE, smb->file, j);
    1729 smb_unlocksmbhdr(smb);
    1730 smb_freemsgdat(smb,offset,length,1);
    CID 462238: (RESOURCE_LEAK)
    Variable "instream" going out of scope leaks the storage it points to. 1731 return false;
    1732 }
    1733 x=SDT_BLOCK_LEN;
    1734 }
    1735 fflush(smb->sdt_fp);
    1736 fclose(instream);
    /writemsg.cpp: 1717 in sbbs_t::editmsg(smb_t *, smbmsg_t *)()
    1711 fseeko(smb->sdt_fp,offset,SEEK_SET);
    1712 xlat=XLAT_NONE;
    1713 if(fwrite(&xlat,2,1,smb->sdt_fp) != 1) {
    1714 errormsg(WHERE, ERR_WRITE, smb->file, 2);
    1715 smb_unlocksmbhdr(smb);
    1716 smb_freemsgdat(smb,offset,length,1);
    CID 462238: (RESOURCE_LEAK)
    Variable "instream" going out of scope leaks the storage it points to. 1717 return false;
    1718 }
    1719 x=SDT_BLOCK_LEN-2; /* Don't read/write more than 255 */
    1720 while(!feof(instream)) {
    1721 memset(buf,0,x);
    1722 j=fread(buf,1,x,instream);

    ** CID 462237: Resource leaks (RESOURCE_LEAK)
    /writemsg.cpp: 244 in sbbs_t::process_edited_file(const char *, const char *, int, unsigned int *, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 462237: Resource leaks (RESOURCE_LEAK)
    /writemsg.cpp: 244 in sbbs_t::process_edited_file(const char *, const char *, int, unsigned int *, unsigned int)()
    238 }
    239
    240 memset(buf,0,len+1);
    241 int rd = fread(buf,len,1,fp);
    242 fclose(fp);
    243 if(rd != 1)
    CID 462237: Resource leaks (RESOURCE_LEAK)
    Variable "buf" going out of scope leaks the storage it points to.
    244 return -4;
    245
    246 if((fp=fopen(dest,"wb"))!=NULL) {
    247 len=process_edited_text(buf, fp, mode, lines, maxlines);
    248 fclose(fp);
    249 }

    ** CID 462236: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-06-2023/src/conio/x_cio.c: 588 in x_initciolib()


    ________________________________________________________________________________________________________
    *** CID 462236: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-06-2023/src/conio/x_cio.c: 588 in x_initciolib()
    582 }
    583 #endif
    584 #ifdef WITH_XRANDR
    585 xrandr_found = true;
    586 if ((dl4 = xp_dlopen(libnames4,RTLD_LAZY,2)) == NULL)
    587 xrandr_found = false;
    CID 462236: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "dl4" to "dlsym", which dereferences it.
    588 if (xinerama_found && ((x11.XRRQueryVersion = xp_dlsym(dl4, XRRQueryVersion)) == NULL)) {
    589 xp_dlclose(dl4);
    590 xrandr_found = false;
    591 }
    592 if (xinerama_found && ((x11.XRRGetScreenResources = xp_dlsym(dl4, XRRGetScreenResources)) == NULL)) {
    593 xp_dlclose(dl4);

    ** CID 462235: Resource leaks (RESOURCE_LEAK)
    /fmsgdump.c: 114 in msgdump()


    ________________________________________________________________________________________________________
    *** CID 462235: Resource leaks (RESOURCE_LEAK)
    /fmsgdump.c: 114 in msgdump()
    108 fprintf(stderr, "!MALLOC failure\n");
    109 return __COUNTER__;
    110 }
    111 fseek(fp, sizeof(hdr), SEEK_SET);
    112 if(fread(body, len, 1, fp) != 1) {
    113 perror("reading body text");
    CID 462235: Resource leaks (RESOURCE_LEAK)
    Variable "body" going out of scope leaks the storage it points to.
    114 return __COUNTER__;
    115 }
    116 fprintf(bodyfp, "\n-start of message text-\n");
    117 char* p = body;
    118 while(*p && p < body + len) {
    119 if((p == body || *(p - 1) == '\r') && *p == 1) {

    ** CID 462234: Resource leaks (RESOURCE_LEAK)
    /netmail.cpp: 303 in sbbs_t::netmail(const char *, const char *, int, smb_t *, smbmsg_t *, char **)()


    ________________________________________________________________________________________________________
    *** CID 462234: Resource leaks (RESOURCE_LEAK)
    /netmail.cpp: 303 in sbbs_t::netmail(const char *, const char *, int, smb_t *, smbmsg_t *, char **)()
    297 errormsg(WHERE,ERR_ALLOC,str,length);
    298 return(false);
    299 }
    300 if(read(file,buf,length) != length) {
    301 close(file);
    302 errormsg(WHERE, ERR_READ, str, length);
    CID 462234: Resource leaks (RESOURCE_LEAK)
    Variable "buf" going out of scope leaks the storage it points to.
    303 return false;
    304 }
    305 close(file);
    306
    307 smb_net_type_t nettype = NET_FIDO;
    308 smb_hfield_str(&msg,SENDER, from);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DcBRy_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrB-2FxlaM9N-2BytN4abAlhxBOfL2Gc48Kht9DWsIw0TGq4KCIUCjvrRsYhjbSc3n6GrPlyk6u8jzpB0aqRS4dcNK81E-2FeN0SyAuTTv987PncAi-2FzopZuXT78jKuoT04lLRnCeEbfBKD6ahQnLeiOpkIZgmfmv57IglbC4RNT9dRkvaUQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, June 09, 2023 12:40:16
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    14 new defect(s) introduced to Synchronet found with Coverity Scan.
    28 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 14 of 14 defect(s)


    ** CID 462300: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3525 in do_ansi()


    ________________________________________________________________________________________________________
    *** CID 462300: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3525 in do_ansi()
    3519 case 'e': /* Line Position Forward */
    3520 seq_default(seq, 0, 1);
    3521 if (seq->param_int[0] < 1)
    3522 break; 3523 adjust_currpos(cterm, 0, seq->param_int[0], 0);
    3524 break;
    CID 462300: Control flow issues (MISSING_BREAK)
    The case for value "'a'" is not terminated by a "break" statement.
    3525 case 'a': /* Character Position Forward */
    3526 clear_lcf(cterm);
    3527 case 'C': /* Cursor Right */
    3528 seq_default(seq, 0, 1);
    3529 if (seq->param_int[0] < 1)
    3530 break;

    ** CID 462299: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3533 in do_ansi()


    ________________________________________________________________________________________________________
    *** CID 462299: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3533 in do_ansi()
    3527 case 'C': /* Cursor Right */
    3528 seq_default(seq, 0, 1);
    3529 if (seq->param_int[0] < 1)
    3530 break; 3531 adjust_currpos(cterm, seq->param_int[0], 0, 0);
    3532 break;
    CID 462299: Control flow issues (MISSING_BREAK)
    The case for value "'j'" is not terminated by a "break" statement.
    3533 case 'j': /* Character Position Backward */
    3534 clear_lcf(cterm);
    3535 case 'D': /* Cursor Left */
    3536 seq_default(seq, 0, 1);
    3537 if (seq->param_int[0] < 1)
    3538 break;

    ** CID 462298: (NEGATIVE_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 462298: (NEGATIVE_RETURNS)
    /exec.cpp: 1892 in sbbs_t::exec(csi_t *)()
    1886 }
    1887 else
    1888 csi->logic=LOGIC_FALSE;
    1889 return(0);
    1890
    1891 case CS_SELECT_EDITOR:
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1892 csi->logic=select_editor() ? LOGIC_TRUE:LOGIC_FALSE;
    1893 return(0);
    1894 case CS_SET_EDITOR:
    1895 csi->logic=LOGIC_TRUE;
    1896 for(i=0;i<cfg.total_xedits;i++)
    1897 if(!stricmp(csi->str,cfg.xedit[i]->code)
    /exec.cpp: 1880 in sbbs_t::exec(csi_t *)()
    1874 case CS_SELECT_SHELL:
    1875 csi->logic=select_shell() ? LOGIC_TRUE:LOGIC_FALSE;
    1876 return(0);
    1877 case CS_SET_SHELL:
    1878 csi->logic=LOGIC_TRUE;
    1879 for(i=0;i<cfg.total_shells;i++)
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1880 if(!stricmp(csi->str,cfg.shell[i]->code)
    1881 && chk_ar(cfg.shell[i]->ar,&useron,&client))
    1882 break;
    1883 if(i<cfg.total_shells) {
    1884 useron.shell=i;
    1885 putuserstr(useron.number, USER_SHELL, cfg.shell[i]->code);
    /exec.cpp: 1181 in sbbs_t::exec(csi_t *)()
    1175 now=time(NULL);
    1176
    1177 if(csi->ip>=csi->cs+csi->length)
    1178 return(1);
    1179
    1180 if(*csi->ip>=CS_FUNCTIONS)
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1181 return(exec_function(csi));
    1182
    1183 /**********************************************/
    1184 /* Miscellaneous variable length instructions */
    1185 /**********************************************/
    1186
    /exec.cpp: 1499 in sbbs_t::exec(csi_t *)()
    1493
    1494 if(*csi->ip>=CS_TWO_BYTE) {
    1495 switch(*(csi->ip++)) {
    1496 case CS_TWO_MORE_BYTES:
    1497 switch(*(csi->ip++)) {
    1498 case CS_USER_EVENT:
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1499 user_event((user_event_t)*(csi->ip++));
    1500 return(0);
    1501 }
    1502 errormsg(WHERE,ERR_CHK,"shell instruction",*(csi->ip-1));
    1503 return(0);
    1504 case CS_SETLOGIC:
    /exec.cpp: 1181 in sbbs_t::exec(csi_t *)()
    1175 now=time(NULL);
    1176
    1177 if(csi->ip>=csi->cs+csi->length)
    1178 return(1);
    1179
    1180 if(*csi->ip>=CS_FUNCTIONS)
    CID 462298: (NEGATIVE_RETURNS)
    "this->cursubnum" is passed to a parameter that cannot be negative. 1181 return(exec_function(csi));
    1182
    1183 /**********************************************/
    1184 /* Miscellaneous variable length instructions */
    1185 /**********************************************/
    1186
    /exec.cpp: 1761 in sbbs_t::exec(csi_t *)()
    1755 if(logon())
    1756 csi->logic=LOGIC_TRUE; 1757 else
    1758 csi->logic=LOGIC_FALSE; 1759 return(0);
    1760 case CS_LOGOUT:
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1761 logout();
    1762 return(0);
    1763 case CS_EXIT:
    1764 return(1);
    1765 case CS_LOOP_BEGIN:
    1766 if(csi->loops<MAX_LOOPDEPTH) /exec.cpp: 1538 in sbbs_t::exec(csi_t *)()
    1532 thisnode.status=*csi->ip++; 1533 putnodedat(cfg.node_num,&thisnode);
    1534 } else
    1535 csi->ip++;
    1536 return(0);
    1537 case CS_MULTINODE_CHAT:
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1538 multinodechat(*csi->ip++);
    1539 return(0);
    1540 case CS_GETSTR:
    1541 csi->logic=LOGIC_TRUE;
    1542 getstr(csi->str,*csi->ip++,0);
    1543 if(sys_status&SS_ABORT) {
    /exec.cpp: 1875 in sbbs_t::exec(csi_t *)()
    1869 saveline();
    1870 return(0);
    1871 case CS_RESTORELINE:
    1872 restoreline();
    1873 return(0);
    1874 case CS_SELECT_SHELL:
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1875 csi->logic=select_shell() ? LOGIC_TRUE:LOGIC_FALSE;
    1876 return(0);
    1877 case CS_SET_SHELL:
    1878 csi->logic=LOGIC_TRUE;
    1879 for(i=0;i<cfg.total_shells;i++)
    1880 if(!stricmp(csi->str,cfg.shell[i]->code)
    /exec.cpp: 1897 in sbbs_t::exec(csi_t *)()
    1891 case CS_SELECT_EDITOR:
    1892 csi->logic=select_editor() ? LOGIC_TRUE:LOGIC_FALSE;
    1893 return(0);
    1894 case CS_SET_EDITOR:
    1895 csi->logic=LOGIC_TRUE;
    1896 for(i=0;i<cfg.total_xedits;i++)
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1897 if(!stricmp(csi->str,cfg.xedit[i]->code)
    1898 && chk_ar(cfg.xedit[i]->ar,&useron,&client))
    1899 break;
    1900 if(i<cfg.total_xedits) {
    1901 useron.xedit=i+1;
    1902 putuserstr(useron.number, USER_XEDIT, cfg.xedit[i]->code);

    ** CID 462297: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 462297: Uninitialized variables (UNINIT)
    /readmsgs.cpp: 218 in sbbs_t::loadposts(unsigned int *, int, unsigned int, int, unsigned int *, unsigned int *)()
    212 if(idx.to!=namecrc && idx.from!=namecrc
    213 && idx.to!=aliascrc && idx.from!=aliascrc
    214 && (useron.number!=1 || idx.to!=sysop)) 215 continue;
    216 msg.idx=idx;
    217 if(!smb_lockmsghdr(&smb,&msg)) {
    CID 462297: Uninitialized variables (UNINIT)
    Using uninitialized value "msg.idx_offset" when calling "smb_getmsghdr".
    218 if(!smb_getmsghdr(&smb,&msg)) {
    219 if(stricmp(msg.to,useron.alias) 220 && stricmp(msg.from,useron.alias)
    221 && stricmp(msg.to,useron.name)
    222 && stricmp(msg.from,useron.name)
    223 && (useron.number!=1 || stricmp(msg.to,"sysop")

    ** CID 462296: Integer handling issues (SIGN_EXTENSION)
    /writemsg.cpp: 296 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 462296: Integer handling issues (SIGN_EXTENSION)
    /writemsg.cpp: 296 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    290
    291 useron_level=useron.level;
    292
    293 if(editor!=NULL)
    294 *editor=NULL;
    295
    CID 462296: Integer handling issues (SIGN_EXTENSION)
    Suspicious implicit sign extension: "this->cfg.level_linespermsg[useron_level]" with type "uint16_t" (16 bits, unsigned) is promoted in "this->cfg.level_linespermsg[useron_level] * (this->cols - 1 + 2) + 1" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "this->cfg.level_linespermsg[useron_level] * (this->cols - 1 + 2) + 1" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
    296 if((buf=(char*)malloc((cfg.level_linespermsg[useron_level]*MAX_LINE_LEN) + 1))
    297 ==NULL) {
    298 errormsg(WHERE,ERR_ALLOC,fname
    299 ,(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN) +1);
    300 return(false);
    301 }

    ** CID 462295: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3509 in do_ansi()


    ________________________________________________________________________________________________________
    *** CID 462295: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3509 in do_ansi()
    3503 seq->param_int[0] = cterm->width - j;
    3504 MOVETEXT(col, row, max_col - seq->param_int[0], row, col + seq->param_int[0], row);
    3505 for(l=0; l < seq->param_int[0]; l++)
    3506 PUTCH(' ');
    3507 cterm_gotoxy(cterm, i, j);
    3508 break;
    CID 462295: Control flow issues (MISSING_BREAK)
    The case for value "'A'" is not terminated by a "break" statement.
    3509 case 'A': /* Cursor Up */
    3510 clear_lcf(cterm);
    3511 case 'k': /* Line Position Backward */
    3512 seq_default(seq, 0, 1);
    3513 if (seq->param_int[0] < 1)
    3514 break;

    ** CID 462294: Integer handling issues (NEGATIVE_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 462294: Integer handling issues (NEGATIVE_RETURNS)
    /netmail.cpp: 1038 in sbbs_t::inetmail(const char *, const char *, int, smb_t *, smbmsg_t *, char **)()
    1032 if(remsg != NULL && resmb != NULL && !(mode&WM_QUOTE)) {
    1033 if(quotemsg(resmb, remsg, /* include tails: */true)) 1034 mode |= WM_QUOTE;
    1035 }
    1036
    1037 SAFEPRINTF(msgpath,"%snetmail.msg",cfg.node_dir);
    CID 462294: Integer handling issues (NEGATIVE_RETURNS)
    A negative constant "-1" is passed as an argument to a parameter that cannot be negative.
    1038 if(!writemsg(msgpath,nulstr,title,WM_NETMAIL|mode,INVALID_SUB, to_list, /* from: */your_addr, &editor, &charset)) {
    1039 strListFree(&rcpt_list);
    1040 bputs(text[Aborted]);
    1041 return(false);
    1042 }
    1043

    ** CID 462293: Integer handling issues (NEGATIVE_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 462293: Integer handling issues (NEGATIVE_RETURNS)
    /netmail.cpp: 200 in sbbs_t::netmail(const char *, const char *, int, smb_t *, smbmsg_t *, char **)()
    194 if(remsg != NULL && resmb != NULL && !(mode&WM_QUOTE)) {
    195 if(quotemsg(resmb, remsg, /* include tails: */true)) 196 mode |= WM_QUOTE;
    197 }
    198
    199 msg_tmp_fname(useron.xedit, msgpath, sizeof(msgpath));
    CID 462293: Integer handling issues (NEGATIVE_RETURNS)
    A negative constant "-1" is passed as an argument to a parameter that cannot be negative.
    200 if(!writemsg(msgpath,nulstr,subj,WM_NETMAIL|mode,INVALID_SUB, to, from, &editor, &charset)) {
    201 bputs(text[Aborted]);
    202 return(false);
    203 }
    204
    205 if(mode&WM_FILE) {

    ** CID 462292: (NULL_RETURNS)
    /execmisc.cpp: 526 in sbbs_t::exec_misc(csi_t *, const char *)()
    /execmisc.cpp: 526 in sbbs_t::exec_misc(csi_t *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 462292: (NULL_RETURNS)
    /execmisc.cpp: 526 in sbbs_t::exec_misc(csi_t *, const char *)()
    520 if(*pp1!=csi->str && (!*pp1 || i==MAX_SYSVARS)) {
    521 if(*pp1)
    522 *pp1=(char *)realloc(*pp1,strlen(*pp1)+strlen(*pp2)+1);
    523 else
    524 *pp1=(char *)realloc(*pp1,strlen(*pp2)+1);
    525 }
    CID 462292: (NULL_RETURNS)
    Dereferencing a pointer that might be "nullptr" "*pp1" when calling "strcat". [Note: The source code implementation of the function has been overridden by a builtin model.]
    526 strcat(*pp1,*pp2);
    527 return(0);
    528 case FORMAT_STR_VAR:
    529 pp=getstrvar(csi,*(int32_t *)csi->ip);
    530 csi->ip+=4; /* Skip variable name */
    531 p=format_string(this, csi); /execmisc.cpp: 526 in sbbs_t::exec_misc(csi_t *, const char *)()
    520 if(*pp1!=csi->str && (!*pp1 || i==MAX_SYSVARS)) {
    521 if(*pp1)
    522 *pp1=(char *)realloc(*pp1,strlen(*pp1)+strlen(*pp2)+1);
    523 else
    524 *pp1=(char *)realloc(*pp1,strlen(*pp2)+1);
    525 }
    CID 462292: (NULL_RETURNS)
    Dereferencing a pointer that might be "nullptr" "*pp1" when calling "strcat". [Note: The source code implementation of the function has been overridden by a builtin model.]
    526 strcat(*pp1,*pp2);
    527 return(0);
    528 case FORMAT_STR_VAR:
    529 pp=getstrvar(csi,*(int32_t *)csi->ip);
    530 csi->ip+=4; /* Skip variable name */
    531 p=format_string(this, csi);

    ** CID 462291: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3517 in do_ansi()


    ________________________________________________________________________________________________________
    *** CID 462291: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3517 in do_ansi()
    3511 case 'k': /* Line Position Backward */
    3512 seq_default(seq, 0, 1);
    3513 if (seq->param_int[0] < 1)
    3514 break; 3515 adjust_currpos(cterm, 0, 0 - seq->param_int[0], 0);
    3516 break;
    CID 462291: Control flow issues (MISSING_BREAK)
    The case for value "'B'" is not terminated by a "break" statement.
    3517 case 'B': /* Cursor Down */
    3518 clear_lcf(cterm);
    3519 case 'e': /* Line Position Forward */
    3520 seq_default(seq, 0, 1);
    3521 if (seq->param_int[0] < 1)
    3522 break;

    ** CID 462290: Integer handling issues (NEGATIVE_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 462290: Integer handling issues (NEGATIVE_RETURNS)
    /netmail.cpp: 1316 in sbbs_t::qnetmail(const char *, const char *, int, smb_t *, smbmsg_t *)()
    1310 if(remsg != NULL && resmb != NULL && !(mode&WM_QUOTE)) {
    1311 if(quotemsg(resmb, remsg, /* include tails: */true)) 1312 mode |= WM_QUOTE;
    1313 }
    1314
    1315 SAFEPRINTF(msgpath,"%snetmail.msg",cfg.node_dir);
    CID 462290: Integer handling issues (NEGATIVE_RETURNS)
    A negative constant "-1" is passed as an argument to a parameter that cannot be negative.
    1316 if(!writemsg(msgpath,nulstr,title, (mode|WM_QWKNET|WM_NETMAIL) ,INVALID_SUB,to,/* from: */useron.alias, &editor, &charset)) {
    1317 bputs(text[Aborted]);
    1318 return(false);
    1319 }
    1320
    1321 if((i=smb_stack(&smb,SMB_STACK_PUSH))!=SMB_SUCCESS) {

    ** CID 462289: Integer handling issues (NEGATIVE_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 462289: Integer handling issues (NEGATIVE_RETURNS)
    /bulkmail.cpp: 53 in sbbs_t::bulkmail(unsigned char *)()
    47 && !noyes(text[AnonymousQ])) {
    48 msg.hdr.attr|=MSG_ANONYMOUS;
    49 wm_mode|=WM_ANON;
    50 }
    51
    52 msg_tmp_fname(useron.xedit, msgpath, sizeof(msgpath));
    CID 462289: Integer handling issues (NEGATIVE_RETURNS)
    A negative constant "-1" is passed as an argument to a parameter that cannot be negative.
    53 if(!writemsg(msgpath,nulstr,title,wm_mode,INVALID_SUB,"Bulk Mailing"
    54 ,/* From: */useron.alias
    55 ,&editor
    56 ,&charset)) {
    57 bputs(text[Aborted]);
    58 return(false);

    ** CID 462288: High impact quality (Y2K38_SAFETY)
    /upload.cpp: 351 in sbbs_t::upload(int)()


    ________________________________________________________________________________________________________
    *** CID 462288: High impact quality (Y2K38_SAFETY)
    /upload.cpp: 351 in sbbs_t::upload(int)()
    345 SAFEPRINTF(descbeg,text[Rated],toupper(ch));
    346 }
    347 if(cfg.dir[dirnum]->misc&DIR_ULDATE) {
    348 now=time(NULL);
    349 if(descbeg[0])
    350 strcat(descbeg," ");
    CID 462288: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->now" is cast to "time32_t".
    351 SAFEPRINTF(str,"%s ",unixtodstr(&cfg,(time32_t)now,tmp));
    352 strcat(descbeg,str);
    353 }
    354 if(cfg.dir[dirnum]->misc&DIR_MULT) {
    355 sync();
    356 if(!noyes(text[MultipleDiskQ])) {

    ** CID 462287: Insecure data handling (TAINTED_SCALAR)


    ________________________________________________________________________________________________________
    *** CID 462287: Insecure data handling (TAINTED_SCALAR)
    /writemsg.cpp: 762 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    756 while(!feof(tag)) {
    757 if(!fgets(str,sizeof(str),tag)) 758 break;
    759 truncsp(str);
    760 if(utf8) {
    761 char buf[sizeof(str)*4];
    CID 462287: Insecure data handling (TAINTED_SCALAR)
    Passing tainted expression "str" to "cp437_to_utf8_str", which uses it as an offset.
    762 cp437_to_utf8_str(str, buf, sizeof(buf) - 1, /* minval: */'\x02');
    763 l+=fprintf(stream,"%s\r\n", buf);
    764 } else
    765 l+=fprintf(stream,"%s\r\n",str);
    766 lines++; /* line counter */
    767 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DtLKg_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAqovISQpoxJCpfGf5WxBSwicKqoI1-2FF-2FaRmTPl-2BdVuGdSUZJZL-2FtmrL2VG6EaSuRynvnKTam4RxYwMKuXCyGzW07U-2FihjT83mqDNq6SOIYF1Sr-2FPyTE6vlrslg0L6d5zkvnLZ7buAIgjMdQW0NPYYLOxV54tcIwBqmxUNrcgSYSA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, July 21, 2023 12:39:32
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 462777: Error handling issues (CHECKED_RETURN)
    /sbbsecho.c: 1796 in alter_areas()


    ________________________________________________________________________________________________________
    *** CID 462777: Error handling issues (CHECKED_RETURN)
    /sbbsecho.c: 1796 in alter_areas()
    1790 chmod(outpath, st.st_mode);
    1791 if(cfg.areafile_backups == 0 || !backup(cfg.areafile, cfg.areafile_backups, /* ren: */TRUE))
    1792 delfile(cfg.areafile, __LINE__); /* Delete AREAS.BBS */
    1793 if(rename(outpath,cfg.areafile)) /* Rename new AREAS.BBS file */
    1794 lprintf(LOG_ERR,"ERROR line %d renaming %s to %s",__LINE__,outpath,cfg.areafile);
    1795 }
    CID 462777: Error handling issues (CHECKED_RETURN)
    Calling "remove(outpath)" without checking return value. This library function may fail and return an error code.
    1796 remove(outpath); // expected to fail (file does not exist) much of the time
    1797 }
    1798
    1799 bool add_sub_to_arealist(sub_t* sub, fidoaddr_t uplink)
    1800 {
    1801 FILE* fp = NULL;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D9Jsa_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBb4277PBgEvmZlC-2F75f6Wn0OW7OlFk2c1B-2BHtshOYvFkBSQP9EqEdk2ezaBaEw-2BucLGwfFouHIfPe-2Fyudqe7-2BvtImpG7nG3GNHNovDhmEdP7PSdTfD3wACCQeKNpizxWyAzNP4xAGsoa5IGtqS3OShzACd7MFIxkk2Y7iSTOvrLw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, September 06, 2023 12:42:06
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 465170: Resource leaks (RESOURCE_LEAK)
    /scfg/scfg.c: 2447 in new_item()


    ________________________________________________________________________________________________________
    *** CID 465170: Resource leaks (RESOURCE_LEAK)
    /scfg/scfg.c: 2447 in new_item()
    2441 void** p;
    2442 void* item;
    2443
    2444 if((item = calloc(size, 1)) == NULL)
    2445 return NULL;
    2446 if((p = realloc(list, size * ((*total) + 1))) == NULL)
    CID 465170: Resource leaks (RESOURCE_LEAK)
    Variable "item" going out of scope leaks the storage it points to.
    2447 return NULL;
    2448 list = p;
    2449 for(int i = *total; i > index; --i)
    2450 list[i] = list[i - 1];
    2451 list[index] = item;
    2452 ++(*total);

    ** CID 465169: (SIZEOF_MISMATCH)
    /scfg/scfgxfr1.c: 544 in xfer_opts()
    /scfg/scfgxfr1.c: 698 in xfer_opts()
    /scfg/scfgxfr1.c: 1124 in xfer_opts()
    /scfg/scfgxfr1.c: 844 in xfer_opts()
    /scfg/scfgxfr1.c: 412 in xfer_opts()
    /scfg/scfgxfr1.c: 982 in xfer_opts()


    ________________________________________________________________________________________________________
    *** CID 465169: (SIZEOF_MISMATCH)
    /scfg/scfgxfr1.c: 544 in xfer_opts()
    538 }
    539 if(msk == MSK_COPY) {
    540 savftest=*cfg.ftest[i]; 541 continue;
    542 }
    543 if(msk == MSK_PASTE) {
    CID 465169: (SIZEOF_MISMATCH)
    Passing argument "240UL /* sizeof (ftest_t) */" to function "new_item" and then casting the return value to "ftest_t **" is suspicious.
    544 if((cfg.ftest = (ftest_t**)new_item(cfg.ftest, sizeof(ftest_t), i, &cfg.total_ftests)) == NULL) {
    545 errormsg(WHERE, ERR_ALLOC, "ftests", sizeof(ftest_t) * (cfg.total_ftests + 1));
    546 cfg.total_ftests = 0;
    547 bail(1);
    548 }
    549 *cfg.ftest[i]=savftest; /scfg/scfgxfr1.c: 698 in xfer_opts()
    692 }
    693 if(msk == MSK_COPY) {
    694 savdlevent=*cfg.dlevent[i];
    695 continue;
    696 }
    697 if(msk == MSK_PASTE) {
    CID 465169: (SIZEOF_MISMATCH)
    Passing argument "240UL /* sizeof (dlevent_t) */" to function "new_item" and then casting the return value to "dlevent_t **" is suspicious.
    698 if((cfg.dlevent = (dlevent_t**)new_item(cfg.dlevent, sizeof(dlevent_t), i, &cfg.total_dlevents)) == NULL) {
    699 errormsg(WHERE, ERR_ALLOC, "dlevents", sizeof(dlevent_t) * (cfg.total_dlevents + 1));
    700 cfg.total_dlevents = 0;
    701 bail(1);
    702 }
    703 *cfg.dlevent[i]=savdlevent;
    /scfg/scfgxfr1.c: 1124 in xfer_opts()
    1118 }
    1119 if(msk == MSK_COPY) {
    1120 savprot=*cfg.prot[i]; 1121 continue;
    1122 }
    1123 if(msk == MSK_PASTE) {
    CID 465169: (SIZEOF_MISMATCH)
    Passing argument "720UL /* sizeof (prot_t) */" to function "new_item" and then casting the return value to "prot_t **" is suspicious.
    1124 if((cfg.prot = (prot_t**)new_item(cfg.prot, sizeof(prot_t), i, &cfg.total_prots)) == NULL) {
    1125 errormsg(WHERE, ERR_ALLOC, "prots", sizeof(prot_t) * (cfg.total_prots + 1));
    1126 cfg.total_prots=0;
    1127 bail(1);
    1128 }
    1129 *cfg.prot[i]=savprot; /scfg/scfgxfr1.c: 844 in xfer_opts()
    838 }
    839 if(msk == MSK_COPY) {
    840 savfextr=*cfg.fextr[i]; 841 continue;
    842 }
    843 if(msk == MSK_PASTE) {
    CID 465169: (SIZEOF_MISMATCH)
    Passing argument "199UL /* sizeof (fextr_t) */" to function "new_item" and then casting the return value to "fextr_t **" is suspicious.
    844 if((cfg.fextr = (fextr_t**)new_item(cfg.fextr, sizeof(fextr_t), i, &cfg.total_fextrs)) == NULL) {
    845 errormsg(WHERE, ERR_ALLOC, "fextrs", sizeof(fextr_t) * (cfg.total_fextrs + 1));
    846 cfg.total_fextrs = 0;
    847 bail(1);
    848 }
    849 *cfg.fextr[i]=savfextr; /scfg/scfgxfr1.c: 412 in xfer_opts()
    406 }
    407 if(msk == MSK_COPY) {
    408 savfview=*cfg.fview[i]; 409 continue;
    410 }
    411 if(msk == MSK_PASTE) {
    CID 465169: (SIZEOF_MISMATCH)
    Passing argument "199UL /* sizeof (fview_t) */" to function "new_item" and then casting the return value to "fview_t **" is suspicious.
    412 if((cfg.fview = (fview_t**)new_item(cfg.fview, sizeof(fview_t), i, &cfg.total_fviews)) == NULL) {
    413 errormsg(WHERE, ERR_ALLOC, "fviews", sizeof(fview_t) * (cfg.total_fviews + 1));
    414 cfg.total_fviews = 0;
    415 bail(1);
    416 }
    417 *cfg.fview[i]=savfview; /scfg/scfgxfr1.c: 982 in xfer_opts()
    976 }
    977 if(msk == MSK_COPY) {
    978 savfcomp=*cfg.fcomp[i]; 979 continue;
    980 }
    981 if(msk == MSK_PASTE) {
    CID 465169: (SIZEOF_MISMATCH)
    Passing argument "199UL /* sizeof (fcomp_t) */" to function "new_item" and then casting the return value to "fcomp_t **" is suspicious.
    982 if((cfg.fcomp = (fcomp_t**)new_item(cfg.fcomp, sizeof(fcomp_t), i, &cfg.total_fcomps)) == NULL) {
    983 errormsg(WHERE, ERR_ALLOC, "fcomps", sizeof(fcomp_t) * (cfg.total_fcomps + 1));
    984 cfg.total_fcomps = 0;
    985 bail(1);
    986 }
    987 *cfg.fcomp[i]=savfcomp;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D5wZ8_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCnsQIL3fFmuqL7faauDZIkRsjaF7SdWuX9-2F6F0cLhQPK2eigoJW5CI-2BTBbzcwuB-2Fnb9gU96N518jXtyrLldNWW25I5ASjWizI9KxhCsvWXL8lcGsg-2BB04X9jrEFEkrP4hbjq1CPbLr3dEPsMh2-2BJD6OG7PFXOCZ8vIf02fm0mzeA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, September 26, 2023 12:41:14
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 465835: High impact quality (Y2K38_SAFETY)
    /atcodes.cpp: 1344 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, JSObject *)()


    ________________________________________________________________________________________________________
    *** CID 465835: High impact quality (Y2K38_SAFETY)
    /atcodes.cpp: 1344 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, JSObject *)()
    1338 f = (float)useron.dls / useron.uls;
    1339 safe_snprintf(str, maxlen, "%u", f ? (uint)(100 / f) : 0);
    1340 return str;
    1341 }
    1342
    1343 if(!strcmp(sp,"LASTNEW"))
    CID 465835: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->ns_time" is cast to "time32_t".
    1344 return(unixtodstr(&cfg,(time32_t)ns_time,str));
    1345
    1346 if(strncmp(sp, "LASTNEW:", 8) == 0) {
    1347 SAFECOPY(tmp, sp + 8);
    1348 c_unescape_str(tmp);
    1349 memset(&tm, 0, sizeof(tm));


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DUPeu_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrC3rkJOOdMBm7nMBMgGcmpBP39czlPogoepUuUAf0jPqohwQMNy1ulVEkqUkOGShQTw40WBv406LhOm367tfkxK7FUNIoQlZBuwZ1omfunbNxXxVCmVw8GO3npVkZ3YxshRBZDZsP1O5VMLZ6DNCGvJ679Mp4a2XGGuVrVV7McBrQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, November 22, 2023 13:38:53
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    39 new defect(s) introduced to Synchronet found with Coverity Scan.
    12 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 39 defect(s)


