• New Defects reported by Coverity Scan for Synchronet

    From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, February 21, 2021 14:00:59
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Feb-21-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Feb-21-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Feb-21-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Feb-21-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DnaQ__g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrC8ZTmeUSq2WGLxgVJWLzsEy57gIxYU7mR6o4ZVB-2FUEfmSJierFzLMRrSNsrVzoitiBCZtzTu-2FsDD-2Fy-2F16g3uIjRYS61eriZbamhRrwaaURNMiEmkxwcz0FCyMG2gF7m2KXDgF64lylOOZHhuJNVOAcPLnjRltLpFUO-2FXsO8Gj5UdnQ7fUUEkrL1pMnIUUUPj4-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, February 22, 2021 13:58:46
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    65 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 320538: Error handling issues (NEGATIVE_RETURNS)
    /sbbsecho.c: 3240 in getfmsg()


    ________________________________________________________________________________________________________
    *** CID 320538: Error handling issues (NEGATIVE_RETURNS)
    /sbbsecho.c: 3240 in getfmsg()
    3234 if((fbuf = malloc(length+1)) == NULL) {
    3235 lprintf(LOG_ERR,"ERROR line %d allocating %lu bytes of memory",__LINE__,length+1);
    3236 bail(1);
    3237 return(NULL);
    3238 }
    3239
    CID 320538: Error handling issues (NEGATIVE_RETURNS)
    "start" is passed to a parameter that cannot be negative.
    3240 (void)fseeko(stream,start,SEEK_SET);
    3241 for(l=0;l<length;l++)
    3242 fbuf[l]=(uchar)fgetc(stream);
    3243 if(ch==0)
    3244 (void)fgetc(stream); /* Read NULL */
    3245


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Der7L_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBQ53SIRFot2xRYrhIb3eC4tGmFai6Veu26y21-2FI1cyxbxrGgffvh5-2FDuSx5bpT7Z9VM5zkLHWKKaZmebxX9RJmd7FqCC6YAxixNAWbnXvqkNggB8vBu-2BSBeotQMnU-2Bu01fhkm151yNMMLzlAR1E3yvMKjcwyWAxKvQU4oA8hCpOp3c9-2BVt6Y3ry98V3M2efIU-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, February 25, 2021 13:51:58
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Feb-25-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Feb-25-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Feb-25-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Feb-25-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DVeG4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAFd23dCqGQYJOE96xvVCyT4p9lH1KjOpcStwtNQgn6sX5sx-2F-2FGju8CuNvxaPb7uU4MenijeijNUGEBj5wYJCXyuw3gccirAhfZIYcoFZE9QzE8dX63tjxUjhKaKMdcj7RkElRhpc6af3lhrs2xTKxexUINBShjvzbv6CGXnqh8BegumJeANE3PHxhcVAi34dA-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, March 05, 2021 13:57:10
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 327965: Error handling issues (NEGATIVE_RETURNS)
    /js_file.c: 417 in js_raw_read()


    ________________________________________________________________________________________________________
    *** CID 327965: Error handling issues (NEGATIVE_RETURNS)
    /js_file.c: 417 in js_raw_read()
    411 * The only option bit is the fflush() on the stream, but it never hurts and is sometimes
    412 * required by POSIX.
    413 */
    414 fflush(p->fp);
    415 pos = ftell(p->fp);
    416 fd = fileno(p->fp);
    CID 327965: Error handling issues (NEGATIVE_RETURNS)
    "pos" is passed to a parameter that cannot be negative.
    417 lseek(fd, pos, SEEK_SET);
    418 len = read(fileno(p->fp),buf,len);
    419 fseek(p->fp, pos + (len >= 0 ? len : 0), SEEK_SET);
    420 dbprintf(FALSE, p, "read %u raw bytes",len);
    421 if(len<0)
    422 len=0;

    ** CID 327964: Error handling issues (CHECKED_RETURN)
    /js_file.c: 419 in js_raw_read()


    ________________________________________________________________________________________________________
    *** CID 327964: Error handling issues (CHECKED_RETURN)
    /js_file.c: 419 in js_raw_read()
    413 */
    414 fflush(p->fp);
    415 pos = ftell(p->fp);
    416 fd = fileno(p->fp);
    417 lseek(fd, pos, SEEK_SET);
    418 len = read(fileno(p->fp),buf,len);
    CID 327964: Error handling issues (CHECKED_RETURN)
    Calling "fseek(p->fp, pos + ((len >= 0) ? len : 0), 0)" without checking return value. This library function may fail and return an error code.
    419 fseek(p->fp, pos + (len >= 0 ? len : 0), SEEK_SET);
    420 dbprintf(FALSE, p, "read %u raw bytes",len);
    421 if(len<0)
    422 len=0;
    423
    424 JS_RESUMEREQUEST(cx, rc);

    ** CID 327963: Error handling issues (CHECKED_RETURN)
    /js_file.c: 417 in js_raw_read()


    ________________________________________________________________________________________________________
    *** CID 327963: Error handling issues (CHECKED_RETURN)
    /js_file.c: 417 in js_raw_read()
    411 * The only option bit is the fflush() on the stream, but it never hurts and is sometimes
    412 * required by POSIX.
    413 */
    414 fflush(p->fp);
    415 pos = ftell(p->fp);
    416 fd = fileno(p->fp);
    CID 327963: Error handling issues (CHECKED_RETURN)
    Calling "lseek(fd, pos, 0)" without checking return value. This library function may fail and return an error code.
    417 lseek(fd, pos, SEEK_SET);
    418 len = read(fileno(p->fp),buf,len);
    419 fseek(p->fp, pos + (len >= 0 ? len : 0), SEEK_SET);
    420 dbprintf(FALSE, p, "read %u raw bytes",len);
    421 if(len<0)
    422 len=0;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D_p2X_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDy0FnBbq-2Fm93u7vA7CWW-2FDIcCWWSJ7c8n8ma0wI9nrXAM0rmu2WKRKamg79S0cwcvQZijOCkaXfhiqrcf11X2fxoyzccuy3-2BSoRLbQpzj-2B9htf4L24ypi98gpCO3iIwcHS0hb8b-2Fc-2BHjTiRNX0K47QJNHSl2g9Zn1weHkmTskRA2qmbeTTzYwfF1lTxvOzEdY-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, March 06, 2021 13:55:23
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-06-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-06-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-06-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-06-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dya2X_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDVh-2F0PJpgH6umVEMWDiBkvH3ZhiAh7egNzos5m-2FUEHYtsUcHnsfJtia-2FgCYce9lE6r-2FsJiB06nRfaCttr57LkqOXTYN-2FALowwjfHUgaqCkInQp-2B0UGF2FTI7n7LpfAoeYnUryI8FXnV82XsYbptBRnYQ37-2BJjCoBif-2FJFd8-2FS9ykN0IF5Jnq6PA55xQtTCSHQ-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, March 10, 2021 13:55:40
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-10-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-10-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-10-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-10-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D8xlY_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBahlFNDzlbCKGFUO-2Bp9oBcNLpOSxxshRlHMF4ceyyWiSHJzKm998QIz1wE9xDNhtC2CE0uJz3oJv3wLnf5Ocxaf8ike-2ByTfBjLozUpnBPKKlRaVTPLF27e-2FauVJO7W6CGdx7HShGh7gwrLSoUiZutLlxU0hRs3xGPbzOd5Ke4BhIB8UCoj43o-2BmRNGlj-2BD9eA-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, March 12, 2021 13:50:42
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-12-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-12-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-12-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-12-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D_bvH_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDJ7DMNQGaqpx7XNYfKoWHfkxhwEWEJLuqsZzFpEEcS5qRdwASqr-2FMdnrM7wd9bqAgHjtNtsgusF1UD5LtUVEAnHQ74HiogYjTjftkzf0KWbezUe1L-2By7hkj5p7JuCTLhWBp1ugHNbEw32HWQM4a1xXsdTm9x35IdB1E4XakpcmW-2FWcksOnRo8cLo7QrsishK0-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, March 16, 2021 12:57:17
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-16-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-16-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-16-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-16-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DLfeD_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDkjyADXvZ3vg4jB1V7LWW3t7tSTcyFjbjzS7FJ1Dqw6Bx-2Fr1tFkcVMa3Lal79TPDgCvl7hLnTvhKsOyumlayPlhsNUG0er02TrwcGE-2BHRhwiauQEvRVnHV49VlHdFSsud5qwWYfBBdseeKrDFGOH58tF0Z81k6asuwVljdgRLl8Np7lgasNGgkoQfQ-2BufQs7Y-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, March 17, 2021 12:53:45
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 329517: Control flow issues (DEADCODE) /tmp/sbbs-Mar-17-2021/3rdp/src/cl/session/ssh.c: 985 in getAttributeFunction()


    ________________________________________________________________________________________________________
    *** CID 329517: Control flow issues (DEADCODE) /tmp/sbbs-Mar-17-2021/3rdp/src/cl/session/ssh.c: 985 in getAttributeFunction() 979 type == CRYPT_SESSINFO_SSH_CHANNEL_ARG1 || \ 980 type == CRYPT_SESSINFO_SSH_CHANNEL_ARG2 || \ 981 type == CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE ); 982
    983 if( type == CRYPT_SESSINFO_SSH_OPTIONS )
    984 {
    CID 329517: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "valuePtr = (int *)data;".
    985 int *valuePtr = ( int * ) data;
    986
    987 *valuePtr = CRYPT_SSHOPTION_NONE;
    988 if( TEST_FLAG( sessionInfoPtr->protocolFlags, 989 SSH_PFLAG_DUMMYUSERAUTH ) )
    990 *valuePtr |= CRYPT_SSHOPTION_NONE_AUTH;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D4drD_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAlDtSvlg294fEZaJuIs-2BCiyaS30t9A-2FCBrpuSauYya0QpA-2F1oZHK84PSFp1SG2eTpTVWyhcITZ4Wbe98x1pmO-2Bl6-2Be2LLcerH-2F3ZmKFLu8k7ZN69jjm4-2F9-2FCIwIZb76h4PaKHtoqsPj7tB3GjZq-2BKGQBQHsFEIg-2Fxmjiutp7cM8kPegrvEvQt9RjFTjsVDass-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From HusTler@VERT/HAVENS to scan-admin@coverity.com on Thursday, March 18, 2021 14:17:37
    Re: New Defects reported by Coverity Scan for Synchronet
    By: scan-admin@coverity.com to cov-scan@synchro.net on Wed Mar 17 2021 12:53 pm

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    Well shit. I'm taking my board down right now! OMG!

    ... I wish the Government would put a tax on pianos for the incompetent.

    ---
    þ Synchronet þ Havens BBS havens.synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, March 21, 2021 12:58:50
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 329620: Uninitialized variables (UNINIT) /tmp/sbbs-Mar-21-2021/src/xpdev/sockwrap.c: 556 in nonblocking_connect()


    ________________________________________________________________________________________________________
    *** CID 329620: Uninitialized variables (UNINIT) /tmp/sbbs-Mar-21-2021/src/xpdev/sockwrap.c: 556 in nonblocking_connect()
    550 result=ERROR_VALUE;
    551 if(result==EWOULDBLOCK || result==EINPROGRESS) {
    552 if (socket_writable(sock, timeout * 1000)) { 553 result = 0;
    554 }
    555 else {
    CID 329620: Uninitialized variables (UNINIT)
    Using uninitialized value "optlen" when calling "getsockopt".
    556 if(getsockopt(sock, SOL_SOCKET, SO_ERROR, (void*)&result, &optlen)==SOCKET_ERROR)
    557 result=ERROR_VALUE;
    558 }
    559 }
    560 }
    561 return result;

    ** CID 329619: (RESOURCE_LEAK)
    /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 382 in xpms_accept() /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 625 in xpms_accept() /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 384 in xpms_accept() /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 402 in xpms_accept() /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 566 in xpms_accept()


    ________________________________________________________________________________________________________
    *** CID 329619: (RESOURCE_LEAK)
    /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 382 in xpms_accept()
    376 poll_timeout = INT_MAX;
    377 else
    378 poll_timeout = timeout;
    379
    380 switch (poll(fds, scnt, timeout)) {
    381 case 0:
    CID 329619: (RESOURCE_LEAK)
    Variable "fds" going out of scope leaks the storage it points to.
    382 return INVALID_SOCKET;
    383 case -1:
    384 return SOCKET_ERROR;
    385 default:
    386 scnt = 0;
    387 for(i=0; i<xpms_set->sock_count; i++) { /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 625 in xpms_accept()
    619 return ret;
    620 }
    621 }
    622 }
    623 }
    624
    CID 329619: (RESOURCE_LEAK)
    Variable "fds" going out of scope leaks the storage it points to.
    625 return INVALID_SOCKET; /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 384 in xpms_accept()
    378 poll_timeout = timeout;
    379
    380 switch (poll(fds, scnt, timeout)) {
    381 case 0:
    382 return INVALID_SOCKET;
    383 case -1:
    CID 329619: (RESOURCE_LEAK)
    Variable "fds" going out of scope leaks the storage it points to.
    384 return SOCKET_ERROR;
    385 default:
    386 scnt = 0;
    387 for(i=0; i<xpms_set->sock_count; i++) {
    388 if(xpms_set->socks[i].sock == INVALID_SOCKET)
    389 continue; /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 402 in xpms_accept()
    396 else {
    397 #endif
    398 if(cb_data)
    399 *cb_data=xpms_set->socks[i].cb_data;
    400 ret = accept(xpms_set->socks[i].sock, &addr->addr, addrlen);
    401 if (ret == INVALID_SOCKET)
    CID 329619: (RESOURCE_LEAK)
    Variable "fds" going out of scope leaks the storage it points to.
    402 return ret;
    403
    404 // Set host_ip from haproxy protocol, if its used
    405 // https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmFhfLHSS4WW27WEbAQ0FnW2DAsEL4QRepj-2FHt2fmG7L-2BnWOoJSnAMuZZVvs-2FTpt9KdaKEu5rXFXNd-2BvSGu5ZLas-3Dd_90_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBHl4bR3Ma1f60TFhv7T6ysQTqzEd9nvMDO73rOMH-2FoJ5nhN868MA2phqypJ2oV92b97jXxFmunct7Y4klqGur0z6R0WcReKRfq0D0HPM1tk6CAFrC65I3bitVBEnBiVT8QTt-2F7UTr2oUauVjXSlBWa0Bh93CLCT6FEG1AINFfOnaX7z7JDCirzBRH9jqSpkRA-3D
    406 if (flags & XPMS_ACCEPT_FLAG_HAPROXY) {
    407 memset(addr, 0, sizeof(*addr));
    /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 566 in xpms_accept()
    560 switch (l) { 561 // IPv4 - AF_INET
    562 case HAPROXY_AFINET:
    563 if (i != 12) {
    564 xpms_set->lprintf(LOG_ERR,"%04d * HAPROXY Something went wrong - IPv4 address length is incorrect",ret);
    565 closesocket(ret);
    CID 329619: (RESOURCE_LEAK)
    Variable "fds" going out of scope leaks the storage it points to.
    566 return INVALID_SOCKET;
    567 }
    568 addr->in.sin_family = AF_INET;
    569 if (read_socket(ret, hapstr, i, xpms_set->lprintf)==FALSE) {
    570 xpms_set->lprintf(LOG_ERR,"%04d * HAPROXY looking for IPv4 address - failed",ret);
    571 closesocket(ret);

    ** CID 329618: Null pointer dereferences (NULL_RETURNS) /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 368 in xpms_accept()


    ________________________________________________________________________________________________________
    *** CID 329618: Null pointer dereferences (NULL_RETURNS) /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 368 in xpms_accept()
    362 if(FD_ISSET(xpms_set->socks[i].sock, &read_fs)) {
    363 #else
    364 fds = calloc(xpms_set->sock_count, sizeof(*fds));
    365 for (i = 0; i < xpms_set->sock_count; i++) {
    366 if (xpms_set->socks[i].sock == INVALID_SOCKET)
    367 continue;
    CID 329618: Null pointer dereferences (NULL_RETURNS)
    Dereferencing "fds", which is known to be "NULL".
    368 fds[scnt].fd = xpms_set->socks[i].sock;
    369 fds[scnt].events = POLLIN;
    370 scnt++;
    371 }
    372
    373 if (timeout == XPMS_FOREVER)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DLHmn_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBHl4bR3Ma1f60TFhv7T6ysowkKJDrUA6C75fu3BRJq-2FUw5eN9b5XYSctzsJ98DPYfDP7j4AYhQkY30dnFu4TwCdwjnMT8mAI2-2Bg-2FqSBUEH44x5j1MZehgipi7vnrC2DB2OwTaDXMtI26MENFL9HDj08iR5XhCILdRMD4IRrtvokulJVT7mfhTDsxurasyCN6A-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, March 27, 2021 12:53:38
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DdIg6_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAJbmjMQCHdvEZAM6aVF4u8ydhhtx1nS3D2rKu98XfjlbEegPj9-2BGTxrZxXz9VTdCPNzVgbzF16kCl6qFVuj7zz9-2BL3a5Ga8DYrIrrBlCAnpLREwKG-2FwcA3ZJvXX3vn81sHU1XX4vQbpmCpG7CiccUI9JJgazCD6clgWT-2BeEgVZZIv-2FhFErTSMFQlbIoUQtE-2Bk-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, March 29, 2021 12:52:49
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-29-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-29-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-29-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-29-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D6VWU_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBpp7yupQGZwh9Swt8zw6N9wj9a5rFftaGpcLDuuu6S4PbsqBUQ8WyOlKDwpPqWfZeSL2UT4MSFYiIZNHNaqjL-2BVKRMkaYNta-2FMBAo2nzI1C-2FJQh5SkFsmsz9gPcqn0d6C7CbEH8Nw4FxJoL9xrvI3ge259yxhZd8YyIkmyxPVm9WdlQCh5ZN4-2FU1TIjbJqhow-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, March 31, 2021 13:34:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    16 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 16 of 16 defect(s)


    ** CID 330056: Error handling issues (CHECKED_RETURN)
    /xtrn.cpp: 1716 in sbbs_t::external(const char *, long, const char *)()


    ________________________________________________________________________________________________________
    *** CID 330056: Error handling issues (CHECKED_RETURN)
    /xtrn.cpp: 1716 in sbbs_t::external(const char *, long, const char *)()
    1710 write(in_pipe[1],buf,wr);
    1711 }
    1712
    1713 bp=buf;
    1714 i=0;
    1715 if(mode&EX_NOLOG)
    CID 330056: Error handling issues (CHECKED_RETURN)
    Calling "poll(fds, ((mode & 0x40000000L) ? 1 : 2), 1)" without checking return value. This library function may fail and return an error code. [Note: The source code implementation of the function has been overridden by a builtin model.]
    1716 poll(fds, (mode & EX_NOLOG) ? 1 : 2, 1);
    1717 else {
    1718 while (poll(fds, (mode & EX_NOLOG) ? 1 : 2, 1) > 0 && (fds[1].revents & POLLIN)
    1719 && (i < (int)sizeof(buf) - 1)) { 1720 if((rd=read(err_pipe[0],bp,1))>0) {
    1721 i+=rd;

    ** CID 330055: Resource leaks (RESOURCE_LEAK)
    /services.c: 2131 in services_thread()


    ________________________________________________________________________________________________________
    *** CID 330055: Resource leaks (RESOURCE_LEAK)
    /services.c: 2131 in services_thread()
    2125 client_addr_len = sizeof(client_addr);
    2126
    2127 udp_len=0;
    2128
    2129 if(service[i].options&SERVICE_OPT_UDP) {
    2130 /* UDP */
    CID 330055: Resource leaks (RESOURCE_LEAK)
    Overwriting "udp_buf" in "udp_buf = (uint8_t *)calloc(1UL, 8192UL)" leaks the storage that "udp_buf" points to.
    2131 if((udp_buf = (BYTE*)calloc(1, MAX_UDP_BUF_LEN)) == NULL) {
    2132 lprintf(LOG_CRIT,"%04d %s !ERROR %d allocating UDP buffer"
    2133 ,service[i].set->socks[j].sock, service[i].protocol, errno);
    2134 continue;
    2135 }
    2136

    ** CID 330054: Program hangs (LOCK)
    /sbbs_status.c: 735 in status_thread()


    ________________________________________________________________________________________________________
    *** CID 330054: Program hangs (LOCK)
    /sbbs_status.c: 735 in status_thread()
    729 listUnlock(&status_sock);
    730 protected_uint32_destroy(thread_count);
    731 protected_uint32_destroy(active_clients);
    732
    733 startup->thread_up(startup->cbdata, FALSE, FALSE);
    734 startup->terminated(startup->cbdata, rc);
    CID 330054: Program hangs (LOCK)
    Returning without unlocking "status_thread_mutex".
    735 }
    736
    737 #define makestubs(lower, UPPER) \
    738 void status_##lower##_lputs(void *cbdata, int level, const char *str) { status_lputs(SERVICE_##UPPER, level, str); } \
    739 void status_##lower##_errormsg(void *cbdata, int level, const char *str) { status_errormsg(SERVICE_##UPPER, level, str); } \
    740 void status_##lower##_status(void *cbdata, const char *str) { status_status(SERVICE_##UPPER, str); } \

    ** CID 330053: Program hangs (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 330053: Program hangs (SLEEP)
    /sbbs_status.c: 561 in status_thread()
    555 if (socket_readable(*csock, 5000)) { 556 len = recv(*csock, auth, sizeof(auth), 0);
    557 if (len <= 0) {
    558 closesocket(*csock); 559 free(csock);
    560 pthread_mutex_lock(&status_thread_mutex);
    CID 330053: Program hangs (SLEEP)
    Call to "lprintf" might sleep while holding lock "status_thread_mutex". 561 lprintf(LOG_CRIT, "Error recv returned %d (%d)!", len, errno);
    562 continue;
    563 }
    564 // TODO: Check auth... "User\0Pass\0SysPass"
    565 client.user = auth;
    566 user.number = matchuser(&scfg, auth, TRUE);

    ** CID 330052: Insecure data handling (TAINTED_SCALAR)


    ________________________________________________________________________________________________________
    *** CID 330052: Insecure data handling (TAINTED_SCALAR)
    /main.cpp: 2214 in passthru_thread(void *)()
    2208 if(wr != rd) {
    2209 lprintf(LOG_ERR,"Short-write (%ld of %ld bytes) from passthru socket to outbuf"
    2210 ,(long)wr, (long)rd);
    2211 break;
    2212 }
    2213 } else {
    CID 330052: Insecure data handling (TAINTED_SCALAR)
    Passing tainted expression "inbuf" to "rputs", which uses it as an offset.
    2214 sbbs->rputs(inbuf, rd);
    2215 }
    2216 }
    2217 if(sbbs->passthru_socket!=INVALID_SOCKET) {
    2218 close_socket(sbbs->passthru_socket);
    2219 sbbs->passthru_socket=INVALID_SOCKET;

    ** CID 330051: Resource leaks (RESOURCE_LEAK)
    /websrvr.c: 3809 in fastcgi_connect()


    ________________________________________________________________________________________________________
    *** CID 330051: Resource leaks (RESOURCE_LEAK)
    /websrvr.c: 3809 in fastcgi_connect()
    3803 if(result != 0) {
    3804 lprintf(LOG_ERR, "%04d ERROR resolving FastCGI address %s port %s", client_sock, path, port);
    3805 free(path);
    3806 return INVALID_SOCKET;
    3807 }
    3808 for(cur=res,result=1; result && cur; cur=cur->ai_next) {
    CID 330051: Resource leaks (RESOURCE_LEAK)
    Overwriting handle "sock" in "sock = socket(cur->ai_family, cur->ai_socktype, cur->ai_protocol)" leaks the handle.
    3809 sock = socket(cur->ai_family, cur->ai_socktype, cur->ai_protocol);
    3810 if (sock == INVALID_SOCKET)
    3811 continue;
    3812 val=1;
    3813 ioctlsocket(sock,FIONBIO,&val);
    3814 result=connect(sock, cur->ai_addr, cur->ai_addrlen);

    ** CID 330050: Error handling issues (CHECKED_RETURN)
    /ftpsrvr.c: 1108 in receive_thread()


    ________________________________________________________________________________________________________
    *** CID 330050: Error handling issues (CHECKED_RETURN)
    /ftpsrvr.c: 1108 in receive_thread()
    1102 system(cmd);
    1103 fexistcase(tmp); /* fixes filename case */
    1104 }
    1105 if((file=nopen(tmp,O_RDONLY))!=-1) {
    1106 lprintf(LOG_DEBUG,"%04d <%s> DATA Parsing DIZ: %s",xfer.ctrl_sock, xfer.user->alias,tmp);
    1107 memset(ext,0,sizeof(ext));
    CID 330050: Error handling issues (CHECKED_RETURN)
    "read(int, void *, size_t)" returns the number of bytes read, but it is ignored.
    1108 read(file,ext,sizeof(ext)-1);
    1109 for(i=sizeof(ext)-1;i;i--) /* trim trailing spaces */
    1110 if(ext[i-1]>' ')
    1111 break; 1112 ext[i]=0;
    1113 if(!f.desc[0]) { /* use for normal description */

    ** CID 330049: Insecure data handling (TAINTED_SCALAR)


    ________________________________________________________________________________________________________
    *** CID 330049: Insecure data handling (TAINTED_SCALAR)
    /ftpsrvr.c: 1146 in receive_thread()
    1140 if(!addfiledat(&scfg,&f))
    1141 lprintf(LOG_ERR,"%04d <%s> !DATA ERROR adding file (%s) to database"
    1142 ,xfer.ctrl_sock, xfer.user->alias,f.name);
    1143 }
    1144
    1145 if(f.misc&FM_EXTDESC)
    CID 330049: Insecure data handling (TAINTED_SCALAR)
    Passing tainted expression "ext" to "putextdesc", which uses it as a loop boundary.
    1146 putextdesc(&scfg,f.dir,f.datoffset,ext);
    1147
    1148 if(scfg.dir[f.dir]->upload_sem[0])
    1149 ftouch(scfg.dir[f.dir]->upload_sem); 1150 /**************************/
    1151 /* Update Uploader's Info */

    ** CID 330048: Uninitialized variables (UNINIT)
    /xtrn.cpp: 1692 in sbbs_t::external(const char *, long, const char *)()


    ________________________________________________________________________________________________________
    *** CID 330048: Uninitialized variables (UNINIT)
    /xtrn.cpp: 1692 in sbbs_t::external(const char *, long, const char *)()
    1686
    1687 if(mode&EX_STDOUT) {
    1688 if(!(mode&EX_STDIN))
    1689 close(out_pipe[1]); /* close write-end of pipe */
    1690 fds[0].fd = out_pipe[0];
    1691 fds[0].events = POLLIN;
    CID 330048: Uninitialized variables (UNINIT)
    Using uninitialized value "err_pipe[0]".
    1692 fds[1].fd = err_pipe[0];
    1693 fds[1].events = POLLIN;
    1694 fds[1].revents = 0;
    1695 while(!terminated) {
    1696 if(waitpid(pid, &i, WNOHANG)!=0) /* child exited */
    1697 break;

    ** CID 330047: (SLEEP)
    /main.cpp: 1967 in input_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 330047: (SLEEP)
    /main.cpp: 1983 in input_thread(void *)()
    1977 rd=sizeof(inbuf);
    1978
    1979 #ifdef USE_CRYPTLIB
    1980 if(sbbs->ssh_mode && sock==sbbs->client_socket) {
    1981 int err;
    1982 pthread_mutex_lock(&sbbs->ssh_mutex);
    CID 330047: (SLEEP)
    Call to "crypt_pop_channel_data" might sleep while holding lock "sbbs->input_thread_mutex".
    1983 if(cryptStatusError((err=crypt_pop_channel_data(sbbs, (char*)inbuf, rd, &i)))) {
    1984 pthread_mutex_unlock(&sbbs->ssh_mutex); 1985 if(pthread_mutex_unlock(&sbbs->input_thread_mutex)!=0)
    1986 sbbs->errormsg(WHERE,ERR_UNLOCK,"input_thread_mutex",0);
    1987 if(err==CRYPT_ERROR_TIMEOUT)
    1988 continue;
    /main.cpp: 1967 in input_thread(void *)()
    1961
    1962 if(rd==0) { // input buffer full
    1963 lprintf(LOG_WARNING,"Node %d !WARNING input buffer full", sbbs->cfg.node_num);
    1964 // wait up to 5 seconds to empty (1 byte min)
    1965 time_t start=time(NULL);
    1966 while((rd=RingBufFree(&sbbs->inbuf))==0 && time(NULL)-start<5) {
    CID 330047: (SLEEP)
    Call to "nanosleep" might sleep while holding lock "sbbs->input_thread_mutex".
    1967 YIELD();
    1968 }
    1969 if(rd==0) { /* input buffer still full */ 1970 if(pthread_mutex_unlock(&sbbs->input_thread_mutex)!=0)
    1971 sbbs->errormsg(WHERE,ERR_UNLOCK,"input_thread_mutex",0);
    1972 continue;
    /main.cpp: 1983 in input_thread(void *)()
    1977 rd=sizeof(inbuf);
    1978
    1979 #ifdef USE_CRYPTLIB
    1980 if(sbbs->ssh_mode && sock==sbbs->client_socket) {
    1981 int err;
    1982 pthread_mutex_lock(&sbbs->ssh_mutex);
    CID 330047: (SLEEP)
    Call to "crypt_pop_channel_data" might sleep while holding lock "sbbs->ssh_mutex".
    1983 if(cryptStatusError((err=crypt_pop_channel_data(sbbs, (char*)inbuf, rd, &i)))) {
    1984 pthread_mutex_unlock(&sbbs->ssh_mutex); 1985 if(pthread_mutex_unlock(&sbbs->input_thread_mutex)!=0)
    1986 sbbs->errormsg(WHERE,ERR_UNLOCK,"input_thread_mutex",0);
    1987 if(err==CRYPT_ERROR_TIMEOUT)
    1988 continue;

    ** CID 330046: Resource leaks (RESOURCE_LEAK)
    /services.c: 2009 in services_thread()


    ________________________________________________________________________________________________________
    *** CID 330046: Resource leaks (RESOURCE_LEAK)
    /services.c: 2009 in services_thread()
    2003
    2004 #ifndef _WIN32
    2005 nfds = setup_poll(&fds);
    2006 if (nfds == 0) {
    2007 lprintf(LOG_CRIT, "!ERROR setting up poll() data");
    2008 cleanup(1);
    CID 330046: Resource leaks (RESOURCE_LEAK)
    Variable "fds" going out of scope leaks the storage it points to.
    2009 return;
    2010 }
    2011 #endif
    2012 /* Main Server Loop */
    2013 while(!terminated) {
    2014 YIELD();

    ** CID 330045: Memory - illegal accesses (STRING_NULL)


    ________________________________________________________________________________________________________
    *** CID 330045: Memory - illegal accesses (STRING_NULL)
    /sbbs_status.c: 566 in status_thread()
    560 pthread_mutex_lock(&status_thread_mutex);
    561 lprintf(LOG_CRIT, "Error recv returned %d (%d)!", len, errno);
    562 continue;
    563 }
    564 // TODO: Check auth... "User\0Pass\0SysPass"
    565 client.user = auth;
    CID 330045: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "auth" to "matchuser", which expects a null-terminated string.
    566 user.number = matchuser(&scfg, auth, TRUE);
    567 if (user.number == 0) {
    568 closesocket(*csock); 569 free(csock);
    570 lprintf(LOG_WARNING, "Invalid username \"%s\"", auth);
    571 pthread_mutex_lock(&status_thread_mutex);

    ** CID 330044: (CONSTANT_EXPRESSION_RESULT)
    /main.cpp: 1942 in input_thread(void *)()
    /main.cpp: 1940 in input_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 330044: (CONSTANT_EXPRESSION_RESULT)
    /main.cpp: 1942 in input_thread(void *)()
    1936
    1937 #ifdef _WIN32
    1938 sock=sbbs->client_socket;
    1939 #else
    1940 if (fds[0].revents | POLLIN)
    1941 sock = sbbs->client_socket;
    CID 330044: (CONSTANT_EXPRESSION_RESULT)
    "fds[1].revents | 1" is always 1/true regardless of the values of its operand. This occurs as the logical second operand of "&&".
    1942 else if(uspy_socket[sbbs->cfg.node_num - 1] != INVALID_SOCKET && fds[1].revents | POLLIN) {
    1943 if(socket_recvdone(uspy_socket[sbbs->cfg.node_num-1], 0)) {
    1944 close_socket(uspy_socket[sbbs->cfg.node_num-1]);
    1945 lprintf(LOG_NOTICE,"Closing local spy socket: %d",uspy_socket[sbbs->cfg.node_num-1]);
    1946 uspy_socket[sbbs->cfg.node_num-1]=INVALID_SOCKET;
    1947 if(pthread_mutex_unlock(&sbbs->input_thread_mutex)!=0)
    /main.cpp: 1940 in input_thread(void *)()
    1934 * ------------
    1935 */
    1936
    1937 #ifdef _WIN32
    1938 sock=sbbs->client_socket;
    1939 #else
    CID 330044: (CONSTANT_EXPRESSION_RESULT)
    "fds[0].revents | 1" is always 1/true regardless of the values of its operand. This occurs as the logical operand of "if".
    1940 if (fds[0].revents | POLLIN)
    1941 sock = sbbs->client_socket;
    1942 else if(uspy_socket[sbbs->cfg.node_num - 1] != INVALID_SOCKET && fds[1].revents | POLLIN) {
    1943 if(socket_recvdone(uspy_socket[sbbs->cfg.node_num-1], 0)) {
    1944 close_socket(uspy_socket[sbbs->cfg.node_num-1]);
    1945 lprintf(LOG_NOTICE,"Closing local spy socket: %d",uspy_socket[sbbs->cfg.node_num-1]);

    ** CID 330043: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 3066 in get_request_headers()


    ________________________________________________________________________________________________________
    *** CID 330043: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 3066 in get_request_headers()
    3060 i=strlen(head_line);
    3061 if(i>sizeof(head_line)-1) {
    3062 lprintf(LOG_ERR,"%04d !ERROR long multi-line header. The web server is broken!", session->socket);
    3063 i=sizeof(head_line)/2;
    3064 break;
    3065 }
    CID 330043: Error handling issues (CHECKED_RETURN)
    Calling "sockreadline" without checking return value (as is done elsewhere 4 out of 5 times).
    3066 sockreadline(session,head_line+i,sizeof(head_line)-i-1);
    3067 }
    3068 strListPush(&session->req.headers,head_line);
    3069
    3070 if((strtok_r(head_line,":",&last))!=NULL && (value=strtok_r(NULL,"",&last))!=NULL) {
    3071 i=get_header_type(head_line);

    ** CID 330042: Program hangs (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 330042: Program hangs (SLEEP)
    /websrvr.c: 6311 in http_output_thread()
    6305 *(bufdata++)='\r';
    6306 *(bufdata++)='\n';
    6307 len+=2;
    6308 }
    6309
    6310 if(!failed)
    CID 330042: Program hangs (SLEEP)
    Call to "sess_sendbuf" might sleep while holding lock "session->outbuf_write".
    6311 sess_sendbuf(session, buf, len, &failed);
    6312 pthread_mutex_unlock(&session->outbuf_write);
    6313 }
    6314 thread_down();
    6315 /* Ensure outbuf isn't currently being drained */
    6316 pthread_mutex_lock(&session->outbuf_write);

    ** CID 33663: (TAINTED_SCALAR)


    ________________________________________________________________________________________________________
    *** CID 33663: (TAINTED_SCALAR)
    /mxlookup.c: 332 in dns_getmx()
    326
    327 len=ntohs(rr->length);
    328 if(ntohs(rr->type)==DNS_MX) {
    329 pref=ntohs(*(WORD*)p);
    330 p+=2;
    331 namelen=0;
    CID 33663: (TAINTED_SCALAR)
    Passing tainted expression "*p" to "dns_name", which uses it as an offset.
    332 p+=dns_name(hostname, &namelen, sizeof(hostname)-1, msg+offset, p);
    333 if(pref<=highpref) {
    334 highpref=pref;
    335 if(mx[0])
    336 strcpy(mx2,mx);
    337 strcpy(mx,hostname); /mxlookup.c: 332 in dns_getmx()
    326
    327 len=ntohs(rr->length);
    328 if(ntohs(rr->type)==DNS_MX) {
    329 pref=ntohs(*(WORD*)p);
    330 p+=2;
    331 namelen=0;
    CID 33663: (TAINTED_SCALAR)
    Passing tainted expression "*p" to "dns_name", which uses it as an offset.
    332 p+=dns_name(hostname, &namelen, sizeof(hostname)-1, msg+offset, p);
    333 if(pref<=highpref) {
    334 highpref=pref;
    335 if(mx[0])
    336 strcpy(mx2,mx);
    337 strcpy(mx,hostname); /mxlookup.c: 314 in dns_getmx()
    308
    309 answers=ntohs(msghdr.ancount);
    310 p=(char*)msg+len; /* Skip the header and question portion */
    311
    312 for(i=0;i<answers && p<(char*)msg+sizeof(msg);i++) { 313 namelen=0;
    CID 33663: (TAINTED_SCALAR)
    Passing tainted expression "*p" to "dns_name", which uses it as an offset.
    314 p+=dns_name(hostname, &namelen, sizeof(hostname)-1, msg+offset, p);
    315
    316 rr=(dns_rr_t*)p;
    317 p+=sizeof(dns_rr_t);
    318 #if defined(MX_LOOKUP_TEST)
    319 printf("answer #%d\n",i+1);
    /mxlookup.c: 332 in dns_getmx()
    326
    327 len=ntohs(rr->length);
    328 if(ntohs(rr->type)==DNS_MX) {
    329 pref=ntohs(*(WORD*)p);
    330 p+=2;
    331 namelen=0;
    CID 33663: (TAINTED_SCALAR)
    Passing tainted expression "*p" to "dns_name", which uses it as an offset.
    332 p+=dns_name(hostname, &namelen, sizeof(hostname)-1, msg+offset, p);
    333 if(pref<=highpref) {
    334 highpref=pref;
    335 if(mx[0])
    336 strcpy(mx2,mx);
    337 strcpy(mx,hostname); /mxlookup.c: 314 in dns_getmx()
    308
    309 answers=ntohs(msghdr.ancount);
    310 p=(char*)msg+len; /* Skip the header and question portion */
    311
    312 for(i=0;i<answers && p<(char*)msg+sizeof(msg);i++) { 313 namelen=0;
    CID 33663: (TAINTED_SCALAR)
    Passing tainted expression "*p" to "dns_name", which uses it as an offset.
    314 p+=dns_name(hostname, &namelen, sizeof(hostname)-1, msg+offset, p);
    315
    316 rr=(dns_rr_t*)p;
    317 p+=sizeof(dns_rr_t);
    318 #if defined(MX_LOOKUP_TEST)
    319 printf("answer #%d\n",i+1);
    /mxlookup.c: 314 in dns_getmx()
    308
    309 answers=ntohs(msghdr.ancount);
    310 p=(char*)msg+len; /* Skip the header and question portion */
    311
    312 for(i=0;i<answers && p<(char*)msg+sizeof(msg);i++) { 313 namelen=0;
    CID 33663: (TAINTED_SCALAR)
    Passing tainted expression "*p" to "dns_name", which uses it as an offset.
    314 p+=dns_name(hostname, &namelen, sizeof(hostname)-1, msg+offset, p);
    315
    316 rr=(dns_rr_t*)p;
    317 p+=sizeof(dns_rr_t);
    318 #if defined(MX_LOOKUP_TEST)
    319 printf("answer #%d\n",i+1);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DgxWT_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCz-2FHLWEbfbfwfRJk6HAYb2nXmllk8VP2LmdOfioY9e5f9FKIRH487b3hVluhi0nXvHGlL4qxUitEqsOZ39O0N7vYloRKZTi0gGiI6hAtra7Lo6c8-2FFYmFqn2mUzrS2kSHW2v5oeGlNpRP-2F23ptNZWHW3gidk4CH8lp58gqzopvy-2Bhl83rsDQDCol5qXKVutHI-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, April 03, 2021 13:02:18
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    6 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 6 of 6 defect(s)


    ** CID 330950: Resource leaks (RESOURCE_LEAK)
    /js_socket.c: 919 in js_connect_event_thread()


    ________________________________________________________________________________________________________
    *** CID 330950: Resource leaks (RESOURCE_LEAK)
    /js_socket.c: 919 in js_connect_event_thread()
    913 ioctlsocket(a->sock,FIONBIO,(ulong*)&(a->nonblocking));
    914 send(a->sv[1], &sresult, 1, 0);
    915
    916 done:
    917 closesocket(a->sv[1]);
    918 free(a);
    CID 330950: Resource leaks (RESOURCE_LEAK)
    Variable "res" going out of scope leaks the storage it points to.
    919 }
    920
    921 static JSBool
    922 js_connect_event(JSContext *cx, uintN argc, jsval *arglist, js_socket_private_t *p, ushort port, JSObject *obj)
    923 {
    924 SOCKET sv[2];

    ** CID 330949: Null pointer dereferences (FORWARD_NULL)


    ________________________________________________________________________________________________________
    *** CID 330949: Null pointer dereferences (FORWARD_NULL)
    /js_socket.c: 1040 in js_connect()
    1034 free(p->hostname);
    1035 JSSTRING_TO_MSTRING(cx, str, p->hostname, NULL);
    1036 port = js_port(cx,argv[1],p->type);
    1037 rc=JS_SUSPENDREQUEST(cx);
    1038
    1039 if (argc > 2 && JSVAL_IS_OBJECT(argv[2]) && JS_ObjectIsFunction(cx, JSVAL_TO_OBJECT(argv[2]))) {
    CID 330949: Null pointer dereferences (FORWARD_NULL)
    Passing "p" to "js_connect_event", which dereferences null "p->hostname".
    1040 JSBool bgr = js_connect_event(cx, argc, arglist, p, port, obj);
    1041 JS_RESUMEREQUEST(cx, rc);
    1042 return bgr;
    1043 }
    1044
    1045 dbprintf(FALSE, p, "resolving hostname: %s", p->hostname);

    ** CID 330948: Error handling issues (CHECKED_RETURN)
    /js_socket.c: 914 in js_connect_event_thread()


    ________________________________________________________________________________________________________
    *** CID 330948: Error handling issues (CHECKED_RETURN)
    /js_socket.c: 914 in js_connect_event_thread()
    908 if(result == 0)
    909 break;
    910 }
    911 sresult = result;
    912 /* Restore original setting here */
    913 ioctlsocket(a->sock,FIONBIO,(ulong*)&(a->nonblocking));
    CID 330948: Error handling issues (CHECKED_RETURN)
    Calling "send(a->sv[1], &sresult, 1UL, 0)" without checking return value. This library function may fail and return an error code.
    914 send(a->sv[1], &sresult, 1, 0);
    915
    916 done:
    917 closesocket(a->sv[1]);
    918 free(a);
    919 }

    ** CID 330947: (FORWARD_NULL)
    /js_internal.c: 1138 in js_handle_events()
    /js_internal.c: 1249 in js_handle_events()
    /js_internal.c: 1126 in js_handle_events()
    /js_internal.c: 1273 in js_handle_events()
    /js_internal.c: 1261 in js_handle_events()
    /js_internal.c: 1286 in js_handle_events()
    /js_internal.c: 1198 in js_handle_events()
    /js_internal.c: 1149 in js_handle_events()


    ________________________________________________________________________________________________________
    *** CID 330947: (FORWARD_NULL)
    /js_internal.c: 1138 in js_handle_events()
    1132 hsock = ev->data.sock; 1133 #endif
    1134 break;
    1135 case JS_EVENT_SOCKET_WRITABLE_ONCE: 1136 case JS_EVENT_SOCKET_WRITABLE:
    1137 #ifdef PREFER_POLL
    CID 330947: (FORWARD_NULL)
    Dereferencing null pointer "fds".
    1138 fds[cfd].fd = ev->data.sock; 1139 fds[cfd].events = POLLOUT;
    1140 cfd++;
    1141 #else
    1142 FD_SET(ev->data.sock, &wfds); 1143 if (ev->data.sock > hsock) /js_internal.c: 1249 in js_handle_events()
    1243 #ifdef PREFER_POLL
    1244 cfd = 0;
    1245 #endif
    1246 for (ev = *head; ev; ev = ev->next) { 1247 if (ev->type == JS_EVENT_SOCKET_READABLE || ev->type == JS_EVENT_SOCKET_READABLE_ONCE) {
    1248 #ifdef PREFER_POLL
    CID 330947: (FORWARD_NULL)
    Dereferencing null pointer "fds".
    1249 if (fds[cfd].revents & ~(POLLOUT | POLLWRNORM | POLLWRBAND)) {
    1250 #else
    1251 if (FD_ISSET(ev->data.sock, &rfds)) {
    1252 #endif
    1253 break;
    1254 }
    /js_internal.c: 1126 in js_handle_events()
    1120 timeout = 0;
    1121 for (ev = *head; ev; ev = ev->next) {
    1122 switch (ev->type) {
    1123 case JS_EVENT_SOCKET_READABLE_ONCE: 1124 case JS_EVENT_SOCKET_READABLE:
    1125 #ifdef PREFER_POLL
    CID 330947: (FORWARD_NULL)
    Dereferencing null pointer "fds".
    1126 fds[cfd].fd = ev->data.sock; 1127 fds[cfd].events = POLLIN;
    1128 cfd++;
    1129 #else
    1130 FD_SET(ev->data.sock, &rfds); 1131 if (ev->data.sock > hsock) /js_internal.c: 1273 in js_handle_events()
    1267 #ifdef PREFER_POLL
    1268 cfd++;
    1269 #endif
    1270 }
    1271 else if (ev->type == JS_EVENT_SOCKET_CONNECT) {
    1272 #ifdef PREFER_POLL
    CID 330947: (FORWARD_NULL)
    Dereferencing null pointer "fds".
    1273 if (fds[cfd].revents & ~(POLLOUT | POLLWRNORM | POLLWRBAND)) {
    1274 #else
    1275 if (FD_ISSET(ev->data.connect.sv[0], &wfds)) {
    1276 #endif
    1277 closesocket(ev->data.connect.sv[0]);
    1278 break; /js_internal.c: 1261 in js_handle_events()
    1255 #ifdef PREFER_POLL
    1256 cfd++;
    1257 #endif
    1258 }
    1259 else if (ev->type == JS_EVENT_SOCKET_WRITABLE || ev->type == JS_EVENT_SOCKET_WRITABLE_ONCE) {
    1260 #ifdef PREFER_POLL
    CID 330947: (FORWARD_NULL)
    Dereferencing null pointer "fds".
    1261 if (fds[cfd].revents & ~(POLLIN | POLLRDNORM | POLLRDBAND | POLLPRI)) {
    1262 #else
    1263 if (FD_ISSET(ev->data.sock, &wfds)) {
    1264 #endif
    1265 break;
    1266 }
    /js_internal.c: 1286 in js_handle_events()
    1280 #ifdef PREFER_POLL
    1281 cfd++;
    1282 #endif
    1283 }
    1284 else if (ev->type == JS_EVENT_CONSOLE_INPUT) {
    1285 #ifdef PREFER_POLL
    CID 330947: (FORWARD_NULL)
    Dereferencing null pointer "fds".
    1286 if (fds[cfd].revents & ~(POLLOUT | POLLWRNORM | POLLWRBAND)) {
    1287 #else
    1288 if (FD_ISSET(ev->data.sock, &wfds)) {
    1289 #endif
    1290 break;
    1291 }
    /js_internal.c: 1198 in js_handle_events()
    1192 timeout = 0;
    1193 cev = ev;
    1194 }
    1195 else {
    1196 input_locked = TRUE; 1197 #ifdef PREFER_POLL
    CID 330947: (FORWARD_NULL)
    Dereferencing null pointer "fds".
    1198 fds[cfd].fd = ev->data.sock;
    1199 fds[cfd].events = POLLIN;
    1200 cfd++;
    1201 #else
    1202 FD_SET(ev->data.sock, &rfds);
    1203 if (ev->data.sock > hsock)
    /js_internal.c: 1149 in js_handle_events()
    1143 if (ev->data.sock > hsock)
    1144 hsock = ev->data.sock; 1145 #endif
    1146 break;
    1147 case JS_EVENT_SOCKET_CONNECT:
    1148 #ifdef PREFER_POLL
    CID 330947: (FORWARD_NULL)
    Dereferencing null pointer "fds".
    1149 fds[cfd].fd = ev->data.connect.sv[0];
    1150 fds[cfd].events = POLLIN;
    1151 cfd++;
    1152 #else
    1153 FD_SET(ev->data.connect.sv[0], &rfds);
    1154 if (ev->data.sock > hsock)

    ** CID 330946: Null pointer dereferences (NULL_RETURNS) /tmp/sbbs-Apr-03-2021/3rdp/src/mozjs/js-1.8.5/js/src/shell/js.cpp: 4795 in Help(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 330946: Null pointer dereferences (NULL_RETURNS) /tmp/sbbs-Apr-03-2021/3rdp/src/mozjs/js-1.8.5/js/src/shell/js.cpp: 4795 in Help(JSContext *, unsigned int, unsigned long *)()
    4789 jsval *argv = JS_ARGV(cx, vp);
    4790 for (i = 0; i < argc; i++) {
    4791 did_something = 0;
    4792 type = JS_TypeOfValue(cx, argv[i]);
    4793 if (type == JSTYPE_FUNCTION) {
    4794 fun = JS_ValueToFunction(cx, argv[i]);
    CID 330946: Null pointer dereferences (NULL_RETURNS)
    Dereferencing "fun", which is known to be "nullptr".
    4795 str = fun->atom ? ATOM_TO_STRING(fun->atom) : NULL; 4796 } else if (type == JSTYPE_STRING) {
    4797 str = JSVAL_TO_STRING(argv[i]);
    4798 } else {
    4799 str = NULL;
    4800 }