    ** CID 469141: Data race undermines locking (LOCK_EVASION)
    /answer.cpp: 450 in sbbs_t::answer()()


    ________________________________________________________________________________________________________
    *** CID 469141: Data race undermines locking (LOCK_EVASION)
    /answer.cpp: 450 in sbbs_t::answer()()
    444 if(telnet_cols >= TERM_COLS_MIN && telnet_cols <= TERM_COLS_MAX)
    445 cols = telnet_cols;
    446 if(telnet_rows >= TERM_ROWS_MIN && telnet_rows <= TERM_ROWS_MAX)
    447 rows = telnet_rows;
    448 } else {
    449 lprintf(LOG_NOTICE, "no Telnet commands received, reverting to Raw TCP mode");
    CID 469141: Data race undermines locking (LOCK_EVASION)
    Thread1 sets "telnet_mode" to a new value. Now the two threads have an inconsistent view of "telnet_mode" and updates to fields correlated with "telnet_mode" may be lost.
    450 telnet_mode |= TELNET_MODE_OFF;
    451 client.protocol = "Raw";
    452 client_on(client_socket, &client,/* update: */true);
    453 SAFECOPY(connection, client.protocol);
    454 node_connection = NODE_CONNECTION_RAW;
    455 }

    ** CID 469140: Error handling issues (CHECKED_RETURN)
    /mqtt.c: 521 in mqtt_message_received()


    ________________________________________________________________________________________________________
    *** CID 469140: Error handling issues (CHECKED_RETURN)
    /mqtt.c: 521 in mqtt_message_received()
    515 if(bbs_startup->node_inbuf != NULL && bbs_startup->node_inbuf[i - 1] != NULL)
    516 RingBufWrite(bbs_startup->node_inbuf[i - 1], msg->payload, msg->payloadlen);
    517 return;
    518 }
    519 for(int i = bbs_startup->first_node; i <= bbs_startup->last_node; i++) {
    520 if(strcmp(msg->topic, mqtt_topic(mqtt, TOPIC_BBS, topic, sizeof(topic), "node/%d/msg", i)) == 0) {
    CID 469140: Error handling issues (CHECKED_RETURN)
    Calling "putnmsg" without checking return value (as is done elsewhere 4 out of 5 times).
    521 putnmsg(mqtt->cfg, i, msg->payload); 522 return;
    523 }
    524 if(strcmp(msg->topic, mqtt_topic(mqtt, TOPIC_BBS, topic, sizeof(topic), "node/%d/set/status", i)) == 0) {
    525 set_node_status(mqtt->cfg, i, mqtt_message_value(msg, 0));
    526 return;

    ** CID 469139: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1376 in JSRuntime::realloc(void *, unsigned long, unsigned long, JSContext *)()


    ________________________________________________________________________________________________________
    *** CID 469139: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1376 in JSRuntime::realloc(void *, unsigned long, unsigned long, JSContext *)()
    1370 }
    1371
    1372 void* realloc(void* p, size_t oldBytes, size_t newBytes, JSContext *cx = NULL) {
    1373 JS_ASSERT(oldBytes < newBytes);
    1374 updateMallocCounter(newBytes - oldBytes);
    1375 void *p2 = ::js_realloc(p, newBytes);
    CID 469139: Resource leaks (RESOURCE_LEAK)
    Failing to save or free storage allocated by "this->onOutOfMemory(p, newBytes, cx)" leaks it.
    1376 return JS_LIKELY(!!p2) ? p2 : onOutOfMemory(p, newBytes, cx); 1377 }
    1378
    1379 void* realloc(void* p, size_t bytes, JSContext *cx = NULL) {
    1380 /*
    1381 * For compatibility we do not account for realloc that increases

    ** CID 469138: Uninitialized variables (UNINIT)
    /getkey.cpp: 354 in sbbs_t::getkeys(const char *, unsigned int, int)()


    ________________________________________________________________________________________________________
    *** CID 469138: Uninitialized variables (UNINIT)
    /getkey.cpp: 354 in sbbs_t::getkeys(const char *, unsigned int, int)()
    348 attr(LIGHTGRAY);
    349 CRLF;
    350 }
    351 lncntr=0;
    352 return(-1);
    353 }
    CID 469138: Uninitialized variables (UNINIT)
    Using uninitialized value "*str" when calling "strchr". [Note: The source code implementation of the function has been overridden by a builtin model.]
    354 if(ch && !n && ((keys == NULL && !IS_DIGIT(ch)) || (strchr(str,ch)))) { /* return character if in string */
    355 if(ch > ' ') {
    356 if(!(mode&K_NOECHO))
    357 outchar(ch);
    358 if(useron.misc&COLDKEYS) {
    359 while(online && !(sys_status&SS_ABORT)) {

    ** CID 469137: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/dlmalloc.c: 3549 in sys_alloc()


    ________________________________________________________________________________________________________
    *** CID 469137: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/dlmalloc.c: 3549 in sys_alloc()
    3543 m->max_footprint = m->footprint;
    3544
    3545 if (!is_initialized(m)) { /* first-time initialization */
    3546 m->seg.base = m->least_addr = tbase;
    3547 m->seg.size = tsize;
    3548 set_segment_flags(&m->seg, mmap_flag);
    CID 469137: Concurrent data access violations (MISSING_LOCK)
    Accessing "mparams.magic" without holding lock "magic_init_mutex". Elsewhere, "malloc_params.magic" is written to with "magic_init_mutex" held 1 out of 1 times.
    3549 m->magic = mparams.magic;
    3550 init_bins(m);
    3551 if (is_global(m))
    3552 init_top(m, (mchunkptr)tbase, tsize - TOP_FOOT_SIZE);
    3553 else {
    3554 /* Offset top by embedded malloc_state */

    ** CID 469136: Program hangs (LOCK)
    /js_console.cpp: 2175 in js_lock_input(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 469136: Program hangs (LOCK)
    /js_console.cpp: 2175 in js_lock_input(JSContext *, unsigned int, unsigned long *)()
    2169 pthread_mutex_lock(&sbbs->input_thread_mutex);
    2170 } else {
    2171 pthread_mutex_unlock(&sbbs->input_thread_mutex);
    2172 }
    2173 JS_RESUMEREQUEST(cx, rc);
    2174
    CID 469136: Program hangs (LOCK)
    Returning without unlocking "sbbs->input_thread_mutex".
    2175 return(JS_TRUE);
    2176 }
    2177
    2178 static JSBool
    2179 js_telnet_cmd(JSContext *cx, uintN argc, jsval *arglist)
    2180 {

    ** CID 469135: Concurrent data access violations (MISSING_LOCK)
    /js_rtpool.c: 35 in jsrt_GetNew()


    ________________________________________________________________________________________________________
    *** CID 469135: Concurrent data access violations (MISSING_LOCK) /js_rtpool.c: 35 in jsrt_GetNew()
    29 {
    30 JSRuntime *ret;
    31
    32 if(!initialized) {
    33 initialized=TRUE;
    34 pthread_mutex_init(&jsrt_mutex, NULL);
    CID 469135: Concurrent data access violations (MISSING_LOCK)
    Accessing "rt_list" without holding lock "jsrt_mutex". Elsewhere, "rt_list" is written to with "jsrt_mutex" held 4 out of 5 times.
    35 listInit(&rt_list, 0);
    36 _beginthread(trigger_thread, TRIGGER_THREAD_STACK_SIZE, NULL); 37 }
    38 pthread_mutex_lock(&jsrt_mutex);
    39 ret=JS_NewRuntime(maxbytes);
    40 listPushNode(&rt_list, ret);

    ** CID 469134: Program hangs (LOCK)
    /writemsg.cpp: 1274 in sbbs_t::editfile(char *, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 469134: Program hangs (LOCK)
    /writemsg.cpp: 1274 in sbbs_t::editfile(char *, unsigned int)()
    1268 if(cfg.xedit[useron_xedit-1]->misc&WWIVCOLOR) 1269 mode|=EX_WWIV;
    1270 }
    1271 CLS;
    1272 rioctl(IOCM|PAUSE|ABORT);
    1273 if(external(cmdstr(cfg.xedit[useron_xedit-1]->rcmd,msgtmp,nulstr,NULL,mode), mode, cfg.node_dir)!=0)
    CID 469134: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    1274 return false;
    1275 l=process_edited_file(msgtmp, path, /* mode: */WM_EDIT, &lines,maxlines);
    1276 if(l>0) {
    1277 SAFEPRINTF3(str,"created or edited file: %s (%ld bytes, %u lines)"
    1278 ,path, l, lines);
    1279 logline(LOG_NOTICE,nulstr,str);

    ** CID 469133: Memory - corruptions (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 469133: Memory - corruptions (OVERRUN) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/jsobjinlines.h: 952 in js::NewNativeClassInstance(JSContext *, js::Class *, JSObject *, JSObject *)()
    946 }
    947
    948 static inline JSObject *
    949 NewNativeClassInstance(JSContext *cx, Class *clasp, JSObject *proto, JSObject *parent)
    950 {
    951 gc::FinalizeKind kind = gc::GetGCObjectKind(JSCLASS_RESERVED_SLOTS(clasp));
    CID 469133: Memory - corruptions (OVERRUN)
    Overrunning callee's array of size 11 by passing argument "kind" (which evaluates to 11) in call to "NewNativeClassInstance".
    952 return NewNativeClassInstance(cx, clasp, proto, parent, kind);
    953 }
    954
    955 bool
    956 FindClassPrototype(JSContext *cx, JSObject *scope, JSProtoKey protoKey, JSObject **protop,
    957 Class *clasp);

    ** CID 469132: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-22-2023/src/conio/sdl_con.c: 692 in sdl_add_key()


    ________________________________________________________________________________________________________
    *** CID 469132: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-22-2023/src/conio/sdl_con.c: 692 in sdl_add_key()
    686 static void sdl_add_key(unsigned int keyval, struct video_stats *vs) 687 {
    688 if(keyval==0xa600 && vs != NULL) {
    689 fullscreen=!fullscreen;
    690 cio_api.mode=fullscreen?CIOLIB_MODE_SDL_FULLSCREEN:CIOLIB_MODE_SDL;
    691 update_cvstat(vs);
    CID 469132: Concurrent data access violations (MISSING_LOCK)
    Accessing "win" without holding lock "win_mutex". Elsewhere, "win" is written to with "win_mutex" held 1 out of 1 times.
    692 sdl.SetWindowFullscreen(win, fullscreen ? SDL_WINDOW_FULLSCREEN_DESKTOP : 0);
    693 if (!fullscreen) {
    694 int w, h;
    695
    696 // Get current window size
    697 sdl.GetWindowSize(win, &w, &h);

    ** CID 469131: Concurrent data access violations (MISSING_LOCK)
    /exec.cpp: 848 in sbbs_t::skipto(csi_t *, unsigned char)()


    ________________________________________________________________________________________________________
    *** CID 469131: Concurrent data access violations (MISSING_LOCK)
    /exec.cpp: 848 in sbbs_t::skipto(csi_t *, unsigned char)()
    842 /* Skcsi->ip to a specific instruction */
    843 /****************************************************************************/
    844 void sbbs_t::skipto(csi_t *csi, uchar inst)
    845 {
    846 int i,j;
    847
    CID 469131: Concurrent data access violations (MISSING_LOCK)
    Accessing "csi->cs" without holding lock "sbbs_t.input_thread_mutex". Elsewhere, "csi_t.cs" is written to with "sbbs_t.input_thread_mutex" held 3 out of 3 times.
    848 while(csi->ip<csi->cs+csi->length && ((inst&0x80) || *csi->ip!=inst)) {
    849
    850 if(*csi->ip==CS_IF_TRUE || *csi->ip==CS_IF_FALSE
    851 || (*csi->ip>=CS_IF_GREATER && *csi->ip<=CS_IF_LESS_OR_EQUAL)) {
    852 csi->ip++;
    853 skipto(csi,CS_ENDIF);

    ** CID 469130: Program hangs (LOCK)
    /writemsg.cpp: 628 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 469130: Program hangs (LOCK)
    /writemsg.cpp: 628 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    622 lprintf(LOG_ERR, "ERROR %d (%s) saving draft message: %s", errno, strerror(errno), draft);
    623 }
    624
    625 if(result != EXIT_SUCCESS || !fexistcase(msgtmp) || !online
    626 || (linesquoted && qlen==flength(msgtmp) && qtime==fdate(msgtmp))) {
    627 free(buf);
    CID 469130: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    628 return(false);
    629 }
    630 SAFEPRINTF(str,"%sRESULT.ED",cfg.node_dir);
    631 if(!(mode&(WM_EXTDESC|WM_FILE))
    632 && fexistcase(str)) {
    633 if((fp=fopen(str,"r")) != NULL) {

    ** CID 469129: Data race undermines locking (LOCK_EVASION)
    /main.cpp: 3908 in sbbs_t::hangup()()


    ________________________________________________________________________________________________________
    *** CID 469129: Data race undermines locking (LOCK_EVASION)
    /main.cpp: 3908 in sbbs_t::hangup()()
    3902 if(client_socket!=INVALID_SOCKET) {
    3903 mswait(1000); /* Give socket output buffer time to flush */
    3904 client_off(client_socket);
    3905 if(ssh_mode) {
    3906 pthread_mutex_lock(&ssh_mutex);
    3907 ssh_session_destroy(client_socket, ssh_session, __LINE__);
    CID 469129: Data race undermines locking (LOCK_EVASION)
    Thread1 sets "ssh_mode" to a new value. Now the two threads have an inconsistent view of "ssh_mode" and updates to fields correlated with "ssh_mode" may be lost.
    3908 ssh_mode = false;
    3909 pthread_mutex_unlock(&ssh_mutex);
    3910 }
    3911 close_socket(client_socket);
    3912 client_socket=INVALID_SOCKET;
    3913 }

    ** CID 469128: Code maintainability issues (UNUSED_VALUE)
    /scfg/scfgchat.c: 716 in guru_cfg()


    ________________________________________________________________________________________________________
    *** CID 469128: Code maintainability issues (UNUSED_VALUE)
    /scfg/scfgchat.c: 716 in guru_cfg()
    710 *cfg.guru[i]=savguru;
    711 uifc.changes=1;
    712 continue;
    713 }
    714 if (msk != 0)
    715 continue;
    CID 469128: Code maintainability issues (UNUSED_VALUE)
    Assigning value "0" to "j" here, but that stored value is overwritten before it can be used.
    716 j=0;
    717 done=0;
    718 while(!done) {
    719 k=0;
    720 snprintf(opt[k++],MAX_OPLN,"%-27.27s%s","Guru Name",cfg.guru[i]->name);
    721 snprintf(opt[k++],MAX_OPLN,"%-27.27s%s","Guru Internal Code",cfg.guru[i]->code);

    ** CID 469127: Code maintainability issues (UNUSED_VALUE)
    /scfg/scfgchat.c: 873 in actsets_cfg()


    ________________________________________________________________________________________________________
    *** CID 469127: Code maintainability issues (UNUSED_VALUE)
    /scfg/scfgchat.c: 873 in actsets_cfg()
    867 uifc.changes=1;
    868 continue;
    869 }
    870 if (msk != 0)
    871 continue;
    872
    CID 469127: Code maintainability issues (UNUSED_VALUE)
    Assigning value "0" to "j" here, but that stored value is overwritten before it can be used.
    873 j=0;
    874 done=0;
    875 while(!done) {
    876 k=0;
    877 snprintf(opt[k++],MAX_OPLN,"%-27.27s%s","Action Set Name",cfg.actset[i]->name);
    878 snprintf(opt[k++],MAX_OPLN,"%-27.27s","Configure Chat Actions...");

    ** CID 469126: Data race undermines locking (LOCK_EVASION) /tmp/sbbs-Nov-22-2023/src/conio/sdl_con.c: 1196 in sdl_video_event_thread()


    ________________________________________________________________________________________________________
    *** CID 469126: Data race undermines locking (LOCK_EVASION) /tmp/sbbs-Nov-22-2023/src/conio/sdl_con.c: 1196 in sdl_video_event_thread() 1190 break;
    1191 case SDL_USEREVENT_INIT:
    1192 if(!sdl_init_good) { 1193 if(sdl.WasInit(SDL_INIT_VIDEO)==SDL_INIT_VIDEO) {
    1194 pthread_mutex_lock(&win_mutex);
    1195 _beginthread(sdl_mouse_thread, 0, NULL);
    CID 469126: Data race undermines locking (LOCK_EVASION)
    Thread1 sets "sdl_init_good" to a new value. Now the two threads have an inconsistent view of "sdl_init_good" and updates to fields correlated with "sdl_init_good" may be lost.
    1196 sdl_init_good=1;
    1197 pthread_mutex_unlock(&win_mutex);
    1198 }
    1199 }
    1200 sdl_ufunc_retval=0; 1201 sem_post(&sdl_ufunc_ret);

    ** CID 469125: Program hangs (LOCK)
    /js_console.cpp: 2149 in js_do_lock_input()


    ________________________________________________________________________________________________________
    *** CID 469125: Program hangs (LOCK)
    /js_console.cpp: 2149 in js_do_lock_input()
    2143
    2144 if(lock) {
    2145 pthread_mutex_lock(&sbbs->input_thread_mutex);
    2146 } else {
    2147 pthread_mutex_unlock(&sbbs->input_thread_mutex);
    2148 }
    CID 469125: Program hangs (LOCK)
    Returning without unlocking "sbbs->input_thread_mutex".
    2149 }
    2150
    2151 static JSBool
    2152 js_lock_input(JSContext *cx, uintN argc, jsval *arglist)
    2153 {
    2154 jsval *argv=JS_ARGV(cx, arglist);

    ** CID 469124: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1387 in JSRuntime::realloc(void *, unsigned long, JSContext *)()


    ________________________________________________________________________________________________________
    *** CID 469124: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1387 in JSRuntime::realloc(void *, unsigned long, JSContext *)()
    1381 * For compatibility we do not account for realloc that increases
    1382 * previously allocated memory.
    1383 */
    1384 if (!p)
    1385 updateMallocCounter(bytes);
    1386 void *p2 = ::js_realloc(p, bytes);
    CID 469124: Resource leaks (RESOURCE_LEAK)
    Failing to save or free storage allocated by "this->onOutOfMemory(p, bytes, cx)" leaks it.
    1387 return JS_LIKELY(!!p2) ? p2 : onOutOfMemory(p, bytes, cx); 1388 }
    1389
    1390 void free(void* p) { ::js_free(p); }
    1391
    1392 bool isGCMallocLimitReached() const { return gcMallocBytes <= 0; }

    ** CID 469123: Memory - corruptions (USE_AFTER_FREE) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/dlmalloc.c: 3642 in release_unused_segments()


    ________________________________________________________________________________________________________
    *** CID 469123: Memory - corruptions (USE_AFTER_FREE) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/dlmalloc.c: 3642 in release_unused_segments()
    3636 m->footprint -= size;
    3637 /* unlink obsoleted record */
    3638 sp = pred;
    3639 sp->next = next;
    3640 }
    3641 else { /* back out if cannot unmap */
    CID 469123: Memory - corruptions (USE_AFTER_FREE)
    Dereferencing freed pointer "tp".
    3642 insert_large_chunk(m, tp, psize);
    3643 }
    3644 }
    3645 }
    3646 pred = sp;
    3647 sp = next;

    ** CID 469122: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-22-2023/src/conio/bitmap_con.c: 1945 in bitmap_drv_init()


    ________________________________________________________________________________________________________
    *** CID 469122: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-22-2023/src/conio/bitmap_con.c: 1945 in bitmap_drv_init()
    1939 }
    1940 pthread_mutex_unlock(&screenlock);
    1941 pthread_mutex_unlock(&vstatlock);
    1942
    1943 callbacks.drawrect=drawrect_cb;
    1944 callbacks.flush=flush_cb;
    CID 469122: Concurrent data access violations (MISSING_LOCK)
    Accessing "callbacks.rects" without holding lock "bitmap_callbacks.lock". Elsewhere, "bitmap_callbacks.rects" is written to with "bitmap_callbacks.lock" held 2 out of 3 times.
    1945 callbacks.rects = 0;
    1946 bitmap_initialized=1;
    1947 _beginthread(blinker_thread,0,NULL);
    1948
    1949 return(0);
    1950 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DezJc_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDT3F0wM8qs717Yj7QnFBvYyAUS7vXZd5Pzj9EaE-2FCuUUR9NEokXV0L9QGkQnwKG-2F4JnYcm1wvoWK2grpdczQI6n7wuX-2Bi09RPQD8-2Fo5FYqgA3L383Nxk-2F3tA3xct0exbA8dNWXjcBJFMBco67mM0qFopWSHsWYNweS2rfwVJx4JQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, November 23, 2023 13:39:20
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    11 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 469167: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 469167: (SLEEP)
    /main.cpp: 2494 in output_thread(void *)()
    2488 */
    2489 size_t sendbytes = buftop-bufbot;
    2490 if (sendbytes > 0x2000)
    2491 sendbytes = 0x2000;
    2492 if(cryptStatusError((err=cryptPushData(sbbs->ssh_session, (char*)buf+bufbot, buftop-bufbot, &i)))) {
    2493 /* Handle the SSH error here... */
    CID 469167: (SLEEP)
    Call to "lprintf" might sleep while holding lock "sbbs->ssh_mutex". 2494 GCESSTR(err, node, sbbs->ssh_session, "pushing data");
    2495 ssh_errors++;
    2496 sbbs->online=FALSE;
    2497 i=buftop-bufbot; // Pretend we sent it all
    2498 }
    2499 else {
    /main.cpp: 2479 in output_thread(void *)()
    2473 }
    2474 if(!sbbs->ssh_mode) {
    2475 pthread_mutex_unlock(&sbbs->ssh_mutex); 2476 continue;
    2477 }
    2478 if (cryptStatusError((err=cryptSetAttribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL, sbbs->session_channel)))) {
    CID 469167: (SLEEP)
    Call to "lprintf" might sleep while holding lock "sbbs->ssh_mutex". 2479 GCESSTR(err, node, sbbs->ssh_session, "setting channel");
    2480 ssh_errors++;
    2481 sbbs->online=FALSE;
    2482 i=buftop-bufbot; // Pretend we sent it all
    2483 }
    2484 else {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3D5OUN_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAWre6lEuRZshFB9v23oRHfb6cJViSmU6jeWo6H6qjr2TD-2FKFU3E7Wk43r5o6gE3xpEUu2LCxXDEO7eIcPPMxFL1Nq6AhOVschJGcr-2Bj9V3IL2-2BV5MIEfM79IRScL2ukizExtyrX8BpZAnSaCd3CJdrnZtJg68NUadTHcpkaQqA0A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, December 09, 2023 13:46:36
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    5 new defect(s) introduced to Synchronet found with Coverity Scan.
    5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 5 of 5 defect(s)


    ** CID 470390: Program hangs (LOCK)
    /viewfile.cpp: 111 in sbbs_t::viewfile(const char *)()


    ________________________________________________________________________________________________________
    *** CID 470390: Program hangs (LOCK)
    /viewfile.cpp: 111 in sbbs_t::viewfile(const char *)()
    105 if(i >= cfg.total_fviews) {
    106 bprintf(text[NonviewableFile], getfname(path));
    107 return false;
    108 }
    109 if((i=external(cmdstr(viewcmd, path, path, NULL), EX_STDIO|EX_SH))!=0) {
    110 errormsg(WHERE,ERR_EXEC,viewcmd,i); /* must have EX_SH to ^C */
    CID 470390: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    111 return false;
    112 }
    113 return true;
    114 }
    115
    116 /****************************************************************************/

    ** CID 470389: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 470389: (SLEEP)
    /upload.cpp: 84 in sbbs_t::uploadfile(smbmsg_t *)()
    78 safe_snprintf(str,sizeof(str),"attempted to upload %s to %s %s (%s error code %d)"
    79 ,f->name
    80 ,cfg.lib[cfg.dir[f->dir]->lib]->sname,cfg.dir[f->dir]->sname,cfg.ftest[i]->ext
    81 ,result);
    82 logline(LOG_NOTICE,"U!",str);
    83 bprintf(text[FileHadErrors],f->name,cfg.ftest[i]->ext);
    CID 470389: (SLEEP)
    Call to "yesno" might sleep while holding lock "this->input_thread_mutex".
    84 if(!SYSOP || yesno(text[DeleteFileQ]))
    85 remove(path);
    86 return false;
    87 }
    88 SAFEPRINTF(str,"%ssbbsfile.nam",cfg.node_dir);
    89 if((stream=fopen(str,"r"))!=NULL) {
    /upload.cpp: 76 in sbbs_t::uploadfile(smbmsg_t *)()
    70 if(f->desc != NULL)
    71 fprintf(stream, "%s", f->desc);
    72 fclose(stream);
    73 }
    74 // Note: str (%s) is path/to/sbbsfile.des (used to be the description itself)
    75 int result = external(cmdstr(cfg.ftest[i]->cmd, path, str, NULL), EX_OFFLINE);
    CID 470389: (SLEEP)
    Call to "clearline" might sleep while holding lock "this->input_thread_mutex".
    76 clearline();
    77 if(result != 0) {
    78 safe_snprintf(str,sizeof(str),"attempted to upload %s to %s %s (%s error code %d)"
    79 ,f->name
    80 ,cfg.lib[cfg.dir[f->dir]->lib]->sname,cfg.dir[f->dir]->sname,cfg.ftest[i]->ext
    81 ,result);

    ** CID 470388: Program hangs (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 470388: Program hangs (SLEEP)
    /inkey.cpp: 203 in sbbs_t::handle_ctrlkey(char, int)()
    197 }
    198 js_execfile(cmdstr(cfg.hotkey[i]->cmd+1,nulstr,nulstr,tmp), /* startup_dir: */NULL, /* scope: */js_hotkey_glob, js_hotkey_cx, js_hotkey_glob);
    199 } else
    200 external(cmdstr(cfg.hotkey[i]->cmd,nulstr,nulstr,tmp),0);
    201 if(!(sys_status&SS_SPLITP)) {
    202 CRLF;
    CID 470388: Program hangs (SLEEP)
    Call to "restoreline" might sleep while holding lock "this->input_thread_mutex".
    203 restoreline();
    204 }
    205 lncntr=0;
    206 hotkey_inside &= ~(1<<ch);
    207 return(0);
    208 }

    ** CID 470387: Program hangs (LOCK)
    /chat.cpp: 654 in sbbs_t::sysop_page()()


    ________________________________________________________________________________________________________
    *** CID 470387: Program hangs (LOCK)
    /chat.cpp: 654 in sbbs_t::sysop_page()()
    648 ,sys_status&SS_SYSPAGE ? text[On] : text[Off]);
    649 nosound();
    650 }
    651 if(!(sys_status&SS_SYSPAGE))
    652 remove(syspage_semfile);
    653
    CID 470387: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    654 return(true);
    655 }
    656
    657 bprintf(text[SysopIsNotAvailable],cfg.sys_op);
    658
    659 return(false);

    ** CID 470386: Program hangs (LOCK)
    /upload.cpp: 86 in sbbs_t::uploadfile(smbmsg_t *)()


    ________________________________________________________________________________________________________
    *** CID 470386: Program hangs (LOCK)
    /upload.cpp: 86 in sbbs_t::uploadfile(smbmsg_t *)()
    80 ,cfg.lib[cfg.dir[f->dir]->lib]->sname,cfg.dir[f->dir]->sname,cfg.ftest[i]->ext
    81 ,result);
    82 logline(LOG_NOTICE,"U!",str);
    83 bprintf(text[FileHadErrors],f->name,cfg.ftest[i]->ext);
    84 if(!SYSOP || yesno(text[DeleteFileQ]))
    85 remove(path);
    CID 470386: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    86 return false;
    87 }
    88 SAFEPRINTF(str,"%ssbbsfile.nam",cfg.node_dir);
    89 if((stream=fopen(str,"r"))!=NULL) {
    90 if(fgets(str, sizeof(str), stream)) {
    91 truncsp(str);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DH5pk_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA21pPFXGEfXQOHUavDSOcBiYGiM9SWkNBClk7lfGbusFiEUl9SxTFTJ4pQ4-2BlyM1UpLT55ROOl-2F1zOiBksbquFQPYPy5IMrVblt0Rt7EqhjGmGGXslDjsDDEmF37IS-2FgX2UOIpLYk00zJWe4Ps-2Bw7o9YA3yT5trQhVa4wKyo5Ljw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, December 11, 2023 13:38:31
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 470457: Incorrect expression (SIZEOF_MISMATCH)
    /umonitor/chat.c: 201 in chat()


    ________________________________________________________________________________________________________
    *** CID 470457: Incorrect expression (SIZEOF_MISMATCH)
    /umonitor/chat.c: 201 in chat()
    195 in=-1;
    196 }
    197
    198 utime(inpath,NULL);
    199 _setcursortype(_NORMALCURSOR);
    200 while(1) {
    CID 470457: Incorrect expression (SIZEOF_MISMATCH)
    Passing argument "&ch" of type "int *" and argument "1UL" to function "read" is suspicious because "sizeof (int) /*4*/" is expected.
    201 switch(read(in,&ch,1)) {
    202 case -1:
    203 close(in);
    204 in=-1;
    205 break;
    206


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3Dn7r8_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrC64hJyXzK3aRg-2FOh461xBPdPC3vMQG8wDm6SWRjPpByDWCbozrDoO3h7iN9haQ83FqvIEsneqqmYW1iHtvLfyFr9U7fTJVs-2FgzA-2B3NTVwG-2FkEOdCKTFxrJHyVvcaeKfjx-2FNRzmWtNl3SJh8ILqS8rD31VNGhVX-2F4wDJ-2F-2FhL0JK9w-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, December 14, 2023 13:44:11
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    5 new defect(s) introduced to Synchronet found with Coverity Scan.
    6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 5 of 5 defect(s)


    ** CID 470557: Resource leaks (RESOURCE_LEAK)
    /mailsrvr.c: 3122 in smtp_client_thread()


    ________________________________________________________________________________________________________
    *** CID 470557: Resource leaks (RESOURCE_LEAK)
    /mailsrvr.c: 3122 in smtp_client_thread()
    3116 }
    3117
    3118 BOOL* mailproc_to_match = calloc(sizeof(*mailproc_to_match), mailproc_count);
    3119 if(mailproc_to_match == NULL) {
    3120 lprintf(LOG_CRIT,"%04d %s !ERROR allocating memory for mailproc_to_match", socket, client.protocol);
    3121 sockprintf(socket,client.protocol,session,smtp_error, "malloc failure");
    CID 470557: Resource leaks (RESOURCE_LEAK)
    Variable "spy" going out of scope leaks the storage it points to.
    3122 return false;
    3123 }
    3124
    3125 /* SMTP session active: */
    3126
    3127 sockprintf(socket,client.protocol,session,"220 %s Synchronet %s Server %s%c-%s Ready"

    ** CID 470556: (DC.WEAK_CRYPTO)
    /mailsrvr.c: 1157 in pop3_client_thread()
    /mailsrvr.c: 1159 in pop3_client_thread()


    ________________________________________________________________________________________________________
    *** CID 470556: (DC.WEAK_CRYPTO)
    /mailsrvr.c: 1157 in pop3_client_thread()
    1151 memset(&smb,0,sizeof(smb));
    1152 memset(&msg,0,sizeof(msg));
    1153 memset(&user,0,sizeof(user));
    1154 password[0]=0;
    1155
    1156 srand((unsigned int)(time(NULL) ^ (time_t)GetCurrentThreadId())); /* seed random number generator */
    CID 470556: (DC.WEAK_CRYPTO)
    "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
    1157 rand(); /* throw-away first result */
    1158 safe_snprintf(challenge,sizeof(challenge),"<%x%x%lx%lx@%.128s>"
    1159 ,rand(),socket,(ulong)time(NULL),(ulong)clock(), server_host_name());
    1160
    1161 sockprintf(socket,client.protocol,session,"+OK Synchronet %s Server %s%c-%s Ready %s"
    1162 ,client.protocol, VERSION, REVISION, PLATFORM_DESC, challenge);
    /mailsrvr.c: 1159 in pop3_client_thread()
    1153 memset(&user,0,sizeof(user));
    1154 password[0]=0;
    1155
    1156 srand((unsigned int)(time(NULL) ^ (time_t)GetCurrentThreadId())); /* seed random number generator */
    1157 rand(); /* throw-away first result */
    1158 safe_snprintf(challenge,sizeof(challenge),"<%x%x%lx%lx@%.128s>"
    CID 470556: (DC.WEAK_CRYPTO)
    "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
    1159 ,rand(),socket,(ulong)time(NULL),(ulong)clock(), server_host_name());
    1160
    1161 sockprintf(socket,client.protocol,session,"+OK Synchronet %s Server %s%c-%s Ready %s"
    1162 ,client.protocol, VERSION, REVISION, PLATFORM_DESC, challenge);
    1163
    1164 /* Requires USER or APOP command first */

    ** CID 470555: Error handling issues (CHECKED_RETURN)
    /mailsrvr.c: 1089 in pop3_client_thread()


    ________________________________________________________________________________________________________
    *** CID 470555: Error handling issues (CHECKED_RETURN)
    /mailsrvr.c: 1089 in pop3_client_thread()
    1083 if ((stat=cryptSetAttribute(session, CRYPT_SESSINFO_PRIVATEKEY, scfg.tls_certificate)) != CRYPT_OK) {
    1084 unlock_ssl_cert();
    1085 GCESH(stat, client.protocol, socket, host_ip, session, "setting private key");
    1086 return false;
    1087 }
    1088 nodelay = TRUE;
    CID 470555: Error handling issues (CHECKED_RETURN)
    Calling "setsockopt(socket, IPPROTO_TCP, 1, (char *)&nodelay, 4U)" without checking return value. This library function may fail and return an error code.
    1089 setsockopt(socket,IPPROTO_TCP,TCP_NODELAY,(char*)&nodelay,sizeof(nodelay));
    1090 nb=0;
    1091 ioctlsocket(socket,FIONBIO,&nb);
    1092 if ((stat = cryptSetAttribute(session, CRYPT_SESSINFO_NETWORKSOCKET, socket)) != CRYPT_OK) {
    1093 unlock_ssl_cert();
    1094 GCESH(stat, client.protocol, socket, host_ip, session, "setting session socket");

    ** CID 470554: Resource leaks (RESOURCE_LEAK)
    /mailsrvr.c: 3122 in smtp_client_thread()


    ________________________________________________________________________________________________________
    *** CID 470554: Resource leaks (RESOURCE_LEAK)
    /mailsrvr.c: 3122 in smtp_client_thread()
    3116 }
    3117
    3118 BOOL* mailproc_to_match = calloc(sizeof(*mailproc_to_match), mailproc_count);
    3119 if(mailproc_to_match == NULL) {
    3120 lprintf(LOG_CRIT,"%04d %s !ERROR allocating memory for mailproc_to_match", socket, client.protocol);
    3121 sockprintf(socket,client.protocol,session,smtp_error, "malloc failure");
    CID 470554: Resource leaks (RESOURCE_LEAK)
    Variable "rcptlst" going out of scope leaks the storage it points to. 3122 return false;
    3123 }
    3124
    3125 /* SMTP session active: */
    3126
    3127 sockprintf(socket,client.protocol,session,"220 %s Synchronet %s Server %s%c-%s Ready"

    ** CID 470553: (DC.WEAK_CRYPTO)
    /mailsrvr.c: 4204 in smtp_client_thread()
    /mailsrvr.c: 3078 in smtp_client_thread()
    /mailsrvr.c: 3079 in smtp_client_thread()


    ________________________________________________________________________________________________________
    *** CID 470553: (DC.WEAK_CRYPTO)
    /mailsrvr.c: 4204 in smtp_client_thread()
    4198 }
    4199 if(!stricmp(buf,"AUTH CRAM-MD5")) {
    4200 ZERO_VAR(relay_user);
    4201 listRemoveTaggedNode(&current_logins, socket, /* free_data */TRUE);
    4202
    4203 safe_snprintf(challenge,sizeof(challenge),"<%x%x%lx%lx@%s>"
    CID 470553: (DC.WEAK_CRYPTO)
    "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
    4204 ,rand(),socket,(ulong)time(NULL),(ulong)clock(),server_host_name());
    4205 #if 0
    4206 lprintf(LOG_DEBUG,"%04d SMTP CRAM-MD5 challenge: %s"
    4207 ,socket,challenge);
    4208 #endif
    4209 b64_encode(str,sizeof(str),challenge,strlen(challenge));
    /mailsrvr.c: 3078 in smtp_client_thread()
    3072 }
    3073 SAFEPRINTF(spam.file,"%sspam",scfg.data_dir);
    3074 spam.retry_time=scfg.smb_retry_time;
    3075 spam.subnum=INVALID_SUB;
    3076
    3077 srand((unsigned int)(time(NULL) ^ (time_t)GetCurrentThreadId())); /* seed random number generator */
    CID 470553: (DC.WEAK_CRYPTO)
    "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
    3078 rand(); /* throw-away first result */
    3079 SAFEPRINTF4(session_id,"%x%x%x%lx",getpid(),socket,rand(),(long)clock());
    3080 lprintf(LOG_DEBUG,"%04d %s [%s] Session ID=%s", socket, client.protocol, host_ip, session_id);
    3081 SAFEPRINTF3(msgtxt_fname,"%sSBBS_%s.%s.msg", scfg.temp_dir, client.protocol, session_id);
    3082 SAFEPRINTF3(newtxt_fname,"%sSBBS_%s.%s.new", scfg.temp_dir, client.protocol, session_id);
    3083 SAFEPRINTF3(logtxt_fname,"%sSBBS_%s.%s.log", scfg.temp_dir, client.protocol, session_id);
    /mailsrvr.c: 3079 in smtp_client_thread()
    3073 SAFEPRINTF(spam.file,"%sspam",scfg.data_dir);
    3074 spam.retry_time=scfg.smb_retry_time;
    3075 spam.subnum=INVALID_SUB;
    3076
    3077 srand((unsigned int)(time(NULL) ^ (time_t)GetCurrentThreadId())); /* seed random number generator */
    3078 rand(); /* throw-away first result */
    CID 470553: (DC.WEAK_CRYPTO)
    "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
    3079 SAFEPRINTF4(session_id,"%x%x%x%lx",getpid(),socket,rand(),(long)clock());
    3080 lprintf(LOG_DEBUG,"%04d %s [%s] Session ID=%s", socket, client.protocol, host_ip, session_id);
    3081 SAFEPRINTF3(msgtxt_fname,"%sSBBS_%s.%s.msg", scfg.temp_dir, client.protocol, session_id);
    3082 SAFEPRINTF3(newtxt_fname,"%sSBBS_%s.%s.new", scfg.temp_dir, client.protocol, session_id);
    3083 SAFEPRINTF3(logtxt_fname,"%sSBBS_%s.%s.log", scfg.temp_dir, client.protocol, session_id);
    3084 SAFEPRINTF3(rcptlst_fname,"%sSBBS_%s.%s.lst", scfg.temp_dir, client.protocol, session_id);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DMQd3_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCHTmGHVnVaZLqSbII6djd5LCfNN4WsVVM-2FraC40TFEmwnFiU15BSJwMmbqsO51yAB8H1Xj6zJDPHok6MSfH6DLipAvEvqiECGEj92Ja08CPuUfomEyNGrm6oICWjy04z9LEXD-2FV3t10gYjDHAgXUzBxC2US2YfoE3y-2FXo4-2F5AMeg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, December 18, 2023 13:39:50
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 470929: Error handling issues (CHECKED_RETURN)
    /js_system.c: 1474 in js_filter_ip()


    ________________________________________________________________________________________________________
    *** CID 470929: Error handling issues (CHECKED_RETURN)
    /js_system.c: 1474 in js_filter_ip()
    1468 js_system_private_t* sys;
    1469 if((sys = (js_system_private_t*)js_GetClassPrivate(cx,obj,&js_system_class))==NULL)
    1470 return JS_FALSE;
    1471
    1472 for(i=0; i<argc && fname == NULL; i++) {
    1473 if(JSVAL_IS_NUMBER(argv[i])) {
    CID 470929: Error handling issues (CHECKED_RETURN)
    Calling "JS_ValueToInt32" without checking return value (as is done elsewhere 261 out of 293 times).
    1474 JS_ValueToInt32(cx, argv[i], &duration);
    1475 continue;
    1476 }
    1477 if(!JSVAL_IS_STRING(argv[i]))
    1478 continue;
    1479 JSVALUE_TO_MSTRING(cx, argv[i], p, NULL);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3Dx5vI_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD-2FFZVvmg9UFbNVSslGQHixwK2gY0JhpVYuBk-2BPEk2wVNUawfpNFUquIquIwrbnMLyXyOL-2Bbdyy88jhCHaZkpnLltM6SvZPalWR8uvzHGJLXvipDKrDTZ6KfbbjJDM-2B9TK-2Bfg-2Bntn7n3JXz8-2BbuvXtlotoQiRFNfFKyqSao3USU5A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, December 21, 2023 15:17:37
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 471381: Null pointer dereferences (NULL_RETURNS)
    /ssl.c: 412 in get_ssl_cert()


    ________________________________________________________________________________________________________
    *** CID 471381: Null pointer dereferences (NULL_RETURNS)
    /ssl.c: 412 in get_ssl_cert()
    406
    407 if(!do_cryptInit())
    408 return -1;
    409 ssl_sync(cfg);
    410 lock_ssl_cert_write();
    411 cert_entry = malloc(sizeof(*cert_entry));
    CID 471381: Null pointer dereferences (NULL_RETURNS)
    Dereferencing "cert_entry", which is known to be "NULL".
    412 cert_entry->sess = -1;
    413 cert_entry->epoch = cert_epoch;
    414 cert_entry->next = NULL;
    415
    416 /* Get the certificate... first try loading it from a file... */
    417 if(cryptStatusOK(cryptKeysetOpen(&ssl_keyset, CRYPT_UNUSED, CRYPT_KEYSET_FILE, cert_path, CRYPT_KEYOPT_READONLY))) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DNVYG_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAIQBrbLtBWXBu7NOIgqUVW-2FO9u7UhLy-2BFNLgqIU41zpqPfBM73Awa3dQxk3-2F184GO6VUS7KkG6sPhNBuQiQ4Keqf56uFZ5RoDxe4X35uihMatLZZvu1DTj5op2mLHIzl6CugzzedJw-2FjcHjqyoRYDdN5cjuB-2Bi1UXQGnATKvNQkg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, December 26, 2023 13:39:07
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 471656: Memory - corruptions (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 471656: Memory - corruptions (OVERRUN) /tmp/sbbs-Dec-26-2023/src/smblib/smbfile.c: 367 in smb_addfile_withlist()
    361
    362 if(list != NULL && *list != NULL) {
    363 size_t size = strListCount(list) * 1024;
    364 auxdata = calloc(1, size);
    365 if(auxdata == NULL)
    366 return SMB_ERR_MEM;
    CID 471656: Memory - corruptions (OVERRUN)
    Calling "strListCombine" with "auxdata" and "size - 1UL" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned.
    367 strListCombine(list, auxdata, size - 1, "\r\n");
    368 }
    369 result = smb_addfile(smb, file, storage, extdesc, auxdata, path);
    370 free(auxdata);
    371 return result;
    372 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3D2BKI_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCT6x0GAlc7xThQfLCGiCZdmR4qZP1NcowX1yNXO3dy1e3iYdu3LqPMf8Ps-2BXyXIS9z1-2BExxr9YuMCEQ-2FkgG8-2FT0EoCNRZOLQUTkkQaenBh-2FjMptDjEjYYaLSTPN90hBdPvbODU2Cx91ZtvmuRMrZszCSUsoWukacGJvvm4ij2thw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, December 30, 2023 13:39:01
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 476254: (NULL_RETURNS) /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 505 in getChannelAttribute()
    /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 517 in getChannelAttribute()
    /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 511 in getChannelAttribute()
    /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 525 in getChannelAttribute()


    ________________________________________________________________________________________________________
    *** CID 476254: (NULL_RETURNS) /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 505 in getChannelAttribute()
    499 if( isNullChannel( channelInfoPtr ) )
    500 return( CRYPT_ERROR_NOTFOUND );
    501 *value = channelInfoPtr->channelID;
    502 return( CRYPT_OK );
    503
    504 case CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE:
    CID 476254: (NULL_RETURNS)
    Dereferencing "writeChannelInfoPtr", which is known to be "NULL".
    505 if( isNullChannel( writeChannelInfoPtr ) )
    506 return( CRYPT_ERROR_NOTFOUND );
    507 *value = isActiveChannel( writeChannelInfoPtr ) ? TRUE : FALSE;
    508 return( CRYPT_OK );
    509
    510 case CRYPT_SESSINFO_SSH_CHANNEL_OPEN: /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 517 in getChannelAttribute()
    511 if( isNullChannel( writeChannelInfoPtr ) )
    512 return( CRYPT_ERROR_NOTFOUND );
    513 *value = ( writeChannelInfoPtr->flags & CHANNEL_FLAG_READCLOSED ) ? FALSE : TRUE;
    514 return( CRYPT_OK );
    515
    516 case CRYPT_SESSINFO_SSH_CHANNEL_WIDTH:
    CID 476254: (NULL_RETURNS)
    Dereferencing "writeChannelInfoPtr", which is known to be "NULL".
    517 if( isNullChannel( writeChannelInfoPtr ) )
    518 return( CRYPT_ERROR_NOTFOUND );
    519 if (writeChannelInfoPtr->width == 0)
    520 return CRYPT_ERROR_NOTFOUND;
    521 *value = channelInfoPtr->width;
    522 return( CRYPT_OK ); /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 511 in getChannelAttribute()
    505 if( isNullChannel( writeChannelInfoPtr ) )
    506 return( CRYPT_ERROR_NOTFOUND );
    507 *value = isActiveChannel( writeChannelInfoPtr ) ? TRUE : FALSE;
    508 return( CRYPT_OK );
    509
    510 case CRYPT_SESSINFO_SSH_CHANNEL_OPEN:
    CID 476254: (NULL_RETURNS)
    Dereferencing "writeChannelInfoPtr", which is known to be "NULL".
    511 if( isNullChannel( writeChannelInfoPtr ) )
    512 return( CRYPT_ERROR_NOTFOUND );
    513 *value = ( writeChannelInfoPtr->flags & CHANNEL_FLAG_READCLOSED ) ? FALSE : TRUE;
    514 return( CRYPT_OK );
    515
    516 case CRYPT_SESSINFO_SSH_CHANNEL_WIDTH: /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 525 in getChannelAttribute()
    519 if (writeChannelInfoPtr->width == 0)
    520 return CRYPT_ERROR_NOTFOUND;
    521 *value = channelInfoPtr->width;
    522 return( CRYPT_OK );
    523
    524 case CRYPT_SESSINFO_SSH_CHANNEL_HEIGHT:
    CID 476254: (NULL_RETURNS)
    Dereferencing "writeChannelInfoPtr", which is known to be "NULL".
    525 if( isNullChannel( writeChannelInfoPtr ) )
    526 return( CRYPT_ERROR_NOTFOUND );
    527 if (writeChannelInfoPtr->height == 0)
    528 return CRYPT_ERROR_NOTFOUND;
    529 *value = channelInfoPtr->height;
    530 return( CRYPT_OK );

    ** CID 476253: Resource leaks (RESOURCE_LEAK)
    /jsdebug.c: 335 in script_debug_prompt()


    ________________________________________________________________________________________________________
    *** CID 476253: Resource leaks (RESOURCE_LEAK)
    /jsdebug.c: 335 in script_debug_prompt()
    329 JS_SetInterrupt(JS_GetRuntime(dbg->cx), finish_handler, NULL);
    330 return DEBUG_CONTINUE;
    331 }
    332 if(strncmp(line, "quit\n", 5)==0 ||
    333 strncmp(line, "q\n", 2)==0
    334 ) {
    CID 476253: Resource leaks (RESOURCE_LEAK)
    Variable "line" going out of scope leaks the storage it points to.
    335 return (DEBUG_EXIT);
    336 }
    337 if(strncmp(line, "eval ", 5)==0 ||
    338 strncmp(line, "e ", 2)==0
    339 ) {
    340 jsval ret;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3Dk6EJ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA-2FX8i-2FapdB1BvZRHSxZvnvG9Gt4EGgnMOyOKJdrt0Ow7WO8U9rY3qdLrGQhhG9KhbgCqQ-2BdjF-2FCZbP8g3Gc1r4QsbMjorELhC-2FfCV8hEXjaVc-2BoAqZ2-2FQeAkDjxFrK3m04is-2FE5aOQcl1hrivcYLiwVEHyHlsUWiqdJNrqtFX4OA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, January 09, 2024 13:51:54
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 477525: Error handling issues (CHECKED_RETURN)
    /ssl.c: 413 in get_ssl_cert()


    ________________________________________________________________________________________________________
    *** CID 477525: Error handling issues (CHECKED_RETURN)
    /ssl.c: 413 in get_ssl_cert()
    407 CRYPT_CERTIFICATE ssl_cert;
    408 char sysop_email[sizeof(cfg->sys_inetaddr)+6];
    409 struct cert_list *cert_entry;
    410
    411 if(!do_cryptInit(lprintf))
    412 return -1;
    CID 477525: Error handling issues (CHECKED_RETURN)
    Calling "ssl_sync" without checking return value (as is done elsewhere 6 out of 7 times).
    413 ssl_sync(cfg, lprintf);
    414 lock_ssl_cert_write();
    415 cert_entry = malloc(sizeof(*cert_entry));
    416 if(cert_entry == NULL) {
    417 unlock_ssl_cert_write(lprintf);
    418 free(cert_entry);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DG04V_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDEpEnmlDe-2FjbKZ4LOKbSyZqFRJl-2FW97DzLqL9YhzmfB5NVnMDaFqAVAu8sqMXAtM7gluOaLuz78sK9hLjatBB8CSJ6nN9iJHgKoglAvkWzF0D2D3-2FP2KvQ4r0FVsLXVQDobxZi1VHS1fHv1o1JN4QuvSLew5iAWvpjb3EkIuqiHp61IxzA0v1Q4zB-2F2vdQH-2Fs-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, January 24, 2024 13:43:19
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    40 new defect(s) introduced to Synchronet found with Coverity Scan.
    65 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 40 defect(s)


    ** CID 479110: Program hangs (LOCK)
    /pack_qwk.cpp: 753 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()


    ________________________________________________________________________________________________________
    *** CID 479110: Program hangs (LOCK)
    /pack_qwk.cpp: 753 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    747 if(flength(packet) < 1) {
    748 remove(packet);
    749 if((i = external(cmdstr(temp_cmd(),packet,path,NULL), ex|EX_WILDCARD)) != 0)
    750 errormsg(WHERE,ERR_EXEC,cmdstr(temp_cmd(),packet,path,NULL),i);
    751 if(flength(packet) < 1) {
    752 bputs(text[QWKCompressionFailed]);
    CID 479110: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    753 return(false);
    754 }
    755 }
    756
    757 if(!prepack && useron.rest&FLAG('Q')) {
    758 dir=opendir(cfg.temp_dir);

    ** CID 479109: (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/cmp_err.c: 349 in readPkiStatusInfo() /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/cmp_err.c: 364 in readPkiStatusInfo()


    ________________________________________________________________________________________________________
    *** CID 479109: (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/cmp_err.c: 349 in readPkiStatusInfo() 343 ( status, errorInfo,
    344 "Invalid PKI status string" ) );
    345 }
    346 hasErrorMessage = TRUE;
    347 }
    348 if( cryptStatusError( status ) )
    CID 479109: (DEADCODE)
    Execution cannot reach this statement: "return status;".
    349 return( status ); /* Residual error from peekTag() */
    350
    351 /* Read the failure information */
    352 if( checkStatusLimitsPeekTag( stream, status, tag, endPos ) && \
    353 tag == BER_BITSTRING )
    354 {
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/cmp_err.c: 364 in readPkiStatusInfo() 358 retExt( status,
    359 ( status, errorInfo,
    360 "Invalid PKI failure information" ) );
    361 }
    362 }
    363 if( cryptStatusError( status ) )
    CID 479109: (DEADCODE)
    Execution cannot reach this statement: "return status;".
    364 return( status ); /* Residual error from peekTag() */
    365
    366 /* If everything's OK, we're done */
    367 if( cmpStatusOK( errorCode ) )
    368 return( CRYPT_OK );
    369

    ** CID 479108: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/context/ctx_attr.c: 425 in getContextAttributeS()


    ________________________________________________________________________________________________________
    *** CID 479108: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/context/ctx_attr.c: 425 in getContextAttributeS()
    419 out */
    420 return( attributeCopy( msgData, contextInfoPtr->ctxPKC->publicKeyInfo,
    421 contextInfoPtr->ctxPKC->publicKeyInfoSize ) );
    422 }
    423 STDC_FALLTHROUGH;
    424
    CID 479108: Control flow issues (MISSING_BREAK)
    The case for value "CRYPT_CTXINFO_SSH_PUBLIC_KEY" is not terminated by a "break" statement.
    425 case CRYPT_CTXINFO_SSH_PUBLIC_KEY:
    426 if ( needsKey( contextInfoPtr ) )
    427 return CRYPT_ERROR_NOTFOUND;
    428 if (contextType != CONTEXT_PKC)
    429 return CRYPT_ERROR_NOTFOUND;
    430 case CRYPT_IATTRIBUTE_KEY_PGP:

    ** CID 479107: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 857 in activateSession()


    ________________________________________________________________________________________________________
    *** CID 479107: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 857 in activateSession() 851 {
    852 const SES_ACTIVATESUBPROTOCOL_FUNCTION activateSubprotocolFunction = \
    853 ( SES_ACTIVATESUBPROTOCOL_FUNCTION ) \
    854 FNPTR_GET( sessionInfoPtr->activateInnerSubprotocolFunction );
    855 REQUIRES( activateSubprotocolFunction != NULL );
    856
    CID 479107: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "status = activateSubprotoco...".
    857 status = activateSubprotocolFunction( sessionInfoPtr );
    858 if( cryptStatusError( status ) )
    859 return( status );
    860
    861 /* Record the fact that the layered protocol has been
    862 activated */

    ** CID 479106: Error handling issues (CHECKED_RETURN) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/scvp_cli.c: 621 in readScvpResponse()


    ________________________________________________________________________________________________________
    *** CID 479106: Error handling issues (CHECKED_RETURN) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/scvp_cli.c: 621 in readScvpResponse() 615 assert( isWritePtr( stream, sizeof( STREAM ) ) );
    616 assert( isWritePtr( sessionInfoPtr, sizeof( SESSION_INFO ) ) ); 617 assert( isWritePtr( protocolInfo, sizeof( SCVP_PROTOCOL_INFO ) ) );
    618
    619 /* Skip the wrapper, version, and server configuration ID */ 620 readSequence( stream, NULL );
    CID 479106: Error handling issues (CHECKED_RETURN)
    Calling "readShortIntegerTag" without checking return value (as is done elsewhere 36 out of 45 times).
    621 readShortInteger( stream, &value );
    622 status = readShortInteger( stream, &value );
    623 if( cryptStatusError( status ) )
    624 {
    625 retExt( status,
    626 ( status, SESSION_ERRINFO,

    ** CID 479105: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 1030 in closeSession()


    ________________________________________________________________________________________________________
    *** CID 479105: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 1030 in closeSession() 1024 #if defined( USE_WEBSOCKETS ) || defined( USE_EAP )
    1025 if( sessionInfoPtr->subProtocol != CRYPT_SUBPROTOCOL_NONE ) 1026 {
    1027 /* If there's an inner protocol present, shut that down as well */
    1028 if( FNPTR_ISSET( sessionInfoPtr->closeInnerSubprotocolFunction ) )
    1029 {
    CID 479105: Control flow issues (DEADCODE)
    Execution cannot reach the expression "sessionInfoPtr->closeInnerSubprotocolFunction.fnPtr" inside this statement: "closeSubprotocolFunction = ...".
    1030 const SES_CLOSESUBPROTOCOL_FUNCTION closeSubprotocolFunction = \
    1031 ( SES_CLOSESUBPROTOCOL_FUNCTION ) \
    1032 FNPTR_GET( sessionInfoPtr->closeInnerSubprotocolFunction );
    1033 REQUIRES( closeSubprotocolFunction != NULL ); 1034
    1035 ( void ) closeSubprotocolFunction( sessionInfoPtr );

    ** CID 479104: (BAD_SHIFT) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/dn_string.c: 220 in getWidechar() /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/dn_string.c: 220 in getWidechar()


    ________________________________________________________________________________________________________
    *** CID 479104: (BAD_SHIFT) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/dn_string.c: 220 in getWidechar()
    214 non-char values can only be accessed on word-aligned boundaries */
    215 LOOP_SMALL( i = 0, i < WCHAR_SIZE, i++ )
    216 {
    217 ENSURES_EXT( LOOP_INVARIANT_SMALL( i, 0, WCHAR_SIZE - 1 ), 0 );
    218
    219 #ifdef DATA_LITTLEENDIAN
    CID 479104: (BAD_SHIFT)
    In expression "string[i] << shiftAmt", left shifting by more than 31 bits has undefined behavior. The shift amount, "shiftAmt", is at least 72.
    220 ch |= string[ i ] << shiftAmt;
    221 shiftAmt += 8;
    222 #else
    223 ch = ( ch << 8 ) | string[ i ];
    224 #endif /* DATA_LITTLEENDIAN */
    225 }
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/dn_string.c: 220 in getWidechar()
    214 non-char values can only be accessed on word-aligned boundaries */
    215 LOOP_SMALL( i = 0, i < WCHAR_SIZE, i++ )
    216 {
    217 ENSURES_EXT( LOOP_INVARIANT_SMALL( i, 0, WCHAR_SIZE - 1 ), 0 );
    218
    219 #ifdef DATA_LITTLEENDIAN
    CID 479104: (BAD_SHIFT)
    In expression "string[i] << shiftAmt", left shifting by more than 31 bits has undefined behavior. The shift amount, "shiftAmt", is at least 72.
    220 ch |= string[ i ] << shiftAmt;
    221 shiftAmt += 8;
    222 #else
    223 ch = ( ch << 8 ) | string[ i ];
    224 #endif /* DATA_LITTLEENDIAN */
    225 }

    ** CID 479103: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 479103: (SLEEP)
    /pack_rep.cpp: 120 in sbbs_t::pack_rep(unsigned int)()
    114 /*********************/
    115 /* Pack new messages */
    116 /*********************/
    117 SAFEPRINTF(smb.file,"%smail",cfg.data_dir);
    118 smb.retry_time=cfg.smb_retry_time;
    119 smb.subnum=INVALID_SUB;
    CID 479103: (SLEEP)
    Call to "smb_open" might sleep while holding lock "this->input_thread_mutex".
    120 if((i=smb_open(&smb))!=0) {
    121 fclose(rep);
    122 if(hdrs!=NULL)
    123 fclose(hdrs);
    124 if(voting!=NULL)
    125 fclose(voting);
    /pack_rep.cpp: 112 in sbbs_t::pack_rep(unsigned int)()
    106 errormsg(WHERE,ERR_CREATE,str,0);
    107 }
    108 if(!(cfg.qhub[hubnum]->misc&QHUB_NOVOTING)) {
    109 SAFEPRINTF(str,"%sVOTING.DAT",cfg.temp_dir);
    110 fexistcase(str);
    111 if((voting=fopen(str,"a"))==NULL)
    CID 479103: (SLEEP)
    Call to "errormsg" might sleep while holding lock "this->input_thread_mutex".
    112 errormsg(WHERE,ERR_CREATE,str,0);
    113 }
    114 /*********************/
    115 /* Pack new messages */
    116 /*********************/
    117 SAFEPRINTF(smb.file,"%smail",cfg.data_dir);
    /pack_rep.cpp: 106 in sbbs_t::pack_rep(unsigned int)()
    100 ,QWK_BLOCK_LEN, hubid_upper); /* So write header */
    101 }
    102 if(!(cfg.qhub[hubnum]->misc&QHUB_NOHEADERS)) {
    103 SAFEPRINTF(str,"%sHEADERS.DAT",cfg.temp_dir);
    104 fexistcase(str);
    105 if((hdrs=fopen(str,"a"))==NULL)
    CID 479103: (SLEEP)
    Call to "errormsg" might sleep while holding lock "this->input_thread_mutex".
    106 errormsg(WHERE,ERR_CREATE,str,0);
    107 }
    108 if(!(cfg.qhub[hubnum]->misc&QHUB_NOVOTING)) {
    109 SAFEPRINTF(str,"%sVOTING.DAT",cfg.temp_dir);
    110 fexistcase(str);
    111 if((voting=fopen(str,"a"))==NULL)

    ** CID 479102: Error handling issues (CHECKED_RETURN) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/enc_dec/asn1_algoenc.c: 662 in readCryptAlgoParams()


    ________________________________________________________________________________________________________
    *** CID 479102: Error handling issues (CHECKED_RETURN) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/enc_dec/asn1_algoenc.c: 662 in readCryptAlgoParams()
    656 RC2_KEYSIZE_MAGIC (corresponding to a 128-bit key) but in
    657 practice this doesn't really matter, we just use whatever we
    658 find inside the PKCS #1 padding */
    659 readSequence( stream, NULL );
    660 if( queryInfo->cryptMode != CRYPT_MODE_CBC ) 661 return( readShortInteger( stream, NULL ) );
    CID 479102: Error handling issues (CHECKED_RETURN)
    Calling "readShortIntegerTag" without checking return value (as is done elsewhere 36 out of 45 times).
    662 readShortInteger( stream, NULL );
    663 return( readOctetString( stream, queryInfo->iv, 664 &queryInfo->ivLength,
    665 MIN_IVSIZE, CRYPT_MAX_IVSIZE ) );
    666 #endif /* USE_RC2 */
    667

    ** CID 479101: (CHECKED_RETURN)
    /ssl.c: 353 in internal_do_cryptInit()
    /ssl.c: 345 in internal_do_cryptInit()


    ________________________________________________________________________________________________________
    *** CID 479101: (CHECKED_RETURN)
    /ssl.c: 353 in internal_do_cryptInit()
    347 }
    348 ret = cryptGetAttributeString(CRYPT_UNUSED, CRYPT_OPTION_INFO_PATCHES, patches, &stp);
    349 if (cryptStatusError(ret) || stp != 32 || memcmp(patches, CRYPTLIB_PATCHES, 32) != 0) {
    350 cryptInit_error = ret;
    351 cryptlib_initialized = false;
    352 cryptEnd();
    CID 479101: (CHECKED_RETURN)
    Calling "asprintf" without checking return value (as is done elsewhere 19 out of 21 times).
    353 asprintf(&cryptfail, "Incorrect cryptlib patch set %.32s (expected %s)", patches, CRYPTLIB_PATCHES);
    354 return;
    355 }
    356 return;
    357 }
    358
    /ssl.c: 345 in internal_do_cryptInit()
    339 }
    340 tmp = (maj * 100) + (min * 10) + stp;
    341 if (tmp != CRYPTLIB_VERSION) {
    342 cryptInit_error = CRYPT_ERROR_INVALID;
    343 cryptlib_initialized = false;
    344 cryptEnd();
    CID 479101: (CHECKED_RETURN)
    Calling "asprintf" without checking return value (as is done elsewhere 19 out of 21 times).
    345 asprintf(&cryptfail, "Incorrect cryptlib version %d (expected %d)", tmp, CRYPTLIB_VERSION);
    346 return;
    347 }
    348 ret = cryptGetAttributeString(CRYPT_UNUSED, CRYPT_OPTION_INFO_PATCHES, patches, &stp);
    349 if (cryptStatusError(ret) || stp != 32 || memcmp(patches, CRYPTLIB_PATCHES, 32) != 0) {
    350 cryptInit_error = ret;

    ** CID 479100: (ATOMICITY)
    /ssl.c: 659 in destroy_session()
    /ssl.c: 659 in destroy_session()


    ________________________________________________________________________________________________________
    *** CID 479100: (ATOMICITY)
    /ssl.c: 659 in destroy_session()
    653 lprintf(LOG_ERR, "Unable to unlock cert_epoch_lock for write at %d", __LINE__);
    654 return CRYPT_ERROR_INTERNAL;
    655 }
    656 sess->sess = -1;
    657 pthread_mutex_lock(&ssl_cert_list_mutex);
    658 sess->next = cert_list;
    CID 479100: (ATOMICITY)
    Using an unreliable value of "sess" inside the second locked section. If the data that "sess" depends on was changed by another thread, this use might be incorrect.
    659 cert_list = sess;
    660 pthread_mutex_unlock(&ssl_cert_list_mutex);
    661 ret = cryptDestroySession(csess);
    662 }
    663 else {
    664 if (!rwlock_unlock(&cert_epoch_lock)) {
    /ssl.c: 659 in destroy_session()
    653 lprintf(LOG_ERR, "Unable to unlock cert_epoch_lock for write at %d", __LINE__);
    654 return CRYPT_ERROR_INTERNAL;
    655 }
    656 sess->sess = -1;
    657 pthread_mutex_lock(&ssl_cert_list_mutex);
    658 sess->next = cert_list;
    CID 479100: (ATOMICITY)
    Using an unreliable value of "sess" inside the second locked section. If the data that "sess" depends on was changed by another thread, this use might be incorrect.
    659 cert_list = sess;
    660 pthread_mutex_unlock(&ssl_cert_list_mutex);
    661 ret = cryptDestroySession(csess);
    662 }
    663 else {
    664 if (!rwlock_unlock(&cert_epoch_lock)) {

    ** CID 479099: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/cmp_rdmsg.c: 495 in readResponseBody()


    ________________________________________________________________________________________________________
    *** CID 479099: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/cmp_rdmsg.c: 495 in readResponseBody()
    489 ( status, SESSION_ERRINFO,
    490 "Invalid caPubs field in %s", 491 getCMPMessageName( messageType ) ) );
    492 }
    493 }
    494 if( cryptStatusError( status ) )
    CID 479099: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "return status;".
    495 return( status ); /* Residual error from checkStatusPeekTag() */
    496
    497 /* If it's a revocation response then the only returned data is the
    498 status value */
    499 if( protocolInfo->operation == CTAG_PB_RR )
    500 {

    ** CID 479098: Program hangs (LOCK)
    /pack_rep.cpp: 95 in sbbs_t::pack_rep(unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 479098: Program hangs (LOCK)
    /pack_rep.cpp: 95 in sbbs_t::pack_rep(unsigned int)()
    89 if(fexistcase(str))
    90 fmode="r+b";
    91 else
    92 fmode="w+b";
    93 if((rep=fopen(str, fmode))==NULL) {
    94 errormsg(WHERE, ERR_CREATE, str, 0, fmode);
    CID 479098: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    95 return false;
    96 }
    97 fseek(rep, 0, SEEK_END);
    98 if(ftell(rep) < 1) { /* New REP packet */
    99 fprintf(rep, "%-*s"
    100 ,QWK_BLOCK_LEN, hubid_upper); /* So write header */

    ** CID 479097: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 1035 in closeSession()


    ________________________________________________________________________________________________________
    *** CID 479097: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 1035 in closeSession() 1029 {
    1030 const SES_CLOSESUBPROTOCOL_FUNCTION closeSubprotocolFunction = \
    1031 ( SES_CLOSESUBPROTOCOL_FUNCTION ) \
    1032 FNPTR_GET( sessionInfoPtr->closeInnerSubprotocolFunction );
    1033 REQUIRES( closeSubprotocolFunction != NULL ); 1034
    CID 479097: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "(void)closeSubprotocolFunct...".
    1035 ( void ) closeSubprotocolFunction( sessionInfoPtr );
    1036 }
    1037
    1038 /* If protocol management is handled by an outer protocol, don't
    1039 perform a session shutdown. This is in theory rather nasty in
    1040 that an attacker who can spoof an unsecured outer protocol packet

    ** CID 479096: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 685 in activateConnection()


    ________________________________________________________________________________________________________
    *** CID 479096: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 685 in activateConnection()
    679
    680 /* If there's sub-protocol selected, activate that as well */ 681 #if defined( USE_WEBSOCKETS ) || defined( USE_EAP )
    682 if( sessionInfoPtr->subProtocol != CRYPT_SUBPROTOCOL_NONE && \ 683 FNPTR_ISSET( sessionInfoPtr->activateOuterSubprotocolFunction ) )
    684 {
    CID 479096: Control flow issues (DEADCODE)
    Execution cannot reach the expression "sessionInfoPtr->activateOuterSubprotocolFunction.fnPtr" inside this statement: "activateSubprotocolFunction...".
    685 const SES_ACTIVATESUBPROTOCOL_FUNCTION activateSubprotocolFunction = \
    686 ( SES_ACTIVATESUBPROTOCOL_FUNCTION ) \
    687 FNPTR_GET( sessionInfoPtr->activateOuterSubprotocolFunction );
    688 REQUIRES( activateSubprotocolFunction != NULL );
    689
    690 status = activateSubprotocolFunction( sessionInfoPtr );

    ** CID 479095: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/kernel/selftest.c: 130 in testSafetyMechanisms()


    ________________________________________________________________________________________________________
    *** CID 479095: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/kernel/selftest.c: 130 in testSafetyMechanisms()
    124 tmrIntB |= 0x800;
    125 tmrIntC |= 0x01;
    126 if( TMR_VALID( tmrInt ) || TMR_GET( tmrInt ) != 20 )
    127 return( FALSE );
    128 TMR_SCRUB( tmrInt );
    129 if( tmrIntA != 20 || tmrIntB != 20 || tmrIntC != 20 )
    CID 479095: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "return 0;".
    130 return( FALSE );
    131 CFI_CHECK_UPDATE( "TMR" );
    132
    133 /* Test the overflow-checking mechanisms. These checks will probably
    134 fall prey to optimiser inlining but it'll still statically check that
    135 they work as expected.