    ** CID 330945: Null pointer dereferences (NULL_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 330945: Null pointer dereferences (NULL_RETURNS) /tmp/sbbs-Apr-03-2021/3rdp/src/mozjs/js-1.8.5/js/src/jsexn.cpp: 550 in ValueToShortSource(JSContext *, unsigned long)()
    544 return NULL;
    545
    546 if (VALUE_IS_FUNCTION(cx, v)) {
    547 /*
    548 * XXX Avoid function decompilation bloat for now.
    549 */
    CID 330945: Null pointer dereferences (NULL_RETURNS)
    Dereferencing a pointer that might be "nullptr" "JS_ValueToFunction(cx, v)" when calling "JS_GetFunctionId".
    550 str = JS_GetFunctionId(JS_ValueToFunction(cx, v));
    551 if (!str && !(str = js_ValueToSource(cx, Valueify(v)))) {
    552 /*
    553 * Continue to soldier on if the function couldn't be
    554 * converted into a string.
    555 */


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D-wGS_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAzXmjcYguE2omc6tjz5npgQwR8DPj3gtRpRyKifexImS6lYY08gIdHnNdqrwjKbqPCGg7zzomYr1TIcd5JfXiW0FyUZvaZRJAhpRa4nQcFR63XnyrG4ZvVzFwI1WWcWyGFFiBbH4rLW7qEfxMaH8s1TyO7xNLY3MATScE7ko8zAA64QfWBsBcIOCpr2vtW8u4-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, April 04, 2021 13:12:49
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    53 new defect(s) introduced to Synchronet found with Coverity Scan.
    67 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 53 defect(s)


    ** CID 330997: Error handling issues (CHECKED_RETURN)
    /ftpsrvr.c: 926 in receive_thread()


    ________________________________________________________________________________________________________
    *** CID 330997: Error handling issues (CHECKED_RETURN)
    /ftpsrvr.c: 926 in receive_thread()
    920
    921 *xfer.aborted=FALSE;
    922 if(xfer.filepos || startup->options&FTP_OPT_DEBUG_DATA)
    923 lprintf(LOG_DEBUG,"%04d <%s> DATA socket %d receiving %s from offset %"PRIdOFF
    924 ,xfer.ctrl_sock,xfer.user->alias, *xfer.data_sock,xfer.filename,xfer.filepos);
    925
    CID 330997: Error handling issues (CHECKED_RETURN)
    Calling "fseeko(fp, xfer.filepos, 0)" without checking return value. This library function may fail and return an error code.
    926 fseeko(fp,xfer.filepos,SEEK_SET);
    927 last_report=start=time(NULL);
    928 while(1) {
    929
    930 now=time(NULL);
    931

    ** CID 330996: (TAINTED_SCALAR)


    ________________________________________________________________________________________________________
    *** CID 330996: (TAINTED_SCALAR)
    /js_msgbase.c: 2257 in js_remove_msg()
    2251 rc=JS_SUSPENDREQUEST(cx);
    2252 if((p->smb_result=smb_getmsgidx(&(p->smb), &msg))==SMB_SUCCESS 2253 && (p->smb_result=smb_getmsghdr(&(p->smb), &msg))==SMB_SUCCESS) {
    2254
    2255 msg.hdr.attr|=MSG_DELETE;
    2256
    CID 330996: (TAINTED_SCALAR)
    Passing tainted expression "msg.hdr" to "smb_updatemsg", which uses it as a loop boundary.
    2257 if((p->smb_result=smb_updatemsg(&(p->smb), &msg))==SMB_SUCCESS)
    2258 JS_SET_RVAL(cx, arglist, JSVAL_TRUE);
    2259 }
    2260
    2261 smb_freemsgmem(&msg);
    2262 JS_RESUMEREQUEST(cx, rc);
    /js_msgbase.c: 2257 in js_remove_msg()
    2251 rc=JS_SUSPENDREQUEST(cx);
    2252 if((p->smb_result=smb_getmsgidx(&(p->smb), &msg))==SMB_SUCCESS 2253 && (p->smb_result=smb_getmsghdr(&(p->smb), &msg))==SMB_SUCCESS) {
    2254
    2255 msg.hdr.attr|=MSG_DELETE;
    2256
    CID 330996: (TAINTED_SCALAR)
    Passing tainted expression "*msg.hfield" to "smb_updatemsg", which uses it as an offset.
    2257 if((p->smb_result=smb_updatemsg(&(p->smb), &msg))==SMB_SUCCESS)
    2258 JS_SET_RVAL(cx, arglist, JSVAL_TRUE);
    2259 }
    2260
    2261 smb_freemsgmem(&msg);
    2262 JS_RESUMEREQUEST(cx, rc);

    ** CID 330995: Error handling issues (CHECKED_RETURN)
    /upgrade_to_v319.c: 471 in fgetextdesc()


    ________________________________________________________________________________________________________
    *** CID 330995: Error handling issues (CHECKED_RETURN)
    /upgrade_to_v319.c: 471 in fgetextdesc()
    465 }
    466
    467 // fast (operates on open .exb file)
    468 void fgetextdesc(scfg_t* cfg, uint dirnum, ulong datoffset, char *ext, int file)
    469 {
    470 lseek(file,(datoffset/F_LEN)*F_EXBSIZE,SEEK_SET);
    CID 330995: Error handling issues (CHECKED_RETURN)
    "read(int, void *, size_t)" returns the number of bytes read, but it is ignored.
    471 read(file,ext,F_EXBSIZE);
    472 }
    473
    474 void putextdesc(scfg_t* cfg, uint dirnum, ulong datoffset, char *ext) 475 {
    476 char str[MAX_PATH+1],nulbuf[F_EXBSIZE];

    ** CID 330994: (CHECKED_RETURN)
    /ftpsrvr.c: 713 in send_thread()
    /ftpsrvr.c: 676 in send_thread()


    ________________________________________________________________________________________________________
    *** CID 330994: (CHECKED_RETURN)
    /ftpsrvr.c: 713 in send_thread()
    707 }
    708
    709 /* Check socket for writability */
    710 if (!socket_writable(*xfer.data_sock, 1000))
    711 continue;
    712
    CID 330994: (CHECKED_RETURN)
    Calling "fseeko(fp, xfer.filepos + total, 0)" without checking return value. This library function may fail and return an error code.
    713 fseeko(fp,xfer.filepos+total,SEEK_SET);
    714 rd=fread(buf,sizeof(char),sizeof(buf),fp);
    715 if(rd<1) /* EOF or READ error */
    716 break;
    717
    718 #ifdef SOCKET_DEBUG_SEND
    /ftpsrvr.c: 676 in send_thread()
    670 if(xfer.filepos < 0)
    671 xfer.filepos = 0;
    672 if(startup->options&FTP_OPT_DEBUG_DATA || xfer.filepos)
    673 lprintf(LOG_DEBUG,"%04d <%s> DATA socket %d sending %s from offset %"PRIdOFF
    674 ,xfer.ctrl_sock, xfer.user->alias, *xfer.data_sock,xfer.filename,xfer.filepos);
    675
    CID 330994: (CHECKED_RETURN)
    Calling "fseeko(fp, xfer.filepos, 0)" without checking return value. This library function may fail and return an error code.
    676 fseeko(fp,xfer.filepos,SEEK_SET);
    677 last_report=start=time(NULL);
    678 while((xfer.filepos+total)<length) {
    679
    680 now=time(NULL);
    681

    ** CID 330993: (FORWARD_NULL)


    ________________________________________________________________________________________________________
    *** CID 330993: (FORWARD_NULL)
    /filedat.c: 805 in extract_files_from_archive()
    799 result = archive_read_data_block(ar, &buff, &size, &offset);
    800 if(result == ARCHIVE_EOF) {
    801 extracted++;
    802 break;
    803 }
    804 if(result < ARCHIVE_OK) {
    CID 330993: (FORWARD_NULL)
    Passing null pointer "error" to "safe_snprintf", which dereferences it. 805 safe_snprintf(error, maxerrlen, "archive_read_data_block returned %d: %s"
    806 ,result, archive_error_string(ar));
    807 break;
    808 }
    809 if(fwrite(buff, 1, size, fp) != size)
    810 break;
    /filedat.c: 731 in extract_files_from_archive()
    725 safe_snprintf(error, maxerrlen, "archive_read_new returned NULL");
    726 return -1;
    727 }
    728 archive_read_support_filter_all(ar);
    729 archive_read_support_format_all(ar);
    730 if((result = archive_read_open_filename(ar, archive, 10240)) != ARCHIVE_OK) {
    CID 330993: (FORWARD_NULL)
    Passing null pointer "error" to "safe_snprintf", which dereferences it. 731 safe_snprintf(error, maxerrlen, "archive_read_open_filename returned %d: %s"
    732 ,result, archive_error_string(ar));
    733 archive_read_free(ar);
    734 return result >= 0 ? -1 : result;
    735 }
    736 while(1) {
    /filedat.c: 760 in extract_files_from_archive()
    754 }
    755 SAFECOPY(fpath, outdir);
    756 backslash(fpath);
    757 SAFECAT(fpath, pathname);
    758 if(mkpath(fpath) != 0) {
    759 char err[256];
    CID 330993: (FORWARD_NULL)
    Passing null pointer "error" to "safe_snprintf", which dereferences it. 760 safe_snprintf(error, maxerrlen, "%d (%s) creating path '%s'", errno, safe_strerror(errno, err, sizeof(err)), fpath);
    761 break;
    762 }
    763 continue;
    764 }
    765 if(filetype != AE_IFREG)
    /filedat.c: 740 in extract_files_from_archive()
    734 return result >= 0 ? -1 : result;
    735 }
    736 while(1) {
    737 result = archive_read_next_header(ar, &entry);
    738 if(result != ARCHIVE_OK) {
    739 if(result != ARCHIVE_EOF)
    CID 330993: (FORWARD_NULL)
    Passing null pointer "error" to "safe_snprintf", which dereferences it. 740 safe_snprintf(error, maxerrlen, "archive_read_next_header returned %d: %s"
    741 ,result, archive_error_string(ar));
    742 break;
    743 }
    744 const char* pathname = archive_entry_pathname(entry); 745 if(pathname == NULL)
    /filedat.c: 771 in extract_files_from_archive()
    765 if(filetype != AE_IFREG)
    766 continue;
    767 char* filename = getfname(pathname);
    768 if(allowed_filename_chars != NULL
    769 && *allowed_filename_chars != '\0'
    770 && strspn(filename, allowed_filename_chars) != strlen(filename)) {
    CID 330993: (FORWARD_NULL)
    Passing null pointer "error" to "safe_snprintf", which dereferences it. 771 safe_snprintf(error, maxerrlen, "disallowed filename '%s'", pathname);
    772 break;
    773 }
    774 if(!with_path)
    775 pathname = filename;
    776 if(file_list != NULL) {
    /filedat.c: 752 in extract_files_from_archive()
    746 continue;
    747 int filetype = archive_entry_filetype(entry);
    748 if(filetype == AE_IFDIR) {
    749 if(!with_path)
    750 continue;
    751 if(strstr(pathname, "..") != NULL) {
    CID 330993: (FORWARD_NULL)
    Passing null pointer "error" to "safe_snprintf", which dereferences it. 752 safe_snprintf(error, maxerrlen, "Illegal double-dots in path '%s'", pathname);
    753 break;
    754 }
    755 SAFECOPY(fpath, outdir);
    756 backslash(fpath);
    757 SAFECAT(fpath, pathname);
    /filedat.c: 790 in extract_files_from_archive()
    784 SAFECOPY(fpath, outdir);
    785 backslash(fpath);
    786 SAFECAT(fpath, pathname);
    787 FILE* fp = fopen(fpath, "wb");
    788 if(fp == NULL) {
    789 char err[256];
    CID 330993: (FORWARD_NULL)
    Passing null pointer "error" to "safe_snprintf", which dereferences it. 790 safe_snprintf(error, maxerrlen, "%d (%s) opening/creating '%s'", errno, safe_strerror(errno, err, sizeof(err)), fpath);
    791 break;
    792 }
    793
    794 const void *buff;
    795 size_t size;
    /filedat.c: 725 in extract_files_from_archive()
    719 long extracted = 0;
    720 char fpath[MAX_PATH + 1];
    721
    722 if(error != NULL && maxerrlen >= 1)
    723 *error = '\0';
    724 if((ar = archive_read_new()) == NULL) {
    CID 330993: (FORWARD_NULL)
    Passing null pointer "error" to "safe_snprintf", which dereferences it. 725 safe_snprintf(error, maxerrlen, "archive_read_new returned NULL");
    726 return -1;
    727 }
    728 archive_read_support_filter_all(ar);
    729 archive_read_support_format_all(ar);
    730 if((result = archive_read_open_filename(ar, archive, 10240)) != ARCHIVE_OK) {
    /filedat.c: 816 in extract_files_from_archive()
    810 break;
    811 }
    812 fclose(fp);
    813 if(result != ARCHIVE_EOF)
    814 (void)remove(fpath);
    815 if(max_files && extracted >= max_files) {
    CID 330993: (FORWARD_NULL)
    Passing null pointer "error" to "safe_snprintf", which dereferences it. 816 safe_snprintf(error, maxerrlen, "maximum number of files (%lu) extracted", max_files);
    817 break;
    818 }
    819 }
    820 archive_read_free(ar);
    821 return extracted;

    ** CID 330992: Error handling issues (NEGATIVE_RETURNS)
    /upgrade_to_v319.c: 583 in upgrade_file_bases()


    ________________________________________________________________________________________________________
    *** CID 330992: Error handling issues (NEGATIVE_RETURNS)
    /upgrade_to_v319.c: 583 in upgrade_file_bases()
    577 if(!l) {
    578 close(file);
    579 smb_close(&smb);
    580 continue;
    581 }
    582 uchar* ixbbuf;
    CID 330992: Error handling issues (NEGATIVE_RETURNS)
    "l" is passed to a parameter that cannot be negative.
    583 if((ixbbuf=(uchar *)malloc(l))==NULL) {
    584 close(file);
    585 printf("\7ERR_ALLOC %s %lu\n",str,l);
    586 smb_close(&smb);
    587 continue;
    588 }

    ** CID 330991: (TAINTED_SCALAR)


    ________________________________________________________________________________________________________
    *** CID 330991: (TAINTED_SCALAR)
    /js_filebase.c: 1049 in js_update_file()
    1043 result = JS_FALSE;
    1044 p->smb_result = SMB_ERR_RENAME;
    1045 } else {
    1046 if(file.extdesc != NULL)
    1047 truncsp(file.extdesc);
    1048 if(strcmp(extdesc ? extdesc : "", file.extdesc ? file.extdesc : "") == 0)
    CID 330991: (TAINTED_SCALAR)
    Passing tainted expression "file.hdr" to "smb_putfile", which uses it as a loop boundary.
    1049 p->smb_result = smb_putfile(&p->smb, &file);
    1050 else {
    1051 if((p->smb_result = smb_removefile(&p->smb, &file)) == SMB_SUCCESS)
    1052 p->smb_result = smb_addfile(&p->smb, &file, SMB_SELFPACK, extdesc, newfname);
    1053 }
    1054 }
    /js_filebase.c: 1051 in js_update_file()
    1045 } else {
    1046 if(file.extdesc != NULL)
    1047 truncsp(file.extdesc);
    1048 if(strcmp(extdesc ? extdesc : "", file.extdesc ? file.extdesc : "") == 0)
    1049 p->smb_result = smb_putfile(&p->smb, &file);
    1050 else {
    CID 330991: (TAINTED_SCALAR)
    Passing tainted expression "file.hdr" to "smb_removefile", which uses it as a loop boundary.
    1051 if((p->smb_result = smb_removefile(&p->smb, &file)) == SMB_SUCCESS)
    1052 p->smb_result = smb_addfile(&p->smb, &file, SMB_SELFPACK, extdesc, newfname);
    1053 }
    1054 }
    1055 }
    1056 JS_SET_RVAL(cx, arglist, BOOLEAN_TO_JSVAL(p->smb_result == SMB_SUCCESS));
    /js_filebase.c: 1049 in js_update_file()
    1043 result = JS_FALSE;
    1044 p->smb_result = SMB_ERR_RENAME;
    1045 } else {
    1046 if(file.extdesc != NULL)
    1047 truncsp(file.extdesc);
    1048 if(strcmp(extdesc ? extdesc : "", file.extdesc ? file.extdesc : "") == 0)
    CID 330991: (TAINTED_SCALAR)
    Passing tainted expression "*file.hfield" to "smb_putfile", which uses it as an offset.
    1049 p->smb_result = smb_putfile(&p->smb, &file);
    1050 else {
    1051 if((p->smb_result = smb_removefile(&p->smb, &file)) == SMB_SUCCESS)
    1052 p->smb_result = smb_addfile(&p->smb, &file, SMB_SELFPACK, extdesc, newfname);
    1053 }
    1054 }
    /js_filebase.c: 1051 in js_update_file()
    1045 } else {
    1046 if(file.extdesc != NULL)
    1047 truncsp(file.extdesc);
    1048 if(strcmp(extdesc ? extdesc : "", file.extdesc ? file.extdesc : "") == 0)
    1049 p->smb_result = smb_putfile(&p->smb, &file);
    1050 else {
    CID 330991: (TAINTED_SCALAR)
    Passing tainted expression "*file.hfield" to "smb_removefile", which uses it as an offset.
    1051 if((p->smb_result = smb_removefile(&p->smb, &file)) == SMB_SUCCESS)
    1052 p->smb_result = smb_addfile(&p->smb, &file, SMB_SELFPACK, extdesc, newfname);
    1053 }
    1054 }
    1055 }
    1056 JS_SET_RVAL(cx, arglist, BOOLEAN_TO_JSVAL(p->smb_result == SMB_SUCCESS));

    ** CID 330990: Control flow issues (NO_EFFECT)
    /js_filebase.c: 1533 in js_filebase_constructor()


    ________________________________________________________________________________________________________
    *** CID 330990: Control flow issues (NO_EFFECT)
    /js_filebase.c: 1533 in js_filebase_constructor()
    1527 "where <i>code</i> is a directory internal code."
    1528 );
    1529 js_CreateArrayOfStrings(cx, obj, "_property_desc_list", filebase_prop_desc, JSPROP_READONLY);
    1530 #endif
    1531
    1532 p->smb.dirnum = getdirnum(scfg, base);
    CID 330990: Control flow issues (NO_EFFECT)
    This greater-than-or-equal-to-zero comparison of an unsigned value is always true. "p->smb.dirnum >= 0U".
    1533 if(p->smb.dirnum >= 0 && p->smb.dirnum < scfg->total_dirs) { 1534 safe_snprintf(p->smb.file, sizeof(p->smb.file), "%s%s" 1535 ,scfg->dir[p->smb.dirnum]->data_dir, scfg->dir[p->smb.dirnum]->code);
    1536 } else { /* unknown code */
    1537 SAFECOPY(p->smb.file, base);
    1538 }

    ** CID 330989: (SIZEOF_MISMATCH)
    /execmisc.cpp: 217 in sbbs_t::exec_misc(csi_t *, const char *)()
    /execmisc.cpp: 156 in sbbs_t::exec_misc(csi_t *, const char *)()
    /execmisc.cpp: 186 in sbbs_t::exec_misc(csi_t *, const char *)()
    /execmisc.cpp: 126 in sbbs_t::exec_misc(csi_t *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 330989: (SIZEOF_MISMATCH)
    /execmisc.cpp: 217 in sbbs_t::exec_misc(csi_t *, const char *)()
    211 global_int_var=(int32_t *)realloc(global_int_var
    212 ,sizeof(char *)*global_int_vars);
    213 global_int_var_name=(uint32_t *)realloc(global_int_var_name
    214 ,sizeof(int32_t)*global_int_vars);
    215 if(global_int_var==NULL
    216 || global_int_var_name==NULL) { /* REALLOC failed */
    CID 330989: (SIZEOF_MISMATCH)
    Passing argument "getfname("execmisc.cpp")" of type "char *" and argument "8UL /* sizeof (char *) */ * this->global_int_vars" to function "errormsg" is suspicious.
    217 errormsg(WHERE,ERR_ALLOC,"local int var"
    218 ,sizeof(char *)*global_int_vars);
    219 if(global_int_var_name) {
    220 free(global_int_var_name);
    221 global_int_var_name=0;
    222 }
    /execmisc.cpp: 156 in sbbs_t::exec_misc(csi_t *, const char *)()
    150 csi->int_var=(int32_t *)realloc(csi->int_var
    151 ,sizeof(char *)*csi->int_vars);
    152 csi->int_var_name=(uint32_t *)realloc(csi->int_var_name
    153 ,sizeof(int32_t)*csi->int_vars);
    154 if(csi->int_var==NULL
    155 || csi->int_var_name==NULL) { /* REALLOC failed */
    CID 330989: (SIZEOF_MISMATCH)
    Passing argument "getfname("execmisc.cpp")" of type "char *" and argument "8UL /* sizeof (char *) */ * csi->int_vars" to function "errormsg" is suspicious.
    156 errormsg(WHERE,ERR_ALLOC,"local int var"
    157 ,sizeof(char *)*csi->int_vars);
    158 if(csi->int_var_name) { 159 free(csi->int_var_name);
    160 csi->int_var_name=0;
    161 }
    /execmisc.cpp: 186 in sbbs_t::exec_misc(csi_t *, const char *)()
    180 global_str_var=(char **)realloc(global_str_var
    181 ,sizeof(char *)*global_str_vars);
    182 global_str_var_name=(uint32_t *)realloc(global_str_var_name
    183 ,sizeof(int32_t)*global_str_vars);
    184 if(global_str_var==NULL
    185 || global_str_var_name==NULL) { /* REALLOC failed */
    CID 330989: (SIZEOF_MISMATCH)
    Passing argument "getfname("execmisc.cpp")" of type "char *" and argument "8UL /* sizeof (char *) */ * this->global_str_vars" to function "errormsg" is suspicious.
    186 errormsg(WHERE,ERR_ALLOC,"global str var"
    187 ,sizeof(char *)*global_str_vars);
    188 if(global_str_var_name) {
    189 free(global_str_var_name);
    190 global_str_var_name=0;
    191 }
    /execmisc.cpp: 126 in sbbs_t::exec_misc(csi_t *, const char *)()
    120 csi->str_var=(char **)realloc(csi->str_var
    121 ,sizeof(char *)*csi->str_vars);
    122 csi->str_var_name=(uint32_t *)realloc(csi->str_var_name
    123 ,sizeof(int32_t)*csi->str_vars);
    124 if(csi->str_var==NULL
    125 || csi->str_var_name==NULL) { /* REALLOC failed */
    CID 330989: (SIZEOF_MISMATCH)
    Passing argument "getfname("execmisc.cpp")" of type "char *" and argument "8UL /* sizeof (char *) */ * csi->str_vars" to function "errormsg" is suspicious.
    126 errormsg(WHERE,ERR_ALLOC,"local str var"
    127 ,sizeof(char *)*csi->str_vars);
    128 if(csi->str_var_name) { 129 free(csi->str_var_name);
    130 csi->str_var_name=0;
    131 }

    ** CID 330988: Error handling issues (CHECKED_RETURN)
    /filedat.c: 199 in loadfiles()


    ________________________________________________________________________________________________________
    *** CID 330988: Error handling issues (CHECKED_RETURN)
    /filedat.c: 199 in loadfiles()
    193 }
    194
    195 file_t* file_list = calloc(smb->status.total_files, sizeof(file_t));
    196 if(file_list == NULL)
    197 return NULL;
    198
    CID 330988: Error handling issues (CHECKED_RETURN)
    Calling "fseek(smb->sid_fp, start * 128UL, 0)" without checking return value. This library function may fail and return an error code.
    199 fseek(smb->sid_fp, start * sizeof(fileidxrec_t), SEEK_SET);
    200 long offset = start;
    201 while(!feof(smb->sid_fp)) {
    202 file_t* f = &file_list[*count];
    203
    204 if(smb_fread(smb, &f->file_idx, sizeof(f->file_idx), smb->sid_fp) != sizeof(f->file_idx))

    ** CID 330987: (RESOURCE_LEAK)
    /js_filebase.c: 289 in parse_file_index_properties()
    /js_filebase.c: 279 in parse_file_index_properties()


    ________________________________________________________________________________________________________
    *** CID 330987: (RESOURCE_LEAK)
    /js_filebase.c: 289 in parse_file_index_properties()
    283 idx->hash.data.crc16 = JSVAL_TO_INT(val);
    284 idx->hash.flags |= SMB_HASH_CRC16;
    285 }
    286 if(JS_GetProperty(cx, obj, prop_name = "crc32", &val) && !JSVAL_NULL_OR_VOID(val)) {
    287 if(!JS_ValueToECMAUint32(cx, val, &idx->hash.data.crc32)) {
    288 JS_ReportError(cx, "Error converting adding '%s' property to Uint32", prop_name);
    CID 330987: (RESOURCE_LEAK)
    Variable "cp" going out of scope leaks the storage it points to.
    289 return FALSE;
    290 }
    291 idx->hash.flags |= SMB_HASH_CRC32;
    292 }
    293 if(JS_GetProperty(cx, obj, prop_name = "md5", &val) && !JSVAL_NULL_OR_VOID(val)) {
    294 JSVALUE_TO_RASTRING(cx, val, cp, &cp_sz, NULL); /js_filebase.c: 279 in parse_file_index_properties()
    273 }
    274 SAFECOPY(idx->name, cp);
    275 }
    276 if(JS_GetProperty(cx, obj, prop_name = "size", &val) && !JSVAL_NULL_OR_VOID(val)) {
    277 if(!JS_ValueToECMAUint32(cx, val, &idx->idx.size)) { 278 JS_ReportError(cx, "Error converting adding '%s' property to Uint32", prop_name);
    CID 330987: (RESOURCE_LEAK)
    Variable "cp" going out of scope leaks the storage it points to.
    279 return FALSE;
    280 }
    281 }
    282 if(JS_GetProperty(cx, obj, prop_name = "crc16", &val) && !JSVAL_NULL_OR_VOID(val)) {
    283 idx->hash.data.crc16 = JSVAL_TO_INT(val);
    284 idx->hash.flags |= SMB_HASH_CRC16;