    ** CID 479094: (DEADCODE)
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/read.c: 720 in readAttributeCertInfo() /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/read.c: 668 in readAttributeCertInfo() /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/read.c: 641 in readAttributeCertInfo()


    ________________________________________________________________________________________________________
    *** CID 479094: (DEADCODE)
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/read.c: 720 in readAttributeCertInfo() 714 {
    715 return( certErrorReturn( certInfoPtr, "issuer unique ID",
    716 status ) );
    717 }
    718 }
    719 if( cryptStatusError( status ) )
    CID 479094: (DEADCODE)
    Execution cannot reach this statement: "return status;".
    720 return( status ); /* Residual error from peekTag() */
    721
    722 /* If there are no extensions present, we're done */
    723 if( stell( stream ) >= endPos )
    724 return( CRYPT_OK );
    725
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/read.c: 668 in readAttributeCertInfo() 662 if( cryptStatusOK( status ) )
    663 status = readIssuerDN( stream, certInfoPtr ); 664 if( cryptStatusError( status ) )
    665 return( certErrorReturn( certInfoPtr, "issuer name", status ) );
    666 }
    667 if( cryptStatusError( status ) )
    CID 479094: (DEADCODE)
    Execution cannot reach this statement: "return status;".
    668 return( status ); /* Residual error from peekTag() */
    669 if( checkStatusLimitsPeekTag( stream, status, tag, innerEndPos ) && \
    670 tag == MAKE_CTAG( CTAG_AC_ISSUER_BASECERTIFICATEID ) ) 671 {
    672 status = readUniversal( stream );
    673 }
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/read.c: 641 in readAttributeCertInfo() 635 if( cryptStatusOK( status ) )
    636 status = readSubjectDN( stream, certInfoPtr ); 637 if( cryptStatusError( status ) )
    638 return( certErrorReturn( certInfoPtr, "holder name", status ) );
    639 }
    640 if( cryptStatusError( status ) )
    CID 479094: (DEADCODE)
    Execution cannot reach this statement: "return status;".
    641 return( status ); /* Residual error from peekTag() */
    642 if( checkStatusLimitsPeekTag( stream, status, tag, innerEndPos ) && \
    643 tag == MAKE_CTAG( CTAG_AC_HOLDER_OBJECTDIGESTINFO ) ) 644 {
    645 /* This is a complicated structure that in effect encodes a generic
    646 hole reference to "other", for now we just skip it until we can

    ** CID 479093: (DEADCODE)
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cryptkey.c: 1779 in openKeyset() /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cryptkey.c: 1770 in openKeyset() /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cryptkey.c: 1771 in openKeyset()


    ________________________________________________________________________________________________________
    *** CID 479093: (DEADCODE)
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cryptkey.c: 1779 in openKeyset()
    1773 break;
    1774
    1775 case CRYPT_KEYSET_HTTP:
    1776 status = setAccessMethodHTTP( keysetInfoPtr ); 1777 break;
    1778
    CID 479093: (DEADCODE)
    Execution cannot reach this statement: "case CRYPT_KEYSET_LDAP:".
    1779 case CRYPT_KEYSET_LDAP:
    1780 status = setAccessMethodLDAP( keysetInfoPtr ); 1781 break;
    1782
    1783 default:
    1784 retIntError(); /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cryptkey.c: 1770 in openKeyset()
    1764 }
    1765
    1766 /* It's a specific type of keyset, set up the access information for it
    1767 and connect to it */
    1768 switch( keysetType )
    1769 {
    CID 479093: (DEADCODE)
    Execution cannot reach this statement: "case CRYPT_KEYSET_DATABASE:". 1770 case CRYPT_KEYSET_DATABASE:
    1771 case CRYPT_KEYSET_DATABASE_STORE:
    1772 status = setAccessMethodDBMS( keysetInfoPtr, keysetType );
    1773 break;
    1774
    1775 case CRYPT_KEYSET_HTTP: /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cryptkey.c: 1771 in openKeyset()
    1765
    1766 /* It's a specific type of keyset, set up the access information for it
    1767 and connect to it */
    1768 switch( keysetType )
    1769 {
    1770 case CRYPT_KEYSET_DATABASE:
    CID 479093: (DEADCODE)
    Execution cannot reach this statement: "case CRYPT_KEYSET_DATABASE_...".
    1771 case CRYPT_KEYSET_DATABASE_STORE:
    1772 status = setAccessMethodDBMS( keysetInfoPtr, keysetType );
    1773 break;
    1774
    1775 case CRYPT_KEYSET_HTTP:
    1776 status = setAccessMethodHTTP( keysetInfoPtr );

    ** CID 479092: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/ext_copy.c: 285 in copyAttribute()


    ________________________________________________________________________________________________________
    *** CID 479092: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/ext_copy.c: 285 in copyAttribute()
    279 if( DATAPTR_ISSET_PTR( newAttributeHeadPtr ) ) 280 deleteAttributes( newAttributeHeadPtr );
    281 return( status );
    282 }
    283
    284 /* Append the new field to the new attribute list */ >>> CID 479092: Resource leaks (RESOURCE_LEAK)
    Variable "newAttributeField" going out of scope leaks the storage it points to.
    285 insertDoubleListElement( newAttributeHeadPtr, newAttributeListTail,
    286 newAttributeField, ATTRIBUTE_LIST );
    287 newAttributeListTail = newAttributeField;
    288 }
    289 ENSURES( LOOP_BOUND_OK );
    290 ENSURES( DATAPTR_ISSET_PTR( newAttributeHeadPtr ) );

    ** CID 479091: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/ssh2_msgcli.c: 707 in processChannelOpenConfirmation()


    ________________________________________________________________________________________________________
    *** CID 479091: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/ssh2_msgcli.c: 707 in processChannelOpenConfirmation()
    701 done */
    702 if( serviceType == SERVICE_PORTFORWARD ) {
    703 selectChannel( sessionInfoPtr, origWriteChannelNo, CHANNEL_WRITE );
    704 return( CRYPT_OK );
    705 }
    706
    CID 479091: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
    "255612575 || channelNo == 0 || !waitforWindow" is always true regardless of the values of its operands. This occurs as the logical operand of "if".
    707 if ( TRUE || channelNo == 0 || !waitforWindow )
    708 {
    709 /* It's a session open request that requires additional messages to do
    710 anything useful, create and send the extra packets. Unlike the
    711 overall open request, we can't wrap and send the packets in one go
    712 because serviceType == SERVICE_SHELL has to send multiple packets,


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3D_Ob8_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDXsFtzU0G-2FWPcCSE76ga65FpTOVnlTg2HlohxKy4ePNmfAvcTgQHzRuwjEUPYcoNsjv51yTcWgn-2B5ZoKEZbHKDuJHZyg4oYm-2B85r0HAuyVfWOvaujD7HGzC-2Bi-2BJJr4c31Rz-2B5noR-2FnEcQw4pO0lSZx8Qbg6Ydb9v-2FQISXmWX5vnA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, February 01, 2024 13:40:37
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 480410: Uninitialized variables (UNINIT) /tmp/sbbs-Feb-01-2024/src/conio/ciolib.c: 2152 in ciolib_rgb_to_legacyattr()


    ________________________________________________________________________________________________________
    *** CID 480410: Uninitialized variables (UNINIT) /tmp/sbbs-Feb-01-2024/src/conio/ciolib.c: 2152 in ciolib_rgb_to_legacyattr() 2146 }
    2147 }
    2148 }
    2149 }
    2150
    2151 return (bestb << 4) | bestf;
    CID 480410: Uninitialized variables (UNINIT)
    Using uninitialized value "bestf".


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3D0Whj_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCGuXH-2F8nbk79WMe2MJx6-2FI9exgVraqIoXRfw5t191-2Fkv7cvlCW07dWiwEkebe6LE7W-2FqT6ZfpHP5InVb8zXpzOgZvf4Ur9-2BJrsFE50Fqk6iSfX0glKX5AlD-2FYPX7BWAafhUDNW6RVuwz3H5dgusXmMWB9WTfpkkhCog7HEgqDjmg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, February 04, 2024 15:09:08
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 483188: Memory - corruptions (OVERRUN)
    /ssl.c: 349 in internal_do_cryptInit()


    ________________________________________________________________________________________________________
    *** CID 483188: Memory - corruptions (OVERRUN)
    /ssl.c: 349 in internal_do_cryptInit()
    343 cryptlib_initialized = false;
    344 cryptEnd();
    345 asprintf(&cryptfail, "Incorrect cryptlib version %d (expected %d)", tmp, CRYPTLIB_VERSION);
    346 return;
    347 }
    348 ret = cryptGetAttributeString(CRYPT_UNUSED, CRYPT_OPTION_INFO_PATCHES, patches, &stp);
    CID 483188: Memory - corruptions (OVERRUN)
    Overrunning array """" of 1 bytes by passing it to a function which accesses it at byte offset 31 using argument "32UL".
    349 if (cryptStatusError(ret) || stp != 32 || memcmp(patches, CRYPTLIB_PATCHES, 32) != 0) {
    350 cryptInit_error = ret;
    351 cryptlib_initialized = false;
    352 cryptEnd();
    353 asprintf(&cryptfail, "Incorrect cryptlib patch set %.32s (expected %s)", patches, CRYPTLIB_PATCHES);
    354 return;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DoE8P_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCgaHhvhfxqmGN-2F2MOiNHiXAXmmE5-2BoMir72-2FKS-2B4CChPr-2B6DUEcHFnW2fJcB9K-2BLqjLkG6SOds2KKoiOogAgt4kivLp-2Bbv0MawXscaXZ6U3zKSU8zPaw8llzmAMgAx1EcIlUZ9-2Faak-2B54E1Z-2BGSHEscOAt6ClVWnKMr9zoYGJFvw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, February 05, 2024 13:39:54
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 483249: Error handling issues (CHECKED_RETURN)
    /main.cpp: 3570 in sbbs_t::init()()


    ________________________________________________________________________________________________________
    *** CID 483249: Error handling issues (CHECKED_RETURN)
    /main.cpp: 3570 in sbbs_t::init()()
    3564 thisnode.misc&=(NODE_EVENT|NODE_LOCK|NODE_RRUN);
    3565 criterrs=thisnode.errors;
    3566 putnodedat(cfg.node_num,&thisnode);
    3567
    3568 // remove any pending node messages
    3569 safe_snprintf(str, sizeof(str), "%smsgs/n%3.3u.msg",cfg.data_dir,cfg.node_num);
    CID 483249: Error handling issues (CHECKED_RETURN)
    Calling "remove(str)" without checking return value. This library function may fail and return an error code.
    3570 remove(str);
    3571 // Delete any stale temporary files (with potentially sensitive content)
    3572 delfiles(cfg.temp_dir,ALLFILES);
    3573 safe_snprintf(str, sizeof(str), "%sMSGTMP", cfg.node_dir);
    3574 removecase(str);
    3575 safe_snprintf(str, sizeof(str), "%sQUOTES.TXT", cfg.node_dir);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DuxM4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDlWnKXqUo4ko-2BswZDnU0KThZlBPhv1kFyIVU6rRp9K48otOTA5WQm5qg8o-2FY8FDqYkPfgDhKOyoUIQMv1mPwAY7yKStOAqjn6xloHvMgh0mRG0DJXpuxyIOkTyi2gGZzdoTshBDw9gCNjiMqTW3IeGxtntX-2B4oBRMrCvut8dx1Kg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, February 07, 2024 13:48:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 486181: (RESOURCE_LEAK)
    /js_bbs.cpp: 1730 in js_expand_atcodes(JSContext *, unsigned int, unsigned long *)()
    /js_bbs.cpp: 1732 in js_expand_atcodes(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 486181: (RESOURCE_LEAK)
    /js_bbs.cpp: 1730 in js_expand_atcodes(JSContext *, unsigned int, unsigned long *)()
    1724 if (instr == NULL)
    1725 return JS_FALSE;
    1726
    1727 if(JSVAL_IS_OBJECT(argv[1]) && !JSVAL_IS_NULL(argv[1])) {
    1728 JSObject* hdrobj;
    1729 if((hdrobj = JSVAL_TO_OBJECT(argv[1])) == NULL)
    CID 486181: (RESOURCE_LEAK)
    Variable "instr" going out of scope leaks the storage it points to. 1730 return JS_FALSE;
    1731 if(!js_GetMsgHeaderObjectPrivates(cx, hdrobj, /* smb_t: */NULL, &msg, /* post: */NULL))
    1732 return JS_FALSE;
    1733 }
    1734
    1735 rc = JS_SUSPENDREQUEST(cx);
    /js_bbs.cpp: 1732 in js_expand_atcodes(JSContext *, unsigned int, unsigned long *)()
    1726
    1727 if(JSVAL_IS_OBJECT(argv[1]) && !JSVAL_IS_NULL(argv[1])) {
    1728 JSObject* hdrobj;
    1729 if((hdrobj = JSVAL_TO_OBJECT(argv[1])) == NULL)
    1730 return JS_FALSE;
    1731 if(!js_GetMsgHeaderObjectPrivates(cx, hdrobj, /* smb_t: */NULL, &msg, /* post: */NULL))
    CID 486181: (RESOURCE_LEAK)
    Variable "instr" going out of scope leaks the storage it points to. 1732 return JS_FALSE;
    1733 }
    1734
    1735 rc = JS_SUSPENDREQUEST(cx);
    1736 sbbs->expand_atcodes(instr, result, sizeof result, msg);
    1737 free(instr);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DmylI_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDXJXQdHoPdhvgvF0Vb847O95f-2F78EIoUagepOVq0LGxVFLDoLOCCiMG-2Fo4JxZOKwjHbMnoOXJKKkCjtFcCkE7VRLhxJ-2FNLJW4jwAN0Jl-2F3no6moASPMez-2F6bxuKm8Qy55QwIHngsrpIdU6tJlGz6f2tQot6J2A4fn-2FWICSVomHTA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, February 09, 2024 13:39:53
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 486276: (USE_AFTER_FREE)
    /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()


    ________________________________________________________________________________________________________
    *** CID 486276: (USE_AFTER_FREE)
    /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DIHvH_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCP2NMkGTJz9ej0zbFZSaut2su5O4d-2FdeN5YNfhO3vr5iN7SLkyWMmA-2BkVBoBNMCMtjp4F5UOP3BhPg-2B0yHPx-2BA66plmcHqc3TbhObiquLp-2FeS-2BJifVzCXGlHdvyg4PHEaoR6LUO7c-2FqTSbtEkku9P0EYfxZeeo5KgjMqT4aVuFYw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, February 14, 2024 13:40:33
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 486477: Error handling issues (CHECKED_RETURN)
    /writemsg.cpp: 416 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 486477: Error handling issues (CHECKED_RETURN)
    /writemsg.cpp: 416 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    410 free(buf);
    411 return(false);
    412 }
    413 if(!i && linesquoted)
    414 break;
    415 if(!i || quote[0]==all_key()) { /* Quote all */
    CID 486477: Error handling issues (CHECKED_RETURN)
    Calling "fseek(stream, l, 0)" without checking return value. This library function may fail and return an error code.
    416 fseek(stream,l,SEEK_SET);
    417 while(!feof(stream) && !ferror(stream)) {
    418 if(!fgets(str,sizeof(str),stream))
    419 break;
    420 quotestr(str);
    421 SAFEPRINTF2(tmp,quote_fmt,cols-4,str);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3D2gqt_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDyBxF-2BuedSB2oLaNTy6psp3Cor4F0rz-2B4SwaIkEVyFE7FwRjEukPY43bM1L1Hi7YMYgyrb0V1krz3N47RLZR8GIqMuk2Z3RqE2OO4o9y0KvmmLDJLp5jbtMBebo-2FmfheUw1RP41SRg-2FK16Oi1OoUubPmh6iPKTPVX1V81t13b6sA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, February 16, 2024 13:40:21
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 486496: (CHECKED_RETURN)
    /writemsg.cpp: 382 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    /writemsg.cpp: 344 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 486496: (CHECKED_RETURN)
    /writemsg.cpp: 382 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    376
    377 else if(useron_xedit && cfg.xedit[useron_xedit-1]->misc&QUOTENONE)
    378 ;
    379
    380 else if(yesno(text[QuoteMessageQ])) {
    381 if(!fexist(quotes_fname(useron_xedit, path, sizeof(path))))
    CID 486496: (CHECKED_RETURN)
    Calling "fexistcase" without checking return value (as is done elsewhere 117 out of 130 times).
    382 fexistcase(path);
    383 if((stream=fnopen(&file,path,O_RDONLY))==NULL) {
    384 errormsg(WHERE,ERR_OPEN,path,O_RDONLY); 385 free(buf);
    386 return(false);
    387 }
    /writemsg.cpp: 344 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    338 && cfg.sub[subnum]->misc&SUB_QUOTE))) {
    339
    340 /* Quote entire message to MSGTMP or INPUT.MSG */
    341
    342 if(useron_xedit && cfg.xedit[useron_xedit-1]->misc&QUOTEALL) {
    343 if(!fexist(quotes_fname(useron_xedit, path, sizeof(path))))
    CID 486496: (CHECKED_RETURN)
    Calling "fexistcase" without checking return value (as is done elsewhere 117 out of 130 times).
    344 fexistcase(path);
    345 if((stream=fnopen(NULL,path,O_RDONLY))==NULL) { 346 errormsg(WHERE,ERR_OPEN,path,O_RDONLY); 347 free(buf);
    348 return(false);
    349 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3Dzn-5_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDPrVkNTVRB68tnZKkkXRCkPUT71LTHn8QopE1tYVp-2FX-2Br08qA1yywGwU3c4MVrlWG-2BFbxw1q-2Fo2e8fear09VrdxSTaZYVAh-2F7Xjhpabc-2Bcxm1n9Xbtacc4z9BZManLJqZ02pp-2F9yM96t7IgwLb1rxOxJKJoizd1NnBghDuRAiDsQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, February 21, 2024 13:39:50
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 486966: Memory - illegal accesses (RETURN_LOCAL) /tmp/sbbs-Feb-21-2024/src/xpdev/ini_file.c: 1073 in iniGetSString()


    ________________________________________________________________________________________________________
    *** CID 486966: Memory - illegal accesses (RETURN_LOCAL) /tmp/sbbs-Feb-21-2024/src/xpdev/ini_file.c: 1073 in iniGetSString()
    1067 size_t pos;
    1068
    1069 ret = iniGetString(list, section, key, deflt, fval);
    1070 if (ret == NULL)
    1071 return ret;
    1072 if (ret == deflt)
    CID 486966: Memory - illegal accesses (RETURN_LOCAL)
    Returning pointer "ret" which points to local variable "fval".
    1073 return ret;
    1074 if (sz < 1 || value == NULL)
    1075 return value;
    1076 for (pos = 0; ret[pos]; pos++) {
    1077 if (pos == sz - 1)
    1078 break;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DCYsZ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrB1fCECxNjHKDEt971XvCYyugWw34HvI84c7ZyY-2BmycHBmh3Jr1qZj7bY0gisTp5UvajQDEP9IZaQTdaMfzHs9DaKL5izWrIdkGSbov-2BkvcK5JM0MeIsMOKIH6vPln5vf0C7XQzN4AL02tzLGZGEYX2inJEOXX8A46m4M4faN8zLQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, February 24, 2024 13:40:32
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 486983: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Feb-24-2024/src/conio/bitmap_con.c: 503 in get_full_rectangle_locked()


    ________________________________________________________________________________________________________
    *** CID 486983: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Feb-24-2024/src/conio/bitmap_con.c: 503 in get_full_rectangle_locked()
    497 {
    498 struct rectlist *rect;
    499 size_t sz = screen->screenwidth * screen->screenheight;
    500 size_t pos;
    501
    502 // TODO: Some sort of caching here would make things faster...? >>> CID 486983: Concurrent data access violations (MISSING_LOCK)
    Accessing "callbacks.drawrect" without holding lock "bitmap_callbacks.lock". Elsewhere, "bitmap_callbacks.drawrect" is written to with "bitmap_callbacks.lock" held 1 out of 1 times (1 of these accesses strongly imply that it is necessary).
    503 if(callbacks.drawrect) {
    504 rect = alloc_full_rect(screen, true);
    505 if (!rect)
    506 return rect;
    507 for (pos = 0; pos < sz; pos++)
    508 rect->data[pos] = color_value(screen->rect->data[pos]);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3D8c0G_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAVcLrFKXhsSDRaqja0Q4G60ZIIHvAxvJ-2BFLnRXVDcep-2B1SeryMCXp8nrAo0L5iDlIM3xJ7X0g6QrD0mlxK5meH-2BBJ37jGt-2F-2BR0SSgqyC1ybNJHz3XT2-2F11T7UEUt5-2FUqhSnT2Rs5NZnjzJIv-2Bf3-2BxbnrqOl4LZRHeRWkBYW2FZNw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, February 27, 2024 13:40:04
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 487089: High impact quality (Y2K38_SAFETY)
    /logout.cpp: 97 in sbbs_t::logout(bool)()


    ________________________________________________________________________________________________________
    *** CID 487089: High impact quality (Y2K38_SAFETY)
    /logout.cpp: 97 in sbbs_t::logout(bool)()
    91 delfiles(cfg.temp_dir,ALLFILES);
    92 if(sys_status&SS_USERON) { // Insures the useron actually went through logon()/getmsgptrs() first
    93 putmsgptrs();
    94 }
    95 if(!REALSYSOP)
    96 logofflist();
    CID 487089: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->now" is cast to "time32_t".
    97 useron.laston=(time32_t)now;
    98
    99 ttoday=useron.ttoday-useron.textra; /* billable time used prev calls */
    100 if(ttoday>=cfg.level_timeperday[useron.level])
    101 i=0;
    102 else

    ** CID 487088: Error handling issues (CHECKED_RETURN)
    /logout.cpp: 89 in sbbs_t::logout(bool)()


    ________________________________________________________________________________________________________
    *** CID 487088: Error handling issues (CHECKED_RETURN)
    /logout.cpp: 89 in sbbs_t::logout(bool)()
    83 if(cfg.logout_mod[0]) {
    84 lprintf(LOG_DEBUG, "executing logout module: %s", cfg.logout_mod);
    85 exec_bin(cfg.logout_mod,&main_csi);
    86 }
    87 SAFEPRINTF2(path,"%smsgs/%4.4u.msg",cfg.data_dir,useron.number);
    88 if(fexistcase(path) && !flength(path)) /* remove any 0 byte message files */
    CID 487088: Error handling issues (CHECKED_RETURN)
    Calling "remove(path)" without checking return value. This library function may fail and return an error code.
    89 remove(path);
    90
    91 delfiles(cfg.temp_dir,ALLFILES);
    92 if(sys_status&SS_USERON) { // Insures the useron actually went through logon()/getmsgptrs() first
    93 putmsgptrs();
    94 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D6w7L_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZL2KLON9c0qMM4K5aJ-2BfdThB6-2BKGg4cWLgpEPITZFj21NY7HODKa21xNCYmqB9WQ9jGdCaJ8kxZplYYP3ZpJQciN5y3k5uG3vF-2Bbjho-2FJ80W4KFTLh14Ge0YKg4KwvJQypDruDryLBwEKW1kUPhOIUyQwbpfzm3Xgxi8Wb6VLKOw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, February 28, 2024 13:40:48
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    23 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 23 defect(s)


    ** CID 487180: Memory - corruptions (BUFFER_SIZE)
    /sftp.cpp: 1388 in sftp_readdir(sftp_string *, void *)()


    ________________________________________________________________________________________________________
    *** CID 487180: Memory - corruptions (BUFFER_SIZE)
    /sftp.cpp: 1388 in sftp_readdir(sftp_string *, void *)()
    1382 return generic_dot_entry(sbbs, dir, tmppath, &dd->info.rootdir.idx);
    1383 }
    1384 if (dd->info.rootdir.idx == dotdot) {
    1385 if (pm->sftp_patt[1]) {
    1386 char *dir = const_cast<char *>(".."); 1387 snprintf(tmppath, sizeof(tmppath) - 2 /* for dir */, pm->sftp_patt, sbbs->useron.alias);
    CID 487180: Memory - corruptions (BUFFER_SIZE)
    Buffer "tmppath" has a size of 4097 characters, and its string length (null character not included) is 4095 characters, leaving an available space of 2 characters. Appending "dir", whose string length (null character not included) is 2 characters, plus the null character overruns "tmppath".
    1388 strcat(tmppath, dir);
    1389 return generic_dot_realpath_entry(sbbs, dir, tmppath, &dd->info.rootdir.idx);
    1390 }
    1391 else
    1392 dd->info.rootdir.idx++;
    1393 }

    ** CID 487179: (MISSING_LOCK)
    /tmp/sbbs-Feb-28-2024/src/sftp/sftp_static.h: 63 in exit_function() /tmp/sbbs-Feb-28-2024/src/sftp/sftp_static.h: 63 in exit_function()


    ________________________________________________________________________________________________________
    *** CID 487179: (MISSING_LOCK)
    /tmp/sbbs-Feb-28-2024/src/sftp/sftp_static.h: 63 in exit_function()
    57 }
    58
    59 static bool
    60 exit_function(SFTP_STATIC_TYPE state, bool retval)
    61 {
    62 assert(state->running > 0);
    CID 487179: (MISSING_LOCK)
    Accessing "state->running" without holding lock "sftp_client_state.mtx". Elsewhere, "sftp_client_state.running" is written to with "sftp_client_state.mtx" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
    63 state->running--;
    64 pthread_mutex_unlock(&state->mtx);
    65 return retval;
    66 }
    67
    68 static bool
    /tmp/sbbs-Feb-28-2024/src/sftp/sftp_static.h: 63 in exit_function()
    57 }
    58
    59 static bool
    60 exit_function(SFTP_STATIC_TYPE state, bool retval)
    61 {
    62 assert(state->running > 0);
    CID 487179: (MISSING_LOCK)
    Accessing "state->running" without holding lock "sftp_server_state.mtx". Elsewhere, "sftp_server_state.running" is written to with "sftp_server_state.mtx" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
    63 state->running--;
    64 pthread_mutex_unlock(&state->mtx);
    65 return retval;
    66 }
    67
    68 static bool

    ** CID 487178: (RESOURCE_LEAK)
    /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 78 in s_open() /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 72 in s_open() /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 82 in s_open() /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 68 in s_open()


    ________________________________________________________________________________________________________
    *** CID 487178: (RESOURCE_LEAK) /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 78 in s_open()
    72 return true;
    73 }
    74 }
    75 if (!(flags & SSH_FXF_CREAT)) {
    76 if (flags & SSH_FXF_TRUNC) {
    77 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't truncate unless creating");
    CID 487178: (RESOURCE_LEAK)
    Variable "fname" going out of scope leaks the storage it points to.
    78 return true;
    79 }
    80 if (flags & SSH_FXF_EXCL) {
    81 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't open exclisive unless creating");
    82 return true;
    83 }
    /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 72 in s_open()
    66 if (flags & SSH_FXF_CREAT) {
    67 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't create unless writing");
    68 return true;
    69 }
    70 if (flags & SSH_FXF_APPEND) {
    71 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't append unless writing");
    CID 487178: (RESOURCE_LEAK)
    Variable "fname" going out of scope leaks the storage it points to.
    72 return true;
    73 }
    74 }
    75 if (!(flags & SSH_FXF_CREAT)) {
    76 if (flags & SSH_FXF_TRUNC) {
    77 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't truncate unless creating");
    /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 82 in s_open()
    76 if (flags & SSH_FXF_TRUNC) {
    77 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't truncate unless creating");
    78 return true;
    79 }
    80 if (flags & SSH_FXF_EXCL) {
    81 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't open exclisive unless creating");
    CID 487178: (RESOURCE_LEAK)
    Variable "fname" going out of scope leaks the storage it points to.
    82 return true;
    83 }
    84 }
    85 attrs = sftp_getfattr(state->rxp);
    86 if (attrs == NULL) {
    87 free_sftp_str(fname); /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 68 in s_open()
    62 if (fname == NULL)
    63 return false;
    64 flags = get32(state);
    65 if (!(flags & SSH_FXF_WRITE)) {
    66 if (flags & SSH_FXF_CREAT) {
    67 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't create unless writing");
    CID 487178: (RESOURCE_LEAK)
    Variable "fname" going out of scope leaks the storage it points to.
    68 return true;
    69 }
    70 if (flags & SSH_FXF_APPEND) {
    71 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't append unless writing");
    72 return true;
    73 }

    ** CID 487177: (Y2K38_SAFETY)
    /sftp.cpp: 433 in homefile_attrs(sbbs_t *, const char *)()
    /sftp.cpp: 433 in homefile_attrs(sbbs_t *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 487177: (Y2K38_SAFETY)
    /sftp.cpp: 433 in homefile_attrs(sbbs_t *, const char *)()
    427 if (attr == nullptr)
    428 return nullptr;
    429 sftp_fattr_set_permissions(attr, S_IFREG | S_IRWXU | S_IRUSR | S_IWUSR);
    430 sftp_fattr_set_uid_gid(attr, sbbs->useron.number, users_gid); 431 sftp_fattr_set_size(attr, flength(path));
    432 time_t fd = fdate(path);
    CID 487177: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "fd" is cast to "uint32_t".
    433 sftp_fattr_set_times(attr, fd, fd);
    434 return attr;
    435 }
    436
    437 static sftp_file_attr_t
    438 sshkeys_attrs(sbbs_t *sbbs, const char *path)
    /sftp.cpp: 433 in homefile_attrs(sbbs_t *, const char *)()
    427 if (attr == nullptr)
    428 return nullptr;
    429 sftp_fattr_set_permissions(attr, S_IFREG | S_IRWXU | S_IRUSR | S_IWUSR);
    430 sftp_fattr_set_uid_gid(attr, sbbs->useron.number, users_gid); 431 sftp_fattr_set_size(attr, flength(path));
    432 time_t fd = fdate(path);
    CID 487177: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "fd" is cast to "uint32_t".
    433 sftp_fattr_set_times(attr, fd, fd);
    434 return attr;
    435 }
    436
    437 static sftp_file_attr_t
    438 sshkeys_attrs(sbbs_t *sbbs, const char *path)

    ** CID 487176: (RESOURCE_LEAK)
    /sftp.cpp: 741 in find_lib(sbbs_t *, const char *)()
    /sftp.cpp: 741 in find_lib(sbbs_t *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 487176: (RESOURCE_LEAK)
    /sftp.cpp: 741 in find_lib(sbbs_t *, const char *)()
    735 *c = 0;
    736 for (l = 0; l < sbbs->cfg.total_libs; l++) {
    737 if (!can_user_access_lib(&sbbs->cfg, l, &sbbs->useron, &sbbs->client))
    738 continue;
    739 exp = expand_slash(sbbs->cfg.lib[l]->lname);
    740 if (exp == nullptr)
    CID 487176: (RESOURCE_LEAK)
    Variable "p" going out of scope leaks the storage it points to.
    741 return -1;
    742 if (strcmp(p, exp)) {
    743 free(exp);
    744 continue;
    745 }
    746 free(exp);
    /sftp.cpp: 741 in find_lib(sbbs_t *, const char *)()
    735 *c = 0;
    736 for (l = 0; l < sbbs->cfg.total_libs; l++) {
    737 if (!can_user_access_lib(&sbbs->cfg, l, &sbbs->useron, &sbbs->client))
    738 continue;
    739 exp = expand_slash(sbbs->cfg.lib[l]->lname);
    740 if (exp == nullptr)
    CID 487176: (RESOURCE_LEAK)
    Variable "p" going out of scope leaks the storage it points to.
    741 return -1;
    742 if (strcmp(p, exp)) {
    743 free(exp);
    744 continue;
    745 }
    746 free(exp);

    ** CID 487175: Resource leaks (RESOURCE_LEAK)
    /sftp.cpp: 1517 in sftp_readdir(sftp_string *, void *)()


    ________________________________________________________________________________________________________
    *** CID 487175: Resource leaks (RESOURCE_LEAK)
    /sftp.cpp: 1517 in sftp_readdir(sftp_string *, void *)()
    1511 }
    1512 attr = get_dir_attrs(sbbs, dd->info.filebase.idx);
    1513 if (attr == nullptr)
    1514 return sftps_send_error(sbbs->sftp_state, SSH_FX_FAILURE, "Attributes allocation failure");
    1515 ename = expand_slash(sbbs->cfg.dir[dd->info.filebase.idx]->lname);
    1516 if (ename == nullptr)
    CID 487175: Resource leaks (RESOURCE_LEAK)
    Variable "attr" going out of scope leaks the storage it points to.
    1517 return sftps_send_error(sbbs->sftp_state, SSH_FX_FAILURE, "EName allocation failure");
    1518 lname = get_longname(sbbs, ename, nullptr, attr);
    1519 if (lname == nullptr) {
    1520 free(ename);
    1521 sftp_fattr_free(attr);
    1522 return sftps_send_error(sbbs->sftp_state, SSH_FX_FAILURE, "Longname allocation failure");

    ** CID 487174: Code maintainability issues (UNUSED_VALUE)
    /main.cpp: 1993 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()