    ** CID 330986: Error handling issues (CHECKED_RETURN)
    /netmail.cpp: 1389 in sbbs_t::qnetmail(const char *, const char *, long, smb_t *, smbmsg_t *)()


    ________________________________________________________________________________________________________
    *** CID 330986: Error handling issues (CHECKED_RETURN)
    /netmail.cpp: 1389 in sbbs_t::qnetmail(const char *, const char *, long, smb_t *, smbmsg_t *)()
    1383 smb_stack(&smb,SMB_STACK_POP);
    1384 errormsg(WHERE,ERR_OPEN,msgpath,O_RDONLY|O_BINARY); 1385 return(false);
    1386 }
    1387
    1388 setvbuf(instream,NULL,_IOFBF,2*1024);
    CID 330986: Error handling issues (CHECKED_RETURN)
    Calling "fseeko(this->smb.sdt_fp, offset, 0)" without checking return value. This library function may fail and return an error code.
    1389 fseeko(smb.sdt_fp,offset,SEEK_SET);
    1390 xlat=XLAT_NONE;
    1391 fwrite(&xlat,2,1,smb.sdt_fp);
    1392 x=SDT_BLOCK_LEN-2; /* Don't read/write more than 255 */
    1393 while(!feof(instream)) {
    1394 memset(buf,0,x);

    ** CID 330985: Memory - illegal accesses (OVERRUN)
    /upgrade_to_v319.c: 615 in upgrade_file_bases()


    ________________________________________________________________________________________________________
    *** CID 330985: Memory - illegal accesses (OVERRUN)
    /upgrade_to_v319.c: 615 in upgrade_file_bases()
    609 for(j=0;j<12 && m<l;j++)
    610 if(j==8)
    611 f->name[j]=ixbbuf[m]>' ' ? '.' : ' ';
    612 else
    613 f->name[j]=ixbbuf[m++]; /* Turns FILENAMEEXT into FILENAME.EXT */
    614 f->name[j]=0;
    CID 330985: Memory - illegal accesses (OVERRUN)
    Overrunning dynamic array "ixbbuf" at offset corresponding to index variable "m".
    615 f->datoffset=ixbbuf[m]|((long)ixbbuf[m+1]<<8)|((long)ixbbuf[m+2]<<16);
    616 f->dateuled=(ixbbuf[m+3]|((long)ixbbuf[m+4]<<8)|((long)ixbbuf[m+5]<<16)
    617 |((long)ixbbuf[m+6]<<24));
    618 f->datedled =(ixbbuf[m+7]|((long)ixbbuf[m+8]<<8)|((long)ixbbuf[m+9]<<16)
    619 |((long)ixbbuf[m+10]<<24));
    620 m+=11;

    ** CID 330984: Memory - corruptions (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 330984: Memory - corruptions (OVERRUN)
    /qwk.cpp: 587 in sbbs_t::qwk_sec()()
    581 remove(str);
    582 continue;
    583 }
    584
    585 off_t l=flength(str);
    586 bprintf(text[FiFilename], getfname(str));
    CID 330984: Memory - corruptions (OVERRUN)
    Overrunning array "tmp2" of 256 bytes by passing it to a function which accesses it at byte offset 511 using argument "512UL".
    587 bprintf(text[FiFileSize], ultoac((ulong)l,tmp) 588 , byte_estimate_to_str(l, tmp2, sizeof(tmp), /* units: */1024, /* precision: */1));
    589
    590 if(l>0L && cur_cps)
    591 i=(uint)(l/(ulong)cur_cps);
    592 else

    ** CID 330983: (RESOURCE_LEAK)
    /js_filebase.c: 407 in parse_file_properties()
    /js_filebase.c: 384 in parse_file_properties()


    ________________________________________________________________________________________________________
    *** CID 330983: (RESOURCE_LEAK)
    /js_filebase.c: 407 in parse_file_properties()
    401 }
    402 prop_name = "cost";
    403 if(JS_GetProperty(cx, obj, prop_name, &val) && !JSVAL_NULL_OR_VOID(val)) {
    404 uint32_t cost = 0;
    405 if(!JS_ValueToECMAUint32(cx, val, &cost)) {
    406 JS_ReportError(cx, "Error converting adding '%s' property to Uint32", prop_name);
    CID 330983: (RESOURCE_LEAK)
    Variable "cp" going out of scope leaks the storage it points to.
    407 return SMB_FAILURE;
    408 }
    409 if((result = smb_new_hfield(file, SMB_COST, sizeof(cost), &cost)) != SMB_SUCCESS) {
    410 free(cp);
    411 JS_ReportError(cx, "Error %d adding '%s' property to file object", result, prop_name);
    412 return result;
    /js_filebase.c: 384 in parse_file_properties()
    378 if(extdesc != NULL && JS_GetProperty(cx, obj, prop_name, &val) && !JSVAL_NULL_OR_VOID(val)) {
    379 FREE_AND_NULL(*extdesc);
    380 JSVALUE_TO_MSTRING(cx, val, *extdesc, NULL);
    381 HANDLE_PENDING(cx, *extdesc);
    382 if(*extdesc == NULL) {
    383 JS_ReportError(cx, "Invalid '%s' string in file object", prop_name);
    CID 330983: (RESOURCE_LEAK)
    Variable "cp" going out of scope leaks the storage it points to.
    384 return SMB_ERR_MEM;
    385 }
    386 truncsp(*extdesc);
    387 }
    388 prop_name = "tags";
    389 if(JS_GetProperty(cx, obj, prop_name, &val) && !JSVAL_NULL_OR_VOID(val)) {

    ** CID 330982: Error handling issues (CHECKED_RETURN)
    /js_file.c: 2648 in js_file_get()


    ________________________________________________________________________________________________________
    *** CID 330982: Error handling issues (CHECKED_RETURN)
    /js_file.c: 2648 in js_file_get()
    2642 else
    2643 b64_encode(str,sizeof(str)-1,(char *)digest,sizeof(digest));
    2644 js_str=JS_NewStringCopyZ(cx, str);
    2645 break;
    2646 }
    2647 rc=JS_SUSPENDREQUEST(cx);
    CID 330982: Error handling issues (CHECKED_RETURN)
    Calling "fseeko(p->fp, offset, 0)" without checking return value. This library function may fail and return an error code.
    2648 fseeko(p->fp,offset,SEEK_SET); /* restore saved file position */
    2649 JS_RESUMEREQUEST(cx, rc);
    2650 if(js_str!=NULL)
    2651 *vp = STRING_TO_JSVAL(js_str);
    2652 break;
    2653 case FILE_INI_KEY_LEN:

    ** CID 330981: (RESOURCE_LEAK)
    /upgrade_to_v319.c: 601 in upgrade_file_bases()
    /upgrade_to_v319.c: 580 in upgrade_file_bases()
    /upgrade_to_v319.c: 574 in upgrade_file_bases()


    ________________________________________________________________________________________________________
    *** CID 330981: (RESOURCE_LEAK)
    /upgrade_to_v319.c: 601 in upgrade_file_bases()
    595 }
    596 close(file);
    597 size_t file_count = l / F_IXBSIZE;
    598 oldfile_t* filelist = malloc(sizeof(*filelist) * file_count);
    599 if(filelist == NULL) {
    600 printf("malloc failure");
    CID 330981: (RESOURCE_LEAK)
    Handle variable "extfile" going out of scope leaks the handle.
    601 return false;
    602 }
    603 memset(filelist, 0, sizeof(*filelist) * file_count); 604 oldfile_t* f = filelist;
    605 long m=0L;
    606 while(m + F_IXBSIZE <= l) {
    /upgrade_to_v319.c: 580 in upgrade_file_bases()
    574 continue;
    575 }
    576 long l=(long)filelength(file);
    577 if(!l) {
    578 close(file);
    579 smb_close(&smb);
    CID 330981: (RESOURCE_LEAK)
    Handle variable "extfile" going out of scope leaks the handle.
    580 continue;
    581 }
    582 uchar* ixbbuf;
    583 if((ixbbuf=(uchar *)malloc(l))==NULL) {
    584 close(file);
    585 printf("\7ERR_ALLOC %s %lu\n",str,l); /upgrade_to_v319.c: 574 in upgrade_file_bases()
    568 int file;
    569 int extfile = openextdesc(&scfg, i);
    570
    571 sprintf(str,"%s%s.ixb",scfg.dir[i]->data_dir,scfg.dir[i]->code);
    572 if((file=open(str,O_RDONLY|O_BINARY))==-1) {
    573 smb_close(&smb);
    CID 330981: (RESOURCE_LEAK)
    Handle variable "extfile" going out of scope leaks the handle.
    574 continue;
    575 }
    576 long l=(long)filelength(file);
    577 if(!l) {
    578 close(file);
    579 smb_close(&smb);

    ** CID 330980: Resource leaks (RESOURCE_LEAK)
    /addfiles.c: 129 in get_file_diz()


    ________________________________________________________________________________________________________
    *** CID 330980: Resource leaks (RESOURCE_LEAK)
    /addfiles.c: 129 in get_file_diz()
    123 if(!extract_diz(&scfg, f, /* diz_fnames */NULL, diz_fpath, sizeof(diz_fpath))) {
    124 printf("DIZ does not exist in: %s\n", getfilepath(&scfg, f, path));
    125 return false;
    126 }
    127 printf("Parsing DIZ: %s\n", diz_fpath);
    128 str_list_t lines = read_diz(diz_fpath, /* max_line_len: */80); >>> CID 330980: Resource leaks (RESOURCE_LEAK)
    Ignoring storage allocated by "format_diz(lines, ext, maxlen, false)" leaks it.
    129 format_diz(lines, ext, maxlen, /* allow_ansi: */false);
    130 strListFree(&lines);
    131 remove(diz_fpath);
    132
    133 if(mode&ASCII_ONLY)
    134 strip_exascii(ext, ext);

    ** CID 330979: (SIZEOF_MISMATCH)
    /addfiles.c: 210 in addlist()
    /addfiles.c: 219 in addlist()


    ________________________________________________________________________________________________________
    *** CID 330979: (SIZEOF_MISMATCH)
    /addfiles.c: 210 in addlist()
    204
    205 if(mode&TODAYS_DATE) { /* put today's date in desc */
    206 time_t now = time(NULL);
    207 if(datefmt) {
    208 struct tm tm = {0};
    209 localtime_r(&now, &tm);
    CID 330979: (SIZEOF_MISMATCH)
    Passing argument "f.desc" of type "char *" and argument "8UL /* sizeof (f.desc) */" to function "strftime" is suspicious.
    210 strftime(f.desc, sizeof(f.desc), datefmt, &tm);
    211 } else
    212 unixtodstr(&scfg, (time32_t)now, f.desc);
    213 SAFECAT(fdesc," ");
    214 }
    215 else if(mode&FILE_DATE) { /* get the file date and put into desc */
    /addfiles.c: 219 in addlist()
    213 SAFECAT(fdesc," ");
    214 }
    215 else if(mode&FILE_DATE) { /* get the file date and put into desc */
    216 if(datefmt) {
    217 struct tm tm = {0};
    218 localtime_r(&file_timestamp, &tm);
    CID 330979: (SIZEOF_MISMATCH)
    Passing argument "f.desc" of type "char *" and argument "8UL /* sizeof (f.desc) */" to function "strftime" is suspicious.
    219 strftime(f.desc, sizeof(f.desc), datefmt, &tm);
    220 } else
    221 unixtodstr(&scfg,(time32_t)file_timestamp,f.desc);
    222 SAFECAT(fdesc," ");
    223 }
    224

    ** CID 330978: (TAINTED_SCALAR)


    ________________________________________________________________________________________________________
    *** CID 330978: (TAINTED_SCALAR)
    /js_msgbase.c: 2288 in get_msg_text()
    2282 if((p->smb_result=smb_getmsghdr(&(p->smb), msg))!=SMB_SUCCESS) {
    2283 smb_unlockmsghdr(&(p->smb), msg);
    2284 return(NULL);
    2285 }
    2286 }
    2287
    CID 330978: (TAINTED_SCALAR)
    Passing tainted expression "*msg->dfield" to "smb_getmsgtxt", which uses it as an allocation size.
    2288 if((buf=smb_getmsgtxt(&(p->smb), msg, mode))==NULL) {
    2289 smb_unlockmsghdr(&(p->smb),msg);
    2290 if(!existing)
    2291 smb_freemsgmem(msg);
    2292 return(NULL);
    2293 }
    /js_msgbase.c: 2288 in get_msg_text()
    2282 if((p->smb_result=smb_getmsghdr(&(p->smb), msg))!=SMB_SUCCESS) {
    2283 smb_unlockmsghdr(&(p->smb), msg);
    2284 return(NULL);
    2285 }
    2286 }
    2287
    CID 330978: (TAINTED_SCALAR)
    Passing tainted expression "msg->hdr" to "smb_getmsgtxt", which uses it as a loop boundary.
    2288 if((buf=smb_getmsgtxt(&(p->smb), msg, mode))==NULL) {
    2289 smb_unlockmsghdr(&(p->smb),msg);
    2290 if(!existing)
    2291 smb_freemsgmem(msg);
    2292 return(NULL);
    2293 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DTmWD_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDZBeI8Cx63AoBmF8t0BSe0V7HV2aG-2FP8lOk-2BOQ7-2ByaA7B7oViA-2BvXqjf5W0nm25ikbH-2BEMjy5p3Oohjueur-2F9UnnKADN-2Fuxb1gQx301pxC4cehQRFhCzWww6Vi6LJYYSb28T6IU8-2FfxMB8362a9CsZ7nU58OwHGunHQCOpr02Og7ymT2KV8y6LuRr5AqD9Yfk-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, April 05, 2021 19:43:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    49 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 331001: Incorrect expression (BAD_SIZEOF)
    /telgate.cpp: 194 in sbbs_t::telnet_gate(char *, unsigned long, char *, char *, char *)()


    ________________________________________________________________________________________________________
    *** CID 331001: Incorrect expression (BAD_SIZEOF)
    /telgate.cpp: 194 in sbbs_t::telnet_gate(char *, unsigned long, char *, char *, char *)()
    188 l=K_CHAT;
    189 if(!(mode&TG_ECHO))
    190 l|=K_NOECHO;
    191 rd=getstr((char*)buf,sizeof(buf)-1,l);
    192 if(!rd)
    193 continue;
    CID 331001: Incorrect expression (BAD_SIZEOF)
    Taking the size of "buf", which is the address of an object, is suspicious.
    194 SAFECAT((char*)buf,crlf);
    195 rd+=2;
    196 gotline=true;
    197 }
    198 if((mode&TG_CRLF) && buf[rd-1]=='\r') 199 buf[rd++]='\n';


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D1_9R_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrB-2FdOsv8nKPrZ4lCHIKvjliMhSYQU5LBY4e-2Ft-2B6xhoeO-2FF0hRzqIbKPknerU-2FECQL7GKBH552gCVFvh2r-2BrQjH8L2-2BfEuL4yJUdRNTeZ9sZHLuizdT3Dw0wgrwrPpWb40nhTIlhnYoqazFx2EEo0gfjtfxwfi1DqWv3M1B7Z7k63oR66I9-2FFsngSTqrROZ-2BI0Y-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, April 08, 2021 13:01:58
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 331003: Error handling issues (CHECKED_RETURN)
    /js_internal.c: 1380 in js_handle_events()


    ________________________________________________________________________________________________________
    *** CID 331003: Error handling issues (CHECKED_RETURN)
    /js_internal.c: 1380 in js_handle_events()
    1374 if (input_locked)
    1375 js_do_lock_input(cx, FALSE); 1376 }
    1377 if (ev->type == JS_EVENT_SOCKET_CONNECT) {
    1378 if ((jssp = (js_socket_private_t*)JS_GetPrivate(cx, ev->cx)) != NULL) {
    1379 slen = sizeof(jssp->remote_addr.addr);
    CID 331003: Error handling issues (CHECKED_RETURN)
    Calling "getpeername(ev->data.connect.sock, __SOCKADDR_ARG({.__sockaddr__ = &jssp->remote_addr.addr}), &slen)" without checking return value. This library function may fail and return an error code.
    1380 getpeername(ev->data.connect.sock, &jssp->remote_addr.addr, &slen);
    1381 }
    1382 }
    1383
    1384 ret = JS_CallFunction(cx, ev->cx, ev->cb, 0, NULL, &rval);
    1385

    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DP0xZ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDo6ivZGmytTAL00doqfqbfUsy6FdxkoNH-2Fs304jB2pO9-2BA5fDzAo7awTbWSo4epNb-2BDqywttda6gG5YgaK87Te0xpfQsBdPkHybxzL93bgAty0r9Blm4th52wVd-2Fmy5SlQory2xrpQK2iWC7fsB4fn9BTmkBhfI3JXMS1Pz2ZGO3UnM7DDlrLhhq6d9tkGVgg-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, April 12, 2021 13:23:17
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 331093: Null pointer dereferences (FORWARD_NULL)


    ________________________________________________________________________________________________________
    *** CID 331093: Null pointer dereferences (FORWARD_NULL)
    /js_filebase.c: 787 in js_format_file_name()
    781 char* buf = calloc(size + 1, 1);
    782 if(buf == NULL) {
    783 JS_ReportError(cx, "malloc failure: %d", size + 1);
    784 return JS_FALSE;
    785 }
    786 JSString* js_str;
    CID 331093: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "filepath" to "getfname", which dereferences it. 787 if((js_str = JS_NewStringCopyZ(cx, format_filename(getfname(filepath), buf, size, pad))) != NULL)
    788 JS_SET_RVAL(cx, arglist, STRING_TO_JSVAL(js_str));
    789 free(buf);
    790
    791 return JS_TRUE;
    792 }

    ** CID 331092: Error handling issues (CHECKED_RETURN)
    /js_filebase.c: 770 in js_format_file_name()


    ________________________________________________________________________________________________________
    *** CID 331092: Error handling issues (CHECKED_RETURN)
    /js_filebase.c: 770 in js_format_file_name()
    764
    765 uintN argn = 0;
    766 JSVALUE_TO_MSTRING(cx, argv[argn], filepath, NULL);
    767 HANDLE_PENDING(cx, filepath);
    768 argn++;
    769 if(argn < argc && JSVAL_IS_NUMBER(argv[argn])) {
    CID 331092: Error handling issues (CHECKED_RETURN)
    Calling "JS_ValueToInt32" without checking return value (as is done elsewhere 251 out of 286 times).
    770 JS_ValueToInt32(cx, argv[argn], &size);
    771 argn++;
    772 }
    773 if(argn < argc && JSVAL_IS_BOOLEAN(argv[argn])) {
    774 pad = JSVAL_TO_BOOLEAN(argv[argn]);
    775 argn++;

    ** CID 331091: Resource leaks (RESOURCE_LEAK)
    /js_filebase.c: 791 in js_format_file_name()


    ________________________________________________________________________________________________________
    *** CID 331091: Resource leaks (RESOURCE_LEAK)
    /js_filebase.c: 791 in js_format_file_name()
    785 }
    786 JSString* js_str;
    787 if((js_str = JS_NewStringCopyZ(cx, format_filename(getfname(filepath), buf, size, pad))) != NULL)
    788 JS_SET_RVAL(cx, arglist, STRING_TO_JSVAL(js_str));
    789 free(buf);
    790
    CID 331091: Resource leaks (RESOURCE_LEAK)
    Variable "filepath" going out of scope leaks the storage it points to. 791 return JS_TRUE;
    792 }
    793
    794 static JSBool
    795 js_get_file_path(JSContext *cx, uintN argc, jsval *arglist)
    796 {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D_3Y-_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrC7FANwsVdFwih-2FjPAXRxXGX34KRXZbBdXxOOAU7lJYW8pbmw95O7UTCtXb0ZgUhHFEGOGSGAyaaIO4ryGxJ7ZPeRRNFlmb2kno8DS-2F38-2F5TX0-2BTnlBt5pcsAcH56lj-2FVvAeb9GYtA4sx8wGHR7G8sFHI9wDyF5-2BeU9tjfezDB0FQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, April 15, 2021 12:59:01
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-15-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-15-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-15-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-15-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dd1AV_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBqxn4kmT3vW-2FiRYIvnXTvC7p-2Bt3hEFSea4goH3uzvP8XVkz7ztSBcPLq-2FPAaUUXn5ioOCoLYtrEPlCZyzx86ycmyIW8kZDxIJRLfa3tf5xiuyLkxmzT9AAiV6BiORD9YuHPmYBPm7ri-2FINh2Zqfa-2FX64a5Ten-2BcOFeX0dQFmBRqw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, April 18, 2021 12:49:47
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-18-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-18-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-18-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-18-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D-NcQ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAd3TeaP9sO3QZhvZclqeX2geSnDdwh-2Bz0fFB3r-2BZcz-2FV5-2Fiu-2FHEvH-2BucgUGAhUzoUr6MYonXD8cRIJpB-2BaGN-2BXmwTmWbEPU-2FqwKNYcrlUFlCM8-2BtEFdp3wGoBl7rzIdu5FFYF99u-2BMkkap0BfiLUE6GXKtKJXpO8yzpiS-2B1o3-2FUOOpgrWFx3TI22A4ME1nIls-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, April 19, 2021 12:50:56
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 331161: (TAINTED_SCALAR)


    ________________________________________________________________________________________________________
    *** CID 331161: (TAINTED_SCALAR)
    /js_filebase.c: 1229 in js_remove_file()
    1223 char path[MAX_PATH + 1];
    1224 if(delfile && remove(getfilepath(scfg, &file, path)) != 0) {
    1225 JS_ReportError(cx, "%d removing '%s'", errno, path);
    1226 p->smb_result = SMB_ERR_DELETE;
    1227 result = JS_FALSE;
    1228 } else
    CID 331161: (TAINTED_SCALAR)
    Passing tainted expression "*file.hfield" to "smb_removefile", which uses it as an offset.
    1229 p->smb_result = smb_removefile(&p->smb, &file); 1230 smb_freefilemem(&file);
    1231 }
    1232 JS_SET_RVAL(cx, arglist, BOOLEAN_TO_JSVAL(p->smb_result == SMB_SUCCESS));
    1233 JS_RESUMEREQUEST(cx, rc);
    1234 free(fname);
    /js_filebase.c: 1229 in js_remove_file()
    1223 char path[MAX_PATH + 1];
    1224 if(delfile && remove(getfilepath(scfg, &file, path)) != 0) {
    1225 JS_ReportError(cx, "%d removing '%s'", errno, path);
    1226 p->smb_result = SMB_ERR_DELETE;
    1227 result = JS_FALSE;
    1228 } else
    CID 331161: (TAINTED_SCALAR)
    Passing tainted expression "file.hdr" to "smb_removefile", which uses it as a loop boundary.
    1229 p->smb_result = smb_removefile(&p->smb, &file); 1230 smb_freefilemem(&file);
    1231 }
    1232 JS_SET_RVAL(cx, arglist, BOOLEAN_TO_JSVAL(p->smb_result == SMB_SUCCESS));
    1233 JS_RESUMEREQUEST(cx, rc);
    1234 free(fname);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DNny2_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDJSEGLq0ZEzbhqfA-2B9uyrlD1r3aHm7C-2F-2BGwTI2O91hfLTVfs6cvDbrI7hg07synxatZQah5A9SgqBCGMe7PdJNIVqhDgTcwJs1fOYDIZHQO-2BOlmORJBtRR-2BEKqFfl2wInl-2FaSBRFiNm51eWwoqFs4X1dgsPhqBt8BxBXPuMJ8Sdw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, April 24, 2021 13:09:49
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    5 new defect(s) introduced to Synchronet found with Coverity Scan.
    17 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 5 of 5 defect(s)


    ** CID 331194: Error handling issues (NEGATIVE_RETURNS)
    /filedat.c: 986 in read_diz()


    ________________________________________________________________________________________________________
    *** CID 331194: Error handling issues (NEGATIVE_RETURNS)
    /filedat.c: 986 in read_diz()
    980
    981 if(len > LEN_EXTDESC)
    982 len = LEN_EXTDESC;
    983
    984 char* buf = calloc((size_t)len + 1, 1);
    985 if(buf != NULL)
    CID 331194: Error handling issues (NEGATIVE_RETURNS)
    "(size_t)len" is passed to a parameter that cannot be negative. [Note: The source code implementation of the function has been overridden by a builtin model.]
    986 fread(buf, (size_t)len, 1, fp);
    987 fclose(fp);
    988
    989 char* eof = strchr(buf, CTRL_Z); // CP/M EOF
    990 if(eof != NULL)
    991 *eof = '\0';

    ** CID 331193: Memory - illegal accesses (STRING_NULL)
    /filedat.c: 989 in read_diz()


    ________________________________________________________________________________________________________
    *** CID 331193: Memory - illegal accesses (STRING_NULL)
    /filedat.c: 989 in read_diz()
    983
    984 char* buf = calloc((size_t)len + 1, 1);
    985 if(buf != NULL)
    986 fread(buf, (size_t)len, 1, fp);
    987 fclose(fp);
    988
    CID 331193: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "buf" to "strchr", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
    989 char* eof = strchr(buf, CTRL_Z); // CP/M EOF
    990 if(eof != NULL)
    991 *eof = '\0';
    992 return buf;
    993 }
    994

    ** CID 331192: Error handling issues (CHECKED_RETURN)
    /filedat.c: 986 in read_diz()


    ________________________________________________________________________________________________________
    *** CID 331192: Error handling issues (CHECKED_RETURN)
    /filedat.c: 986 in read_diz()
    980
    981 if(len > LEN_EXTDESC)
    982 len = LEN_EXTDESC;
    983
    984 char* buf = calloc((size_t)len + 1, 1);
    985 if(buf != NULL)
    CID 331192: Error handling issues (CHECKED_RETURN)
    "fread(void * restrict, size_t, size_t, FILE * restrict)" returns the number of bytes read, but it is ignored.
    986 fread(buf, (size_t)len, 1, fp);
    987 fclose(fp);
    988
    989 char* eof = strchr(buf, CTRL_Z); // CP/M EOF
    990 if(eof != NULL)
    991 *eof = '\0';

    ** CID 331191: Null pointer dereferences (FORWARD_NULL)
    /filedat.c: 989 in read_diz()


    ________________________________________________________________________________________________________
    *** CID 331191: Null pointer dereferences (FORWARD_NULL)
    /filedat.c: 989 in read_diz()
    983
    984 char* buf = calloc((size_t)len + 1, 1);
    985 if(buf != NULL)
    986 fread(buf, (size_t)len, 1, fp);
    987 fclose(fp);
    988
    CID 331191: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "buf" to "strchr", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
    989 char* eof = strchr(buf, CTRL_Z); // CP/M EOF
    990 if(eof != NULL)
    991 *eof = '\0';
    992 return buf;
    993 }
    994

    ** CID 331190: Error handling issues (CHECKED_RETURN)
    /sauce.c: 40 in sauce_fread_record()


    ________________________________________________________________________________________________________
    *** CID 331190: Error handling issues (CHECKED_RETURN)
    /sauce.c: 40 in sauce_fread_record()
    34 return false;
    35
    36 bool result = fread(record, sizeof(*record), 1, fp) == 1
    37 && memcmp(record->id, SAUCE_ID, SAUCE_LEN_ID) == 0
    38 && memcmp(record->ver, SAUCE_VERSION, SAUCE_LEN_VERSION) == 0; 39
    CID 331190: Error handling issues (CHECKED_RETURN)
    Calling "fseeko(fp, offset, 0)" without checking return value. This library function may fail and return an error code.
    40 fseeko(fp, offset, SEEK_SET);
    41 return result;
    42 }
    43
    44 // Get 'type' and/or 'info' from SAUCE record of open file (fp) of DataType 'Character'
    45 bool sauce_fread_charinfo(FILE* fp, enum sauce_char_filetype* type, struct sauce_charinfo* info)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dfm2a_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAOYxrH4kA5Bz1vWDzCfmL8E2UcgRq1GtTsPDuyM67QJGDi03PEhQGtn-2BQQhVdp7zGgqCxo1SWhW2T6DWWZ12ezQT3Na1DehPW5kNwXbwArzaEO-2FlvzPwEAeRlY1-2F69gojdgtg5faxH-2FhuSUowy6VZneOstDk5csvQNbHO-2FFe7BJQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, May 02, 2021 12:52:07
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 331349: Uninitialized variables (MISSING_RETURN) /tmp/sbbs-May-02-2021/src/conio/bitmap_con.c: 446 in color_value()


    ________________________________________________________________________________________________________
    *** CID 331349: Uninitialized variables (MISSING_RETURN) /tmp/sbbs-May-02-2021/src/conio/bitmap_con.c: 446 in color_value()
    440 {
    441 if (col & 0x80000000)
    442 return col;
    443 if (col < sizeof(palette) / sizeof(palette[0]))
    444 return (0xff << 24) | (palette[col].red << 16) | (palette[col].green << 8) | palette[col].blue;
    445 fprintf(stderr, "Invalid colour value: %08x\n", col);
    CID 331349: Uninitialized variables (MISSING_RETURN)
    Arriving at the end of a function without returning a value.
    446 }
    447
    448 static struct rectlist *get_full_rectangle_locked(struct bitmap_screen *screen)
    449 {
    450 size_t i;
    451 struct rectlist *rect;

    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-02-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-02-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-02-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-02-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DX3iR_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrC0xxJyxpTvK74OYpHBTr0bMvC0-2F55E9KXs2tam53Vd4fd9jUb9v2hpVvDivmVVFp4uIrtnyq5l1Wgm8kbqepynubswC56ZayoRnb9MlX-2FR3ROUHXxhLxY1pKgBRAQDFvXZnBNuFV30P7E152dPZ833OWNzH2elopnW-2BrlOv-2FcoDw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, May 04, 2021 12:49:23
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 331353: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-May-04-2021/src/xpdev/ini_file.c: 465 in iniSortSections()


    ________________________________________________________________________________________________________
    *** CID 331353: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-May-04-2021/src/xpdev/ini_file.c: 465 in iniSortSections()
    459
    460 if(section_list != NULL)
    461 strListSortAlphaCase(section_list);
    462 new_list = strListInit();
    463 if(new_list == NULL) {
    464 strListFree(&section_list);
    CID 331353: Resource leaks (RESOURCE_LEAK)
    Variable "root_keys" going out of scope leaks the storage it points to. 465 return FALSE;
    466 }
    467 strListAppendList(&new_list, root_keys);
    468 strListFree(&root_keys);
    469 for(i = 0; section_list != NULL && section_list[i] != NULL; i++) {
    470 keys = iniGetSection(*list, section_list[i]);

    ** CID 331352: Memory - illegal accesses (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 331352: Memory - illegal accesses (UNINIT)
    /sbbs_ini.c: 784 in sbbs_write_ini()
    778 style.bit_separator = " | ";
    779
    780 if((list=iniReadFile(fp))==NULL)
    781 return(FALSE);
    782
    783 if(global==NULL) {
    CID 331352: Memory - illegal accesses (UNINIT)
    Using uninitialized value "global_buf.interfaces" when calling "get_ini_globals".
    784 get_ini_globals(list, &global_buf);
    785 global = &global_buf;
    786 }
    787
    788 lp=&list;
    789


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DEfUX_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA28P387pFw9dgMRK70ZINT9B2FTFVmBIa9VpDPasp9BGRK3Mxaew-2B-2FY0FckgfhdhtFs7aK2mHpCTVSJ2oVHN-2FOUDW-2BjcCmL8CjODBVap2DhWI4tO8Z8n7TcakajD-2FVcNwFQ1gQUvZC41Hwc-2BhpJjh3SC5lYhtMgbEybex-2FmwcP2Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, May 05, 2021 12:50:08
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 331355: Uninitialized variables (UNINIT) /tmp/sbbs-May-05-2021/src/conio/x_events.c: 516 in local_draw_rect()


    ________________________________________________________________________________________________________
    *** CID 331355: Uninitialized variables (UNINIT) /tmp/sbbs-May-05-2021/src/conio/x_events.c: 516 in local_draw_rect()
    510 else
    511 pixel |= (b >> (0-b_shift)) & visual.blue_mask;
    512 }
    513 for(yscale=0; yscale<x_cvstat.scaling*x_cvstat.vmultiplier; yscale++) {
    514 for(xscale=0; xscale<x_cvstat.scaling; xscale++) {
    515 #ifdef XPutPixel
    CID 331355: Uninitialized variables (UNINIT)
    Using uninitialized value "pixel" when calling "*xim->f.put_pixel".
    516 XPutPixel(xim,(x+rect->rect.x)*x_cvstat.scaling+xscale,(y+rect->rect.y)*x_cvstat.scaling*x_cvstat.vmultiplier+yscale,pixel);
    517 #else
    518 x11.XPutPixel(xim,(x+rect->rect.x)*x_cvstat.scaling+xscale,(y+rect->rect.y)*x_cvstat.scaling*x_cvstat.vmultiplier+yscale,pixel);
    519 #endif
    520 }
    521 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DPW3G_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBxatH0DDxXlYvm3SYo1STkctltCB9vEexBduost9lFkdGSuvR-2BbK5YOr-2BOluFIjVwgQtkes-2FX3YRbhsBtthWiIc2t9Gq-2B7kw3prsE8OAOxkGRoAEkCSYAXS-2FphFxa60GOLnXU0P0hkZmFciDUUTzMXUnCFMwLDWHq0UzIlQ1-2BQxg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, May 11, 2021 12:46:07
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-11-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-11-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-11-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-11-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DHMTh_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA-2FhnLdCGd6dMeCnP1CWsDTZrB7Q2KMGwlI8yZJ9Sevo44Azu3vm1Mj5M96OZAhxSKB6v0STNEJogqpYDGD54ixapzYN4401M7XaMS8GUSdvasazJpPcZIQt1UXHlmVVh54TPYmQEtrIRveHjf-2FlSzYDmLq4fdTO1Du8FO2NEL-2BHQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, May 14, 2021 12:48:01
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 331583: (RESOURCE_LEAK)
    /tmp/sbbs-May-14-2021/src/conio/scale.c: 200 in do_scale() /tmp/sbbs-May-14-2021/src/conio/scale.c: 173 in do_scale()


    ________________________________________________________________________________________________________
    *** CID 331583: (RESOURCE_LEAK)
    /tmp/sbbs-May-14-2021/src/conio/scale.c: 200 in do_scale()
    194 ret1->sz = needsz;
    195 }
    196
    197 if (needsz > ret2->sz) {
    198 nt = realloc(ret2->data, needsz);
    199 if (nt == NULL)
    CID 331583: (RESOURCE_LEAK)
    Variable "ret2" going out of scope leaks the storage it points to.
    200 return NULL;
    201 ret2->data = nt;
    202 ret2->sz = needsz;
    203 }
    204
    205 // Copy rect into first buffer /tmp/sbbs-May-14-2021/src/conio/scale.c: 173 in do_scale()
    167 }
    168
    169 if (*xscale != *yscale) {
    170 if (*yscale == *xscale * 2)
    171 ymult *= 2;
    172 else
    CID 331583: (RESOURCE_LEAK)
    Variable "ret2" going out of scope leaks the storage it points to.
    173 return NULL;
    174 }
    175
    176 // Calculate the scaled height from ratio...
    177 if (ratio < 1)
    178 fheight = lround((double)(rect->rect.height * (*yscale)) / ratio);

    ** CID 331582: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 331582: Uninitialized variables (UNINIT)
    /file.cpp: 297 in sbbs_t::editfilename(smbmsg_t *)()
    291 return true;
    292 /* rename */
    293 if(stricmp(str,f->name) && findfile(&cfg, f->dir, path, NULL)) {
    294 bprintf(text[FileAlreadyThere],path);
    295 return false;
    296 }
    CID 331582: Uninitialized variables (UNINIT)
    Using uninitialized value "*dirpath" as argument to "%s" when calling "safe_snprintf".
    297 SAFEPRINTF2(path,"%s%s",dirpath,f->name);
    298 SAFEPRINTF2(tmp,"%s%s",dirpath,str);
    299 if(fexistcase(path) && rename(path,tmp) != 0) {
    300 bprintf(text[CouldntRenameFile],path,tmp);
    301 return false;
    302 }

    ** CID 331581: (RESOURCE_LEAK)
    /tmp/sbbs-May-14-2021/src/conio/scale.c: 173 in do_scale() /tmp/sbbs-May-14-2021/src/conio/scale.c: 200 in do_scale()


    ________________________________________________________________________________________________________
    *** CID 331581: (RESOURCE_LEAK)
    /tmp/sbbs-May-14-2021/src/conio/scale.c: 173 in do_scale()
    167 }
    168
    169 if (*xscale != *yscale) {
    170 if (*yscale == *xscale * 2)
    171 ymult *= 2;
    172 else
    CID 331581: (RESOURCE_LEAK)
    Variable "ret1" going out of scope leaks the storage it points to.
    173 return NULL;
    174 }
    175
    176 // Calculate the scaled height from ratio...
    177 if (ratio < 1)
    178 fheight = lround((double)(rect->rect.height * (*yscale)) / ratio);
    /tmp/sbbs-May-14-2021/src/conio/scale.c: 200 in do_scale()
    194 ret1->sz = needsz;
    195 }
    196
    197 if (needsz > ret2->sz) {
    198 nt = realloc(ret2->data, needsz);
    199 if (nt == NULL)
    CID 331581: (RESOURCE_LEAK)
    Variable "ret1" going out of scope leaks the storage it points to.
    200 return NULL;
    201 ret2->data = nt;
    202 ret2->sz = needsz;
    203 }
    204
    205 // Copy rect into first buffer


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DSNk9_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDNqOeF93LTzMiN-2BXlkx2DWBkGIJWCanQX2uTnnKsqpYRRhZqJ2PhYsO5qpiOVK0BDvuiIrhUR4EjIR5oQGDt665DYDrF8ysSVAFDj7KiWmGsN1QlkSFgPQKgi7Pl3ZtNdBE2MJqRyaneT2BQLMnPKZbiAJosmewAFCQVicjYEPqQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, May 15, 2021 12:52:10
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 331591: Control flow issues (DEADCODE) /tmp/sbbs-May-15-2021/src/conio/bitmap_con.c: 196 in bitmap_loadfont_locked()


    ________________________________________________________________________________________________________
    *** CID 331591: Control flow issues (DEADCODE) /tmp/sbbs-May-15-2021/src/conio/bitmap_con.c: 196 in bitmap_loadfont_locked() 190 }
    191 }
    192 for (i=0; i<sizeof(font)/sizeof(font[0]); i++) {
    193 if (current_font[i] < 0)
    194 continue;
    195 switch(fdw) {
    CID 331591: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "case 8:".
    196 case 8:
    197 switch(vstat.charheight) {
    198 case 8:
    199 if(conio_fontdata[current_font[i]].eight_by_eight==NULL) {
    200 if (i==0)
    201 goto error_return;

    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-15-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-15-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-15-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-15-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D3V_W_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBWT-2B5lyDkUnzDanJEHTaxWrpiZ0rx3QNplW-2FK37v8ugfgG4QymLdWTbjsj1HHAKz52hyeeMLtaaiIH9nlebGioivOe2ibLkvN-2ByeqGoEoCAL4v0jkn-2Blnhgw1T1z7LFAGltikKJOAVY2smg66E00WD-2FilHtSdEAIFvFYybBiyJpJFmTThiC-2BGPotnNpdnxvOI-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, May 17, 2021 12:51:25
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DDbhH_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAJgx6EHaO2CFM1vO5wazLanFeA2usxbIezV9KW0MkL047ME38gf029Sd8ZUI3tzw-2F4yg4fXRTpL3oRZnMZpMUEuB2TC0RHKFEbuRqJL6GmivxETq0JVyzMeQVJfvvMm9JjE8YwGVc1Iui6qCxlFJipFM-2BbfznT3A5ksdUYKN2HGA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, May 19, 2021 12:51:20
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-19-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-19-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-19-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-19-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dqujj_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrB49eOUN-2BMI5utC2URfFD-2FDAoKVE98NyuFCHINHOBc4kVEWPBuwGNkMGs9-2BrkVnSL0xw7P9zfU9RIt9y32Ks96CRHEw1GyLTLPj0NQwVZTAeXtNLm-2BmgWXUQ1l0yl-2FADV-2Bu0Y-2FZ-2B0HJAaPMh9QP1LyiG4oFCLKLlnvB4xy-2Bh6KOfQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, May 21, 2021 12:50:44
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 331789: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-May-21-2021/src/conio/bitmap_con.c: 719 in blinker_thread()


    ________________________________________________________________________________________________________
    *** CID 331789: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-May-21-2021/src/conio/bitmap_con.c: 719 in blinker_thread()
    713 if (force_cursor) {
    714 rect = get_full_rectangle_locked(screen);
    715 }
    716 pthread_mutex_unlock(&screen->screenlock);
    717 if (force_cursor) {
    718 cb_drawrect(rect);
    CID 331789: Concurrent data access violations (MISSING_LOCK)
    Accessing "force_cursor" without holding lock "vstatlock". Elsewhere, "force_cursor" is accessed with "vstatlock" held 4 out of 5 times.
    719 force_cursor = 0;
    720 }
    721 }
    722 cb_flush();
    723 pthread_mutex_unlock(&blinker_lock);
    724 }

    ** CID 331788: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-May-21-2021/src/conio/bitmap_con.c: 708 in blinker_thread()


    ________________________________________________________________________________________________________
    *** CID 331788: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-May-21-2021/src/conio/bitmap_con.c: 708 in blinker_thread()
    702 // If the other screen is update_pixels == 2, clear it.
    703 pthread_mutex_lock(&ncscreen->screenlock);
    704 if (ncscreen->update_pixels == 2)
    705 ncscreen->update_pixels = 0;
    706 pthread_mutex_unlock(&ncscreen->screenlock); 707 rect = get_full_rectangle_locked(screen);
    CID 331788: Concurrent data access violations (MISSING_LOCK)
    Accessing "screen->update_pixels" without holding lock "bitmap_screen.screenlock". Elsewhere, "bitmap_screen.update_pixels" is accessed with "bitmap_screen.screenlock" held 18 out of 19 times.
    708 screen->update_pixels = 0;
    709 pthread_mutex_unlock(&screen->screenlock);
    710 cb_drawrect(rect);
    711 }
    712 else {
    713 if (force_cursor) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DHGU6_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCcdmIwnvIr3t9h2i16O4nf1MKzLsseWMeHmREwusioGmy4neRfaWGTXD3EhCvT6v3TD9bY436EqhV4iRNKZrYqnvZjOuAMUnzewnEAYuUNDbHzlK4L-2Fr8rJSHpZgw9ysbz1Oxs5QHzfZGz33wH-2BH9Sl45HeaIt2U-2BNSzdT1kVZxg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, May 22, 2021 12:50:46
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-22-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-22-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-22-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-22-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D8IwS_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDEMcc-2FZpa76I4CncNNYywyowbjZkCXvbc2TJtX-2BYROXM9jJj69LkKZ6IhxcCySa7zetCD6GqlDi3g5bpAezkIP8MCgL7B0h2GJu-2BW8M6-2B7VNvKOkP6bxg39GpS76sPSbOJlczcU5ocgV7-2Fm9-2BwWUfnp4XkLPFjnJ7gOOKyZ7zGPQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, May 26, 2021 12:48:36
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-26-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-26-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-26-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-26-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DFzF0_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCrXktCnRsQA7egAhIn1w9eF9R7q1ANKp1fH6gHSYBgR1vF-2FI2TPAsBpEc1Cw0txil4NCV-2FKibVz2IOKbdO-2FSw1vZovp21vRdi1HppPe06fPrVYoP097P5Qclsrkr1-2BiauI-2F8-2BEBwEliVKPPdiaItJ-2BBw4eCYPNvYoRMfDA61BfDg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, May 30, 2021 12:52:27
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-30-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-30-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-30-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-30-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dcfb-_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA1ZloqWFsZx3tI2qisYKa1lgsdAU8qmDlFk0cItal2TGI1pd-2Fi7y0Cq2Jpn0myGs4tS-2B2yjGhUO8-2F8vxHa4HuLxbMVhw-2BGzRp9wTAulUxurGAjiOUmrRLRPcVTGEFUT38kqVeEh9o9ZFGIFvKKuN0p9cDGgZaHXikqHdF4kFz7CA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, June 03, 2021 12:51:46
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-03-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-03-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-03-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-03-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dr_hZ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDr4qdJYb9zHEyG-2B5RFlYdY6NjJSzOttgtUg9H9EHwsE3tO5E-2B-2BKTatdv7oi7cHR-2BLEoSFwpfS-2FuWMfJ6wPszjxmesS0586adKXto90Eb7mFP9tl5I68M4ZxLMEjLxZ174044gsHbMpBzObU5-2BbuKWpjpyMJpV1o-2FerJeE5zv59TA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, June 06, 2021 12:49:53
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-06-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-06-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-06-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-06-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DG8up_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCypEnRntEhP8Ub-2B-2FZg-2Bap22uZ5QEpyZ8IoVLATQSrm609HG4G-2B8KtcO49Xnsp3Mjz77KcSB4C2VFUl1-2BSvcV9N-2F6r5EA-2BLF-2BEDu6ZMppL6tMvgl1-2FCDv94MKGgzqAO0dFOg4lr8beFojbGo-2BTl1DP-2FQDfRqRlN3iVD7UqfOUr8La590sUu6grjE-2FhUcFeuAMM-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, June 09, 2021 12:51:42
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 332219: Control flow issues (DEADCODE)
    /main.cpp: 3967 in sbbs_t::mv(char *, char *, char)()


    ________________________________________________________________________________________________________
    *** CID 332219: Control flow issues (DEADCODE)
    /main.cpp: 3967 in sbbs_t::mv(char *, char *, char)()
    3961 return(0);
    3962 }
    3963 if(!CopyFile(src, dest, /* fail if exists: */true)) {
    3964 errormsg(WHERE, "CopyFile", src, 0, dest);
    3965 return -1;
    3966 }
    CID 332219: Control flow issues (DEADCODE)
    Execution cannot reach the expression "remove(src)" inside this statement: "if (!copy && remove(src)) {...".
    3967 if(!copy && remove(src)) {
    3968 errormsg(WHERE,ERR_REMOVE,src,0);
    3969 return(-1);
    3970 }
    3971 return(0);
    3972 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DJdo4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBBE-2FJI6YRBGypMFdZyXJVPIIKFhPXAf9fo0B5GFPQPQdxfwppj17qbrv2rQ91AdPP2cTE9QcemUMjgHq9UbxjwGOEeJcfWha2Khj7ZkXm1XJ6qsCyNN9GvL6wK0Sq5moa97ehIK5r3sho6efye8-2Bw4BIB4GC8aWGIYT-2BPvwz6ygw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, June 10, 2021 12:47:57
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-10-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-10-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-10-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-10-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dp7Ym_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAibhOywNIBkSUJ3E8HCmrfkA7O8foKftlYU9srhbsMUnu75-2B4u2JcpgQQ8qUzdLbgMKW0edZWXMEKKdnIlurWc5uBPmk4QrUHA-2BRFGLavt6O2I10mV6mkV9jSR93pB5AQg2sboNYjMhjKszKvZ9jeEzPrR1X-2B3Gmb7ySCPP1sG6g-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, June 11, 2021 12:54:03
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 332340: Uninitialized variables (UNINIT)
    /main.cpp: 3941 in sbbs_t::mv(const char *, const char *, bool)()


    ________________________________________________________________________________________________________
    *** CID 332340: Uninitialized variables (UNINIT)
    /main.cpp: 3941 in sbbs_t::mv(const char *, const char *, bool)()
    3935 /* returns 0 if successful, -1 if error */
    3936 /****************************************************************************/
    3937 int sbbs_t::mv(const char* path, const char* dest, bool copy)
    3938 {
    3939 char src[MAX_PATH + 1];
    3940
    CID 332340: Uninitialized variables (UNINIT)
    Using uninitialized value "*src" when calling "strcasecmp".
    3941 if(!stricmp(src,dest)) /* source and destination are the same! */
    3942 return(0);
    3943
    3944 SAFECOPY(src, path);
    3945 if(!fexistcase(src)) {
    3946 bprintf("\r\n\7MV ERROR: Source doesn't exist\r\n'%s'\r\n"