    ________________________________________________________________________________________________________
    *** CID 487174: Code maintainability issues (UNUSED_VALUE)
    /main.cpp: 1993 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()
    1987
    1988 if (cid != sbbs->sftp_channel && cid != sbbs->session_channel) {
    1989 lprintf(LOG_WARNING, "Node %d SSH WARNING: attempt to use channel '%s' (%d != %d or %d)"
    1990 , sbbs->cfg.node_num, cname ? cname : "<unknown>", cid, sbbs->session_channel, sbbs->sftp_channel);
    1991 if (cname) {
    1992 free_crypt_attrstr(cname);
    CID 487174: Code maintainability issues (UNUSED_VALUE)
    Assigning value "NULL" to "cname" here, but that stored value is overwritten before it can be used.
    1993 cname = nullptr;
    1994 }
    1995 if (ssname) {
    1996 free_crypt_attrstr(ssname);
    1997 ssname = nullptr;
    1998 }

    ** CID 487173: Program hangs (LOCK)
    /sftp.cpp: 987 in sftp_send(unsigned char *, unsigned long, void *)()


    ________________________________________________________________________________________________________
    *** CID 487173: Program hangs (LOCK)
    /sftp.cpp: 987 in sftp_send(unsigned char *, unsigned long, void *)()
    981 if (sbbs->sftp_channel == -1)
    982 return false;
    983 while (sent < len) {
    984 pthread_mutex_lock(&sbbs->ssh_mutex);
    985 status = cryptSetAttribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL, sbbs->sftp_channel);
    986 if (cryptStatusError(status))
    CID 487173: Program hangs (LOCK)
    Returning without unlocking "sbbs->ssh_mutex".
    987 return false;
    988 size_t sendbytes = len - sent;
    989 #define SENDBYTES_MAX 0x2000
    990 if (sendbytes > SENDBYTES_MAX)
    991 sendbytes = SENDBYTES_MAX;
    992 status = cryptSetAttribute(sbbs->ssh_session, CRYPT_OPTION_NET_WRITETIMEOUT, 5);

    ** CID 487172: Incorrect expression (CONSTANT_EXPRESSION_RESULT)
    /sftp.cpp: 171 in path_map::path_map(sbbs_t *, const unsigned char *, map_path_mode)()


    ________________________________________________________________________________________________________
    *** CID 487172: Incorrect expression (CONSTANT_EXPRESSION_RESULT)
    /sftp.cpp: 171 in path_map::path_map(sbbs_t *, const unsigned char *, map_path_mode)()
    165 return;
    166 }
    167 this->is_static_ = false;
    168 this->info.filebase.dir = -1;
    169 this->info.filebase.lib = -1;
    170 this->info.filebase.idx = dot;
    CID 487172: Incorrect expression (CONSTANT_EXPRESSION_RESULT)
    The expression "this->sftp_path[6UL /* files_path_len */] == 0 || this->sftp_path[6UL /* files_path_len */] == 0" does not accomplish anything because it evaluates to either of its identical operands, "this->sftp_path[6UL /* files_path_len */] == 0".
    171 if (this->sftp_path[files_path_len] == 0 || this->sftp_path[files_path_len] == 0) {
    172 // Root...
    173 result_ = MAP_TO_DIR;
    174 return;
    175 }
    176 const char *lib = &this->sftp_path[files_path_len + 1];

    ** CID 487171: Insecure data handling (TAINTED_SCALAR) /tmp/sbbs-Feb-28-2024/src/sftp/sftp_attr.c: 324 in sftp_getfattr()


    ________________________________________________________________________________________________________
    *** CID 487171: Insecure data handling (TAINTED_SCALAR) /tmp/sbbs-Feb-28-2024/src/sftp/sftp_attr.c: 324 in sftp_getfattr()
    318 ret->atime = sftp_get32(pkt);
    319 ret->mtime = sftp_get32(pkt);
    320 }
    321 if (ret->flags & SSH_FILEXFER_ATTR_EXTENDED) {
    322 uint32_t extcnt = sftp_get32(pkt);
    323 uint32_t ext;
    CID 487171: Insecure data handling (TAINTED_SCALAR)
    Using tainted variable "extcnt" as a loop boundary.
    324 for (ext = 0; ext < extcnt; ext++) {
    325 sftp_str_t type = sftp_getstring(pkt);
    326 if (type == NULL)
    327 break;
    328 sftp_str_t data = sftp_getstring(pkt);
    329 if (data == NULL) {

    ** CID 487170: Security best practices violations (TOCTOU)
    /sftp.cpp: 1147 in sftp_open(sftp_string *, unsigned int, sftp_file_attributes *, void *)()


    ________________________________________________________________________________________________________
    *** CID 487170: Security best practices violations (TOCTOU)
    /sftp.cpp: 1147 in sftp_open(sftp_string *, unsigned int, sftp_file_attributes *, void *)()
    1141 sbbs->sftp_filedes[fdidx]->dir = -1;
    1142 else {
    1143 sbbs->sftp_filedes[fdidx]->dir = pmap.info.filebase.dir;
    1144 sbbs->sftp_filedes[fdidx]->idx_offset = pmap.info.filebase.offset;
    1145 sbbs->sftp_filedes[fdidx]->idx_number = pmap.info.filebase.idx;
    1146 }
    CID 487170: Security best practices violations (TOCTOU)
    Calling function "access" to perform check on "pmap.local_path".
    1147 if (access(pmap.local_path, F_OK) != 0) {
    1148 // File did not exist, and we're creating
    1149 if (oflags & O_CREAT) {
    1150 sbbs->sftp_filedes[fdidx]->created = true;
    1151 }
    1152 }

    ** CID 487169: Error handling issues (CHECKED_RETURN)
    /sftp.cpp: 1044 in sftp_cleanup_callback(void *)()


    ________________________________________________________________________________________________________
    *** CID 487169: Error handling issues (CHECKED_RETURN)
    /sftp.cpp: 1044 in sftp_cleanup_callback(void *)()
    1038
    1039 for (unsigned i = 0; i < nfdes; i++) {
    1040 if (sbbs->sftp_filedes[i] != nullptr) {
    1041 close(sbbs->sftp_filedes[i]->fd);
    1042 if (sbbs->sftp_filedes[i]->created && sbbs->sftp_filedes[i]->local_path) {
    1043 // If we were uploading, delete the incomplete file
    CID 487169: Error handling issues (CHECKED_RETURN)
    Calling "remove(sbbs->sftp_filedes[i]->local_path)" without checking return value. This library function may fail and return an error code.
    1044 remove(sbbs->sftp_filedes[i]->local_path);
    1045 }
    1046 free(sbbs->sftp_filedes[i]->local_path);
    1047 free(sbbs->sftp_filedes[i]);
    1048 sbbs->sftp_filedes[i] = nullptr;
    1049 }

    ** CID 487168: (UNUSED_VALUE) /tmp/sbbs-Feb-28-2024/3rdp/src/cl/session/ssh2_msgsvr.c: 679 in processChannelRequest()
    /tmp/sbbs-Feb-28-2024/3rdp/src/cl/session/ssh2_msgsvr.c: 691 in processChannelRequest()


    ________________________________________________________________________________________________________
    *** CID 487168: (UNUSED_VALUE) /tmp/sbbs-Feb-28-2024/3rdp/src/cl/session/ssh2_msgsvr.c: 679 in processChannelRequest()
    673 setChannelAttribute(sessionInfoPtr, CRYPT_SESSINFO_SSH_CHANNEL_WIDTH, status);
    674 status = readUint32(stream);
    675 if (status > 0)
    676 setChannelAttribute(sessionInfoPtr, CRYPT_SESSINFO_SSH_CHANNEL_HEIGHT, status);
    677 break;
    678 case REQUEST_SHELL:
    CID 487168: (UNUSED_VALUE)
    Assigning value from "setChannelAttributeS(sessionInfoPtr, CRYPT_SESSINFO_SSH_CHANNEL_TYPE, "shell", 5)" to "status" here, but that stored value is overwritten before it can be used.
    679 status = setChannelAttributeS( sessionInfoPtr, 680 CRYPT_SESSINFO_SSH_CHANNEL_TYPE,
    681 "shell", 5 );
    682 break;
    683 case REQUEST_NOOP:
    684 /* Generic requests containing extra information that we're not
    /tmp/sbbs-Feb-28-2024/3rdp/src/cl/session/ssh2_msgsvr.c: 691 in processChannelRequest()
    685 interested in */
    686 break;
    687
    688 #ifdef USE_SSH_EXTENDED
    689 case REQUEST_EXEC:
    690 /* A further generic request that we're not interested in */
    CID 487168: (UNUSED_VALUE)
    Assigning value from "setChannelAttributeS(sessionInfoPtr, CRYPT_SESSINFO_SSH_CHANNEL_TYPE, "exec", 4)" to "status" here, but that stored value is overwritten before it can be used.
    691 status = setChannelAttributeS( sessionInfoPtr, 692 CRYPT_SESSINFO_SSH_CHANNEL_TYPE,
    693 "exec", 4 );
    694 break;
    695
    696 case REQUEST_SUBSYSTEM:

    ** CID 487167: Program hangs (LOCK)
    /main.cpp: 2048 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()


    ________________________________________________________________________________________________________
    *** CID 487167: Program hangs (LOCK)
    /main.cpp: 2048 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()
    2042 if (closed && sbbs->sftp_channel == -1 && sbbs->session_channel == -1)
    2043 return CRYPT_ERROR_COMPLETE; 2044 }
    2045 }
    2046 if (ret == CRYPT_ENVELOPE_RESOURCE)
    2047 return CRYPT_ERROR_TIMEOUT;
    CID 487167: Program hangs (LOCK)
    Returning without unlocking "sbbs->sftp_state->mtx".
    2048 return ret;
    2049 }
    2050 return CRYPT_ERROR_TIMEOUT;
    2051 }
    2052
    2053 void input_thread(void *arg)

    ** CID 487166: (CHECKED_RETURN)
    /main.cpp: 2036 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)() /main.cpp: 2028 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()


    ________________________________________________________________________________________________________
    *** CID 487166: (CHECKED_RETURN)
    /main.cpp: 2036 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()
    2030 closed = true;
    2031 }
    2032 }
    2033 if (sbbs->session_channel != -1) {
    2034 if (!channel_open(sbbs, sbbs->session_channel)) {
    2035 if (cryptStatusOK(cryptSetAttribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL, sbbs->session_channel)))
    CID 487166: (CHECKED_RETURN)
    Calling "cryptSetAttribute" without checking return value (as is done elsewhere 50 out of 61 times).
    2036 cryptSetAttribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE, 0);
    2037 sbbs->session_channel = -1;
    2038 closed = true;
    2039 }
    2040 }
    2041 // All channels are now closed. /main.cpp: 2028 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()
    2022 if (status != CRYPT_ERROR_NOTFOUND) 2023 sbbs->log_crypt_error_status_sock(status, "getting channel id");
    2024 closing_channel = -1;
    2025 if (sbbs->sftp_channel != -1) {
    2026 if (!channel_open(sbbs, sbbs->sftp_channel)) {
    2027 if (cryptStatusOK(cryptSetAttribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL, sbbs->sftp_channel)))
    CID 487166: (CHECKED_RETURN)
    Calling "cryptSetAttribute" without checking return value (as is done elsewhere 50 out of 61 times).
    2028 cryptSetAttribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE, 0);
    2029 sbbs->sftp_channel = -1;
    2030 closed = true;
    2031 }
    2032 }
    2033 if (sbbs->session_channel != -1) {

    ** CID 487165: (REVERSE_INULL)
    /main.cpp: 1984 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)() /main.cpp: 1975 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()


    ________________________________________________________________________________________________________
    *** CID 487165: (REVERSE_INULL)
    /main.cpp: 1984 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()
    1978 if (!sftps_recv(sbbs->sftp_state, reinterpret_cast<uint8_t *>(inbuf), tgot))
    1979 sbbs->sftp_end();
    1980 }
    1981 sbbs->sftp_channel = cid;
    1982 }
    1983 }
    CID 487165: (REVERSE_INULL)
    Null-checking "cname" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    1984 if (cname && sbbs->session_channel == -1 && strcmp(cname, "shell") == 0) {
    1985 sbbs->session_channel = cid;
    1986 }
    1987
    1988 if (cid != sbbs->sftp_channel && cid != sbbs->session_channel) {
    1989 lprintf(LOG_WARNING, "Node %d SSH WARNING: attempt to use channel '%s' (%d != %d or %d)"
    /main.cpp: 1975 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()
    1969 return status;
    1970 }
    1971 cname = get_crypt_attribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL_TYPE);
    1972 if (strcmp(cname, "subsystem") == 0) {
    1973 ssname = get_crypt_attribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL_ARG1);
    1974 }
    CID 487165: (REVERSE_INULL)
    Null-checking "cname" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    1975 if (((startup->options & (BBS_OPT_ALLOW_SFTP | BBS_OPT_SSH_ANYAUTH)) == BBS_OPT_ALLOW_SFTP) && ssname && cname && sbbs->sftp_channel == -1 && strcmp(ssname, "sftp") == 0) {
    1976 if (sbbs->init_sftp(cid)) {
    1977 if (tgot > 0) { 1978 if (!sftps_recv(sbbs->sftp_state, reinterpret_cast<uint8_t *>(inbuf), tgot))
    1979 sbbs->sftp_end();
    1980 }

    ** CID 487164: Resource leaks (RESOURCE_LEAK)
    /sftp.cpp: 1424 in sftp_readdir(sftp_string *, void *)()


    ________________________________________________________________________________________________________
    *** CID 487164: Resource leaks (RESOURCE_LEAK)
    /sftp.cpp: 1424 in sftp_readdir(sftp_string *, void *)()
    1418 continue;
    1419 }
    1420 sprintf(tmppath, static_files[dd->info.rootdir.idx].sftp_patt, sbbs->useron.alias);
    1421 remove_trailing_slash(tmppath);
    1422 attr = get_attrs(sbbs, tmppath, &link);
    1423 if (attr == nullptr)
    CID 487164: Resource leaks (RESOURCE_LEAK)
    Variable "link" going out of scope leaks the storage it points to.
    1424 return sftps_send_error(sbbs->sftp_state, SSH_FX_FAILURE, "Attributes allocation failure");
    1425 lname = get_longname(sbbs, tmppath, link, attr);
    1426 if (lname == nullptr) {
    1427 sftp_fattr_free(attr);
    1428 return sftps_send_error(sbbs->sftp_state, SSH_FX_FAILURE, "Longname allocation failure");
    1429 }

    ** CID 487163: Program hangs (LOCK) /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 373 in sftps_recv()


    ________________________________________________________________________________________________________
    *** CID 487163: Program hangs (LOCK) /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 373 in sftps_recv()
    367 if (!sftp_rx_pkt_append(&state->rxp, buf, sz))
    368 return exit_function(state, false);
    369 if (sftp_have_pkt_sz(state->rxp)) {
    370 uint32_t psz = sftp_pkt_sz(state->rxp);
    371 if (psz > SFTP_MAX_PACKET_SIZE) {
    372 state->lprintf(state->cb_data, "Packet too large (%" PRIu32 " bytes)", psz);
    CID 487163: Program hangs (LOCK)
    Returning without unlocking "state->mtx".
    373 return false;
    374 }
    375 }
    376 while (sftp_have_full_pkt(state->rxp)) {
    377 bool handled = false;
    378

    ** CID 487162: Control flow issues (DEADCODE)
    /sftp.cpp: 871 in get_attrs(sbbs_t *, const char *, char **)()


    ________________________________________________________________________________________________________
    *** CID 487162: Control flow issues (DEADCODE)
    /sftp.cpp: 871 in get_attrs(sbbs_t *, const char *, char **)()
    865 else
    866 ppath[0] = 0;
    867 ret = pm->get_attrs(sbbs, ppath);
    868 if (link && pm->link_patt) {
    869 asprintf(link, pm->link_patt, sbbs->useron.alias);
    870 if (link == nullptr) {
    CID 487162: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "sftp_fattr_free(ret);".
    871 sftp_fattr_free(ret);
    872 ret = nullptr;
    873 }
    874 }
    875 return ret;
    876 }

    ** CID 487161: (Y2K38_SAFETY)
    /sftp.cpp: 448 in sshkeys_attrs(sbbs_t *, const char *)()
    /sftp.cpp: 448 in sshkeys_attrs(sbbs_t *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 487161: (Y2K38_SAFETY)
    /sftp.cpp: 448 in sshkeys_attrs(sbbs_t *, const char *)()
    442 if (attr == nullptr)
    443 return nullptr;
    444 sftp_fattr_set_permissions(attr, S_IFLNK | S_IRWXU | S_IRUSR | S_IWUSR);
    445 sftp_fattr_set_uid_gid(attr, sbbs->useron.number, users_gid); 446 sftp_fattr_set_size(attr, flength(path));
    447 time_t fd = fdate(path);
    CID 487161: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "fd" is cast to "uint32_t".
    448 sftp_fattr_set_times(attr, fd, fd);
    449 return attr;
    450 }
    451
    452 void
    453 remove_trailing_slash(char *str)
    /sftp.cpp: 448 in sshkeys_attrs(sbbs_t *, const char *)()
    442 if (attr == nullptr)
    443 return nullptr;
    444 sftp_fattr_set_permissions(attr, S_IFLNK | S_IRWXU | S_IRUSR | S_IWUSR);
    445 sftp_fattr_set_uid_gid(attr, sbbs->useron.number, users_gid); 446 sftp_fattr_set_size(attr, flength(path));
    447 time_t fd = fdate(path);
    CID 487161: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "fd" is cast to "uint32_t".
    448 sftp_fattr_set_times(attr, fd, fd);
    449 return attr;
    450 }
    451
    452 void
    453 remove_trailing_slash(char *str)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D4ieG_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZz6Lg2xx1dh6E9z4lSXKW4n9yiZaua5LbXznpVF4MIwbp178psQJ2n-2Fpok7ErzI9IlNJTrPj-2F83NUNTOEjSUjSMYrpz0XVq0IKvzP47fjT8ZUoPS4k4FQsPlqiTS940mDZqL8H0V26aTBOs1jlgpdGUT2g7d1Ei-2FiSNIWvXxdCeA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, March 01, 2024 13:43:05
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 487600: Error handling issues (CHECKED_RETURN)
    /sftp.cpp: 1625 in sftp_readdir(sftp_string *, void *)()


    ________________________________________________________________________________________________________
    *** CID 487600: Error handling issues (CHECKED_RETURN)
    /sftp.cpp: 1625 in sftp_readdir(sftp_string *, void *)()
    1619 free(link);
    1620 if (lname == nullptr) {
    1621 sftp_fattr_free(attr);
    1622 return sftps_send_error(sbbs->sftp_state, SSH_FX_FAILURE, "Longname allocation failure");
    1623 }
    1624 vpath = getfname(tmppath);
    CID 487600: Error handling issues (CHECKED_RETURN)
    Calling "add_name" without checking return value (as is done elsewhere 4 out of 5 times).
    1625 fn.add_name(strdup(vpath), lname, attr);
    1626 }
    1627 }
    1628 else {
    1629 if (dd->info.filebase.lib == -1) {
    1630 // /files/ (ie: list of libs)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D_Mv9_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZAvea4qFQBhPrjKB4cHy2kAbmKz1-2F0ttbXdmTqhC-2BEq7-2Bvgywi6EN0yh9ZWlpucVXNfv4OAgSDch06A-2FyZfKQuykxNA3ygHnLLNJZ-2FPbpNGcgiztSzdmC0nW0gtMv3miUCmrLhEqR-2FOP8z9BsqWg6i-2B8KyEK4CuE0E7PMo9TUvnw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, March 03, 2024 13:41:26
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 487672: Null pointer dereferences (NULL_RETURNS) /tmp/sbbs-Mar-03-2024/src/xpdev/datewrap.c: 36 in checktime()


    ________________________________________________________________________________________________________
    *** CID 487672: Null pointer dereferences (NULL_RETURNS) /tmp/sbbs-Mar-03-2024/src/xpdev/datewrap.c: 36 in checktime()
    30 struct tm gmt;
    31 struct tm tm;
    32
    33 memset(&tm,0,sizeof(tm));
    34 tm.tm_year=94;
    35 tm.tm_mday=1;
    CID 487672: Null pointer dereferences (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "gmtime_r(&t, &gmt)" when calling "mktime".
    36 return mktime(&tm) - mktime(gmtime_r(&t,&gmt));
    37 }
    38
    39 /* Compensates for struct tm "weirdness" */
    40 time_t sane_mktime(struct tm* tm)
    41 {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D-9vV_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbdS62iBETJxCjfqof1M6S95WSy-2FViK1FGVTyAQx6ozqlGvN9awUs6gtEF2eXLxZfTJjLLUyT0fwRFvEc99-2BOQhjAl2O2TUGD1ycgVDsPOsObe7L7LzV-2FFPKXyVz9z9YuZdACZlhk3hv8V4jfGont8ig4eUY-2FGqtqgGqZWYwmWkLQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, March 19, 2024 13:22:45
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 488122: Concurrent data access violations (MISSING_LOCK)
    /websrvr.c: 6243 in respond()


    ________________________________________________________________________________________________________
    *** CID 488122: Concurrent data access violations (MISSING_LOCK)
    /websrvr.c: 6243 in respond()
    6237 ,session->socket, session->client.protocol, session->client.addr, session->req.physical_path
    6238 ,session->req.range_start,session->req.range_end, content_length);
    6239 else
    6240 lprintf(LOG_INFO,"%04d %s [%s] Sending file: %s (%"PRIdOFF" bytes)"
    6241 ,session->socket, session->client.protocol, session->client.addr, session->req.physical_path, content_length);
    6242 snt=sock_sendfile(session,session->req.physical_path,session->req.range_start,session->req.range_end);
    CID 488122: Concurrent data access violations (MISSING_LOCK)
    Accessing "session->send_failed" without holding lock "http_session_t.outbuf_write". Elsewhere, "http_session_t.send_failed" is written to with "http_session_t.outbuf_write" held 1 out of 1 times.
    6243 if(!session->send_failed) {
    6244 if(session->req.ld!=NULL) {
    6245 if(snt<0)
    6246 snt=0;
    6247 session->req.ld->size=snt;
    6248 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DmHtV_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbYwk4stqvOulAQyfb9Qz7UqXa-2FyYiLNtJQLdPQNB0BbrubVIHVqt8wbwLmHsBUJon6PC9sbncKQ-2BAxsdRHbzS8LHKyt8nQ5XXM7E400tls6CE8QTOmeO-2BbTPMyH95TYfYCuXcmmWIuH-2F2U7WSDFD5czc7Rvy8hX-2BZbhm7O5DgwmQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, March 23, 2024 12:40:16
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    5 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 5 of 5 defect(s)


    ** CID 488309: Memory - illegal accesses (STRING_NULL)


    ________________________________________________________________________________________________________
    *** CID 488309: Memory - illegal accesses (STRING_NULL)
    /str.cpp: 344 in sbbs_t::sif(char *, char *, int)()
    338 m+=2;
    339 for(l=m;l<length;l++)
    340 if(buf[l]=='"') {
    341 buf[l]=0;
    342 break;
    343 }
    CID 488309: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "(char *)buf + m" to "getkeys", which expects a null-terminated string.
    344 answers[a++]=(char)getkeys((char *)buf+m,0);
    345 }
    346 else {
    347 answers[a]=getkey(mode);
    348 outchar(answers[a++]);
    349 attr(LIGHTGRAY);

    ** CID 488308: (STRING_NULL)


    ________________________________________________________________________________________________________
    *** CID 488308: (STRING_NULL)
    /sbbsecho.c: 3666 in getzpt()
    3660 faddr=atofaddr(buf+i+6);
    3661 hdr->destzone=faddr.zone;
    3662 hdr->destnet=faddr.net;
    3663 hdr->destnode=faddr.node;
    3664 i+=6;
    3665 while(buf[i] && buf[i]!=' ') i++;
    CID 488308: (STRING_NULL)
    Passing unterminated string "buf + i + 1" to "atofaddr", which expects a null-terminated string.
    3666 faddr=atofaddr(buf+i+1);
    3667 hdr->origzone=faddr.zone;
    3668 hdr->orignet=faddr.net;
    3669 hdr->orignode=faddr.node;
    3670 intl_found = true;
    3671 }
    /sbbsecho.c: 3660 in getzpt()
    3654 if((!i || cr) && buf[i]==CTRL_A) { /* kludge */ 3655 if(!strncmp(buf+i+1,"TOPT ",5))
    3656 hdr->destpoint=atoi(buf+i+6);
    3657 else if(!strncmp(buf+i+1,"FMPT ",5))
    3658 hdr->origpoint=atoi(buf+i+6);
    3659 else if(!strncmp(buf+i+1,"INTL ",5)) {
    CID 488308: (STRING_NULL)
    Passing unterminated string "buf + i + 6" to "atofaddr", which expects a null-terminated string.
    3660 faddr=atofaddr(buf+i+6);
    3661 hdr->destzone=faddr.zone;
    3662 hdr->destnet=faddr.net;
    3663 hdr->destnode=faddr.node;
    3664 i+=6;
    3665 while(buf[i] && buf[i]!=' ') i++;

    ** CID 488307: Memory - illegal accesses (STRING_NULL)


    ________________________________________________________________________________________________________
    *** CID 488307: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Mar-23-2024/src/smblib/smblib.c: 1085 in smb_getmsghdr()
    1079 !=(size_t)msg->hfield[i].length) {
    1080 safe_snprintf(smb->last_error,sizeof(smb->last_error)
    1081 ,"%s reading header (#%d) field data (%d bytes)", __FUNCTION__, (int)i, (int)msg->hfield[i].length);
    1082 smb_freemsgmem(msg);
    1083 return(SMB_ERR_READ);
    1084 }
    CID 488307: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "msg->hfield_dat[i]" to "set_convenience_ptr", which expects a null-terminated string.
    1085 set_convenience_ptr(msg,msg->hfield[i].type,msg->hfield[i].length,msg->hfield_dat[i]);
    1086
    1087 l+=msg->hfield[i].length;
    1088 }
    1089
    1090 /* These convenience pointers must point to something */

    ** CID 488306: (STRING_NULL)
    /sauce.c: 60 in sauce_fread_charinfo()
    /sauce.c: 62 in sauce_fread_charinfo()
    /sauce.c: 59 in sauce_fread_charinfo()
    /sauce.c: 61 in sauce_fread_charinfo()


    ________________________________________________________________________________________________________
    *** CID 488306: (STRING_NULL)
    /sauce.c: 60 in sauce_fread_charinfo()
    54
    55 if(type != NULL)
    56 *type = record.filetype;
    57 if(info != NULL) {
    58 memset(info, 0, sizeof(*info));
    59 SAFECOPY(info->title, record.title); truncsp(info->title);
    CID 488306: (STRING_NULL)
    Passing unterminated string "record.author" to "strlcpy", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
    60 SAFECOPY(info->author, record.author); truncsp(info->author); 61 SAFECOPY(info->group, record.group); truncsp(info->group);
    62 SAFECOPY(info->date, record.date); truncsp(info->date);
    63 info->width = record.tinfo1;
    64 info->height = record.tinfo2;
    65 switch(record.filetype) {
    /sauce.c: 62 in sauce_fread_charinfo()
    56 *type = record.filetype;
    57 if(info != NULL) {
    58 memset(info, 0, sizeof(*info));
    59 SAFECOPY(info->title, record.title); truncsp(info->title);
    60 SAFECOPY(info->author, record.author); truncsp(info->author); 61 SAFECOPY(info->group, record.group); truncsp(info->group);
    CID 488306: (STRING_NULL)
    Passing unterminated string "record.date" to "strlcpy", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
    62 SAFECOPY(info->date, record.date); truncsp(info->date);
    63 info->width = record.tinfo1;
    64 info->height = record.tinfo2;
    65 switch(record.filetype) {
    66 case sauce_char_filetype_ascii:
    67 case sauce_char_filetype_ansi:
    /sauce.c: 59 in sauce_fread_charinfo()
    53 return false;
    54
    55 if(type != NULL)
    56 *type = record.filetype;
    57 if(info != NULL) {
    58 memset(info, 0, sizeof(*info));
    CID 488306: (STRING_NULL)
    Passing unterminated string "record.title" to "strlcpy", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
    59 SAFECOPY(info->title, record.title); truncsp(info->title);
    60 SAFECOPY(info->author, record.author); truncsp(info->author); 61 SAFECOPY(info->group, record.group); truncsp(info->group);
    62 SAFECOPY(info->date, record.date); truncsp(info->date);
    63 info->width = record.tinfo1;
    64 info->height = record.tinfo2;
    /sauce.c: 61 in sauce_fread_charinfo()
    55 if(type != NULL)
    56 *type = record.filetype;
    57 if(info != NULL) {
    58 memset(info, 0, sizeof(*info));
    59 SAFECOPY(info->title, record.title); truncsp(info->title);
    60 SAFECOPY(info->author, record.author); truncsp(info->author); >>> CID 488306: (STRING_NULL)
    Passing unterminated string "record.group" to "strlcpy", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
    61 SAFECOPY(info->group, record.group); truncsp(info->group);
    62 SAFECOPY(info->date, record.date); truncsp(info->date);
    63 info->width = record.tinfo1;
    64 info->height = record.tinfo2;
    65 switch(record.filetype) {
    66 case sauce_char_filetype_ascii:

    ** CID 488305: Memory - corruptions (STRING_OVERFLOW)
    /uedit/uedit.c: 1908 in main()


    ________________________________________________________________________________________________________
    *** CID 488305: Memory - corruptions (STRING_OVERFLOW)
    /uedit/uedit.c: 1908 in main()
    1902
    1903 sbbs_get_ini_fname(ini_file, ctrl_dir);
    1904
    1905 /* Initialize BBS startup structure */
    1906 memset(&bbs_startup,0,sizeof(bbs_startup));
    1907 bbs_startup.size=sizeof(bbs_startup);
    CID 488305: Memory - corruptions (STRING_OVERFLOW)
    You might overrun the 1024-character destination string "bbs_startup.ctrl_dir" by writing 4097 characters from "ctrl_dir".
    1908 strcpy(bbs_startup.ctrl_dir,ctrl_dir);
    1909
    1910 /* Read .ini file here */
    1911 if(ini_file[0]!=0 && (fp=fopen(ini_file,"r"))!=NULL) {
    1912 printf("Reading %s\n",ini_file);
    1913 /* We call this function to set defaults, even if there's no .ini file */


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DTnRX_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQaEw-2F35bzGVOVw-2BfAgK10nKBe2EaCuOVThBtA4zmIf-2FH6jtPrg8CF4KIxfGxqbWYZGzK5dEjEeJjcG-2FZFDV9g6z-2BKMwuy3tSgd6XVj6QkX-2FbE7goOVxulE2g8b9eGhrdwq7nNngW7QJqRO3KLACCgsN-2Bn56lb9VdBetusZbl3sfvQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, April 06, 2024 13:32:05
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 492209: High impact quality (Y2K38_SAFETY)
    /js_system.c: 2698 in js_system_resolve()


    ________________________________________________________________________________________________________
    *** CID 492209: High impact quality (Y2K38_SAFETY)
    /js_system.c: 2698 in js_system_resolve()
    2692 LAZY_INTEGER("version_hex", VERSION_HEX);
    2693
    2694 /* Git repo details */
    2695 LAZY_STRING("git_branch", git_branch);
    2696 LAZY_STRING("git_hash", git_hash);
    2697 LAZY_STRING("git_date", git_date);
    CID 492209: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "git_time" is cast to "uint32".
    2698 LAZY_INTEGER("git_time", git_time);
    2699
    2700 LAZY_STRING("platform", PLATFORM_DESC);
    2701 LAZY_STRING("architecture", ARCHITECTURE_DESC);
    2702 LAZY_STRFUNC("msgbase_lib", sprintf(str,"SMBLIB %s",smb_lib_ver()), str);
    2703 LAZY_STRFUNC("compiled_with", DESCRIBE_COMPILER(str), str);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DSh4N_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQaN8mnibgm8pDR-2F-2Bbe3f8EPEDiLDxICRbQfwsS-2Fj8I1S6oBPCdVVfNCUqkg9CbPMpOrc11Ju1i-2FZKGsMzQGZ93UZziuSMITFnGZKSuUqmlzwhD3piRfCu-2FFg3Xzyb2Yn1CDiKvT9pNBRM-2BVi7M2skqdIOXzqcGfoVNCwcEXj-2BCEWA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, April 09, 2024 13:19:43
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 492287: Error handling issues (CHECKED_RETURN)
    /main.cpp: 4472 in node_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 492287: Error handling issues (CHECKED_RETURN)
    /main.cpp: 4472 in node_thread(void *)()
    4466 }
    4467 SAFEPRINTF2(str,"%s%s.bin",sbbs->cfg.mods_dir
    4468 ,sbbs->cfg.shell[sbbs->useron.shell]->code);
    4469 if(sbbs->cfg.mods_dir[0]==0 || !fexistcase(str)) {
    4470 SAFEPRINTF2(str,"%s%s.bin",sbbs->cfg.exec_dir
    4471 ,sbbs->cfg.shell[sbbs->useron.shell]->code);
    CID 492287: Error handling issues (CHECKED_RETURN)
    Calling "fexistcase" without checking return value (as is done elsewhere 117 out of 131 times).
    4472 fexistcase(str);
    4473 }
    4474 if((file=sbbs->nopen(str,O_RDONLY))==-1) {
    4475 sbbs->errormsg(WHERE,ERR_OPEN,str,O_RDONLY);
    4476 sbbs->hangup();
    4477 break;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DHvP9_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQagYisv-2BW69zRWxBhimCtdag5Y-2FmNQU-2F9a-2BQz99muYyDMQHaJ9IAAUHt0J4m9PdQ-2FM2LeT5-2B1UNdpeKXpgNOTn265LNUeBHOZI40IJ3EqY58uotyMvBntmOFa6NssYuPj9pyF9jsG3Ot15K77yZ8uUVZ5aWBxVVnDKUwxo1ITxjHQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, May 04, 2024 12:40:02
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 493283: Incorrect expression (NO_EFFECT)
    /mqtt.c: 811 in mqtt_user_login_fail()


    ________________________________________________________________________________________________________
    *** CID 493283: Incorrect expression (NO_EFFECT)
    /mqtt.c: 811 in mqtt_user_login_fail()
    805 if(mqtt == NULL || mqtt->cfg == NULL || client == NULL)
    806 return MQTT_FAILURE;
    807
    808 if(!mqtt->cfg->mqtt.enabled)
    809 return MQTT_SUCCESS;
    810
    CID 493283: Incorrect expression (NO_EFFECT)
    Comparing an array to null is not useful: "client->protocol == NULL", since the test will always evaluate as true.
    811 if(client->protocol == NULL || username == NULL)
    812 return MQTT_FAILURE;
    813 snprintf(topic, sizeof(topic), "login_fail/%s", client->protocol);
    814 strlwr(topic);
    815 snprintf(str, sizeof(str), "%s\t%s\t%s"
    816 ,username