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DqQX3_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrC8w0l2JXQ-2BSggRPsHCPc7lfnD4IR8T8jafGE4Y3I2yR1-2Fm4nxDAwhk7UyLUpG8wpaUq2dJHcmPD48DDyoK0D0Hekjp5Jm9oaxCVhGpsxmi6pKNcEXdqGHmOPTVUBpzyX0N2xrH4FsPvPMSEguMRMnI3nHRCv4o1TGFovqRola4Ng-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, June 17, 2021 12:52:09
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DfYkc_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDMCe2TYjdLfMCMMqx7S8vmYGXEZKRfddYrDVGDBlQCC-2BVVNwwNwlLfOnR6I3ixHmYwSAJN6cpxpgiVDfkwF0GTXf8sbZng4OgAOZ-2FM2KNowdnImov0Rdg676DXGN3nP8dw8QReaAsePspSyrPOS8mezSv6uVSu44Dpj29jubKHbg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, June 22, 2021 12:46:59
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-22-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-22-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-22-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-22-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D4WK9_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDxOqLEC4LdQLkB0aSL9Z-2FkY0RPzF2CWJ9NW4Euc1qE08pktocf-2FphNyjghLMuW9UTTweNRvl3L-2F9qiDSd4SQgqUdl3ikEclN5WfcRTFO-2BNFFLn-2FDtue82Ug1QeN3eF8akr8mPycCnsrEwZxqRhluUG8l9lY8zlx0hkIaYzoFdtxg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, June 30, 2021 12:49:45
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-30-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-30-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-30-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-30-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D_VVV_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBsg9j7TtTfWJNVEDk3zzLhRx5RU-2FHgWMXipu7WZwFdatJDqEVdXzbjYRnjZLyn9qDGgb8tv5RzvES5xsfsiFDAMCWq1YDY-2BGUI3o7nIgys83btXObDnvAGCAD5oZy3lyd-2BxEWjyNzJ6nvtqRpViDcmDkqvONtSrLdyT-2B1nHl-2FtKQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, July 04, 2021 12:47:02
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-04-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-04-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-04-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-04-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D98Nb_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBFmeYUf25jNTEg4rzZa7eKbYMZIfCQDxWU-2BB9IHoQgheZ9giRgk6ukg05Nr5wt2q-2F6VOm-2Fumo-2BAZoMxsVZe0nDWusXrPHu7Y3gkAl4i2orUZVDl-2BfCeXtHaqKISe462CpwzSnQJzss798KMPVLerj-2Fa27HS9TcNs0EmT-2B3cgvqDw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, July 09, 2021 12:50:46
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-09-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-09-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-09-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-09-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DIFXn_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBpdluWPAkISBghT2ZYApcpaNJYJgmYXh9zpZo-2FdFasCSH2q8WCM3lgVivGhC8Mu4221vTiLwqiCbfOYKdW-2FsI4-2BLIxYCeU3dQj4pWCq-2Fk-2BrU-2FmefAUcHqMBeonAEh8WvYqTF1vaDtnOQJDJZv854-2FrGap1SGfSTyHkoVTc9xIoDQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, July 12, 2021 12:51:02
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-12-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-12-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-12-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-12-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DpJDl_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCEqP0oTfuSBg1WEKNeGWkrvuT7b-2BgZhMrFAkve8p2uPgKVu-2B9PMLn20E-2F-2FUr-2F2S7yg3S0uRu5qaa9pOGFu0xxwtAYU7j-2FbA-2BAF0sztq9fe1c-2BOvcJniOt1TXmCWe0EkSbNt3imWnlYADbI02JKTcO5kRMaAsPPlAxT3bueK-2F2xHQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, July 17, 2021 12:51:50
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DRrKH_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDerhDp7BA9-2FhYUrslt4UkFF36RddtgsJ0gUsYl3OEBFLP8BPnvPRTOCtsAUiN8Sq5SMmcjvPrngL9mdNz60UBUvgxH8HWLYaUms0YZWquhVbOqZbLkkpTil6XmO4XnXxnKgBVbxOGrf6AqnSfgUTWoQWR7EKY4-2BuExtvEIeQwYyQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, July 20, 2021 12:51:04
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-20-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-20-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-20-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-20-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DStPX_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAL-2FYPfHYZRAWJDugx1NCDz4JGNzkK-2F-2BZ3rKeAL7zpylv4P801AbzQxSodyH9YAZfykjFjpQ222-2B26-2FLvg3y7PpwUzbmHsmfqwBoMDHxMDLIhh9K1St3nHpDe6Inhhf8wm5Pz0vNo94e3b8EDetrcb-2B4uB-2FI-2FrbP6zosysM6VqezQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, July 24, 2021 12:51:26
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-24-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-24-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-24-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-24-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dr3H8_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDR8KU2N6Vp-2ByLJfa5u33p-2FaC2M-2FsyQGVjHWmy3jPAvHK5dSddupOk5iE9m1aw87mvnPdNTIKBZjj4Z1ycdHTUNrr53aXSEiOMJJ-2F5XkvtJh-2BkIvloqdUcqEakzhlenyYx8uf-2BfAcU08cfAdgVllhT6WLAULalbqasTxm1bwwR0Dg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, July 27, 2021 12:49:16
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DkUqo_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDrHLMZhywrUw6puPRyIAEZK8Ulrtv8qUVu1zZ2trnN12Ly3-2Ff2FKGb7-2BxkjKLivQlZjE29cbu9jMNcc50kei4yYGWrtWl-2Ba3LhGovvjA2-2B3tSs2MKpM6XOoB4PTXmyJtgeR6edxU6ORYZRRVTMrzQEZlHlzxyKy6ymcv1-2BG63KKQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, August 02, 2021 12:48:17
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-02-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-02-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-02-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-02-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DlY6k_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCCjuAQqbaBdUcVsHFpjl86aWsibJ223BnR8-2FAZAWPcsIj55kDJI6RmHHyDRo6zbToHItG9uJLzrg4WE-2BTD4MgTrSY7FoXNjxfTQu3JqX30sYZGNUEBqvEX5JSc8wxYghHkn371PHGO56e0trHyA4FKZXZB75GTNARnZ09uWjcMww-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, August 05, 2021 12:50:20
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-05-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-05-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-05-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-05-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DKY0q_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD-2Fwuz2x5cIfoZKHpNZGRxOgEd4bvUVxKlUiU0oJJp355N8E49q0YERW14MpSo5IrJjMnUyAjvwX-2F-2By3fl-2FbW-2BfU-2F6hbDckLrpV-2BqArzav0kmmWZKNCN-2BRh5d-2BiYP-2FLtj6M2cZoBpZmNtQfllxPe7fkx-2F8y59jkgGZ6pDF5isfN6Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, August 07, 2021 12:49:27
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-07-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-07-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-07-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-07-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DAToa_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBIHHhA8LsVs7HBF3uc1iCK-2B4CJ-2F50KVX-2BYG5yrPWYZB4Gm2vNUFskEGZUDu6HCqKHy2TNkKzcL4KRQofhDDQjcujsiO8s-2Fw8DZISYWQsHDv5coJRFwPBj-2BS8Q2WM7dH9Z-2BsnxDid1P5sd9OUJKIZP5TmhwHNFw6El1kVW03JXm7Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, August 14, 2021 12:53:06
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-14-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-14-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-14-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-14-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D8s-M_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAv5Rx4Q4XA7C1ITQpemmx2knvOLyKsVp-2BOlz8bC-2F6VG-2Fo9kLVzI07AVnnVImivqUcHFZrSZWll6xbGyMdwMy0V6dFqMc-2Fsco9CTGnVFw6WV0lsywVqvkhbvHFdbbMqKFHww5wLAUIZ9xfreoBk2ic1G5gLO8LifwOIkQoJWa77hQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, August 17, 2021 12:49:42
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-17-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DsoFH_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrC6obAXM1i6Zzdpz2sqTNk7VNTtfJFdYhoRMLcWBOONCDHbaVXOjwtrR9HE0TP6Pk7JBRKEP0-2BPOBWrlfBslr9ZuFM4vtFwtxBRw-2FSVjnwwUUk-2FtECfCDYrfrWuDHIp1IhAWCDElBp4hvYLqVzWmrB4l8tbQh3Sxo-2BVJwuuICp9KA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, August 26, 2021 12:47:33
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-26-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-26-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-26-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-26-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DkmgU_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCb32oBlnO1yJSTCf5oKzzRDxt1sbem2rtGu6l0nB6ZfMw9ez5vNTOMB28OtmneXWMxq4wSp-2BxHuJpKlCS62xu9d9ww8dct5sdYXCGJmztOiJS2TWzskzLANZELxViODJb9Wus6Qfl5gVgkStlB-2F8-2FuYL0dCzr52dAM0hmAtVoI4A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, September 01, 2021 12:51:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-01-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-01-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-01-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-01-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DqAHm_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAmBrDDpVS-2BnuOleT-2BHdgyo2OmCCyphBElMNczotWgCnTYbSPvHtVanOwI3E8VwV4ERaMRXJ2q6k-2B-2FurdTJvlrA6t1uSDsvdhomOl-2FNKbJbq-2FHSHs6chy5TAI3Wa3NNT7Ya5y-2BhpCQsM1Okjgs69wdekwVDDjbPmXW-2F1NowWog9Kw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, September 08, 2021 12:51:10
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DEJxs_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDFjskBxhrXkn-2FYDbgWDIdCRIM2UkAJfucEOAgnEoLEJZKmJQgmeMqZx1ZUdrg8HapolZhLhH-2BNjFvj05q1VvFMbPnHovd58Yhxazy1CiVZBW8Rg8UV7zNECr-2BzXT8M57bHNdtoE-2FTRGnsT-2BxhkwcoLQ7mCDWH-2BtjSkqhWpP9XEyA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, September 15, 2021 12:50:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-15-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-15-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-15-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-15-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DJw_E_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBCdTGaC6ML4C-2B7yzBFdwoJSemYZg2pYoZMf3VEC9vEp-2B4NsZQpPfTNsE2OfTt63VAND5jJq9n-2FYFnBNjqNOc72GmRdgPFnk52ac6tTDyZLucqqhbyJAQuFTTApEWlVEaYPY7yrdmBORHtHpQ9-2BKmeWWGxke-2BZiZJbABGDonvHZhA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, September 18, 2021 12:49:46
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-18-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-18-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-18-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-18-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DTkON_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCo-2FTULYEsSI-2BgdAwjojLQZ2IJjBwYpOCQPDGVGqdN2C3Wos2bYIb1zUASbnGVuwN5-2BmF7-2FcTz0bfIJDE1yOZ1FPgAVznHL-2Fw9qHO1702B28TOxvq5s40njRYbDjjyJ62EglpOEh4iXoP6t7ZJ9b-2FqFXV82Rpmsap36wf2MnCbzCw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, September 21, 2021 12:52:54
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-21-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-21-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-21-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-21-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dq9WM_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrC1-2F9LUAaUQVD91komTzDpS-2FfRlBAt80YHQ54CXb4E0Gry2gotB-2BnCmcG2nBya2Zd4hFVFSXaGcxEapynDKVvnNaAw86frrE2yfuK3ZYiiNy9rFgi3-2Fe-2BBZ-2BgpY1ohPomtvUPe0lKQEYBWp5nbGP821G6D8tOu7Qz2EUDfHbMN3Zg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, October 08, 2021 12:52:18
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D9L_P_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCoGJldqiJgBXie-2B5MeP4uVSm4jmHAidx0BzBQTjGPPNkPYweOXXAc201MyqPWeMCkDHEr3AHPR9XY5PTW08vXNCmIzhQEIBd8F2fCzWRsgZtVrvL9uXV2i4lQv8bUIuidZGy43aRIZ58U9BavqwOtE6a3OsJz-2FxpBvfGOLUsO1Jg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, October 10, 2021 12:55:08
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-10-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-10-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-10-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-10-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DW2-7_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBxhPIixMCaBdRkRNo50H223VMROW1TVN1iLYVTE6ulH9cMsT1HWZIEJ-2BFcbMRFdX4Jsq6ZFHIsQgo-2F7zxMJAzJkXsnkAp5StkU55ddCzwu4YYhjrLiZYbpn7f9RqsqZogEH-2FZ4bVJuZk8k7pchT8mClgHRvjXQUkqRpHQDQ8uDpg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, October 23, 2021 12:54:21
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-23-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-23-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-23-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-23-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DP3SI_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAWcOPACd1uE1U-2F0PoRoFdKmTFjYDAZgusXZu4xRkqKIgv8DoIpi7BoeH1jRcozJmtD4r671l7nVQ-2B-2FrFu8C6w9i-2FTCMBak0nwxW7V1lMNU15-2BekUe1Pa24StPCpv7QLEop19y8RToaw2y3stF6CwBcba0-2Fbp9z8-2Fx-2BXjzlVx2TBg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, October 27, 2021 13:00:52
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DNXgV_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBiyTKSxCRRaRwDOfLO1qF6gNBuZojHtMawlvXzq0bJTnDsnLcjnD11f3SvEXJRwyMWeuOnmhw63yCZllo2JnyWZYobS4k4-2FELy0AhNLjUOiD6D7fB101q-2F-2BUnfwVuw9GsqUnSZyuruon0PrAPLVmhjGtgvdNn3K2-2BHFOlWWm4iTA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, October 29, 2021 12:52:56
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-29-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-29-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-29-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-29-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DlHuB_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAOMfD-2F6ikorkEcQkOKRpccoEujsf8Fn-2BSRLOo3jAUq89LO521EbeGAfr1u8BPbJiMK8QTrLqBMFvfSpXnv2lrAbU40LfdIFGd6fb7Hzgqfqbr7rfg9-2BMPxiDa8GkudAP-2B1YAowcWBWMMR-2B4F-2Bu-2FbmjDEtTuhLgbRh2oLUDl39H5g-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, November 05, 2021 12:59:12
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Nov-05-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Nov-05-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Nov-05-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Nov-05-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DUDE6_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAUAfT9Oo-2FfoWEFl6BSaATDWwF0b-2F-2FPDogZ3BUGvlnzng9SUyVqON6tDnXfSBb1kctk2-2FFroopXaaZMtFjgFCndDhployG9bL-2FSwtT6yLUHiCftfFVzQ1WWaEx3S5MZKaz1NKZjcolUyEc-2FsBu125BOa7X7Fc3I-2FtDAudvcW3Pzmg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, November 08, 2021 14:07:26
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Nov-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Nov-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Nov-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Nov-08-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DS1mO_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCq1X6sj9hnnzzjsGEogXlIbSEcYZ2oxTV5KmMij2sSSDJCTfGrjkeTlivDC7q7S0tFhKhXTPeOmDpRaotG1rKsxMHdaK-2BjoqltPCoKB1qRJGnonqln6NZ7xU1YL6kSQy-2BMSVIylq7inxuyh6EjX2J1-2B-2FoRCHgOcZDPeT5Wp71RZw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, November 13, 2021 14:13:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 342467: API usage errors (PW.PRINTF_ARG_MISMATCH)
    /sbbsecho.c: 1120 in ()


    ________________________________________________________________________________________________________
    *** CID 342467: API usage errors (PW.PRINTF_ARG_MISMATCH)
    /sbbsecho.c: 1120 in ()
    1114 fprintf(fp," TFS");
    1115 else
    1116 fprintf(fp," KFS");
    1117 }
    1118 fprintf(fp,"\r");
    1119 }
    CID 342467: API usage errors (PW.PRINTF_ARG_MISMATCH)
    argument is incompatible with corresponding format string conversion 1120 fprintf(fp, "\1MSGID: %s %08lx\r", smb_faddrtoa(&faddr, NULL), time32(NULL));
    1121 } else {
    1122 if(msg->ftn_msgid != NULL)
    1123 fprintf(fp, "\1MSGID: %.256s\r", msg->ftn_msgid);
    1124 if(msg->ftn_reply != NULL)
    1125 fprintf(fp, "\1REPLY: %.256s\r", msg->ftn_reply);

    ** CID 342466: API usage errors (PRINTF_ARGS)
    /sbbsecho.c: 1120 in create_netmail()


    ________________________________________________________________________________________________________
    *** CID 342466: API usage errors (PRINTF_ARGS)
    /sbbsecho.c: 1120 in create_netmail()
    1114 fprintf(fp," TFS");
    1115 else
    1116 fprintf(fp," KFS");
    1117 }
    1118 fprintf(fp,"\r");
    1119 }
    CID 342466: API usage errors (PRINTF_ARGS)
    Argument "time32(NULL)" to format specifier "%08lx" was expected to have type "unsigned long" but has type "int". [Note: The source code implementation of the function has been overridden by a builtin model.]
    1120 fprintf(fp, "\1MSGID: %s %08lx\r", smb_faddrtoa(&faddr, NULL), time32(NULL));
    1121 } else {
    1122 if(msg->ftn_msgid != NULL)
    1123 fprintf(fp, "\1MSGID: %.256s\r", msg->ftn_msgid);
    1124 if(msg->ftn_reply != NULL)
    1125 fprintf(fp, "\1REPLY: %.256s\r", msg->ftn_reply);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Db96B_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAHEWm-2BkLZkIQ-2BS5RfZZwg-2FOI8uuYbe-2BVNB-2Fi0jSK-2FSbZzgfWlYUbZ-2FpzyM-2BRUQ4q5Vh5QeZifLoBO7UD6mvBGFKsZ34-2FggaftYUAeDYvs1PHHZpToemgbgisBzQse9A2AEssZOSK4kIaU8gEmhNC0qlBvIlt5bWyIgamWViMCNIw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, November 14, 2021 14:01:52
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Nov-14-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Nov-14-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Nov-14-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Nov-14-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DmSAg_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDp5A3gEJowTbotqv8NWYBS-2B2i1J4nVG4Yzr4ZsBuuSyDEOxAdscvQTx9NyuGe-2BJ8-2F8rWHKa8qa4EJpGoo3-2FrTLSFcj-2BVpSXFLb6QjXjW-2BlF0STSK4i9-2BAYtcj1Oj1TJBzX-2FhVeZsri6cvDgGHrF257zgHS3P3IXuzDuDfAAMB2-2Bw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, November 21, 2021 15:32:51
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Nov-21-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Nov-21-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Nov-21-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Nov-21-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DnZSu_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA29aneUpi3DjVD-2FGEywFoWPNcnts43GXg4HsQOasAN21eXyUo8TbA7PlgxPnHDX-2BgRb-2FaQOReE0lHGjL64frmCytfK0vHwlplcgZc-2FawsRyPwaLABK55heqh9RYROeKIzP-2B6CJL9hvftCmSMvhSHrvukMFRQQT5poUfmaHt0zcbA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, November 27, 2021 14:00:12
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Nov-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Nov-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Nov-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Nov-27-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DNx3J_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAeFBgqaHqvSJPiA7H4ht8sZvPHOJR5IdqM9XS-2BwyQomKVYE-2Fbb2nt3FtKuSUmerFl4ydXrV-2BPvJ9gwQJfx483lNiEUo-2FrgRGtTvtpiLxTjP7h8xS7okUXlnRUVnNA-2BQS7JjrWBLloE-2BbrO9erbVJgOhbdNwT6xMBo22Jupwk6oMw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, November 29, 2021 13:59:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Nov-29-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Nov-29-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Nov-29-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Nov-29-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D2KB4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBlYpI2-2BWSMzYC3I9d-2BEnSPQNv0kQoRPXg-2Bs0wTv9PMx28A96h7vJ6P5OEtmG2kWQYoOLmD-2BidlBmPic-2FFmM3Zja321yeKhBcjyzm3a-2Foix9-2FW-2F-2Btn9M1nFyhQlTUm4uzHy6NcCPCkyk3OxBi-2B-2BtaaiQWc1w0zfQLukg5s1512QAw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, December 04, 2021 14:07:36
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Dec-04-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Dec-04-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Dec-04-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Dec-04-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DWGcN_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBVXzETIZ9k9rSh3h41AJQoEZo39OxUypub7O9YQZQHMSm8GzfMN72Gkt3arYUTWzjpTlvP3uHDMJAp9-2Fi5yry38-2BvzKZk-2B7hhlhplO7Kqj3dKpVyQ0AQUh0xB4X5C4ClRZHFzqZyLUTe94i4-2BG0AzpSfaDfRSqgqlLuQyUtLOBPg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, December 07, 2021 13:56:50
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Dec-07-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Dec-07-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Dec-07-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Dec-07-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DsRrh_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCVrQ4bQar8K1mubJWXVk1Zap3d95WE5EKzhtKj41cRVd4K974Xr6U-2FSdvb1C-2F-2BXL51DICHjWTqSGD-2BGvrrJ1bq0V6NPaxuzzEVzd-2FZVMHjyk69KwWTvXqZotUEcM1AJN7pjMEg88WqR8iTpPmf-2BbqXmfUSf565YZucz0M8rJh5KQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, December 14, 2021 13:58:14
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Dec-14-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Dec-14-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Dec-14-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Dec-14-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DxIIH_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBwc65JAUGHGn-2FeHtXgsxQCDJLV8t8oElywko54XKNk9v6VFVMU7FAk-2F6gBCdcuUl3j-2Bff0XyjbyjHViGqbLr3GzUrv7sYyFEiHRmLOv4ynwEPn0x7hOaZN-2B8CCoUG7JpuDoQdqxkmEfq3h48AGgDMB-2F3EVa-2BoHsiMA13HJC7-2BqFg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, December 18, 2021 13:54:09
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Dec-18-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Dec-18-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Dec-18-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Dec-18-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D_e9M_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBayKvKF433Mjpae1vtRTi0PLJwmy25UIatLLOwCMJEqxsmcBCFFnZQKR4Om-2BpLtqePurI2Xwkb5qn1sSZhBbUI-2B9LmxQfGK29NJR8rURuPBqyi5PQ93ZR81D7oFgPUcFDP4mOp6k4XQOpyrxgkwpcZ6loCt5xyzSv1sAbrCFN-2BzA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, December 23, 2021 13:54:40
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Dec-23-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Dec-23-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Dec-23-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Dec-23-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DQyr-_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD72MJ96-2BGg-2FAZND4XkV53pOgVtCSvuW4wUtUu-2BiVKXDHIF3kKWGCG3D4nmDEJmbCrekYTeDA6s1P-2BjB59jUSOc18f6JNdotS68zvy-2BKIIiRF3ZvZi148SAxd7-2FnW0v2ZSnxSb7Yu4BEDnATcavbTkkHbPOvmH6b1N6G9vs5gnY5A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, December 30, 2021 13:51:35
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Dec-30-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Dec-30-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Dec-30-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Dec-30-2021/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DgHkO_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA-2BU8E0BPJQFT2piobTwPNekxAXfM-2BA6HFYhDqVS6nRZRE2WMfqG1z9PdcAUxXshZ3UbZtpqdBSBt0yL6in98-2FZaBnpYQwh0PRka9jWdqqgpT3ZbaZBXPJ1ZbjFdP4G2wPJe6466rQValWbV-2Bb-2BYCs8qpVbyfSGc7-2FjIgpP-2B-2BRsLQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, January 03, 2022 13:53:45
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 345193: Security best practices violations (STRING_OVERFLOW) /js_system.c: 1742 in js_new_user()


    ________________________________________________________________________________________________________
    *** CID 345193: Security best practices violations (STRING_OVERFLOW) /js_system.c: 1742 in js_new_user()
    1736 user.expire=0;
    1737
    1738 /* settings */
    1739 if(cfg->total_fcomps)
    1740 strcpy(user.tmpext,cfg->fcomp[0]->ext);
    1741 else
    CID 345193: Security best practices violations (STRING_OVERFLOW)
    You might overrun the 4-character fixed-size string "user.tmpext" by copying "supported_archive_formats[0]" without checking the length.
    1742 strcpy(user.tmpext,supported_archive_formats[0]);
    1743
    1744 user.shell=cfg->new_shell;
    1745 user.misc=cfg->new_misc|(AUTOTERM|COLOR);
    1746 user.prot=cfg->new_prot;
    1747 user.qwk=QWK_DEFAULT;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DLHqT_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrASNRMrjmtERpNIdQUnJSJsKnAEJXIhAxYXn8Wsbe-2FZLcOyNTvGzTXSVf3pSFMNPtPlIb534EHtx-2FbVt-2FfWmb57n4Bq9KDPi7f788OCM9cJpzKEEOL9D4Rv1Q811tuCjU09XGZwjBhiJvxCsLDf07Au06lrQrx64u7WGcNazjKonw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, January 08, 2022 00:24:55
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jan-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jan-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jan-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jan-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D06PA_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBcCjp9DE2Yqx3ZYsNFl6p7s0oM4wg6TKA4jjp7vUVQ7txjLD3qqv-2BblSA7Ar6ZMpL8GzTGJ81A0y56JepW9fpGK-2FDT4rGxTHkLXAlcCCja0JY4hkzxodn5ykHilcjFZDTlxWR2cq2hWjBCsNEdhahenkaiHbJFqQ0wcioW2PeV9mjcHRceXWydx-2By08vZxrxg-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, January 13, 2022 13:54:43
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 345291: (NULL_RETURNS)
    /filedat.c: 202 in loadfiles()
    /filedat.c: 202 in loadfiles()


    ________________________________________________________________________________________________________
    *** CID 345291: (NULL_RETURNS)
    /filedat.c: 202 in loadfiles()
    196 if(len >= 12 && strcspn(filespec, "*?") == len) {
    197 SAFECOPY(newfilespec, filespec);
    198 char* ext = getfext(newfilespec);
    199 if(ext != NULL) {
    200 *ext = 0;
    201 SAFECAT(newfilespec, "*");
    CID 345291: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "(char *)getfext(filespec)" when calling "strcat". [Note: The source code implementation of the function has been overridden by a builtin model.]
    202 SAFECAT(newfilespec, getfext(filespec));
    203 } else
    204 SAFECAT(newfilespec, "*");
    205 filespec = newfilespec;
    206 }
    207 }
    /filedat.c: 202 in loadfiles()
    196 if(len >= 12 && strcspn(filespec, "*?") == len) {
    197 SAFECOPY(newfilespec, filespec);
    198 char* ext = getfext(newfilespec);
    199 if(ext != NULL) {
    200 *ext = 0;
    201 SAFECAT(newfilespec, "*");
    CID 345291: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "(char *)getfext(filespec)" when calling "strlen".
    202 SAFECAT(newfilespec, getfext(filespec));
    203 } else
    204 SAFECAT(newfilespec, "*");
    205 filespec = newfilespec;
    206 }
    207 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DGrV8_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDQ-2FZ3IDp0hl0aRs9c3bbZXR09ibAartchzkQRercYp5MpY4M-2FdOLgJu6uM6PF55LOtRkX8GlziQeO71zu92tsVW15fOTPs2xwdwlZEvBvJx7pNfugWTmYp-2FS9RCHU-2BZOe0GsRl57chmm32I25QaJ2KWFRKONC-2BSAufsS-2FWKTiYEw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, January 18, 2022 13:56:41
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jan-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jan-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jan-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jan-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D7tr1_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDOhxNOip80IculZRgvlagswE8UudKHfml5vWRDhj9wz89s0DuSEhWPPunupD7c66KHrcSSU-2BgdsLC-2BdKAG1Tmtc62sLuY0lFK4gg289CIdtrpmau1qi4oACRWRcXLN3jJcMSozT-2FvR0Gt-2BjBV45g-2BbQ-2FpjBuuKjg9ldKh-2F3IJ0GLBTlqFb2mPnPzvuFJr-2BDtQ-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, January 23, 2022 14:03:53
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 345626: Control flow issues (MISSING_BREAK)
    /putmsg.cpp: 480 in sbbs_t::putmsgfrag(const char *, long &, long, JSObject *)()


    ________________________________________________________________________________________________________
    *** CID 345626: Control flow issues (MISSING_BREAK)
    /putmsg.cpp: 480 in sbbs_t::putmsgfrag(const char *, long &, long, JSObject *)()
    474 }
    475 size_t skip = sizeof(char);
    476 if(mode&P_PETSCII) {
    477 if(term&PETSCII) {
    478 outcom(str[l]);
    479 switch(str[l]) {
    CID 345626: Control flow issues (MISSING_BREAK)
    The case for value "13" is not terminated by a "break" statement.
    480 case '\r': // PETSCII "Return" / new-line
    481 column = 0;
    482 case PETSCII_DOWN:
    483 lncntr++;
    484 break;
    485 case PETSCII_CLEAR:

    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jan-23-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jan-23-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jan-23-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jan-23-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DK_Jn_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCE1dzADkjZMvFjpzSBiJR1TagLKhkmZJD7Fnc-2FH3viglWAqyL2-2F4M1CHx8BXuG-2FPZt4LtpCqfSLG1jD6xOpXSYwLcHByf-2FDK7-2F2xTr1miMvjlA0hFdd8ycTLDnsRF1aXE8HEZL6FWn6Qh-2BjpJa84TeOUs8Ly4NX1Eehi3KV0330Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, January 27, 2022 13:54:29
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jan-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jan-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jan-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jan-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DdE44_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD-2F1IxqPDEDEHu-2BJYrC5-2Bi1qLbcK5u4jLG2927f55qPZWYr8oIiY8CjXkNGQ3RfItAoC8PHMh628i51Cm0HYm-2FCRrl3BiehVytd-2BAR10GZUF1LttcbEARPpzhKC6-2FIWrYmH5drHxwK6sUVoEpVclPSOEeXVLkI3nDDQhiO4fAV8qg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, January 31, 2022 13:56:16
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jan-31-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jan-31-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jan-31-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jan-31-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dr6tr_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDqb2hb2E035DjqCub8AwEomamhiuucPpvK4o1BEs0Fbqxb4VAkBGwaW3-2BACTcKZKDsNqFh758EE95DdYcYlf6Av75CmmSv5Mz7EOKA4zB1cD-2B6GRxdTfGReiLs8dxIJs0qBHsn485o89Gggc5KZsaHtWsCIEU4TK11aBdEdLJ7kA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, February 05, 2022 13:54:51
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Feb-05-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Feb-05-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Feb-05-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Feb-05-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DtBvR_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDPVZ2EXfQNTuw0BLx0612oXp4woQcAHWvSAVuUH-2FSjPOQ9ksoGLiGZf34z9slVOxR0qnF70laJI4blH5NiRAzQv0Prpepwy-2FPpaN9sftQJUeTJXL07CNlc5JgE41qpbthRafRI3ihVXbXoPb-2BeibSRYXwKcIKOOVtsrU1yk9gqFA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, February 19, 2022 13:46:09
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Feb-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Feb-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Feb-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Feb-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DsCyd_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrC5cheLda-2FArm40NmrqXkUNtkdkuQZCCna3OHVXYiH4oLi0h87UyEHyCJc-2FXgwG5kd6iItp2VtFjVn8EGv4z1txPpWuyOjap3IvPESckyMhfynEQb0oGfPLQkqoNupP-2FM5aI0sFkfE4Wl5PBepgDMN07ijTinZ4wFeleX9NwtJZrQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, February 24, 2022 13:48:48
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    24 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 349724: Error handling issues (NEGATIVE_RETURNS)
    /userdat.c: 1464 in readsmsg()


    ________________________________________________________________________________________________________
    *** CID 349724: Error handling issues (NEGATIVE_RETURNS)
    /userdat.c: 1464 in readsmsg()
    1458 return(NULL);
    1459 length=(long)filelength(file);
    1460 if((buf=(char *)malloc(length+1))==NULL) {
    1461 close(file);
    1462 return(NULL);
    1463 }
    CID 349724: Error handling issues (NEGATIVE_RETURNS)
    "length" is passed to a parameter that cannot be negative. [Note: The source code implementation of the function has been overridden by a builtin model.]
    1464 if(read(file,buf,length)!=length) {
    1465 close(file);
    1466 free(buf);
    1467 return(NULL);
    1468 }
    1469 chsize(file,0L);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DZ7BT_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDucsQet7CN5MeeBVgzW5eMSbGJc98qxHaPqqpHg3TIaoOBdI0-2Fh66lpiqU3c7CTkLjsmoHkqGMIjv4PN-2BcxufHSQLgsk2bl9kf5PCWevTsdhIK1WzMoJrUv6QopHr8CuiCaFyxCZli-2BhnO6LtGVDH4Z9lxeUXAnTW6djeJddagaQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From MRO@VERT/BBSESINF to scan-admin@coverity.com on Thursday, February 24, 2022 09:23:05
    Re: New Defects reported by Coverity Scan for Synchronet
    By: scan-admin@coverity.com to cov-scan@synchro.net on Thu Feb 24 2022 01:48 pm

    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.



    so is this something DM setup or just something someone else decided to do.
    ---
    þ Synchronet þ ::: BBSES.info - free BBS services :::
  • From Digital Man@VERT to MRO on Thursday, February 24, 2022 13:13:38
    Re: New Defects reported by Coverity Scan for Synchronet
    By: MRO to scan-admin@coverity.com on Thu Feb 24 2022 09:23 am

    so is this something DM setup or just something someone else decided to do.

    Deuce and I set it up, years ago now.
    --
    digital man (rob)

    Rush quote #21:
    You can surrender without a prayer, but never really pray without surrender Norco, CA WX: 57.4øF, 21.0% humidity, 0 mph E wind, 0.00 inches rain/24hrs

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Andre@VERT/RDOMENTR to Digital Man on Thursday, February 24, 2022 16:15:38
    Re: New Defects reported by Coverity Scan for Synchronet
    By: Digital Man to MRO on Thu Feb 24 2022 01:13 pm

    Deuce and I set it up, years ago now.

    I think I saw 2014?


    - Andre

    ---
    þ Synchronet þ Radio Mentor BBS - bbs.radiomentor.org
  • From MRO@VERT/BBSESINF to Digital Man on Thursday, February 24, 2022 21:09:16
    Re: New Defects reported by Coverity Scan for Synchronet
    By: Digital Man to MRO on Thu Feb 24 2022 01:13 pm

    Re: New Defects reported by Coverity Scan for Synchronet
    By: MRO to scan-admin@coverity.com on Thu Feb 24 2022 09:23 am

    so is this something DM setup or just something someone else decided to do.

    Deuce and I set it up, years ago now.

    okay but is it actually accurate most of the time, considering that synchronet is a bit obscure compared to what it normally checks?
    ---
    þ Synchronet þ ::: BBSES.info - free BBS services :::
  • From Digital Man@VERT to MRO on Thursday, February 24, 2022 20:20:48
    Re: New Defects reported by Coverity Scan for Synchronet
    By: MRO to Digital Man on Thu Feb 24 2022 09:09 pm

    Re: New Defects reported by Coverity Scan for Synchronet
    By: Digital Man to MRO on Thu Feb 24 2022 01:13 pm

    Re: New Defects reported by Coverity Scan for Synchronet
    By: MRO to scan-admin@coverity.com on Thu Feb 24 2022 09:23 am

    so is this something DM setup or just something someone else decided to do.

    Deuce and I set it up, years ago now.

    okay but is it actually accurate most of the time, considering that synchronet is a bit obscure compared to what it normally checks?

    Coverity? It's a very accurate static analysis tool. There are false-positives or over-alarmist "issues" reported sometimes, but it's an extremely valueable tool in insuring code quality. There are alternatives too (Microsoft has their own built into Visual Studio), but Coverity has an excellent reputation and is cross-platform. And... free for our use.
    --
    digital man (rob)

    Synchronet/BBS Terminology Definition #34:
    FTN = FidoNet Technology Network
    Norco, CA WX: 47.1øF, 45.0% humidity, 5 mph S wind, 0.00 inches rain/24hrs

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, February 25, 2022 13:48:37
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Feb-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Feb-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Feb-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Feb-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DIUoh_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAYdMratSAozV6iJMKMpRytvatmpFdJgxorTOdIW128D5-2B4Unefz2l9dVxUSncZSWTt5F1mh3ZNn4JgxRB70Eggjd1zU6QJnc4AIWV3sBZ1-2FFXYzlv0uRQmJtguvPTIvxDOSsU9EjXyct01FxiZMb7M-2Bv4JmFgkZvkJZ0YyBlnHMQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, February 28, 2022 13:50:47
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    9 new defect(s) introduced to Synchronet found with Coverity Scan.
    5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 9 of 9 defect(s)


    ** CID 349947: (CHECKED_RETURN) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsapi.cpp: 3959 in JS_ClearScope()
    /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsapi.cpp: 3965 in JS_ClearScope()
    /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsapi.cpp: 3973 in JS_ClearScope()


    ________________________________________________________________________________________________________
    *** CID 349947: (CHECKED_RETURN) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsapi.cpp: 3959 in JS_ClearScope()
    3953 /* Clear cached class objects on the global object. */
    3954 if (obj->isGlobal()) {
    3955 /* This can return false but that doesn't mean it failed. */ 3956 obj->unbrand(cx);
    3957
    3958 for (int key = JSProto_Null; key < JSProto_LIMIT * 3; key++) >>> CID 349947: (CHECKED_RETURN)
    Calling "JS_SetReservedSlot" without checking return value (as is done elsewhere 38 out of 43 times).
    3959 JS_SetReservedSlot(cx, obj, key, JSVAL_VOID);
    3960
    3961 /* Clear regexp statics. */
    3962 RegExpStatics::extractFrom(obj)->clear();
    3963
    3964 /* Clear the CSP eval-is-allowed cache. */ /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsapi.cpp: 3965 in JS_ClearScope()
    3959 JS_SetReservedSlot(cx, obj, key, JSVAL_VOID);
    3960
    3961 /* Clear regexp statics. */
    3962 RegExpStatics::extractFrom(obj)->clear();
    3963
    3964 /* Clear the CSP eval-is-allowed cache. */
    CID 349947: (CHECKED_RETURN)
    Calling "JS_SetReservedSlot" without checking return value (as is done elsewhere 38 out of 43 times).
    3965 JS_SetReservedSlot(cx, obj, JSRESERVED_GLOBAL_EVAL_ALLOWED, JSVAL_VOID);
    3966
    3967 /*
    3968 * Mark global as cleared. If we try to execute any compile-and-go
    3969 * scripts from here on, we will throw.
    3970 */ /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsapi.cpp: 3973 in JS_ClearScope()
    3967 /*
    3968 * Mark global as cleared. If we try to execute any compile-and-go
    3969 * scripts from here on, we will throw.
    3970 */
    3971 int32 flags = obj->getReservedSlot(JSRESERVED_GLOBAL_FLAGS).toInt32();
    3972 flags |= JSGLOBAL_FLAGS_CLEARED;
    CID 349947: (CHECKED_RETURN)
    Calling "JS_SetReservedSlot" without checking return value (as is done elsewhere 38 out of 43 times).
    3973 JS_SetReservedSlot(cx, obj, JSRESERVED_GLOBAL_FLAGS, Jsvalify(Int32Value(flags)));
    3974 }
    3975
    3976 js_InitRandom(cx);
    3977 }
    3978

    ** CID 349946: Error handling issues (CHECKED_RETURN) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/Library.cpp: 259 in js::ctypes::Library::Close(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 349946: Error handling issues (CHECKED_RETURN) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/Library.cpp: 259 in js::ctypes::Library::Close(JSContext *, unsigned int, unsigned long *)()
    253 JS_ReportError(cx, "close doesn't take any arguments");
    254 return JS_FALSE;
    255 }
    256
    257 // delete our internal objects
    258 Finalize(cx, obj);
    CID 349946: Error handling issues (CHECKED_RETURN)
    Calling "JS_SetReservedSlot" without checking return value (as is done elsewhere 38 out of 43 times).
    259 JS_SetReservedSlot(cx, obj, SLOT_LIBRARY, PRIVATE_TO_JSVAL(NULL)); 260
    261 JS_SET_RVAL(cx, vp, JSVAL_VOID);
    262 return JS_TRUE;
    263 }
    264

    ** CID 349945: Null pointer dereferences (FORWARD_NULL)


    ________________________________________________________________________________________________________
    *** CID 349945: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/CTypes.cpp: 4834 in js::ctypes::FunctionType::Create(JSContext *, unsigned int, unsigned long *)()
    4828 }
    4829
    4830 // Pull out the argument types from the array, if any.
    4831 JS_ASSERT(!argTypes.length() || arrayObj);
    4832 js::AutoArrayRooter items(cx, argTypes.length(), argTypes.begin()); 4833 for (jsuint i = 0; i < argTypes.length(); ++i) {
    CID 349945: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "arrayObj" to "JS_GetElement", which dereferences it.
    4834 if (!JS_GetElement(cx, arrayObj, i, &argTypes[i]))
    4835 return JS_FALSE;
    4836 }
    4837
    4838 JSObject* result = CreateInternal(cx, argv[0], argv[1],
    4839 argTypes.begin(), argTypes.length());

    ** CID 43174: Security best practices violations (SECURE_TEMP) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 226 in open_temp_exec_file_name()


    ________________________________________________________________________________________________________
    *** CID 43174: Security best practices violations (SECURE_TEMP) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 226 in open_temp_exec_file_name()
    220 static size_t execsize = 0;
    221
    222 /* Open a temporary file name, and immediately unlink it. */
    223 static int
    224 open_temp_exec_file_name (char *name)
    225 {
    CID 43174: Security best practices violations (SECURE_TEMP)
    Calling "mkstemp" without securely setting umask first.
    226 int fd = mkstemp (name);
    227
    228 if (fd != -1)
    229 unlink (name);
    230
    231 return fd;

    ** CID 43169: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 436 in dlmmap_locked()


    ________________________________________________________________________________________________________
    *** CID 43169: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 436 in dlmmap_locked()
    430 }
    431
    432 mmap_exec_offset ((char *)start, length) = (char*)ptr - (char*)start; 433
    434 execsize += length;
    435
    CID 43169: Resource leaks (RESOURCE_LEAK)
    Variable "ptr" going out of scope leaks the storage it points to.
    436 return start;
    437 }
    438
    439 /* Map in a writable and executable chunk of memory if possible.
    440 Failing that, fall back to dlmmap_locked. */
    441 static void *

    ** CID 43149: Control flow issues (MISSING_BREAK) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/x86/ffi64.c: 148 in classify_argument()


    ________________________________________________________________________________________________________
    *** CID 43149: Control flow issues (MISSING_BREAK) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/x86/ffi64.c: 148 in classify_argument()
    142 case FFI_TYPE_UINT16:
    143 case FFI_TYPE_SINT16:
    144 case FFI_TYPE_UINT32:
    145 case FFI_TYPE_SINT32:
    146 case FFI_TYPE_UINT64:
    147 case FFI_TYPE_SINT64:
    CID 43149: Control flow issues (MISSING_BREAK)
    The case for value "14" is not terminated by a "break" statement.
    148 case FFI_TYPE_POINTER:
    149 {
    150 int size = byte_offset + type->size;
    151
    152 if (size <= 4)
    153 {

    ** CID 43148: Program hangs (LOCK) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/dlmalloc.c: 4350 in dlfree()


    ________________________________________________________________________________________________________
    *** CID 43148: Program hangs (LOCK) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/dlmalloc.c: 4350 in dlfree()
    4344 POSTACTION(fm);
    4345 }
    4346 }
    4347 #if !FOOTERS
    4348 #undef fm
    4349 #endif /* FOOTERS */
    CID 43148: Program hangs (LOCK)
    Returning without unlocking "_gm_.mutex".
    4350 }
    4351
    4352 void* dlcalloc(size_t n_elements, size_t elem_size) {
    4353 void* mem;
    4354 size_t req = 0;
    4355 if (n_elements != 0) {

    ** CID 43147: Program hangs (LOCK) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/dlmalloc.c: 4246 in dlmalloc()


    ________________________________________________________________________________________________________
    *** CID 43147: Program hangs (LOCK) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/dlmalloc.c: 4246 in dlmalloc()
    4240 }
    4241
    4242 mem = sys_alloc(gm, nb);
    4243
    4244 postaction:
    4245 POSTACTION(gm);
    CID 43147: Program hangs (LOCK)
    Returning without unlocking "_gm_.mutex".
    4246 return mem;
    4247 }
    4248
    4249 return 0;
    4250 }
    4251

    ** CID 43140: Memory - corruptions (BAD_FREE) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 501 in dlmunmap()


    ________________________________________________________________________________________________________
    *** CID 43140: Memory - corruptions (BAD_FREE) /tmp/sbbs-Feb-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 501 in dlmunmap()
    495 #if FFI_CLOSURE_TEST
    496 printf ("unmapping %zi\n", length);
    497 #endif
    498
    499 if (seg && (code = add_segment_exec_offset (start, seg)) != start) 500 {
    CID 43140: Memory - corruptions (BAD_FREE)
    "munmap" frees incorrect pointer "code".
    501 int ret = munmap (code, length);
    502 if (ret)
    503 return ret;
    504 }
    505
    506 return munmap (start, length);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DBdDU_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAWQK-2BbauFoR8oEcd8fVvowWww1uOREp83U-2BQv-2F49ZxHjLovWpQVbJzCo15li7JaqiLVFDhjl0JEgQeQKrnzmY9Xam1jd0jpy91zK33qTfOzOatQbuBkc6tp1BrmOUJzbyc0kg3LQP5h22pzEnSi6XFuU-2FNv7elDIbIVbH0Y0tr0w-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, March 01, 2022 13:56:04
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    79 new defect(s) introduced to Synchronet found with Coverity Scan.
    12 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 79 defect(s)


    ** CID 350349: Memory - illegal accesses (STRING_NULL)
    /telgate.cpp: 194 in sbbs_t::telnet_gate(char *, unsigned long, unsigned int, char *, char *, char *)()


    ________________________________________________________________________________________________________
    *** CID 350349: Memory - illegal accesses (STRING_NULL)
    /telgate.cpp: 194 in sbbs_t::telnet_gate(char *, unsigned long, unsigned int, char *, char *, char *)()
    188 l=K_CHAT;
    189 if(!(mode&TG_ECHO))
    190 l|=K_NOECHO;
    191 rd=getstr((char*)buf,sizeof(buf)-1,l);
    192 if(!rd)
    193 continue;
    CID 350349: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
    194 SAFECAT(buf,crlf);
    195 rd+=2;
    196 gotline=true;
    197 }
    198 if((mode&TG_CRLF) && buf[rd-1]=='\r') 199 buf[rd++]='\n';

    ** CID 350348: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1376 in JSRuntime::realloc(void *, unsigned long, unsigned long, JSContext *)()


    ________________________________________________________________________________________________________
    *** CID 350348: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1376 in JSRuntime::realloc(void *, unsigned long, unsigned long, JSContext *)()
    1370 }
    1371
    1372 void* realloc(void* p, size_t oldBytes, size_t newBytes, JSContext *cx = NULL) {
    1373 JS_ASSERT(oldBytes < newBytes);
    1374 updateMallocCounter(newBytes - oldBytes);
    1375 void *p2 = ::js_realloc(p, newBytes);
    CID 350348: Resource leaks (RESOURCE_LEAK)
    Variable "p2" going out of scope leaks the storage it points to.
    1376 return JS_LIKELY(!!p2) ? p2 : onOutOfMemory(p, newBytes, cx); 1377 }
    1378
    1379 void* realloc(void* p, size_t bytes, JSContext *cx = NULL) {
    1380 /*
    1381 * For compatibility we do not account for realloc that increases

    ** CID 350347: (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 350347: (UNINIT) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsstr.cpp: 2517 in js::str_replace(JSContext *, unsigned int, js::Value *)()
    2511 * |RegExp| statics.
    2512 */
    2513
    2514 const FlatMatch *fm = rdata.g.tryFlatMatch(cx, rdata.str, optarg, argc, false);
    2515 if (!fm) {
    2516 if (cx->isExceptionPending()) /* oom in RopeMatch in tryFlatMatch */
    CID 350347: (UNINIT)
    Using uninitialized value "rdata.session.frame_.regs_.fp" when calling "~ReplaceData".
    2517 return false;
    2518 JS_ASSERT_IF(!rdata.g.hasRegExpPair(), argc > optarg);
    2519 return str_replace_regexp(cx, argc, vp, rdata);
    2520 }
    2521
    2522 if (fm->match() < 0) { /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsstr.cpp: 2517 in js::str_replace(JSContext *, unsigned int, js::Value *)()
    2511 * |RegExp| statics.
    2512 */
    2513
    2514 const FlatMatch *fm = rdata.g.tryFlatMatch(cx, rdata.str, optarg, argc, false);
    2515 if (!fm) {
    2516 if (cx->isExceptionPending()) /* oom in RopeMatch in tryFlatMatch */
    CID 350347: (UNINIT)
    Using uninitialized value "rdata.singleShot.prevInvokeArgEnd" when calling "~ReplaceData".
    2517 return false;
    2518 JS_ASSERT_IF(!rdata.g.hasRegExpPair(), argc > optarg);
    2519 return str_replace_regexp(cx, argc, vp, rdata);
    2520 }
    2521
    2522 if (fm->match() < 0) { /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsstr.cpp: 2443 in js::str_replace(JSContext *, unsigned int, js::Value *)()
    2437 JSBool
    2438 js::str_replace(JSContext *cx, uintN argc, Value *vp)
    2439 {
    2440 ReplaceData rdata(cx);
    2441 rdata.str = ThisToStringForStringProto(cx, vp);
    2442 if (!rdata.str)
    CID 350347: (UNINIT)
    Using uninitialized value "rdata.singleShot.prevInvokeArgEnd" when calling "~ReplaceData".
    2443 return false;
    2444 static const uint32 optarg = 2;
    2445
    2446 /* Extract replacement string/function. */
    2447 if (argc >= optarg && js_IsCallable(vp[3])) {
    2448 rdata.lambda = &vp[3].toObject(); /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsstr.cpp: 2443 in js::str_replace(JSContext *, unsigned int, js::Value *)()
    2437 JSBool
    2438 js::str_replace(JSContext *cx, uintN argc, Value *vp)
    2439 {
    2440 ReplaceData rdata(cx);
    2441 rdata.str = ThisToStringForStringProto(cx, vp);
    2442 if (!rdata.str)
    CID 350347: (UNINIT)
    Using uninitialized value "rdata.session.frame_.regs_.fp" when calling "~ReplaceData".
    2443 return false;
    2444 static const uint32 optarg = 2;
    2445
    2446 /* Extract replacement string/function. */
    2447 if (argc >= optarg && js_IsCallable(vp[3])) {
    2448 rdata.lambda = &vp[3].toObject();

    ** CID 350346: (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 350346: (UNINIT) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsreflect.cpp: 2165 in js::ASTSerializer::statement(JSParseNode *, js::Value *)()
    2159
    2160 case TOK_WITH:
    2161 case TOK_WHILE:
    2162 {
    2163 Value expr, stmt;
    2164
    CID 350346: (UNINIT)
    Using uninitialized value "stmt" when calling "whileStatement".
    2165 return expression(pn->pn_left, &expr) &&
    2166 statement(pn->pn_right, &stmt) &&
    2167 (PN_TYPE(pn) == TOK_WITH)
    2168 ? builder.withStatement(expr, stmt, &pn->pn_pos, dst) 2169 : builder.whileStatement(expr, stmt, &pn->pn_pos, dst); 2170 } /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsreflect.cpp: 2165 in js::ASTSerializer::statement(JSParseNode *, js::Value *)()
    2159
    2160 case TOK_WITH:
    2161 case TOK_WHILE:
    2162 {
    2163 Value expr, stmt;
    2164
    CID 350346: (UNINIT)
    Using uninitialized value "stmt.data" when calling "whileStatement". 2165 return expression(pn->pn_left, &expr) &&
    2166 statement(pn->pn_right, &stmt) &&
    2167 (PN_TYPE(pn) == TOK_WITH)
    2168 ? builder.withStatement(expr, stmt, &pn->pn_pos, dst) 2169 : builder.whileStatement(expr, stmt, &pn->pn_pos, dst); 2170 }