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DzAgs_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQadI1-2FAsWIvGn-2BZ2YIPvmhLCu-2B1HFus-2FViv7odM0blgwJlSMhW5FP3Xkis4Ci7djMxV4S-2FpyGhgUj8KAvsWeecIJ1ln5YucvZvzvyf4HPVrDO8-2FLvieqY0sywMQ-2FhJEqN8WVo9AKRxOHtw7NsNWjr9Is7xQTg-2BmQd-2BBa6Z-2BXsMiSw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, June 21, 2024 12:40:04
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 497098: Resource leaks (RESOURCE_LEAK)
    /js_filebase.c: 325 in parse_file_name()


    ________________________________________________________________________________________________________
    *** CID 497098: Resource leaks (RESOURCE_LEAK)
    /js_filebase.c: 325 in parse_file_name()
    319 if(JS_GetProperty(cx, obj, prop_name, &val) && !JSVAL_NULL_OR_VOID(val)) {
    320 JSVALUE_TO_MSTRING(cx, val, cp, NULL);
    321 if(cp == NULL) {
    322 JS_ReportError(cx, "Invalid '%s' string in file object", prop_name);
    323 return NULL;
    324 }
    CID 497098: Resource leaks (RESOURCE_LEAK)
    Variable "cp" going out of scope leaks the storage it points to.
    325 return strdup(cp);
    326 }
    327 JS_ReportError(cx, "Missing '%s' string in file object", prop_name);
    328 return NULL;
    329 }
    330


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DxkhG_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZZtSzYzfvQoBQM1WsYtjQc02R5bvuGDasDe1R1GX8VoPvtGi-2FoTZcq6T7jcTA9OlabmiybEJFFTwaaEcFcr7cqoyBFT0Xw3AZ-2Fgf8Xxa1nSM-2FLrkQMPM2ixtLH2vUsu17Tu25sW91h9WUpwNyEySd-2F9Tw4l4H0tRZM-2Bze1SwHZwg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, August 08, 2024 12:40:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 508260: Null pointer dereferences (FORWARD_NULL)


    ________________________________________________________________________________________________________
    *** CID 508260: Null pointer dereferences (FORWARD_NULL)
    /js_msgbase.c: 950 in parse_header_object()
    944 msg->hdr.priority=i32;
    945 }
    946
    947 if(JS_GetProperty(cx, hdr, "field_list", &val) && JSVAL_IS_OBJECT(val)) {
    948 array=JSVAL_TO_OBJECT(val);
    949 len=0;
    CID 508260: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "array" to "JS_GetArrayLength", which dereferences it.
    950 if(array == NULL && !JS_GetArrayLength(cx, array, &len)) {
    951 JS_ReportError(cx, "Invalid \"field_list\" array in header object");
    952 goto err;
    953 }
    954
    955 for(i=0;i<len;i++) {

    ** CID 508259: Control flow issues (DEADCODE)
    /js_internal.c: 491 in js_execfile()


    ________________________________________________________________________________________________________
    *** CID 508259: Control flow issues (DEADCODE)
    /js_internal.c: 491 in js_execfile()
    485 else {
    486 JS_ReportError(cx, "Unable to get parent js."JAVASCRIPT_LOAD_PATH_LIST" array.");
    487 return JS_FALSE;
    488 }
    489 }
    490 else {
    CID 508259: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "JS_ReportError(cx, "Unable ...".
    491 JS_ReportError(cx, "Unable to get parent js object"); 492 return JS_FALSE;
    493 }
    494
    495 js_script=JS_CompileFile(cx, js_scope, path);
    496


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D20ER_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZSUgE3dQnVG6wGylJBHlsQHMU-2FeSvlPG-2BveassRKfh2KZ3KQqZYMDLXz99-2FrWMwJQ1T1J2N-2BE4YP3SycyU5tkbW6rwM2zqlUIvWZrfgy3l7iQ0Im12Z6xa2F5EX6ZCGf29mh7eZnuIJTmQCiel8IOekKUKQgh0LXaZSb3gnPQHBw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, August 10, 2024 12:40:35
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    6 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 6 of 6 defect(s)


    ** CID 508288: (STRING_NULL)
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()


    ________________________________________________________________________________________________________
    *** CID 508288: (STRING_NULL)
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
    381 l=K_CHAT;
    382 if(!(mode&TG_ECHO))
    383 l|=K_NOECHO;
    384 rd=getstr((char*)buf,sizeof(buf)-1,l);
    385 if(!rd)
    386 continue;
    CID 508288: (STRING_NULL)
    Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
    387 SAFECAT(buf,crlf);
    388 rd+=2;
    389 gotline=true;
    390 }
    391 if((mode&TG_CRLF) && buf[rd-1]=='\r') 392 buf[rd++]='\n';
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
    381 l=K_CHAT;
    382 if(!(mode&TG_ECHO))
    383 l|=K_NOECHO;
    384 rd=getstr((char*)buf,sizeof(buf)-1,l);
    385 if(!rd)
    386 continue;
    CID 508288: (STRING_NULL)
    Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
    387 SAFECAT(buf,crlf);
    388 rd+=2;
    389 gotline=true;
    390 }
    391 if((mode&TG_CRLF) && buf[rd-1]=='\r') 392 buf[rd++]='\n';

    ** CID 508287: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508287: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508287: Resource leaks (RESOURCE_LEAK)
    Variable "server_user_name" going out of scope leaks the storage it points to.
    3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }

    ** CID 508286: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508286: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508286: Resource leaks (RESOURCE_LEAK)
    Variable "addr" going out of scope leaks the storage it points to.
    3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }

    ** CID 508285: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508285: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508285: Resource leaks (RESOURCE_LEAK)
    Variable "term_type" going out of scope leaks the storage it points to. 3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }

    ** CID 508284: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3041 in js_telnet_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508284: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3041 in js_telnet_gate(JSContext *, unsigned int, unsigned long *)()
    3035 size_t tmplen = 0;
    3036 for(jsuint i = 0; i < count; ++i) {
    3037 jsval val;
    3038 if(!JS_GetElement(cx, array, i, &val)) 3039 break;
    3040 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508284: Resource leaks (RESOURCE_LEAK)
    Variable "addr" going out of scope leaks the storage it points to.
    3041 HANDLE_PENDING(cx, tmp);
    3042 strListPush(&send_strings, tmp);
    3043 }
    3044 free(tmp);
    3045 ++argn;
    3046 }

    ** CID 508283: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508283: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508283: Resource leaks (RESOURCE_LEAK)
    Variable "client_user_name" going out of scope leaks the storage it points to.
    3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Dbu0M_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZNG0uf3i6p71oTc15oH-2BfpO28bQfsz9QVBH3Gtyw7JI9gEMaDnmdnDolPrFN6u9WaZmPVFWjRjCPjNCgu0p853ViRUnY3jw7qF-2FmF-2FRD-2BDN3Me1aa8H00Bk6GPSZ1Hw1-2FmiCWeADspXOcpcxao-2F3gS8JgnOAEga0TIePnt023yjQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, September 14, 2024 12:40:31
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    5 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 5 of 5 defect(s)


    ** CID 509555: Null pointer dereferences (FORWARD_NULL)
    /js_filebase.c: 1307 in js_update_file()


    ________________________________________________________________________________________________________
    *** CID 509555: Null pointer dereferences (FORWARD_NULL)
    /js_filebase.c: 1307 in js_update_file()
    1301 char* extdesc = NULL;
    1302 char* auxdata = NULL;
    1303 rc=JS_SUSPENDREQUEST(cx);
    1304 if(filename != NULL && fileobj != NULL
    1305 && (p->smb_result = smb_loadfile(&p->smb, filename, &file, file_detail_extdesc)) == SMB_SUCCESS) {
    1306 p->smb_result = parse_file_properties(cx, fileobj, &file, &extdesc, &auxdata);
    CID 509555: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "file.name" to "strcmp", which dereferences it. 1307 if(p->smb_result == SMB_SUCCESS
    1308 && strcmp(filename, file.name) != 0 && smb_findfile(&p->smb, file.name, NULL) == SMB_SUCCESS) {
    1309 JS_ReportError(cx, "file (%s) already exists in base", file.name);
    1310 p->smb_result = SMB_DUPE_MSG;
    1311 }
    1312 if(p->smb_result == SMB_SUCCESS

    ** CID 509554: Memory - illegal accesses (STRING_NULL)
    /smbutil.c: 633 in dumpindex()


    ________________________________________________________________________________________________________
    *** CID 509554: Memory - illegal accesses (STRING_NULL)
    /smbutil.c: 633 in dumpindex()
    627 ,xpDate_to_isoDateStr(time_to_xpDate(idx.time), "-", tmp, sizeof(tmp)));
    628 if(smb_msg_type(idx.attr) == SMB_MSG_TYPE_FILE && idxreclen == sizeof(fileidxrec_t)) {
    629 fileidxrec_t fidx;
    630 fseek(smb.sid_fp,((start-1L) + l) * idxreclen,SEEK_SET);
    631 if(!fread(&fidx,sizeof(fidx),1,smb.sid_fp))
    632 break;
    CID 509554: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "fidx.name" to "printf", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
    633 printf(" %02X %.*s", fidx.hash.flags, (int)sizeof(fidx.name), fidx.name);
    634 }
    635 printf("\n");
    636 l++;
    637 }
    638 }

    ** CID 509553: Control flow issues (NESTING_INDENT_MISMATCH)
    /js_filebase.c: 1335 in js_update_file()


    ________________________________________________________________________________________________________
    *** CID 509553: Control flow issues (NESTING_INDENT_MISMATCH)
    /js_filebase.c: 1335 in js_update_file()
    1329 } else {
    1330 if(file.extdesc != NULL)
    1331 truncsp(file.extdesc);
    1332 if(!readd_always && strcmp(extdesc ? extdesc : "", file.extdesc ? file.extdesc : "") == 0
    1333 && strcmp(auxdata ? auxdata : "", file.auxdata ? file.auxdata : "") == 0)
    1334 p->smb_result = smb_putfile(&p->smb, &file);
    CID 509553: Control flow issues (NESTING_INDENT_MISMATCH)
    This 'if' statement is indented to column 41, as if it were nested within the preceding parent statement, but it is not.
    1335 if(p->smb_result != SMB_SUCCESS)
    1336 JS_ReportError(cx, "%d writing '%s'", p->smb_result, file.name);
    1337 else {
    1338 if((p->smb_result = smb_removefile_by_name(&p->smb, filename)) == SMB_SUCCESS) {
    1339 if(readd_always)
    1340 file.hdr.when_imported.time = 0; // we want the file to appear as "new"

    ** CID 509552: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 244 in smb_findfile()


    ________________________________________________________________________________________________________
    *** CID 509552: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 244 in smb_findfile()
    238 if(smb_fread(smb, &fidx, sizeof(fidx), smb->sid_fp) != sizeof(fidx))
    239 break;
    240
    241 f->idx_offset = offset++;
    242
    243 if(filename != NULL) {
    CID 509552: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "fidx.name" to "strcasecmp", which expects a null-terminated string.
    244 if(stricmp(fidx.name, fname) != 0)
    245 continue;
    246 f->file_idx = fidx;
    247 return SMB_SUCCESS;
    248 }
    249

    ** CID 509551: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 441 in smb_removefile()


    ________________________________________________________________________________________________________
    *** CID 509551: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 441 in smb_removefile()
    435 free(fidx);
    436 smb_unlocksmbhdr(smb);
    437 return SMB_ERR_READ;
    438 }
    439 rewind(smb->sid_fp);
    440 for(uint32_t i = 0; i < smb->status.total_files; i++) { >>> CID 509551: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "fidx[i].name" to "strcasecmp", which expects a null-terminated string.
    441 if(stricmp(fidx[i].name, fname) == 0) {
    442 removed++;
    443 continue;
    444 }
    445 if(fwrite(fidx + i, sizeof(*fidx), 1, smb->sid_fp) != 1) {
    446 safe_snprintf(smb->last_error, sizeof(smb->last_error), "%s re-writing index"


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DpoPN_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZXJOgCi8IFr2wp43pRrORx9tzLYjX2Y-2FSYnzacVgdrC5ToyfEd02kRU0czfft4zgHvFTf4l2icBGvZtBDP8972Z-2BLrNSb7QqVDHjYiK23CNzZR9MLbzXh1WOITpsswqNS5z337vFuU-2BJOMvO3veuWFvtJ3Xwk9mN-2FsudyolEK5nw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, September 22, 2024 12:43:45
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    17 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 509721: Resource leaks (RESOURCE_LEAK)
    /scfg/scfgmsg.c: 139 in import_msg_areas()


    ________________________________________________________________________________________________________
    *** CID 509721: Resource leaks (RESOURCE_LEAK)
    /scfg/scfgmsg.c: 139 in import_msg_areas()
    133 new_sub_misc = SUB_FIDO;
    134 ini = iniReadFile(stream);
    135 if(ini == NULL)
    136 return 0;
    137 list = iniGetSectionList(ini, /* prefix: */NULL);
    138 if(list == NULL)
    CID 509721: Resource leaks (RESOURCE_LEAK)
    Variable "ini" going out of scope leaks the storage it points to.
    139 return 0;
    140 break;
    141 default: // EchoLists (e.g. BACKBONE.NA, badareas.lst) and AREAS.BBS
    142 new_sub_misc = SUB_FIDO;
    143 break;
    144 }

    ** CID 509720: (RESOURCE_LEAK)
    /logon.cpp: 670 in sbbs_t::logonstats()()
    /logon.cpp: 676 in sbbs_t::logonstats()()
    /logon.cpp: 649 in sbbs_t::logonstats()()
    /logon.cpp: 673 in sbbs_t::logonstats()()
    /logon.cpp: 682 in sbbs_t::logonstats()()


    ________________________________________________________________________________________________________
    *** CID 509720: (RESOURCE_LEAK)
    /logon.cpp: 670 in sbbs_t::logonstats()()
    664 }
    665 fclose_dstats(dsts);
    666 }
    667 }
    668
    669 if(cfg.node_num==0) /* called from event_thread() */
    CID 509720: (RESOURCE_LEAK)
    Variable "csts" going out of scope leaks the storage it points to.
    670 return(0);
    671
    672 if(thisnode.status==NODE_QUIET) /* Quiet users aren't counted */
    673 return(0);
    674
    675 if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
    /logon.cpp: 676 in sbbs_t::logonstats()()
    670 return(0);
    671
    672 if(thisnode.status==NODE_QUIET) /* Quiet users aren't counted */
    673 return(0);
    674
    675 if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
    CID 509720: (RESOURCE_LEAK)
    Variable "csts" going out of scope leaks the storage it points to.
    676 return(0);
    677
    678 for(i=0;i<2;i++) {
    679 FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */TRUE);
    680 if(fp == NULL) {
    681 errormsg(WHERE, ERR_OPEN, "dsts.ini", i); /logon.cpp: 649 in sbbs_t::logonstats()()
    643 node.misc|=NODE_EVENT;
    644 putnodedat(i,&node);
    645 }
    646 if((dsts = fopen_dstats(&cfg, i, /* for_write: */TRUE)) == NULL) /* doesn't have stats yet */
    647 continue;
    648
    CID 509720: (RESOURCE_LEAK)
    Overwriting "csts" in "csts = fopen_cstats(&this->cfg, i, true)" leaks the storage that "csts" points to.
    649 if((csts = fopen_cstats(&cfg, i, /* for_write: */TRUE)) == NULL) {
    650 fclose_dstats(dsts);
    651 errormsg(WHERE, ERR_OPEN, "csts.tab", i);
    652 continue;
    653 }
    654
    /logon.cpp: 673 in sbbs_t::logonstats()()
    667 }
    668
    669 if(cfg.node_num==0) /* called from event_thread() */
    670 return(0);
    671
    672 if(thisnode.status==NODE_QUIET) /* Quiet users aren't counted */
    CID 509720: (RESOURCE_LEAK)
    Variable "csts" going out of scope leaks the storage it points to.
    673 return(0);
    674
    675 if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
    676 return(0);
    677
    678 for(i=0;i<2;i++) {
    /logon.cpp: 682 in sbbs_t::logonstats()()
    676 return(0);
    677
    678 for(i=0;i<2;i++) {
    679 FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */TRUE);
    680 if(fp == NULL) {
    681 errormsg(WHERE, ERR_OPEN, "dsts.ini", i);
    CID 509720: (RESOURCE_LEAK)
    Variable "csts" going out of scope leaks the storage it points to.
    682 return(0L);
    683 }
    684 if(!fread_dstats(fp, &stats)) {
    685 errormsg(WHERE, ERR_READ, "dsts.ini", i);
    686 } else {
    687 stats.today.logons++;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D1BBg_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYPIsZP1mUIcYDXV-2BIKqJmrVInqiYU6VTjqKrshCKgIaqKtr35-2BruWgG1P-2Bg0yB-2BuAgsL8JZmDQBzw15bXNroJeqqVZoqg0VkgzqvypQVJBEoWQ3SQD0dE3jrBkw3Qa7Rc5CMTgkEjMauyB8RHdROWl9YGmjuyI0AjbW-2Fmd2yoJLA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, October 12, 2024 12:41:05
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 510624: High impact quality (Y2K38_SAFETY)
    /upload.cpp: 361 in sbbs_t::upload(int, const char *)()


    ________________________________________________________________________________________________________
    *** CID 510624: High impact quality (Y2K38_SAFETY)
    /upload.cpp: 361 in sbbs_t::upload(int, const char *)()
    355 SAFEPRINTF(descbeg,text[Rated],toupper(ch));
    356 }
    357 if(cfg.dir[dirnum]->misc&DIR_ULDATE) {
    358 now=time(NULL);
    359 if(descbeg[0])
    360 strcat(descbeg," ");
    CID 510624: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->now" is cast to "time32_t".
    361 SAFEPRINTF(str,"%s ",unixtodstr(&cfg,(time32_t)now,tmp));
    362 strcat(descbeg,str);
    363 }
    364 if(cfg.dir[dirnum]->misc&DIR_MULT) {
    365 sync();
    366 if(!noyes(text[MultipleDiskQ])) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIddI_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYB81ZvyCqI0cAJ-2FU5ubhxKf4JbTpohfwGahN-2FqiJqEJS3JKhfKJrRClFb390j-2Bf3IyHjOgp4TSp0v4WjJhOyS2xAdq9DkOONT15FqaUuN3dwPvrgxJQAm5MhfGSzyQr2ebowkrz6Mx39u7LNSgoa0vxPkqTzBlpznq59pGc5zgjQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, October 28, 2024 12:49:24
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 511447: Control flow issues (DEADCODE)
    /js_bbs.cpp: 2334 in js_xfer_prot_menu(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 511447: Control flow issues (DEADCODE)
    /js_bbs.cpp: 2334 in js_xfer_prot_menu(JSContext *, unsigned int, unsigned long *)()
    2328 if((sbbs=js_GetPrivate(cx, JS_THIS_OBJECT(cx, arglist)))==NULL) 2329 return(JS_FALSE);
    2330
    2331 if(argc > 0 && argv[0] == JSVAL_TRUE)
    2332 xfer_type = XFER_BATCH_UPLOAD;
    2333 if(argc > 1 && argv[1] == JSVAL_TRUE)
    CID 511447: Control flow issues (DEADCODE)
    Execution cannot reach the expression "XFER_BATCH_UPLOAD" inside this statement: "xfer_type = ((xfer_type == ...".
    2334 xfer_type = (xfer_type == XFER_UPLOAD) ? XFER_BATCH_UPLOAD : XFER_BATCH_DOWNLOAD;
    2335
    2336 rc=JS_SUSPENDREQUEST(cx);
    2337 sbbs->xfer_prot_menu(xfer_type, &sbbs->useron, keys, sizeof keys);
    2338 JSString* js_str = JS_NewStringCopyZ(cx, keys);
    2339 if(js_str == nullptr)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DITFI_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQaq5jE-2BLt6d0xDUmd9IA4TiFW4D2c-2Fv2LVaAIklYCEHPyQvUq2Zlw7GDvJu3j8LRmS7SAP5K0MN-2FeHPuzVDlzgYGLGR7UoaRyivmdwaD-2F8GGj2SeuFl5CNmO4uJ75M69NpIJcEgiKbpoWpXeuJdzQYzNm1WuI45zNZnbxNBPzaHrg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, October 29, 2024 12:40:42
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 511508: High impact quality (Y2K38_SAFETY)
    /date_str.c: 158 in datestr()


    ________________________________________________________________________________________________________
    *** CID 511508: High impact quality (Y2K38_SAFETY)
    /date_str.c: 158 in datestr()
    152 /****************************************************************************/
    153 char* datestr(scfg_t* cfg, time_t t, char* str)
    154 {
    155 if(t == 0)
    156 return "---------";
    157 if(!cfg->sys_date_verbal)
    CID 511508: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    158 return unixtodstr(cfg, (time32_t)t, str);
    159 struct tm tm = {0};
    160 if(localtime_r(&t, &tm) == NULL)
    161 return "!!!!!!!!!";
    162 char fmt[32] = "";
    163 switch(cfg->sys_date_fmt) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DeIbg_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZqqLX5nOyr0GCOMCsCoPlrYhtCBBDisrUKXmOFR94rfPCeqYsaUhoG3UZ-2FYUaiUYrgUIufMTzxsRzH7-2B7zAyM4HCi34k5-2FbdZ1Kp-2FDSG9A8IDyw-2BIsKQ-2B2fNzoCls7j0N-2B7Pb2XI8MB8f5lr-2BCPTiUaqWkDFwSWHqbm0IZWY1GZQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, October 30, 2024 12:41:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 511621: High impact quality (Y2K38_SAFETY)
    /str.cpp: 990 in sbbs_t::unixtodstr(long, char *)()


    ________________________________________________________________________________________________________
    *** CID 511621: High impact quality (Y2K38_SAFETY)
    /str.cpp: 990 in sbbs_t::unixtodstr(long, char *)()
    984 }
    985
    986 char* sbbs_t::unixtodstr(time_t t, char* str)
    987 {
    988 if(str == nullptr)
    989 str = datestr_output;
    CID 511621: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    990 return ::unixtodstr(&cfg, t, str);
    991 }
    992
    993 void sbbs_t::sys_info()
    994 {
    995 char tmp[128];


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DFl35_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbldReasLeT64fJgl4QpY1aZbFANNQbDPFr-2BH2HYcH1IWW1-2FtRGPtb0gVjSH-2BBqjWAK7btzMhM331mrzEXRNmqAyTftaCh3YDujP4YB-2F7PQ4EGqELNq7SpMqQKEr5kiHI5KwG1KMczjzMucZ1MepWUctNMP3lW0eqjsOrH2fBSzrg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, November 02, 2024 12:39:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 512127: (Y2K38_SAFETY)
    /scfg/scfgsys.c: 1367 in edit_sys_date_verbal()
    /scfg/scfgsys.c: 1368 in edit_sys_date_verbal()


    ________________________________________________________________________________________________________
    *** CID 512127: (Y2K38_SAFETY)
    /scfg/scfgsys.c: 1367 in edit_sys_date_verbal()
    1361
    1362 int edit_sys_date_verbal(int page, int total)
    1363 {
    1364 int mode = WIN_SAV | WIN_MID;
    1365 int i = cfg.sys_date_verbal;
    1366 time_t t = time(NULL);
    CID 512127: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    1367 snprintf(opt[0],MAX_OPLN,"Numeric (e.g. %s)", unixtodstr(&cfg, (time32_t)t, tmp));
    1368 snprintf(opt[1],MAX_OPLN,"Verbal (e.g. %s)", verbal_datestr(&cfg, (time32_t)t, tmp));
    1369 opt[2][0] = '\0';
    1370 uifc.helpbuf=
    1371 "`Short Date Display Format:`\n"
    1372 "\n"
    /scfg/scfgsys.c: 1368 in edit_sys_date_verbal()
    1362 int edit_sys_date_verbal(int page, int total)
    1363 {
    1364 int mode = WIN_SAV | WIN_MID;
    1365 int i = cfg.sys_date_verbal;
    1366 time_t t = time(NULL);
    1367 snprintf(opt[0],MAX_OPLN,"Numeric (e.g. %s)", unixtodstr(&cfg, (time32_t)t, tmp));
    CID 512127: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    1368 snprintf(opt[1],MAX_OPLN,"Verbal (e.g. %s)", verbal_datestr(&cfg, (time32_t)t, tmp));
    1369 opt[2][0] = '\0';
    1370 uifc.helpbuf=
    1371 "`Short Date Display Format:`\n"
    1372 "\n"
    1373 "If you would like short (8 character) dates to be displayed using verbal\n"


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIT5o_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQavH6tAPUwXIDKUPRKBZGiRgKLj76Ij0uFpD4UCNwTCVen1QmVBk6yGbzTBSC2-2BxBE0GJfAoW-2B-2BWaxWl51M-2B9mp1hicInwTEKrQ8chQM9yGDR81PWtwXM-2Bq2j5YCl48NKAoGGKYo0R42EciGZugnM0LqGuohrShDzTlibesBwTavw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, November 03, 2024 13:41:00
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 514434: (NULL_RETURNS)
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 1001 in prestel_get_state()


    ________________________________________________________________________________________________________
    *** CID 514434: (NULL_RETURNS)
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 1001 in prestel_get_state()
    995 TERM_XY(&tx, &ty);
    996 line = malloc(sizeof(*line) * tx);
    997 prestel_new_line(cterm);
    998 if (tx > 1) {
    999 vmem_gettext(cterm->x, sy, cterm->x + tx - 2, sy, line);
    1000 for (int i = 0; i < (tx - 1); i++) {
    CID 514434: (NULL_RETURNS)
    Dereferencing "line", which is known to be "NULL".
    1001 uint8_t ch = line[i].ch;
    1002 if (line[i].fg & 0x7F000000) {
    1003 ch = (line[i].fg & 0x7F000000) >> 24; 1004 prestel_apply_ctrl(cterm, ch);
    1005 }
    1006 else {
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 999 in prestel_get_state()
    993
    994 SCR_XY(&sx, &sy);
    995 TERM_XY(&tx, &ty);
    996 line = malloc(sizeof(*line) * tx);
    997 prestel_new_line(cterm);
    998 if (tx > 1) {
    CID 514434: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_gettext".
    999 vmem_gettext(cterm->x, sy, cterm->x + tx - 2, sy, line);
    1000 for (int i = 0; i < (tx - 1); i++) {
    1001 uint8_t ch = line[i].ch;
    1002 if (line[i].fg & 0x7F000000) {
    1003 ch = (line[i].fg & 0x7F000000) >> 24; 1004 prestel_apply_ctrl(cterm, ch);

    ** CID 514433: (NULL_RETURNS)
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4990 in prestel_fix_line()


    ________________________________________________________________________________________________________
    *** CID 514433: (NULL_RETURNS)
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4985 in prestel_fix_line()
    4979 bool fixed = false;
    4980 bool fixedheight = false;
    4981
    4982 coord_conv_xy(cterm, CTERM_COORD_TERM, CTERM_COORD_SCREEN, &sy, &sx);
    4983 ex = sx + TERM_MAXX - 1;
    4984 line = malloc(sizeof(*line) * (ex - sx + 1));
    CID 514433: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_gettext".
    4985 vmem_gettext(sx, sy, ex, sy, line);
    4986 prestel_new_line(cterm);
    4987 for (int i = 0; i < TERM_MAXX; i++) {
    4988 uint8_t ch;
    4989 // Go through the line applying attributes, held mosaics, etc.
    4990 if (line[i].fg & 0x7F000000) { /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 5098 in prestel_fix_line()
    5092 line[i].ch += 64;
    5093 fixed = true;
    5094 }
    5095 }
    5096 }
    5097 if (force || fixed)
    CID 514433: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_puttext".
    5098 vmem_puttext(sx, sy, ex, sy, line);
    5099 free(line);
    5100 if (restore) {
    5101 cterm->extattr = extattr;
    5102 cterm->fg_color = fg_color;
    5103 cterm->bg_color = bg_color; /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4990 in prestel_fix_line()
    4984 line = malloc(sizeof(*line) * (ex - sx + 1));
    4985 vmem_gettext(sx, sy, ex, sy, line);
    4986 prestel_new_line(cterm);
    4987 for (int i = 0; i < TERM_MAXX; i++) {
    4988 uint8_t ch;
    4989 // Go through the line applying attributes, held mosaics, etc.
    CID 514433: (NULL_RETURNS)
    Dereferencing "line", which is known to be "NULL".
    4990 if (line[i].fg & 0x7F000000) {
    4991 // This is a control character
    4992 ch = (line[i].fg & 0x7F000000) >> 24;
    4993 prestel_apply_ctrl_before(cterm, ch);
    4994 if ((cterm->extattr & CTERM_EXTATTR_PRESTEL_DOUBLE_HEIGHT) && ((line[i].bg & 0x01000000) == 0)) {
    4995 // Should be double-high


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIdOQ_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbN8RSzLdCZbSy14N5iWP9J-2FcpNjQ0eI2Oj6rPhHqZBQZA4UM9PchXs94tTdeyxdvCkcPzkWohEpzrEBvlrnd6-2FTfmIpMAsE2mi-2BdkX8vzesYff-2FsK9jSFcjEXcYS-2Fxznm-2FxoYdKxCkLPJPKyAUp9zwS3A1OhpfjMprQ34Tb-2BWdhw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, November 04, 2024 13:40:33
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 514483: API usage errors (PRINTF_ARGS)


    ________________________________________________________________________________________________________
    *** CID 514483: API usage errors (PRINTF_ARGS)
    /websrvr.c: 1659 in http_logon()
    1653 SAFECOPY(session->user.modem, session->client.protocol);
    1654 SAFECOPY(session->user.comp, session->host_name);
    1655 SAFECOPY(session->user.ipaddr, session->host_ip);
    1656 session->user.logontime = (time32_t)session->logon_time;
    1657 int result = putuserdat(&scfg, &session->user);
    1658 if(result != 0)
    CID 514483: API usage errors (PRINTF_ARGS)
    No argument for format specifier "%d".
    1659 lprintf(LOG_ERR, "%04d %s [%s] <%s> !Error %d writing user data for user #%d"
    1660 ,session->socket, session->client.protocol, session->host_ip
    1661 ,session->username, session->user.number);
    1662
    1663 }
    1664 SAFECOPY(session->client.user, session->username);

    ** CID 514482: API usage errors (PW.TOO_FEW_PRINTF_ARGS)
    /websrvr.c: 1661 in ()


    ________________________________________________________________________________________________________
    *** CID 514482: API usage errors (PW.TOO_FEW_PRINTF_ARGS)
    /websrvr.c: 1661 in ()
    1655 SAFECOPY(session->user.ipaddr, session->host_ip);
    1656 session->user.logontime = (time32_t)session->logon_time;
    1657 int result = putuserdat(&scfg, &session->user);
    1658 if(result != 0)
    1659 lprintf(LOG_ERR, "%04d %s [%s] <%s> !Error %d writing user data for user #%d"
    1660 ,session->socket, session->client.protocol, session->host_ip
    CID 514482: API usage errors (PW.TOO_FEW_PRINTF_ARGS)
    the format string requires additional arguments
    1661 ,session->username, session->user.number);
    1662
    1663 }
    1664 SAFECOPY(session->client.user, session->username);
    1665 session->client.usernum = session->user.number;
    1666 client_on(session->socket, &session->client, /* update existing client record? */true);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DjGNe_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZrw1ACipL81Cfrev1KTkNSpg9ocZGsXxFU4AldvxV89V-2FFS8Im4F3ZlIWKiU1IgZ7U6FnHvW5nOIPElnOgDye48Et-2FcrMwNOZVyWRSzqRdvKvjv7tIxk-2BD72e1fmIEEOvn4SDov1pv-2FzEWSevpHegP3dEU8oXtKIA8RNAEjZ1XUg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, November 05, 2024 13:40:05
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 514519: (LOCK)
    /main.cpp: 4849 in sbbs_t::daily_maint()()
    /main.cpp: 4849 in sbbs_t::daily_maint()()


    ________________________________________________________________________________________________________
    *** CID 514519: (LOCK)
    /main.cpp: 4849 in sbbs_t::daily_maint()()
    4843 lprintf(result ? LOG_ERR : LOG_INFO, "Daily event: '%s' returned %d", cmd, result);
    4844 }
    4845 if((sys_status & SS_NEW_MONTH) && cfg.sys_monthly[0]) {
    4846 lputs(LOG_INFO, "DAILY: Running monthly event");
    4847 const char* cmd = cmdstr(cfg.sys_monthly,nulstr,nulstr,NULL);
    4848 online = ON_LOCAL;
    CID 514519: (LOCK)
    "external" unlocks "this->input_thread_mutex" while it is unlocked. 4849 int result = external(cmd, EX_OFFLINE);
    4850 online = false;
    4851 lprintf(result ? LOG_ERR : LOG_INFO, "Monthly event: '%s' returned %d", cmd, result);
    4852 }
    4853 lputs(LOG_INFO, "DAILY: System maintenance ended");
    4854 sys_status&=~SS_DAILY;
    /main.cpp: 4849 in sbbs_t::daily_maint()()
    4843 lprintf(result ? LOG_ERR : LOG_INFO, "Daily event: '%s' returned %d", cmd, result);
    4844 }
    4845 if((sys_status & SS_NEW_MONTH) && cfg.sys_monthly[0]) {
    4846 lputs(LOG_INFO, "DAILY: Running monthly event");
    4847 const char* cmd = cmdstr(cfg.sys_monthly,nulstr,nulstr,NULL);
    4848 online = ON_LOCAL;
    CID 514519: (LOCK)
    "external" locks "this->input_thread_mutex" while it is locked.
    4849 int result = external(cmd, EX_OFFLINE);
    4850 online = false;
    4851 lprintf(result ? LOG_ERR : LOG_INFO, "Monthly event: '%s' returned %d", cmd, result);
    4852 }
    4853 lputs(LOG_INFO, "DAILY: System maintenance ended");
    4854 sys_status&=~SS_DAILY;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DmVJv_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZYt7Pe-2B8KlpNPxf3vYfbGXTetKrkOysaWsLoXwVVJy-2BlT3vWHLSa-2F-2BgpVoMRk-2FB9lZhpdNOATgKKch-2FKRWKdw7CGPsa8-2BoRGvrYP8DjPqUmQVJXsmXD2xm4gPlAPoQOpnW8tWCZcdj7lp745Fp7QOqFvNAcU4EQLHiapc9wQpj6A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, November 10, 2024 14:42:03
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 514629: API usage errors (PW.PRINTF_ARG_MISMATCH) /tmp/sbbs-Nov-10-2024/src/smblib/smblib.c: 298 in ()


    ________________________________________________________________________________________________________
    *** CID 514629: API usage errors (PW.PRINTF_ARG_MISMATCH) /tmp/sbbs-Nov-10-2024/src/smblib/smblib.c: 298 in ()
    292 else
    293 if(time(NULL)-start>=(time_t)smb->retry_time) 294 break;
    295 ++count;
    296 SLEEP((count / 10) * smb->retry_delay);
    297 }
    CID 514629: API usage errors (PW.PRINTF_ARG_MISMATCH)
    argument is incompatible with corresponding format string conversion (expected type "int" but argument has type "long")
    298 safe_snprintf(smb->last_error,sizeof(smb->last_error),"%s timeout locking message base after %d seconds", __FUNCTION__, time(NULL) - start);
    299 return(SMB_ERR_TIMEOUT);
    300 }
    301
    302 /****************************************************************************/
    303 /* Read the SMB header from the header file and place into smb.status */

    ** CID 514628: API usage errors (PRINTF_ARGS)


    ________________________________________________________________________________________________________
    *** CID 514628: API usage errors (PRINTF_ARGS) /tmp/sbbs-Nov-10-2024/src/smblib/smblib.c: 298 in smb_locksmbhdr()
    292 else
    293 if(time(NULL)-start>=(time_t)smb->retry_time) 294 break;
    295 ++count;
    296 SLEEP((count / 10) * smb->retry_delay);
    297 }
    CID 514628: API usage errors (PRINTF_ARGS)
    Argument "time(NULL) - start" to format specifier "%d" was expected to have type "int" but has type "long".
    298 safe_snprintf(smb->last_error,sizeof(smb->last_error),"%s timeout locking message base after %d seconds", __FUNCTION__, time(NULL) - start);
    299 return(SMB_ERR_TIMEOUT);
    300 }
    301
    302 /****************************************************************************/
    303 /* Read the SMB header from the header file and place into smb.status */


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D04SY_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbRNqpwvGc4zcZ5uKeIndhuSqNnxi4ZbqnqhqxxcEUjkJJHGyGkBZt6V7UXUX2xnB2lvPBmqBCBxBghPzBYV7kJY89l3F0Je2EKuh7lbcH1Ki5248pEoplbC6UdQ14IH1AzZ-2BYu06Kjq-2F-2BS7xugvit0MheMfmyl63WZ-2BGQqWv04fA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, November 11, 2024 14:28:43
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 514647: Resource leaks (RESOURCE_LEAK)
    /userdat.c: 1397 in getnodeext()


    ________________________________________________________________________________________________________
    *** CID 514647: Resource leaks (RESOURCE_LEAK)
    /userdat.c: 1397 in getnodeext()
    1391 {
    1392 int f;
    1393
    1394 if(!VALID_CFG(cfg) || num < 1)
    1395 return "";
    1396 if((f = opennodeext(cfg)) < 1)
    CID 514647: Resource leaks (RESOURCE_LEAK)
    Handle variable "f" going out of scope leaks the handle.
    1397 return "";
    1398 (void)lseek(f, (num-1) * 128, SEEK_SET);
    1399 if(read(f, buf, 128) != 128)
    1400 memset(buf, 0, 128);
    1401 close(f);
    1402 buf[127] = 0;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DNrRS_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZ3ELp6fsbhc-2FY9mD5Zp1-2FoSxtPMVY9W2gQFqb-2BWiMKBXb3R551uQj1an4L8jxHGCtVzJ8f8hTy9TuLVRQzLD3L1M-2FICoSbiZvQ-2FUBPSeV-2BCcsclK4jYNyukSMcGAKOr-2BtLQBr5jUdpUtVX-2FuxQBKwF4hNcUqyrDA8X7YI-2FfcIZtw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, November 19, 2024 13:40:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 515048: Security best practices violations (SECURE_TEMP)
    /sbbsecho.c: 1848 in add_areas_from_echolists()


    ________________________________________________________________________________________________________
    *** CID 515048: Security best practices violations (SECURE_TEMP)
    /sbbsecho.c: 1848 in add_areas_from_echolists()
    1842 match=0;
    1843 for(k=0; cfg.listcfg[j].keys[k] ;k++) {
    1844 if(match) break;
    1845 for(x=0; nodecfg->keys[x] ;x++) {
    1846 if(!stricmp(cfg.listcfg[j].keys[k]
    1847 ,nodecfg->keys[x])) {
    CID 515048: Security best practices violations (SECURE_TEMP)
    "tmpfile" creates files with predictable names, which is unsafe.
    1848 if((fwdfile=tmpfile())==NULL) { 1849 lprintf(LOG_ERR,"ERROR line %d opening forward temp "
    1850 "file",__LINE__);
    1851 match=1;
    1852 break;
    1853 }

    ** CID 515047: Control flow issues (NO_EFFECT)
    /sbbsecho.c: 1635 in alter_areas_ini()


    ________________________________________________________________________________________________________
    *** CID 515047: Control flow issues (NO_EFFECT)
    /sbbsecho.c: 1635 in alter_areas_ini()
    1629 continue;
    1630 }
    1631 }
    1632 if(add_area[0] != NULL) { /* Check for areas to add */
    1633 bool add_all = (stricmp(add_area[0], "+ALL") == 0);
    1634 j = strListFind(add_area, echotag, /* case-sensitive */false);
    CID 515047: Control flow issues (NO_EFFECT)
    This greater-than-or-equal-to-zero comparison of an unsigned value is always true. "j >= 0U".
    1635 if(add_all || j >= 0) {
    1636 if(j >= 0)
    1637 add_area[j][0]=0; /* So we can check other lists */
    1638 uint areanum = find_area(echotag);
    1639 if(!area_is_valid(areanum)) {
    1640 lprintf(LOG_ERR, "Invalid area num on line %d", __LINE__);

    ** CID 515046: Error handling issues (CHECKED_RETURN)
    /sbbsecho.c: 1989 in alter_areas()


    ________________________________________________________________________________________________________
    *** CID 515046: Error handling issues (CHECKED_RETURN)
    /sbbsecho.c: 1989 in alter_areas()
    1983 ,smb_faddrtoa(&addr,NULL), (ulong)added, cfg.areafile);
    1984 if(deleted)
    1985 lprintf(LOG_DEBUG, "AreaFix (for %s) Removed links to %lu areas in %s"
    1986 ,smb_faddrtoa(&addr,NULL), (ulong)deleted, cfg.areafile);
    1987 if(added || deleted) {
    1988 if(stat(cfg.areafile, &st) == 0)
    CID 515046: Error handling issues (CHECKED_RETURN)
    Calling "chmod(outpath, st.st_mode)" without checking return value. This library function may fail and return an error code.
    1989 chmod(outpath, st.st_mode);
    1990 if(cfg.areafile_backups == 0 || !backup(cfg.areafile, cfg.areafile_backups, /* ren: */TRUE))
    1991 delfile(cfg.areafile, __LINE__); /* Delete AREAS.BBS */
    1992 if(rename(outpath,cfg.areafile)) /* Rename new AREAS.BBS file */
    1993 lprintf(LOG_ERR,"ERROR line %d renaming %s to %s",__LINE__,outpath,cfg.areafile);
    1994 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D1jSz_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbxEcP2FV-2FE8SZ4Zj-2B5i-2FvXMBc1u-2B9IyI73gYzjnV6pIIbqC2pGfKYB3KXIl7XZEKXLdLz8vi8-2BwsF6O91kuZqV1ShM13vaTkO37J3VV7GT6YwOX288v8WtwpdrdHMhRE2EqIozgp1HMSE07wuarfyxBLAND56oVPlNda7IFeLuFA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, November 21, 2024 13:54:30
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 515063: Security best practices violations (SECURE_TEMP)
    /sbbsecho.c: 2142 in areamgr_command()


    ________________________________________________________________________________________________________
    *** CID 515063: Security best practices violations (SECURE_TEMP)
    /sbbsecho.c: 2142 in areamgr_command()
    2136 nodecfg->archive = SBBSECHO_ARCHIVE_NONE;
    2137 else {
    2138 for(u=0;u<cfg.arcdefs;u++)
    2139 if(stricmp(p,cfg.arcdef[u].name) == 0) 2140 break;
    2141 if(u==cfg.arcdefs) {
    CID 515063: Security best practices violations (SECURE_TEMP)
    "tmpfile" creates files with predictable names, which is unsafe.
    2142 if((tmpf=tmpfile())==NULL) {
    2143 lprintf(LOG_ERR,"ERROR line %d opening tmpfile()",__LINE__);
    2144 return false;
    2145 }
    2146 SAFEPRINTF(str, "Compression type unavailable: %s", p);
    2147 lprintf(LOG_INFO, "AreaMgr (for %s) %s", faddrtoa(&addr), str);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DGoz1_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYHiJRuOAYx4mtSc3Rs7eY9P2HGERsO3Ui1TozxvEl3HSa54-2BxmZuyJa4rdPvK8KqeFliWPJD252StMkW9mo-2B6uT2KWq9YxJqegr2CCurq6i8coJamUQEMyVcyknmxOhR1KJArkVSLfkYq8-2BmPn9fVdieJLgwrSG692S4HB3dKfZQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, November 24, 2024 15:11:51
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 515130: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-24-2024/src/conio/sdl_con.c: 357 in sdl_get_bounds()


    ________________________________________________________________________________________________________
    *** CID 515130: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-24-2024/src/conio/sdl_con.c: 357 in sdl_get_bounds()
    351 SDL_Rect r;
    352 int ABUw, ABUh;
    353 int pixelw, pixelh;
    354
    355 if (sdl.GetDisplayUsableBounds(0, &r) != 0)
    356 return false;
    CID 515130: Concurrent data access violations (MISSING_LOCK)
    Accessing "win" without holding lock "win_mutex". Elsewhere, "win" is written to with "win_mutex" held 1 out of 1 times.
    357 sdl.GetWindowSize(win, &ABUw, &ABUh);
    358 sdl.GetWindowSizeInPixels(win, &pixelw, &pixelh);
    359 if (pixelw == 0 || pixelh == 0 || ABUw == 0 || ABUh == 0) {
    360 *w = r.w;
    361 *h = r.h;
    362 return true;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D_t4Q_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYVVBXfFUuA-2FsWyQ5uMS5ufMK7jgOcJ6VIupDH54bwQZq7SuxKbKUjUqnKiK9OnXbOb5gfXyBtjeI0-2BrMXfePEiZJ6tllUVEkd4WCimYeBdVV8tZ-2FZWYZleIzw9Ex3-2BGpSI29JxK7ySTVVle557znXI2HDyHti8hj8D3RvYxamaIw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, December 02, 2024 13:42:27
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    14 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 14 of 14 defect(s)


    ** CID 515601: Program hangs (LOCK)
    /js_bbs.cpp: 3400 in js_get_node_message(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 515601: Program hangs (LOCK)
    /js_bbs.cpp: 3400 in js_get_node_message(JSContext *, unsigned int, unsigned long *)()
    3394 clearline = JSVAL_TO_BOOLEAN(argv[0]);
    3395
    3396 rc=JS_SUSPENDREQUEST(cx);
    3397 sbbs->getnmsg(clearline ? true : false);
    3398 JS_RESUMEREQUEST(cx, rc);
    3399
    CID 515601: Program hangs (LOCK)
    Returning without unlocking "sbbs->nodefile_mutex".
    3400 return(JS_TRUE);
    3401 }
    3402
    3403 static JSBool
    3404 js_put_node_message(JSContext *cx, uintN argc, jsval *arglist)
    3405 {

    ** CID 515600: Error handling issues (CHECKED_RETURN)
    /download.cpp: 367 in sbbs_t::seqwait(unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 515600: Error handling issues (CHECKED_RETURN)
    /download.cpp: 367 in sbbs_t::seqwait(unsigned int)()
    361
    362 if(!devnum)
    363 return;
    364 for(start=now=time(NULL);online && now-start<90;now=time(NULL)) {
    365 if(msgabort()) /* max wait ^^^^ sec */
    366 break;
    CID 515600: Error handling issues (CHECKED_RETURN)
    Calling "getnodedat" without checking return value (as is done elsewhere 52 out of 59 times).
    367 getnodedat(cfg.node_num,&thisnode,true); /* open and lock this record */
    368 for(i=1;i<=cfg.sys_nodes;i++) {
    369 if(i==cfg.node_num) continue;
    370 if(getnodedat(i,&node, true)) {
    371 if((node.status==NODE_INUSE || node.status==NODE_QUIET)
    372 && node.action==NODE_RFSD && node.aux==devnum) {

    ** CID 515599: Concurrent data access violations (MISSING_LOCK)
    /putnode.cpp: 108 in sbbs_t::unlocknodedat(unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 515599: Concurrent data access violations (MISSING_LOCK) /putnode.cpp: 108 in sbbs_t::unlocknodedat(unsigned int)()
    102 errormsg(WHERE, ERR_CHK, "node number", number);
    103 return false;
    104 }
    105 int result = unlock(nodefile, (number - 1) * sizeof(node_t), sizeof(node_t));
    106 if(cfg.node_misc & NM_CLOSENODEDAB) {
    107 close(nodefile);
    CID 515599: Concurrent data access violations (MISSING_LOCK)
    Accessing "this->nodefile" without holding lock "sbbs_t.nodefile_mutex". Elsewhere, "sbbs_t.nodefile" is written to with "sbbs_t.nodefile_mutex" held 4 out of 5 times.
    108 nodefile = -1;
    109 }
    110 pthread_mutex_unlock(&nodefile_mutex);
    111 return result == 0;
    112 }
    113

    ** CID 515598: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 515598: (SLEEP)
    /getnode.cpp: 268 in sbbs_t::getnmsg(bool)()
    262 buf[length]=0;
    263
    264 if(clearline)
    265 this->clearline();
    266 else if(column)
    267 CRLF;
    CID 515598: (SLEEP)
    Call to "putmsg" might sleep while holding lock "this->nodefile_mutex". 268 putmsg(buf,P_NOATCODES);
    269 free(buf);
    270
    271 return retval == 0;
    272 }
    273
    /getnode.cpp: 265 in sbbs_t::getnmsg(bool)()
    259 }
    260 int retval = chsize(file,0L);
    261 close(file);
    262 buf[length]=0;
    263
    264 if(clearline)
    CID 515598: (SLEEP)
    Call to "clearline" might sleep while holding lock "this->nodefile_mutex".
    265 this->clearline();
    266 else if(column)
    267 CRLF;
    268 putmsg(buf,P_NOATCODES);
    269 free(buf);
    270

    ** CID 515597: Program hangs (LOCK)
    /main.cpp: 2243 in input_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 515597: Program hangs (LOCK)
    /main.cpp: 2243 in input_thread(void *)()
    2237 }
    2238 else
    2239 #endif
    2240 rd = recv(sock, (char*)inbuf, rd, 0);
    2241
    2242 if(pthread_mutex_unlock(&sbbs->input_thread_mutex)!=0) >>> CID 515597: Program hangs (LOCK)
    "errormsg" locks "sbbs->nodefile_mutex" while it is locked.
    2243 sbbs->errormsg(WHERE,ERR_UNLOCK,"input_thread_mutex",0);
    2244
    2245 if (rd == 0 && !socket_recvdone(sock, 0))
    2246 continue;
    2247
    2248 if(rd == SOCKET_ERROR)

    ** CID 515596: Program hangs (LOCK)
    /logfile.cpp: 331 in sbbs_t::errormsg(int, const char *, const char *, const char *, const char *, int, const char *)()


    ________________________________________________________________________________________________________
    *** CID 515596: Program hangs (LOCK)
    /logfile.cpp: 331 in sbbs_t::errormsg(int, const char *, const char *, const char *, const char *, int, const char *)()
    325 fprintf(logfile_fp,"!! %s%s", str, log_line_ending); 326 logcol=1;
    327 fflush(logfile_fp);
    328 }
    329
    330 errormsg_inside=false;
    CID 515596: Program hangs (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    331 }
    332
    333 /****************************************************************************/
    334 /* Open a log file for append, supporting log rotation based on size */
    335 /****************************************************************************/
    336 extern "C" FILE* fopenlog(scfg_t* cfg, const char* path)

    ** CID 515595: Program hangs (LOCK)
    /main.cpp: 4335 in sbbs_t::logoffstats()()


    ________________________________________________________________________________________________________
    *** CID 515595: Program hangs (LOCK)
    /main.cpp: 4335 in sbbs_t::logoffstats()()
    4329
    4330 for(i=0;i<2;i++) {
    4331 FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */true);
    4332 if(fp == NULL)
    4333 continue;
    4334 if(!fread_dstats(fp, &stats)) {
    CID 515595: Program hangs (LOCK)
    "errormsg" locks "this->nodefile_mutex" while it is locked.
    4335 errormsg(WHERE, ERR_READ, "dsts.ini", i);
    4336 } else {
    4337 stats.total.timeon += minutes_used;
    4338 stats.today.timeon += minutes_used;
    4339 if(!fwrite_dstats(fp, &stats, __FUNCTION__)) 4340 errormsg(WHERE, ERR_WRITE, "dsts.ini", i);

    ** CID 515594: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 515594: (SLEEP)
    /main.cpp: 4649 in sbbs_t::daily_maint()()
    4643 backup(str,cfg.user_backup_level,false);
    4644 }
    4645
    4646 if(cfg.mail_backup_level) {
    4647 lputs(LOG_INFO,"DAILY: Backing-up mail data...");
    4648 smb_t mail;
    CID 515594: (SLEEP)
    Call to "smb_open_sub" might sleep while holding lock "this->nodefile_mutex".
    4649 int result = smb_open_sub(&cfg, &mail, INVALID_SUB); 4650 if(result != SMB_SUCCESS)
    4651 lprintf(LOG_ERR, "ERROR %d (%s) opening mail base", result, mail.last_error);
    4652 else {
    4653 result = smb_lock(&mail);
    4654 if(result != SMB_SUCCESS)
    /main.cpp: 4778 in sbbs_t::daily_maint()()
    4772 closeuserdat(userfile);
    4773
    4774 lputs(LOG_INFO,"DAILY: Purging deleted/expired e-mail");
    4775 SAFEPRINTF(smb.file,"%smail",cfg.data_dir);
    4776 smb.retry_time=cfg.smb_retry_time;
    4777 smb.subnum=INVALID_SUB;
    CID 515594: (SLEEP)
    Call to "smb_open" might sleep while holding lock "this->nodefile_mutex".
    4778 if((i=smb_open(&smb))!=0)
    4779 errormsg(WHERE,ERR_OPEN,smb.file,i,smb.last_error); 4780 else {
    4781 if(filelength(fileno(smb.shd_fp))>0) {
    4782 if((i=smb_locksmbhdr(&smb))!=0)
    4783 errormsg(WHERE,ERR_LOCK,smb.file,i,smb.last_error);

    ** CID 515593: (LOCK)
    /getnode.cpp: 258 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 252 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 242 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 271 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 237 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 247 in sbbs_t::getnmsg(bool)()


    ________________________________________________________________________________________________________
    *** CID 515593: (LOCK)
    /getnode.cpp: 258 in sbbs_t::getnmsg(bool)()
    252 return false;
    253 }
    254 if(read(file,buf,length)!=length) {
    255 close(file);
    256 free(buf);
    257 errormsg(WHERE,ERR_READ,str,length);
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    258 return false;
    259 }
    260 int retval = chsize(file,0L);
    261 close(file);
    262 buf[length]=0;
    263
    /getnode.cpp: 252 in sbbs_t::getnmsg(bool)()
    246 close(file);
    247 return true;
    248 }
    249 if((buf=(char *)malloc(length+1))==NULL) {
    250 close(file);
    251 errormsg(WHERE,ERR_ALLOC,str,length+1);
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    252 return false;
    253 }
    254 if(read(file,buf,length)!=length) {
    255 close(file);
    256 free(buf);
    257 errormsg(WHERE,ERR_READ,str,length);
    /getnode.cpp: 242 in sbbs_t::getnmsg(bool)()
    236 if(flength(str)<1L)
    237 return true;
    238 if((file=nopen(str,O_RDWR))==-1) {
    239 /**
    240 errormsg(WHERE,ERR_OPEN,str,O_RDWR);
    241 **/
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    242 return false;
    243 }
    244 length=(long)filelength(file);
    245 if(length <= 0) {
    246 close(file);
    247 return true;
    /getnode.cpp: 271 in sbbs_t::getnmsg(bool)()
    265 this->clearline();
    266 else if(column)
    267 CRLF;
    268 putmsg(buf,P_NOATCODES);
    269 free(buf);
    270
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    271 return retval == 0;
    272 }
    273
    274 /****************************************************************************/
    275 /* 'ext' must be at least 128 bytes! */
    276 /****************************************************************************/
    /getnode.cpp: 237 in sbbs_t::getnmsg(bool)()
    231 thisnode.misc&=~NODE_NMSG; /* clear the NMSG flag */
    232 putnodedat(cfg.node_num,&thisnode);
    233 }
    234
    235 SAFEPRINTF2(str,"%smsgs/n%3.3u.msg",cfg.data_dir,cfg.node_num); 236 if(flength(str)<1L)
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    237 return true;
    238 if((file=nopen(str,O_RDWR))==-1) {
    239 /**
    240 errormsg(WHERE,ERR_OPEN,str,O_RDWR);
    241 **/
    242 return false;
    /getnode.cpp: 247 in sbbs_t::getnmsg(bool)()
    241 **/
    242 return false;
    243 }
    244 length=(long)filelength(file);
    245 if(length <= 0) {
    246 close(file);
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    247 return true;
    248 }
    249 if((buf=(char *)malloc(length+1))==NULL) {
    250 close(file);
    251 errormsg(WHERE,ERR_ALLOC,str,length+1);
    252 return false;

    ** CID 515592: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 515592: (SLEEP)
    /getnode.cpp: 162 in sbbs_t::nodesync(bool)()
    156 thisnode.misc&=~NODE_UDAT;
    157 putnodedat(cfg.node_num,&thisnode);
    158 }
    159 }
    160 if(!(sys_status&SS_MOFF)) {
    161 if(thisnode.misc&NODE_MSGW)
    CID 515592: (SLEEP)
    Call to "getsmsg" might sleep while holding lock "this->nodefile_mutex".
    162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */
    163 if(thisnode.misc&NODE_NMSG)
    164 getnmsg(clearline); /* getnmsg clears NMSG flag */
    165 }
    166 }
    167
    /getnode.cpp: 174 in sbbs_t::nodesync(bool)()
    168 if(cfg.sync_mod[0])
    169 exec_bin(cfg.sync_mod,&main_csi);
    170
    171 if(thisnode.misc&NODE_INTR) {
    172 bputs(text[NodeLocked]);
    173 logline(LOG_NOTICE,nulstr,"Interrupted");
    CID 515592: (SLEEP)
    Call to "hangup" might sleep while holding lock "this->nodefile_mutex". 174 hangup();
    175 nodesync_inside=0;
    176 return;
    177 }
    178
    179 if(thisnode.misc&NODE_LCHAT) { // pulled into local chat with sysop
    /getnode.cpp: 164 in sbbs_t::nodesync(bool)()
    158 }
    159 }
    160 if(!(sys_status&SS_MOFF)) {
    161 if(thisnode.misc&NODE_MSGW)
    162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */
    163 if(thisnode.misc&NODE_NMSG)
    CID 515592: (SLEEP)
    Call to "getnmsg" might sleep while holding lock "this->nodefile_mutex".
    164 getnmsg(clearline); /* getnmsg clears NMSG flag */
    165 }
    166 }
    167
    168 if(cfg.sync_mod[0])
    169 exec_bin(cfg.sync_mod,&main_csi);
    /getnode.cpp: 211 in sbbs_t::nodesync(bool)()
    205 }
    206
    207 if(sys_status&SS_USERON && online && (timeleft/60)<(5-timeleft_warn)
    208 && !SYSOP) {
    209 timeleft_warn=5-(timeleft/60);
    210 if(!(sys_status&SS_MOFF)) {
    CID 515592: (SLEEP)
    Call to "attr" might sleep while holding lock "this->nodefile_mutex". 211 attr(LIGHTGRAY);
    212 bprintf(text[OnlyXminutesLeft]
    213 ,((ushort)timeleft/60)+1,(timeleft/60) ? "s" : nulstr);
    214 }
    215 }
    216
    /getnode.cpp: 217 in sbbs_t::nodesync(bool)()
    211 attr(LIGHTGRAY);
    212 bprintf(text[OnlyXminutesLeft]
    213 ,((ushort)timeleft/60)+1,(timeleft/60) ? "s" : nulstr);
    214 }
    215 }
    216
    CID 515592: (SLEEP)
    Call to "attr" might sleep while holding lock "this->nodefile_mutex". 217 attr(atr); /* replace original attributes */
    218 nodesync_inside=0;
    219 }
    220
    221 /****************************************************************************/
    222 /* Prints short messages waiting for this node, if any... */
    /getnode.cpp: 181 in sbbs_t::nodesync(bool)()
    175 nodesync_inside=0;
    176 return;
    177 }
    178
    179 if(thisnode.misc&NODE_LCHAT) { // pulled into local chat with sysop
    180 saveline();
    CID 515592: (SLEEP)
    Call to "privchat" might sleep while holding lock "this->nodefile_mutex".
    181 privchat(true);
    182 restoreline();
    183 }
    184
    185 if(thisnode.misc&NODE_FCHAT) { // forced into private chat
    186 int n = getpagingnode(&cfg);
    /getnode.cpp: 182 in sbbs_t::nodesync(bool)()
    176 return;
    177 }
    178
    179 if(thisnode.misc&NODE_LCHAT) { // pulled into local chat with sysop
    180 saveline();
    181 privchat(true);
    CID 515592: (SLEEP)
    Call to "restoreline" might sleep while holding lock "this->nodefile_mutex".
    182 restoreline();
    183 }
    184
    185 if(thisnode.misc&NODE_FCHAT) { // forced into private chat
    186 int n = getpagingnode(&cfg);
    187 if(n) {
    /getnode.cpp: 197 in sbbs_t::nodesync(bool)()
    191 action = save_action;
    192 restoreline();
    193 }
    194 if(getnodedat(cfg.node_num, &thisnode, true)) {
    195 thisnode.action = action;
    196 thisnode.misc &= ~NODE_FCHAT;
    CID 515592: (SLEEP)
    Call to "putnodedat" might sleep while holding lock "this->nodefile_mutex".
    197 putnodedat(cfg.node_num, &thisnode);
    198 }
    199 }
    200
    201 if(sys_status&SS_USERON && memcmp(&nodesync_user,&useron,sizeof(user_t))) {
    202 getusrdirs();

    ** CID 515591: (LOCK)
    /getnode.cpp: 219 in sbbs_t::nodesync(bool)()
    /getnode.cpp: 157 in sbbs_t::nodesync(bool)()


    ________________________________________________________________________________________________________
    *** CID 515591: (LOCK)
    /getnode.cpp: 219 in sbbs_t::nodesync(bool)()
    213 ,((ushort)timeleft/60)+1,(timeleft/60) ? "s" : nulstr);
    214 }
    215 }
    216
    217 attr(atr); /* replace original attributes */
    218 nodesync_inside=0;
    CID 515591: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    219 }
    220
    221 /****************************************************************************/
    222 /* Prints short messages waiting for this node, if any... */
    223 /****************************************************************************/
    224 bool sbbs_t::getnmsg(bool clearline)
    /getnode.cpp: 164 in sbbs_t::nodesync(bool)()
    158 }
    159 }
    160 if(!(sys_status&SS_MOFF)) {
    161 if(thisnode.misc&NODE_MSGW)
    162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */
    163 if(thisnode.misc&NODE_NMSG)
    CID 515591: (LOCK)
    "getnmsg" locks "this->nodefile_mutex" while it is locked.
    164 getnmsg(clearline); /* getnmsg clears NMSG flag */
    165 }
    166 }
    167
    168 if(cfg.sync_mod[0])
    169 exec_bin(cfg.sync_mod,&main_csi);
    /getnode.cpp: 197 in sbbs_t::nodesync(bool)()
    191 action = save_action;
    192 restoreline();
    193 }
    194 if(getnodedat(cfg.node_num, &thisnode, true)) {
    195 thisnode.action = action;
    196 thisnode.misc &= ~NODE_FCHAT;
    CID 515591: (LOCK)
    "putnodedat" locks "this->nodefile_mutex" while it is locked.
    197 putnodedat(cfg.node_num, &thisnode);
    198 }
    199 }
    200
    201 if(sys_status&SS_USERON && memcmp(&nodesync_user,&useron,sizeof(user_t))) {
    202 getusrdirs();
    /getnode.cpp: 157 in sbbs_t::nodesync(bool)()
    151 }
    152 }
    153 if(thisnode.misc&NODE_UDAT && !(useron.rest&FLAG('G'))) { /* not guest */
    154 getuserdat(&cfg, &useron);
    155 if(getnodedat(cfg.node_num,&thisnode, true)) { 156 thisnode.misc&=~NODE_UDAT;
    CID 515591: (LOCK)
    "putnodedat" locks "this->nodefile_mutex" while it is locked.
    157 putnodedat(cfg.node_num,&thisnode);
    158 }
    159 }
    160 if(!(sys_status&SS_MOFF)) {
    161 if(thisnode.misc&NODE_MSGW)
    162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */

    ** CID 515590: (LOCK)
    /un_qwk.cpp: 94 in sbbs_t::unpack_qwk(char *, unsigned int)()
    /un_qwk.cpp: 123 in sbbs_t::unpack_qwk(char *, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 515590: (LOCK)
    /un_qwk.cpp: 94 in sbbs_t::unpack_qwk(char *, unsigned int)()
    88 lprintf(LOG_ERR, "libarchive error %ld (%s) extracting %s", file_count, error, packet);
    89 if(*cfg.qhub[hubnum]->unpack == '\0')
    90 return false;
    91 i=external(cmdstr(cfg.qhub[hubnum]->unpack,packet,ALLFILES,NULL),EX_OFFLINE);
    92 if(i) {
    93 errormsg(WHERE,ERR_EXEC,cmdstr(cfg.qhub[hubnum]->unpack,packet,ALLFILES,NULL),i);
    CID 515590: (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    94 return(false);
    95 }
    96 }
    97 SAFEPRINTF(str,"%sMESSAGES.DAT",cfg.temp_dir);
    98 if(!fexistcase(str)) {
    99 lprintf(LOG_WARNING,"%s doesn't contain MESSAGES.DAT (%s)",packet,str);
    /un_qwk.cpp: 123 in sbbs_t::unpack_qwk(char *, unsigned int)()
    117 remove(fname);
    118 }
    119 SAFEPRINTF(fname, "%sVOTING.DAT", cfg.temp_dir);
    120 if(fexistcase(fname)) {
    121 lprintf(LOG_DEBUG, "Reading %s", fname);
    122 if((fp=fopen(fname,"r")) == NULL)
    CID 515590: (LOCK)
    "errormsg" locks "this->nodefile_mutex" while it is locked.
    123 errormsg(WHERE,ERR_OPEN,fname,O_RDONLY);
    124 else {
    125 voting=iniReadFile(fp);
    126 fclose(fp);
    127 }
    128 remove(fname);

    ** CID 515589: Error handling issues (CHECKED_RETURN)
    /logon.cpp: 124 in sbbs_t::logon()()


    ________________________________________________________________________________________________________
    *** CID 515589: Error handling issues (CHECKED_RETURN)
    /logon.cpp: 124 in sbbs_t::logon()()
    118 ,useron.number,useron.alias);
    119 logline(LOG_NOTICE,"+!",str);
    120 hangup();
    121 return(false);
    122 }
    123 if(yesno(text[RemoveNodeLockQ])) {
    CID 515589: Error handling issues (CHECKED_RETURN)
    Calling "getnodedat" without checking return value (as is done elsewhere 52 out of 59 times).
    124 getnodedat(cfg.node_num,&thisnode, true);
    125 logline("S-","Removed Node Lock");
    126 thisnode.misc&=~NODE_LOCK;
    127 }
    128 else
    129 getnodedat(cfg.node_num,&thisnode, true);

    ** CID 515588: (SLEEP)
    /main.cpp: 3450 in event_thread(void *)()
    /main.cpp: 3272 in event_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 515588: (SLEEP)
    /main.cpp: 3277 in event_thread(void *)()
    3271 while(!sbbs->terminated) {
    3272 mswait(1000); 3273 now=time(NULL); 3274 if(now-start>10 && now-lastnodechk<10)
    3275 continue;
    3276 for(j=first_node;j<=last_node;j++) {
    CID 515588: (SLEEP)
    Call to "getnodedat" might sleep while holding lock "sbbs->nodefile_mutex".
    3277 if(!sbbs->getnodedat(j,&node, true))
    3278 continue;
    3279 if(node.status==NODE_WFC)
    3280 node.status=NODE_EVENT_LIMBO;
    3281 node.aux=sbbs->cfg.event[i]->node;
    3282 sbbs->putnodedat(j,&node);
    /main.cpp: 3450 in event_thread(void *)()
    3444 }
    3445 }
    3446 }
    3447 }
    3448 }
    3449 sbbs->event_code = nulstr;
    CID 515588: (SLEEP)
    Call to "nanosleep" might sleep while holding lock "sbbs->nodefile_mutex".
    3450 mswait(1000);
    3451 }
    3452 sbbs->cfg.node_num=0;
    3453 sbbs->useron.number = 0;
    3454 sbbs->js_cleanup();
    3455
    /main.cpp: 3373 in event_thread(void *)()
    3367 && (sbbs->cfg.event[i]->node<first_node || sbbs->cfg.event[i]->node>last_node)) {
    3368 sbbs->lprintf(LOG_NOTICE,"Changing node status for nodes %d through %d to WFC"
    3369 ,first_node,last_node); 3370 sbbs->cfg.event[i]->last=(time32_t)now;
    3371 for(j=first_node;j<=last_node;j++) {
    3372 node.status=NODE_INVALID_STATUS;
    CID 515588: (SLEEP)
    Call to "getnodedat" might sleep while holding lock "sbbs->nodefile_mutex".
    3373 if(!sbbs->getnodedat(j,&node, true))
    3374 continue;
    3375 node.status=NODE_WFC; 3376 sbbs->putnodedat(j,&node);
    3377 }
    3378 }
    /main.cpp: 3413 in event_thread(void *)()
    3407 cmd = sbbs->cmdstr(cmd, nulstr, sbbs->cfg.event[i]->dir, NULL);
    3408 sbbs->lprintf(LOG_INFO,"Running %s%stimed event: %s"
    3409 ,native_executable(&sbbs->cfg, cmd, ex_mode) ? "native ":"16-bit DOS "
    3410 ,(ex_mode&EX_BG) ? "background ":""
    3411 ,cmd);
    3412 {
    CID 515588: (SLEEP)
    Call to "external" might sleep while holding lock "sbbs->nodefile_mutex".
    3413 int result = sbbs->external(cmd, ex_mode, sbbs->cfg.event[i]->dir);
    3414 if(!(ex_mode&EX_BG)) 3415 sbbs->lprintf(result ? sbbs->cfg.event[i]->errlevel : LOG_INFO, "Timed event: '%s' returned %d", cmd, result);
    3416 else
    3417 sbbs->lprintf(LOG_DEBUG, "Background timed event spawned: %s", cmd);
    3418 }
    /main.cpp: 3277 in event_thread(void *)()
    3271 while(!sbbs->terminated) {
    3272 mswait(1000); 3273 now=time(NULL); 3274 if(now-start>10 && now-lastnodechk<10)
    3275 continue;
    3276 for(j=first_node;j<=last_node;j++) {
    CID 515588: (SLEEP)
    Call to "getnodedat" might sleep while holding lock "sbbs->nodefile_mutex".
    3277 if(!sbbs->getnodedat(j,&node, true))
    3278 continue;
    3279 if(node.status==NODE_WFC)
    3280 node.status=NODE_EVENT_LIMBO;
    3281 node.aux=sbbs->cfg.event[i]->node;
    3282 sbbs->putnodedat(j,&node);
    /main.cpp: 2986 in event_thread(void *)()
    2980 if(!fexist(fname))
    2981 continue;
    2982 sbbs->useron.number = 0;
    2983 sbbs->lprintf(LOG_INFO, "QWK pack semaphore signaled: %s", fname);
    2984 int usernum = atoi(fname+offset);
    2985 sbbs->useron.number = usernum;
    CID 515588: (SLEEP)
    Call to "getuserdat" might sleep while holding lock "sbbs->nodefile_mutex".
    2986 int retval = getuserdat(&sbbs->cfg,&sbbs->useron);
    2987 if(retval != 0) {
    2988 sbbs->lprintf(LOG_WARNING, "ERROR %d reading user data for user #%d", retval, usernum);
    2989 sbbs->fremove(WHERE, fname, /* log-all-errors: */true);
    2990 continue;
    2991 }
    /main.cpp: 3272 in event_thread(void *)()
    3266 sbbs->lprintf(LOG_DEBUG,"event last run: %s (0x%08x)"
    3267 ,sbbs->timestr(sbbs->cfg.event[i]->last)
    3268 ,sbbs->cfg.event[i]->last);
    3269 lastnodechk=0; /* really last event time check */
    3270 start=time(NULL);
    3271 while(!sbbs->terminated) {
    CID 515588: (SLEEP)
    Call to "nanosleep" might sleep while holding lock "sbbs->nodefile_mutex".
    3272 mswait(1000); 3273 now=time(NULL); 3274 if(now-start>10 && now-lastnodechk<10)
    3275 continue;
    3276 for(j=first_node;j<=last_node;j++) {
    3277 if(!sbbs->getnodedat(j,&node, true))


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D0VuE_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZXtRHBZwsv7Kfty0nOtNaK0UAFlR-2FrVR2f6CKktOSW3KEH5A-2BAGbll45RILco6MRWsB-2BPA-2F5LbzoDmAwnm2EdPSGWu8DKQDA8ovxbR0nzs0zWwn4zpQwqZ0g5MQ5Uxv60wCv-2BEyap91XzPuWSQ2OUE7j0iN0wndXT1J2mredhBFg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, December 06, 2024 13:41:13
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 515659: Resource leaks (RESOURCE_LEAK)
    /readmail.cpp: 814 in sbbs_t::readmail(unsigned int, int, int)()


    ________________________________________________________________________________________________________
    *** CID 515659: Resource leaks (RESOURCE_LEAK)
    /readmail.cpp: 814 in sbbs_t::readmail(unsigned int, int, int)()
    808 }
    809
    810 smb_close(&smb);
    811 smb_stack(&smb,SMB_STACK_POP);
    812 current_msg=NULL;
    813
    CID 515659: Resource leaks (RESOURCE_LEAK)
    Variable "mail" going out of scope leaks the storage it points to.
    814 return lm_mode;
    815 }
    816
    817 int sbbs_t::searchmail(mail_t *mail, int start, int msgs, int which, const char *search, const char* order)
    818 {
    819 char* buf;

    ** CID 515658: Error handling issues (CHECKED_RETURN)


    ________________________________________________________________________________________________________
    *** CID 515658: Error handling issues (CHECKED_RETURN)
    /dupefind.c: 75 in display_filename()
    69 char *display_filename(scfg_t *cfg, uint dirnum, uint32_t fil_off)
    70 {
    71 static char str[256];
    72 static smb_t smb;
    73 if(smb_open_dir(cfg, &smb, dirnum) != SMB_SUCCESS)
    74 return smb.last_error;
    CID 515658: Error handling issues (CHECKED_RETURN)
    Calling "smb_fseek(smb.sid_fp, (fil_off - 1U) * 128UL, 0)" without checking return value. It wraps a library function that may fail and return an error code.
    75 smb_fseek(smb.sid_fp, (fil_off - 1) * sizeof(fileidxrec_t), SEEK_SET); 76 fileidxrec_t idx;
    77 if(smb_fread(&smb, &idx, sizeof(idx), smb.sid_fp) != sizeof(idx)) {
    78 smb_close(&smb);
    79 return smb.last_error;
    80 }

    ** CID 515657: Error handling issues (CHECKED_RETURN)
    /load_cfg.c: 627 in smb_open_dir()


    ________________________________________________________________________________________________________
    *** CID 515657: Error handling issues (CHECKED_RETURN)
    /load_cfg.c: 627 in smb_open_dir()
    621 if(filelength(fileno(smb->shd_fp)) < 1) {
    622 smb->status.max_files = cfg->dir[dirnum]->maxfiles; 623 smb->status.max_age = cfg->dir[dirnum]->maxage;
    624 smb->status.attr = SMB_FILE_DIRECTORY; 625 if(cfg->dir[dirnum]->misc & DIR_NOHASH)
    626 smb->status.attr |= SMB_NOHASH;
    CID 515657: Error handling issues (CHECKED_RETURN)
    Calling "smb_create" without checking return value (as is done elsewhere 16 out of 17 times).
    627 smb_create(smb);
    628 }
    629 return SMB_SUCCESS;
    630 }
    631
    632 int get_lang_count(scfg_t* cfg)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DArCi_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZBUi-2F07t06F46PFVW9NK8AEOuHmZrMv6aNSdOw0AIeo4ogvPzV8VRWZ8jRTfiHC12zKsA4sipybJiH6RgyZ0m7AfiNQvXpSFbavk3k9Q6PyWgsjGH13ueAcyWa7DsklJg0kfAfT7EZWBHjtJZZ7z9FYBEIQ4aPAWfq3llNwIH-2F5w-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, December 07, 2024 13:42:14
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 515673: Code maintainability issues (SIZEOF_MISMATCH)
    /sbbsecho.c: 1309 in link_area()


    ________________________________________________________________________________________________________
    *** CID 515673: Code maintainability issues (SIZEOF_MISMATCH)
    /sbbsecho.c: 1309 in link_area()
    1303 return false;
    1304 }
    1305
    1306 void link_area(unsigned area_num, const fidoaddr_t* addr)
    1307 {
    1308 area_t* area = &cfg.area[area_num];
    CID 515673: Code maintainability issues (SIZEOF_MISMATCH)
    Passing argument "area->link" of type "fidoaddr_t const *" and argument "8UL /* sizeof (addr) */ * (area->links + 1)" to function "realloc_or_free" is suspicious. In this case, "sizeof (fidoaddr_t const *)" is equal to "sizeof (fidoaddr_t const)", but this is not a portable assumption.
    1309 if((area->link = realloc_or_free(area->link, (sizeof addr) * (area->links + 1))) == NULL) {
    1310 lprintf(LOG_ERR,"ERROR line %d allocating memory for area "
    1311 "#%u links.",__LINE__, area_num + 1);
    1312 bail(1);
    1313 return;
    1314 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DjswB_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZTIkIcVsFEubRKPyVR-2BCuKY5oHLU9ayFn6T1x6if3eS0nVM4zzDglf0kSu84NvdLQvLmLpVUMBWFTCqIbKw97TOhNhU4Up-2FQ0gGVaItXyTTfc3Uu2zZfP2qWOCQU0YU4SaCyb8-2B3kJNnxUzaATxOedk4YqKEgN0RG-2F7ZgTWOZJ5A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, December 08, 2024 13:41:14
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 515715: Incorrect expression (SIZEOF_MISMATCH)
    /userdat.c: 1420 in node_vstatus()


    ________________________________________________________________________________________________________
    *** CID 515715: Incorrect expression (SIZEOF_MISMATCH)
    /userdat.c: 1420 in node_vstatus()
    1414 return cfg->text != NULL ? cfg->text[NodeStatusOffline] : "Offline";
    1415 case NODE_NETTING: /* Obsolete */
    1416 return "Networking";
    1417 case NODE_LOGON:
    1418 return cfg->text != NULL ? cfg->text[NodeStatusLogon] : "At login prompt";
    1419 case NODE_LOGOUT:
    CID 515715: Incorrect expression (SIZEOF_MISMATCH)
    Passing argument "str" of type "char *" and argument "8UL /* sizeof (str) */" to function "safe_snprintf" is suspicious.
    1420 snprintf(str, sizeof str, cfg->text != NULL ? cfg->text[NodeStatusLogout] : "Logging out %s", username(cfg,node->useron,tmp));
    1421 return str;
    1422 case NODE_EVENT_WAITING:
    1423 return cfg->text != NULL ? cfg->text[NodeStatusEventWaiting] : "Waiting for all nodes to become inactive";
    1424 case NODE_EVENT_LIMBO:
    1425 snprintf(str, size, cfg->text != NULL ? cfg->text[NodeStatusEventLimbo] : "Waiting for node %d to finish external event"

    ** CID 515714: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 515714: Uninitialized variables (UNINIT)
    /getnode.cpp: 289 in sbbs_t::getnodeext(unsigned int, char *)()
    283 errormsg(WHERE,ERR_CHK,"node number",number);
    284 return false;
    285 }
    286
    287 if((node_ext=opennodeext(&cfg))==-1) {
    288 memset(ext,0,128);
    CID 515714: Uninitialized variables (UNINIT)
    Using uninitialized value "*str" when calling "errormsg".
    289 errormsg(WHERE,ERR_OPEN,str,O_RDONLY|O_DENYNONE);
    290 return false;
    291 }
    292
    293 number--; /* make zero based */
    294 for(count=0;count<LOOP_NODEDAB;count++) {

    ** CID 515713: Incorrect expression (SIZEOF_MISMATCH)
    /userdat.c: 1512 in node_activity()


    ________________________________________________________________________________________________________
    *** CID 515713: Incorrect expression (SIZEOF_MISMATCH)
    /userdat.c: 1512 in node_activity()
    1506 return cfg->text != NULL ? cfg->text[NodeActivityLoggingOn] : "logging on";
    1507 case NODE_LCHT:
    1508 snprintf(str, size, cfg->text != NULL ? cfg->text[NodeActivityLocalChat] : "chatting with %s", cfg->sys_op);
    1509 break;
    1510 case NODE_MCHT:
    1511 if(node->aux != 0)
    CID 515713: Incorrect expression (SIZEOF_MISMATCH)
    Passing argument "str" of type "char *" and argument "8UL /* sizeof (str) */" to function "safe_snprintf" is suspicious.
    1512 snprintf(str, sizeof str
    1513 ,cfg->text != NULL ? cfg->text[NodeActivityChatChannel] : "in multinode chat channel %d"
    1514 ,node->aux & 0xff);
    1515 else
    1516 return cfg->text != NULL ? cfg->text[NodeActivityGlobalChat] : "in multinode global chat channel";
    1517 break;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Drf1g_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQY9ty8xtnl2sw1SqlPRU2WILlz6B-2F41RYA0wpD7iGPK7iJJRJMlj06LpTw8H4oLu0ZD6NOR-2Fs4yPZ6xU2n8ZKWHL4-2F4cgQ0xljfi-2B5nJtvQuTTNG4kyAp2Ph0XvRGRr1KcMs8Gin6jWDWu2x-2Bkj9Q6Trx86Of-2BJRienYR-2Fbv9gQgw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, December 15, 2024 13:49:15
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 516068: Null pointer dereferences (FORWARD_NULL)
    /websrvr.c: 5419 in js_ErrorReporter()


    ________________________________________________________________________________________________________
    *** CID 516068: Null pointer dereferences (FORWARD_NULL)
    /websrvr.c: 5419 in js_ErrorReporter()
    5413 pthread_mutex_lock(&mutex);
    5414 if(lastline == report->lineno && report->filename != NULL && strcmp(lastfile, report->filename) == 0)
    5415 log_level = LOG_WARNING;
    5416 else
    5417 log_level = LOG_ERR;
    5418 lastline = report->lineno;
    CID 516068: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "report->filename" to "strlcpy", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
    5419 SAFECOPY(lastfile, report->filename);
    5420 pthread_mutex_unlock(&mutex);
    5421 warning="";
    5422 }
    5423
    5424 lprintf(log_level,"%04d !JavaScript %s%s%s: %s, Request: %s"


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DwGMb_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYoPlNm5BibC088PrWc35An4cdaeXCJhAHOfo6MdQKpuyixiVEFSUvV84YSqGOWCuXdzqHO6D3vFmsefEKTNsriv31FvxSemaYCwQ1e-2F5VqBGX6SKqkk-2F5GGTcyG8HHnvAZdIDYA7eRF8DYP-2F3cg26HCdIpmNxtLPnr6lFDWLJb2Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, December 17, 2024 13:48:21
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    9 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 9 of 9 defect(s)


    ** CID 516415: Error handling issues (CHECKED_RETURN)
    /userdat.c: 1472 in node_activity()


    ________________________________________________________________________________________________________
    *** CID 516415: Error handling issues (CHECKED_RETURN)
    /userdat.c: 1472 in node_activity()
    1466 case NODE_AMSG:
    1467 return cfg->text != NULL ? cfg->text[NodeActivityAutoMsg] : "posting auto-message";
    1468 case NODE_XTRN:
    1469 if(node->aux == 0)
    1470 return cfg->text != NULL ? cfg->text[NodeActivityXtrnMenu] : "at external program menu";
    1471 user.number = node->useron;
    CID 516415: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    1472 getuserdat(cfg, &user);
    1473 xtrnnum = getxtrnnum(cfg, user.curxtrn);
    1474 if(is_valid_xtrnnum(cfg, xtrnnum))
    1475 snprintf(str, size, "%s %s"
    1476 ,cfg->text != NULL ? cfg->text[NodeActivityRunningXtrn] : "running"
    1477 ,cfg->xtrn[xtrnnum]->name);

    ** CID 516414: Error handling issues (CHECKED_RETURN)
    /useredit.cpp: 65 in sbbs_t::useredit(int)()


    ________________________________________________________________________________________________________
    *** CID 516414: Error handling issues (CHECKED_RETURN)
    /useredit.cpp: 65 in sbbs_t::useredit(int)()
    59 if(sys_status&SS_INUEDIT)
    60 return;
    61 sys_status|=SS_INUEDIT;
    62 while(online) {
    63 CLS;
    64 attr(LIGHTGRAY);
    CID 516414: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    65 getuserdat(&cfg,&user);
    66 if(!user.number) {
    67 user.number=1;
    68 getuserdat(&cfg,&user);
    69 if(!user.number) {
    70 bputs(text[NoUserData]);

    ** CID 516413: Error handling issues (CHECKED_RETURN)
    /answer.cpp: 168 in sbbs_t::answer()()


    ________________________________________________________________________________________________________
    *** CID 516413: Error handling issues (CHECKED_RETURN)
    /answer.cpp: 168 in sbbs_t::answer()()
    162 (but keep full terminal type/speed string in rlogin_term): */
    163 truncstr(terminal,"/");
    164 useron.number = 0;
    165 if(rlogin_name[0])
    166 useron.number = find_login_id(&cfg, rlogin_name);
    167 if(useron.number) {
    CID 516413: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    168 getuserdat(&cfg,&useron);
    169 SAFEPRINTF(path,"%srlogin.cfg",cfg.ctrl_dir);
    170 if(!findstr(client.addr,path)) {
    171 SAFECOPY(tmp, rlogin_pass);
    172 for(i=0;i<3 && online;i++) { 173 if(stricmp(tmp,useron.pass)) {

    ** CID 516412: Error handling issues (CHECKED_RETURN)
    /login.cpp: 51 in sbbs_t::login(const char *, const char *, const char *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 516412: Error handling issues (CHECKED_RETURN)
    /login.cpp: 51 in sbbs_t::login(const char *, const char *, const char *, const char *)()
    45 long useron_misc=useron.misc;
    46
    47 username = parse_login(username);
    48
    49 useron.number = find_login_id(&cfg, username);
    50 if(useron.number) {
    CID 516412: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    51 getuserdat(&cfg,&useron);
    52 if(useron.number && useron.misc&(DELETED|INACTIVE))
    53 useron.number=0;
    54 }
    55
    56 if(!useron.number) {

    ** CID 516411: (CHECKED_RETURN)
    /useredit.cpp: 733 in sbbs_t::maindflts(user_t *)()
    /useredit.cpp: 738 in sbbs_t::maindflts(user_t *)()


    ________________________________________________________________________________________________________
    *** CID 516411: (CHECKED_RETURN)
    /useredit.cpp: 733 in sbbs_t::maindflts(user_t *)()
    727
    728 action=NODE_DFLT;
    729 if (cfg.usercfg_mod[0]) {
    730 char cmdline[256];
    731 snprintf(cmdline, sizeof(cmdline), "%s %u", cfg.usercfg_mod, user->number);
    732 exec_bin(cmdline, &main_csi);
    CID 516411: (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    733 getuserdat(&cfg, user);
    734 return;
    735 }
    736 while(online) {
    737 CLS;
    738 getuserdat(&cfg,user);
    /useredit.cpp: 738 in sbbs_t::maindflts(user_t *)()
    732 exec_bin(cmdline, &main_csi);
    733 getuserdat(&cfg, user);
    734 return;
    735 }
    736 while(online) {
    737 CLS;
    CID 516411: (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    738 getuserdat(&cfg,user);
    739 bprintf(text[UserDefaultsHdr],user->alias,user->number);
    740 if(user == &useron) {
    741 update_nodeterm();
    742 load_user_text();
    743 }

    ** CID 516410: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 1662 in http_logon()


    ________________________________________________________________________________________________________
    *** CID 516410: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 1662 in http_logon()
    1656 session->req.finished=true;
    1657 }
    1658
    1659 void http_logon(http_session_t * session, user_t *usr)
    1660 {
    1661 if(usr==NULL)
    CID 516410: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    1662 getuserdat(&scfg, &session->user);
    1663 else
    1664 session->user=*usr;
    1665
    1666 if(session->user.number==session->last_user_num)
    1667 return;

    ** CID 516409: Error handling issues (CHECKED_RETURN)
    /str.cpp: 1388 in sbbs_t::change_user()()


    ________________________________________________________________________________________________________
    *** CID 516409: Error handling issues (CHECKED_RETURN)
    /str.cpp: 1388 in sbbs_t::change_user()()
    1382 putmsgptrs();
    1383 putuserstr(useron.number, USER_CURSUB
    1384 ,cfg.sub[usrsub[curgrp][cursub[curgrp]]]->code);
    1385 putuserstr(useron.number, USER_CURDIR
    1386 ,cfg.dir[usrdir[curlib][curdir[curlib]]]->code);
    1387 useron.number=i;
    CID 516409: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    1388 getuserdat(&cfg,&useron);
    1389 if(getnodedat(cfg.node_num,&thisnode, true)) {
    1390 thisnode.useron=useron.number;
    1391 putnodedat(cfg.node_num,&thisnode);
    1392 }
    1393 getmsgptrs();

    ** CID 516408: Error handling issues (CHECKED_RETURN)
    /useredit.cpp: 1166 in sbbs_t::purgeuser(int)()


    ________________________________________________________________________________________________________
    *** CID 516408: Error handling issues (CHECKED_RETURN)
    /useredit.cpp: 1166 in sbbs_t::purgeuser(int)()
    1160
    1161 void sbbs_t::purgeuser(int usernumber)
    1162 { char str[128];
    1163 user_t user;
    1164
    1165 user.number=usernumber;
    CID 516408: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    1166 getuserdat(&cfg,&user);
    1167 SAFEPRINTF2(str,"Purged %s #%u",user.alias,usernumber);
    1168 logentry("!*",str);
    1169 delallmail(usernumber, MAIL_ANY);
    1170 putusername(&cfg,usernumber,nulstr);
    1171 putusermisc(usernumber, user.misc | DELETED);

    ** CID 516407: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 2037 in check_ars()


    ________________________________________________________________________________________________________
    *** CID 516407: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 2037 in check_ars()
    2031 else
    2032 lprintf(LOG_NOTICE,"%04d !UNKNOWN USER: '%s'" 2033 ,session->socket,session->req.auth.username);
    2034 return(false);
    2035 }
    2036 thisuser.number=i;
    CID 516407: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    2037 getuserdat(&scfg, &thisuser);
    2038 switch(session->req.auth.type) {
    2039 case AUTHENTICATION_TLS_PSK:
    2040 if((auth_allowed & (1<<AUTHENTICATION_TLS_PSK))==0)
    2041 return(false);
    2042 if(session->last_user_num!=0) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DQyWe_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZaRdcpKH1DbVbWKil-2BYXbuPo6Nlz2IWCRH2bHbIl-2BZWutyiZLTcraL5FS1iiZSM0cIaa70yw-2BvQnYvTFtY90cnRY6AunfTZ3TOchBhkmrNG5r6R9YGJilsgu5Suh4msrRA-2BqV-2BHoo-2B29c88W6IVBSZdgQoHyw-2Bn9zmKTgeEHvaqQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, December 20, 2024 13:38:55
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 516431: Incorrect expression (EVALUATION_ORDER)
    /scfg/scfgsys.c: 1740 in sys_cfg()


    ________________________________________________________________________________________________________
    *** CID 516431: Incorrect expression (EVALUATION_ORDER)
    /scfg/scfgsys.c: 1740 in sys_cfg()
    1734 char sys_pass[sizeof(cfg.sys_pass)];
    1735 SAFECOPY(sys_pass, cfg.sys_pass);
    1736 while(1) {
    1737 i=0;
    1738 snprintf(opt[i++],MAX_OPLN,"%-20s%s","BBS Name",cfg.sys_name);
    1739 snprintf(opt[i++],MAX_OPLN,"%-20s%s","Location",cfg.sys_location);
    CID 516431: Incorrect expression (EVALUATION_ORDER)
    In argument #6 of "safe_snprintf(opt[i++], 75UL, "%-20s%s%s %s", "Local Time Zone", ((cfg.sys_timezone == -1) ? "Auto: " : ""), smb_zonestr(sys_timezone(&cfg), NULL), ((!(cfg.sys_timezone <= 1000 && cfg.sys_timezone >= -1000) && (cfg.sys_timezone & 0xc000 || cfg.sys_timezone == 4096 || cfg.sys_timezone == 4156 || cfg.sys_timezone == 4216 || cfg.sys_timezone == 4816 || cfg.sys_timezone == 4696 || cfg.sys_timezone == 4666) && cfg.sys_misc & 0x4000U) ? "(Auto-DST)" : ""))", a call is made to "sys_timezone(&cfg)". In argument #1 of this function, the object "cfg.sys_timezone" is modified. This object is also used in "(cfg.sys_timezone == -1) ? "Auto: " : """, the argument #5 of the outer function call. The order in which these arguments are evaluated is not specified, and will vary between platforms.
    1740 snprintf(opt[i++],MAX_OPLN,"%-20s%s%s %s","Local Time Zone"
    1741 ,cfg.sys_timezone == SYS_TIMEZONE_AUTO ? "Auto: " : ""
    1742 ,smb_zonestr(sys_timezone(&cfg),NULL)
    1743 ,SMB_TZ_HAS_DST(cfg.sys_timezone) && cfg.sys_misc&SM_AUTO_DST ? "(Auto-DST)" : "");
    1744 snprintf(opt[i++],MAX_OPLN,"%-20s%s (e.g. %s)","Short Date Format"
    1745 ,date_format(&cfg, str, sizeof str)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Du0AK_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZX-2BkC2-2BAZJhPPYfXPDeIQ-2B4YvLEfkbd-2Bd6D-2Bq6Hgb3A8yT9nXPdJTazBcJukBEh03pJKxvVooRsB2exFituB7-2FZiW-2B-2FFf3SbStI-2Fat2UXSZKXBODkmruS46NddedKGixq1GgfIg-2BgPQfkssXqpoMR-2BzxwZcTjLKvzCO0Vk2ny9Gw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, December 21, 2024 13:40:03
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 516448: High impact quality (Y2K38_SAFETY)
    /js_msgbase.c: 1441 in js_get_msg_header_resolve()


    ________________________________________________________________________________________________________
    *** CID 516448: High impact quality (Y2K38_SAFETY)
    /js_msgbase.c: 1441 in js_get_msg_header_resolve()
    1435 /* Fixed length portion of msg header */
    1436 LAZY_UINTEGER("type", p->msg.hdr.type, JSPROP_ENUMERATE);
    1437 LAZY_UINTEGER("version", p->msg.hdr.version, JSPROP_ENUMERATE); 1438 LAZY_UINTEGER("attr", p->msg.hdr.attr, JSPROP_ENUMERATE);
    1439 LAZY_UINTEGER("auxattr", p->msg.hdr.auxattr, JSPROP_ENUMERATE); 1440 LAZY_UINTEGER("netattr", p->msg.hdr.netattr, JSPROP_ENUMERATE); >>> CID 516448: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(p->msg.hdr.when_written)" is cast to "uint32".
    1441 LAZY_UINTEGER("when_written_time", smb_time(p->msg.hdr.when_written), JSPROP_ENUMERATE);
    1442 LAZY_INTEGER("when_written_zone", p->msg.hdr.when_written.zone, JSPROP_ENUMERATE);
    1443 LAZY_INTEGER("when_written_zone_offset", smb_tzutc(p->msg.hdr.when_written.zone), JSPROP_ENUMERATE|JSPROP_READONLY);
    1444 LAZY_UINTEGER("when_imported_time", p->msg.hdr.when_imported.time, JSPROP_ENUMERATE);
    1445 LAZY_INTEGER("when_imported_zone", p->msg.hdr.when_imported.zone, JSPROP_ENUMERATE);
    1446 LAZY_INTEGER("when_imported_zone_offset", smb_tzutc(p->msg.hdr.when_imported.zone), JSPROP_ENUMERATE|JSPROP_READONLY);

    ** CID 516447: High impact quality (Y2K38_SAFETY)
    /postmsg.cpp: 625 in votemsg()


    ________________________________________________________________________________________________________
    *** CID 516447: High impact quality (Y2K38_SAFETY)
    /postmsg.cpp: 625 in votemsg()
    619 }
    620 answers++;
    621 }
    622 }
    623 }
    624 safe_snprintf(smsg, sizeof(smsg), smsgfmt
    CID 516447: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg->hdr.when_written)" is cast to "time32_t".
    625 ,timestr(cfg, (time32_t)smb_time(msg->hdr.when_written), tstr)
    626 ,cfg->grp[cfg->sub[smb->subnum]->grp]->sname
    627 ,cfg->sub[smb->subnum]->sname
    628 ,from
    629 ,remsg.subj);
    630 SAFECAT(smsg, votes);

    ** CID 516446: (Y2K38_SAFETY)
    /qwknodes.c: 366 in main()
    /qwknodes.c: 392 in main()
    /qwknodes.c: 361 in main()
    /qwknodes.c: 384 in main()
    /qwknodes.c: 333 in main()
    /qwknodes.c: 343 in main()


    ________________________________________________________________________________________________________
    *** CID 516446: (Y2K38_SAFETY)
    /qwknodes.c: 366 in main()
    360 ,msg.from,p+1
    361 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
    362 ,str); 363 else
    364 fprintf(users,"%-25.25s %-8.8s %s\r\n"
    365 ,msg.from,str
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    366 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp));
    367 }
    368 if(cmd&NODES && msg.from_net.type==NET_QWK) {
    369 if(mode&TAGS)
    370 gettag(&msg,tag);
    371 if(mode&FEED) /qwknodes.c: 392 in main()
    386 }
    387 else
    388 fprintf(nodes,"%-8.8s %s\r\n"
    389 ,str 390 ,mode&TAGS
    391 ? tag >>> CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    392 : unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp));
    393 }
    394 }
    395 }
    396 smb_freemsgmem(&msg);
    397 }
    /qwknodes.c: 361 in main()
    355 else
    356 strcpy(str,msg.from_net.addr);
    357 p=strrchr(str,'/');
    358 if(p)
    359 fprintf(users,"%-25.25s %-8.8s %s (%s)\r\n"
    360 ,msg.from,p+1
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    361 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
    362 ,str); 363 else
    364 fprintf(users,"%-25.25s %-8.8s %s\r\n"
    365 ,msg.from,str
    366 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp));
    /qwknodes.c: 384 in main()
    378 fprintf(nodes,"%-8.8s %s\r\n"
    379 ,p+1
    380 ,tag);
    381 else
    382 fprintf(nodes,"%-8.8s %s (%s)\r\n"
    383 ,p+1
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    384 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
    385 ,str);
    386 }
    387 else
    388 fprintf(nodes,"%-8.8s %s\r\n"
    389 ,str /qwknodes.c: 333 in main()
    327 p=strrchr(addr,'/');
    328 if(!p)
    329 p=addr; 330 else
    331 *(p++)=0;
    332 safe_snprintf(str, sizeof(str), "%s %s:%s%c%s"
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    333 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
    334 ,p,cfg.sys_id,p==addr ? 0 : '/'
    335 ,addr); 336 fprintf(route,"%s\r\n",str);
    337 }
    338 else {
    /qwknodes.c: 343 in main()
    337 }
    338 else {
    339 p=strrchr(addr,'/');
    340 if(p) {
    341 *(p++)=0;
    342 fprintf(route,"%s %s:%.*s\r\n"
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    343 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),str)
    344 ,p
    345 ,(uint)(p-addr)
    346 ,addr); 347 }
    348 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DNGSj_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYgWGJ9BYEIxvdbhMAIayAni-2FuUZOlays8-2BQNW1Qj2YoLcEBScLdhHrJ52SvmolJ5itsnLRiKIwdue9DQ-2F9PO-2FUFGY-2Fa0jLnspeSlF2FiQB80TbxuUTyDk42cNSQCBuIqgPC4jh5ZIq8dm-2B49xrAWdl9U3UIFg1xXJFs0kJktVUnA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, December 24, 2024 13:46:54
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 516462: Resource leaks (RESOURCE_LEAK)
    /str.cpp: 277 in sbbs_t::sif(char *, char *, int)()


    ________________________________________________________________________________________________________
    *** CID 516462: Resource leaks (RESOURCE_LEAK)
    /str.cpp: 277 in sbbs_t::sif(char *, char *, int)()
    271 errormsg(WHERE,ERR_OPEN,str,O_RDONLY);
    272 return;
    273 }
    274 length=(int)filelength(file);
    275 if(length < 0) {
    276 errormsg(WHERE, ERR_CHK, str, length);
    CID 516462: Resource leaks (RESOURCE_LEAK)
    Handle variable "file" going out of scope leaks the handle.
    277 return;
    278 }
    279 if((buf=(char *)calloc(length + 1, 1))==0) {
    280 close(file);
    281 errormsg(WHERE,ERR_ALLOC,str,length);
    282 return;

    ** CID 516461: Resource leaks (RESOURCE_LEAK)
    /writemsg.cpp: 678 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 516461: Resource leaks (RESOURCE_LEAK)
    /writemsg.cpp: 678 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    672 return(false);
    673 }
    674 length=(long)filelength(file);
    675 if(length < 0) {
    676 errormsg(WHERE, ERR_LEN, msgtmp, length);
    677 free(buf);
    CID 516461: Resource leaks (RESOURCE_LEAK)
    Handle variable "file" going out of scope leaks the handle.
    678 return false;
    679 }
    680 l=strlen((char *)buf); /* reserve space for top and terminating null */
    681 /* truncate if too big */
    682 if(length>(long)((cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1))) {
    683 length=(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1);

    ** CID 516460: Error handling issues (CHECKED_RETURN)
    /chat.cpp: 254 in sbbs_t::multinodechat(int)()


    ________________________________________________________________________________________________________
    *** CID 516460: Error handling issues (CHECKED_RETURN)
    /chat.cpp: 254 in sbbs_t::multinodechat(int)()
    248 if(getstr(str,8,K_UPPER|K_ALPHA|K_LINE)) {
    249 getnodedat(cfg.node_num,&thisnode,true);
    250 thisnode.aux=channel;
    251 packchatpass(str,&thisnode);
    252 }
    253 else {
    CID 516460: Error handling issues (CHECKED_RETURN)
    Calling "getnodedat" without checking return value (as is done elsewhere 54 out of 58 times).
    254 getnodedat(cfg.node_num,&thisnode,true);
    255 thisnode.aux=channel;
    256 }
    257 }
    258 else {
    259 getnodedat(cfg.node_num,&thisnode,true);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DT8kj_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZ0FBX-2BUT7uzaWITu7U3dUMhdetuA-2BXV7YO8edQOGefnmNi1UdppKCC6vLOx06Y8sPuw5srJbsIYFYToJzSPdHxTD057AtOipCaMaoVsZPXJm19KDepDOzvHsB8koLerJtFoWwn5Qu57g8OiPy6q-2FxqWajzzHkfT1WyGUJ-2Bbs009Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net