    ** CID 350345: Memory - corruptions (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 350345: Memory - corruptions (OVERRUN) /tmp/sbbs-Mar-01-2022/3rdp/src/cl/bn/bn_mul.c: 1130 in BN_mul()
    1124 rr->top = top;
    1125 bn_mul_normal(rr->d, a->d, al, b->d, bl);
    1126
    1127 #if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
    1128 end:
    1129 #endif
    CID 350345: Memory - corruptions (OVERRUN)
    Overrunning callee's array of size 72 by passing argument "rr->top" (which evaluates to 272) in call to "BN_normalise".
    1130 bn_correct_top(rr);
    1131 if (r != rr)
    1132 BN_copy(r, rr);
    1133 ret = 1;
    1134 err:
    1135 bn_check_top(r);

    ** CID 350344: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 350344: Uninitialized variables (UNINIT) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/methodjit/Compiler.cpp: 3355 in js::mjit::Compiler::jsop_callprop_obj(JSAtom *)()
    3349 labels.setInlineShapeJump(masm, inlineShapeLabel, inlineShapeJump);
    3350 #else
    3351 labels.setInlineShapeJump(masm, pic.shapeGuard, inlineShapeJump); 3352 #endif
    3353
    3354 stubcc.rejoin(Changes(2));
    CID 350344: Uninitialized variables (UNINIT)
    Using uninitialized value "pic". Field "pic.vr" is uninitialized when calling "append".
    3355 pics.append(pic);
    3356
    3357 return true;
    3358 }
    3359
    3360 bool

    ** CID 350343: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 350343: Uninitialized variables (UNINIT)
    /js_system.c: 1922 in js_chkname()
    1916
    1917 js_system_private_t* sys;
    1918 if((sys = (js_system_private_t*)js_GetClassPrivate(cx,obj,&js_system_class))==NULL)
    1919 return JS_FALSE;
    1920
    1921 rc=JS_SUSPENDREQUEST(cx);
    CID 350343: Uninitialized variables (UNINIT)
    Using uninitialized value "*str" when calling "check_name".
    1922 JS_SET_RVAL(cx, arglist, BOOLEAN_TO_JSVAL(check_name(sys->cfg,str)));
    1923 JS_RESUMEREQUEST(cx, rc);
    1924
    1925 return(JS_TRUE);
    1926 }
    1927

    ** CID 350342: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 350342: Uninitialized variables (UNINIT)
    /mailsrvr.c: 3160 in smtp_thread()
    3154 return;
    3155 }
    3156
    3157 if(trashcan(&scfg,host_name,"smtpspy")
    3158 || trashcan(&scfg,host_ip,"smtpspy")) {
    3159 SAFEPRINTF2(path,"%s%sspy.txt", scfg.logs_dir, client.protocol);
    CID 350342: Uninitialized variables (UNINIT)
    Using uninitialized value "*str" when calling "strlwr".
    3160 strlwr(str);
    3161 spy=fopen(str,"a");
    3162 }
    3163
    3164 /* Initialize client display */
    3165 client.size=sizeof(client);

    ** CID 350341: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1369 in JSRuntime::calloc(unsigned long, JSContext *)()


    ________________________________________________________________________________________________________
    *** CID 350341: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1369 in JSRuntime::calloc(unsigned long, JSContext *)()
    1363 * Call the system calloc while checking for GC memory pressure and
    1364 * reporting OOM error when cx is not null.
    1365 */
    1366 void* calloc(size_t bytes, JSContext *cx = NULL) {
    1367 updateMallocCounter(bytes);
    1368 void *p = ::js_calloc(bytes);
    CID 350341: Resource leaks (RESOURCE_LEAK)
    Variable "p" going out of scope leaks the storage it points to.
    1369 return JS_LIKELY(!!p) ? p : onOutOfMemory(reinterpret_cast<void *>(1), bytes, cx);
    1370 }
    1371
    1372 void* realloc(void* p, size_t oldBytes, size_t newBytes, JSContext *cx = NULL) {
    1373 JS_ASSERT(oldBytes < newBytes);
    1374 updateMallocCounter(newBytes - oldBytes);

    ** CID 350340: Memory - illegal accesses (OVERRUN) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsopcode.cpp: 5408 in SimulateImacroCFG(JSContext *, JSScript *, unsigned int, unsigned char *, unsigned char *, unsigned char **)()


    ________________________________________________________________________________________________________
    *** CID 350340: Memory - illegal accesses (OVERRUN) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsopcode.cpp: 5408 in SimulateImacroCFG(JSContext *, JSScript *, unsigned int, unsigned char *, unsigned char *, unsigned char **)()
    5402 }
    5403
    5404 ptrdiff_t oplen;
    5405 for (; pc < target; pc += oplen) {
    5406 JSOp op = js_GetOpcode(cx, script, pc);
    5407 const JSCodeSpec *cs = &js_CodeSpec[op];
    CID 350340: Memory - illegal accesses (OVERRUN)
    Overrunning array of 1952 bytes at byte offset 2040 by dereferencing pointer "cs".
    5408 oplen = cs->length;
    5409 if (oplen < 0)
    5410 oplen = js_GetVariableBytecodeLength(pc);
    5411
    5412 if (SimulateOp(cx, script, op, cs, pc, tmp_pcstack, pcdepth) < 0)
    5413 goto failure;

    ** CID 350339: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 350339: Uninitialized variables (UNINIT) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/methodjit/Compiler.cpp: 3528 in js::mjit::Compiler::jsop_name(JSAtom *)()
    3522 labels.setInlineJump(masm, pic.fastPathStart, inlineJump);
    3523
    3524 frame.pushRegs(pic.shapeReg, pic.objReg);
    3525
    3526 stubcc.rejoin(Changes(1));
    3527
    CID 350339: Uninitialized variables (UNINIT)
    Using uninitialized value "pic". Field "pic.pc" is uninitialized when calling "append".
    3528 pics.append(pic);
    3529 }
    3530
    3531 bool
    3532 mjit::Compiler::jsop_xname(JSAtom *atom)
    3533 {

    ** CID 350338: (USE_AFTER_FREE)


    ________________________________________________________________________________________________________
    *** CID 350338: (USE_AFTER_FREE) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsdtoa.cpp: 506 in js_dtobasestr()
    500 if (j1 > 0) {
    501 /* Either dig or dig+1 would work here as the least significant digit.
    502 Use whichever would produce an output value closer to d. */
    503 b = lshift(PASS_STATE b, 1);
    504 if (!b)
    505 goto nomem2;
    CID 350338: (USE_AFTER_FREE)
    Calling "cmp" dereferences freed pointer "s".
    506 j1 = cmp(b, s);
    507 if (j1 > 0) /* The even test (|| (j1 == 0 && (digit & 1))) is not here because it messes up odd base output
    508 * such as 3.5 in base 3. */
    509 digit++;
    510 }
    511 done = JS_TRUE; /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsdtoa.cpp: 481 in js_dtobasestr()
    475 goto nomem2;
    476 }
    477
    478 /* Do we yet have the shortest string that will round to d? */
    479 j = cmp(b, mlo);
    480 /* j is b/2^s2 compared with mlo/2^s2. */
    CID 350338: (USE_AFTER_FREE)
    Calling "diff" dereferences freed pointer "s".
    481 delta = diff(PASS_STATE s, mhi);
    482 if (!delta)
    483 goto nomem2;
    484 j1 = delta->sign ? 1 : cmp(b, delta);
    485 Bfree(PASS_STATE delta);
    486 /* j1 is b/2^s2 compared with 1 - mhi/2^s2. */ /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsdtoa.cpp: 481 in js_dtobasestr()
    475 goto nomem2;
    476 }
    477
    478 /* Do we yet have the shortest string that will round to d? */
    479 j = cmp(b, mlo);
    480 /* j is b/2^s2 compared with mlo/2^s2. */
    CID 350338: (USE_AFTER_FREE)
    Calling "diff" dereferences freed pointer "s".
    481 delta = diff(PASS_STATE s, mhi);
    482 if (!delta)
    483 goto nomem2;
    484 j1 = delta->sign ? 1 : cmp(b, delta);
    485 Bfree(PASS_STATE delta);
    486 /* j1 is b/2^s2 compared with 1 - mhi/2^s2. */

    ** CID 350337: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1359 in JSRuntime::malloc(unsigned long, JSContext *)()


    ________________________________________________________________________________________________________
    *** CID 350337: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1359 in JSRuntime::malloc(unsigned long, JSContext *)()
    1353 * Call the system malloc while checking for GC memory pressure and
    1354 * reporting OOM error when cx is not null.
    1355 */
    1356 void* malloc(size_t bytes, JSContext *cx = NULL) {
    1357 updateMallocCounter(bytes);
    1358 void *p = ::js_malloc(bytes);
    CID 350337: Resource leaks (RESOURCE_LEAK)
    Variable "p" going out of scope leaks the storage it points to.
    1359 return JS_LIKELY(!!p) ? p : onOutOfMemory(NULL, bytes, cx); 1360 }
    1361
    1362 /*
    1363 * Call the system calloc while checking for GC memory pressure and
    1364 * reporting OOM error when cx is not null.

    ** CID 350336: Uninitialized variables (UNINIT)
    /main.cpp: 2755 in event_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 350336: Uninitialized variables (UNINIT)
    /main.cpp: 2755 in event_thread(void *)()
    2749 SAFEPRINTF3(str,"%sfile%c%04u.qwk"
    2750 ,sbbs->cfg.data_dir,PATH_DELIM,sbbs->useron.number);
    2751 if(sbbs->pack_qwk(str,&l,true /* pre-pack/off-line */)) {
    2752 sbbs->lprintf(LOG_INFO, "Packing completed: %s", str);
    2753 sbbs->qwk_success(l,0,1);
    2754 sbbs->putmsgptrs();
    CID 350336: Uninitialized variables (UNINIT)
    Using uninitialized value "*bat_list" when calling "remove".
    2755 remove(bat_list);
    2756 } else
    2757 sbbs->lputs(LOG_INFO, "No packet created (no new messages)");
    2758 sbbs->delfiles(sbbs->cfg.temp_dir,ALLFILES);
    2759 sbbs->console&=~CON_L_ECHO; 2760 sbbs->online=FALSE;

    ** CID 350335: Memory - corruptions (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 350335: Memory - corruptions (OVERRUN) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/nanojit/Assembler.cpp: 716 in nanojit::Assembler::freeResourcesOf(nanojit::LIns *)()
    710 }
    711
    712 // Frees all record of registers and spill slots used by 'ins'.
    713 void Assembler::freeResourcesOf(LIns *ins)
    714 {
    715 if (ins->isInReg()) {
    CID 350335: Memory - corruptions (OVERRUN)
    Overrunning callee's array of size 32 by passing argument "ins->getReg()" (which evaluates to 127) in call to "retire".
    716 _allocator.retire(ins->getReg()); // free any register associated with entry
    717 ins->clearReg();
    718 }
    719 if (ins->isInAr()) {
    720 arFree(ins); // free any AR space associated with entry
    721 ins->clearArIndex();

    ** CID 350334: (USE_AFTER_FREE) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/dtoa.c: 3095 in dtoa(DtoaState *, U, int, int, int *, int *, char **)()


    ________________________________________________________________________________________________________
    *** CID 350334: (USE_AFTER_FREE) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/dtoa.c: 3108 in dtoa(DtoaState *, U, int, int, int *, int *, char **)()
    3102 for(i = 1;;i++) {
    3103 dig = quorem(b,S) + '0';
    3104 /* Do we yet have the shortest decimal string 3105 * that will round to d?
    3106 */
    3107 j = cmp(b, mlo);
    CID 350334: (USE_AFTER_FREE)
    Calling "diff" dereferences freed pointer "mhi".
    3108 delta = diff(PASS_STATE S, mhi);
    3109 j1 = delta->sign ? 1 : cmp(b, delta);
    3110 Bfree(PASS_STATE delta);
    3111 #ifndef ROUND_BIASED
    3112 if (j1 == 0 && mode != 1 && !(word1(d) & 1) 3113 #ifdef Honor_FLT_ROUNDS /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/dtoa.c: 3108 in dtoa(DtoaState *, U, int, int, int *, int *, char **)()
    3102 for(i = 1;;i++) {
    3103 dig = quorem(b,S) + '0';
    3104 /* Do we yet have the shortest decimal string 3105 * that will round to d?
    3106 */
    3107 j = cmp(b, mlo);
    CID 350334: (USE_AFTER_FREE)
    Calling "diff" dereferences freed pointer "mhi".
    3108 delta = diff(PASS_STATE S, mhi);
    3109 j1 = delta->sign ? 1 : cmp(b, delta);
    3110 Bfree(PASS_STATE delta);
    3111 #ifndef ROUND_BIASED
    3112 if (j1 == 0 && mode != 1 && !(word1(d) & 1) 3113 #ifdef Honor_FLT_ROUNDS /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/dtoa.c: 3095 in dtoa(DtoaState *, U, int, int, int *, int *, char **)()
    3089 mhi = lshift(PASS_STATE mhi, m2);
    3090
    3091 /* Compute mlo -- check for special case
    3092 * that d is a normalized power of 2.
    3093 */
    3094
    CID 350334: (USE_AFTER_FREE)
    Using freed pointer "mhi".
    3095 mlo = mhi;
    3096 if (spec_case) {
    3097 mhi = Balloc(PASS_STATE mhi->k);
    3098 Bcopy(mhi, mlo);
    3099 mhi = lshift(PASS_STATE mhi, Log2P);
    3100 }

    ** CID 350333: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 350333: Uninitialized variables (UNINIT)
    /js_socket.c: 1817 in js_getsockopt()
    1811 if((p=(js_socket_private_t*)js_GetClassPrivate(cx, obj, &js_socket_class))==NULL) {
    1812 return(JS_FALSE);
    1813 }
    1814
    1815 rc=JS_SUSPENDREQUEST(cx);
    1816 JSVALUE_TO_ASTRING(cx, argv[0], cstr, 64, NULL);
    CID 350333: Uninitialized variables (UNINIT)
    Using uninitialized value "*cstr" when calling "getSocketOptionByName". 1817 if((opt = getSocketOptionByName(cstr, &level)) == -1) {
    1818 JS_RESUMEREQUEST(cx, rc);
    1819 return(JS_TRUE);
    1820 }
    1821
    1822 if(opt == SO_LINGER) {

    ** CID 350332: (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 350332: (OVERRUN) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/nanojit/Assembler.cpp: 542 in nanojit::Assembler::findRegFor(nanojit::LIns *, unsigned int)()
    536 //
    537 // pre-state: ecx(ins)
    538 // instruction: mov eax, ecx
    539 // post-state: eax(ins)
    540 //
    541 Register s = r;
    CID 350332: (OVERRUN)
    Overrunning callee's array of size 32 by passing argument "r" (which evaluates to 127) in call to "retire".
    542 _allocator.retire(r);
    543 r = registerAlloc(ins, allow, hint(ins));
    544
    545 // 'ins' is in 'allow', in register r (different to the old r);
    546 // s is the old r.
    547 if ((rmask(s) & GpRegs) && (rmask(r) & GpRegs)) { /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/nanojit/Assembler.cpp: 511 in nanojit::Assembler::findRegFor(nanojit::LIns *, unsigned int)()
    505 if (!ins->isInReg()) {
    506 // 'ins' isn't in a register (must be in a spill slot or nowhere).
    507 r = registerAlloc(ins, allow, hint(ins));
    508
    509 } else if (rmask(r = ins->getReg()) & allow) {
    510 // 'ins' is in an allowed register.
    CID 350332: (OVERRUN)
    Overrunning callee's array of size 32 by passing argument "r" (which evaluates to 127) in call to "useActive".
    511 _allocator.useActive(r);
    512
    513 } else {
    514 // 'ins' is in a register (r) that's not in 'allow'.
    515 #ifdef NANOJIT_IA32
    516 if (((rmask(r)&XmmRegs) && !(allow&XmmRegs)) ||

    ** CID 350331: Memory - corruptions (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 350331: Memory - corruptions (OVERRUN) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/nanojit/Assembler.cpp: 255 in nanojit::Assembler::registerAlloc(nanojit::LIns *, unsigned int, unsigned int)()
    249 r = vic->getReg();
    250
    251 evict(vic);
    252
    253 // r ends up staying active, but the LIns defining it changes.
    254 _allocator.removeFree(r);
    CID 350331: Memory - corruptions (OVERRUN)
    Overrunning callee's array of size 32 by passing argument "r" (which evaluates to 127) in call to "addActive".
    255 _allocator.addActive(r, ins);
    256 ins->setReg(r);
    257 }
    258
    259 return r;
    260 }

    ** CID 350330: Error handling issues (CHECKED_RETURN) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/methodjit/StubCalls.cpp: 2114 in InitPropOrMethod(js::VMFrame &, JSAtom *, JSOp)()


    ________________________________________________________________________________________________________
    *** CID 350330: Error handling issues (CHECKED_RETURN) /tmp/sbbs-Mar-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/methodjit/StubCalls.cpp: 2114 in InitPropOrMethod(js::VMFrame &, JSAtom *, JSOp)()
    2108 /* Get the immediate property name into id. */
    2109 jsid id = ATOM_TO_JSID(atom);
    2110
    2111 uintN defineHow = (op == JSOP_INITMETHOD)
    2112 ? JSDNP_CACHE_RESULT | JSDNP_SET_METHOD
    2113 : JSDNP_CACHE_RESULT;
    CID 350330: Error handling issues (CHECKED_RETURN)
    Calling "js_SetPropertyHelper" without checking return value (as is done elsewhere 4 out of 5 times).
    2114 if (!(JS_UNLIKELY(atom == cx->runtime->atomState.protoAtom) 2115 ? js_SetPropertyHelper(cx, obj, id, defineHow, &rval, false)
    2116 : js_DefineNativeProperty(cx, obj, id, rval, NULL, NULL, 2117 JSPROP_ENUMERATE, 0, 0, NULL, 2118 defineHow))) {
    2119 THROW();


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DEMqw_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCP-2B8OHIldljvVVL5cQeE6UT0WnQ1RNbqLoTxk-2FeL9PEk8n4H0FlfdjUpDUESHU7jfONTBkfwWnTxTnSwiEf8HMCaPWxKHWwiX5TlAgpBxAxNxqOwpiuqloQotGWODdOqhlmv0xc95f00sygbqs-2B5cr6DKQDu2jc96LxrO4bOzQnQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, March 02, 2022 13:56:03
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    26 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 350353: Error handling issues (NEGATIVE_RETURNS)
    /sbbsecho.c: 3629 in getzpt()


    ________________________________________________________________________________________________________
    *** CID 350353: Error handling issues (NEGATIVE_RETURNS)
    /sbbsecho.c: 3629 in getzpt()
    3623 }
    3624 if(buf[i]=='\r')
    3625 cr=1;
    3626 else
    3627 cr=0;
    3628 }
    CID 350353: Error handling issues (NEGATIVE_RETURNS)
    "pos" is passed to a parameter that cannot be negative.
    3629 (void)fseeko(stream,pos,SEEK_SET);
    3630 return intl_found;
    3631 }
    3632
    3633 bool foreign_zone(uint16_t zone1, uint16_t zone2)
    3634 {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DmiUV_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCREBxNEUgdt5ZQ6Jwp6-2F2dgB3N1R09JHnkRI8obVHKr9rLWEOifV40DEpPVOO0-2FraqrnSN-2BnhUTXyIvrlQ4autpeTHdQl6YDJk0BRrodCTUzq7DK-2F5i4TI7jqqdybEo8XFc066P6h-2BWGjEKMxgiHVWXtJf16Bn6nRGWXloCyW5Sg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, March 03, 2022 13:54:50
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    23 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 350413: Error handling issues (CHECKED_RETURN)
    /smbutil.c: 1208 in packmsgs()


    ________________________________________________________________________________________________________
    *** CID 350413: Error handling issues (CHECKED_RETURN)
    /smbutil.c: 1208 in packmsgs()
    1202 if(offset < 0) {
    1203 fprintf(errfp,"\n%s!Data allocation failure: %ld\n", beep, (long)offset);
    1204 continue;
    1205 }
    1206 datoffset[datoffsets].new = (uint32_t)offset;
    1207 datoffsets++;
    CID 350413: Error handling issues (CHECKED_RETURN)
    Calling "fseeko(tmp_sdt, offset, 0)" without checking return value. This library function may fail and return an error code.
    1208 fseeko(tmp_sdt, offset, SEEK_SET);
    1209 }
    1210 else {
    1211 fseek(tmp_sdt,0L,SEEK_END);
    1212 offset = ftello(tmp_sdt);
    1213 if(offset < 0) {

    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DD47W_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCSrijcu7bXGqi81OTBzOPBjXC3lWUuu5-2BXvKRt4FwjyPDf0g9xky4HQ0WtVouLRWmck1Ycykgk-2FaRQTwHwDaWNmkgdjrEM471gEiGAjjmwUICC8KGfeOt7sKwnsIZs4JW6l0pvrNJkOCwyjTGMjbzCH-2Bi1uRDonCgn-2FyD3M7dqtA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, March 06, 2022 13:56:16
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-06-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-06-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-06-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-06-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DGZmf_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrB-2FE93deCeVJSOK4GeykkZSfz13YUWn5gfaUBcFTSXXKkKO2DjnNJQYessG1TKOvN45D1867ZL9Z0EXmszWk9qtSbmOYOll1SGuHXUe5gSamYqVz-2FReX-2BYS9Ar9ZtY1bbpPOSjU01u3kspVY0sdJLdQDgLZw68KIVC-2FzLYHG0d0n-2FZbrtQLNIJ0YjzIrTOswrE-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, March 08, 2022 13:55:56
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dqp4w_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDxbPSb0xy-2FqI-2FyNL5NDpSNKkJTR0FUVvi-2FoErGXhV79WhSncGrrgvggywwoEkzh8kkXq04p9W4M47AUIJxVpMtR39huOqsR4osHyy-2BiRDpC6Lay-2FVwV6z-2BvLUOMvj8ylZPGnxoCBj9-2BcgsuzrqrTDgB5abbbYwKEg-2BoVzbDoM32Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, March 11, 2022 13:55:28
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-11-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-11-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-11-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-11-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DPYf4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrB-2F1eaNePyAzxB9G0QBKI-2BxgslMFW9jdo0iy1q6QTrEdZaVcfvJ41KOTHvrm7SheZUyvE5enZ45-2FVVsWM-2BQjzr5ySmKxKQyXSHrviuUmjusTTm-2FCEgTUXwYb2p3QQ5-2FmGMmuIQJ6ov9zjWFIWXQPR3nv7UTPEl4cMiZa7fnognhMg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, March 14, 2022 12:54:56
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-14-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-14-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-14-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-14-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DrTez_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBzePTeq7-2Bqo0W1jZZcsP1WL0c5-2BSPOmYJbiDNUJLCbPKmTr7zp2D9sdLyxtx-2B5mjbwbkBBCHimFd2RgGXLNkX-2FQj-2Fh1N2hgO6ZoZlOu8BbEewAkxJBBczHJHgsQ1t-2Fgh14dd9HSuBwK8RZNgqLUxim1O5Krer9hnF8CmDBJSmIAg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, March 18, 2022 12:53:08
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D1pfM_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA18gmU5Pbu9BTDBJBVOQuAHGOY8lFwtAjgGb7o3Un35AqiFI6s5UMyj7Z0ZNf5G8TMktafsulQOV4p-2FclLp03FumVzHBAcfRkyewZhOnf7iynwCP4FENe8FbVn-2FnrCI-2BfvvnB-2Bjoc71R7KhMPelOf4KacPdBc4WZxmQA8dIGeDOg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, March 23, 2022 23:05:35
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 350813: Error handling issues (CHECKED_RETURN)
    /js_system.c: 373 in js_system_set()


    ________________________________________________________________________________________________________
    *** CID 350813: Error handling issues (CHECKED_RETURN)
    /js_system.c: 373 in js_system_set()
    367 JS_IdToValue(cx, id, &idval);
    368 tiny = JSVAL_TO_INT(idval);
    369
    370 #ifndef JSDOOR
    371 switch(tiny) {
    372 case SYS_PROP_MISC:
    CID 350813: Error handling issues (CHECKED_RETURN)
    Calling "JS_ValueToECMAUint32" without checking return value (as is done elsewhere 68 out of 71 times).
    373 JS_ValueToECMAUint32(cx, *vp, (uint32_t*)&sys->cfg->sys_misc);
    374 break;
    375 case SYS_PROP_OP_AVAIL:
    376 if(!set_sysop_availability(sys->cfg, JSVAL_TO_BOOLEAN(*vp))) {
    377 JS_ReportError(cx, "%s: Failed to set sysop availability", __FUNCTION__);
    378 return JS_FALSE;

    ** CID 350812: Error handling issues (CHECKED_RETURN)
    /js_system.c: 1198 in js_secondstr()


    ________________________________________________________________________________________________________
    *** CID 350812: Error handling issues (CHECKED_RETURN)
    /js_system.c: 1198 in js_secondstr()
    1192 return JS_FALSE;
    1193
    1194 if(JSVAL_NULL_OR_VOID(argv[0])) {
    1195 JS_ReportError(cx, "Invalid argument");
    1196 return JS_FALSE;
    1197 }
    CID 350812: Error handling issues (CHECKED_RETURN)
    Calling "JS_ValueToECMAUint32" without checking return value (as is done elsewhere 68 out of 71 times).
    1198 JS_ValueToECMAUint32(cx,argv[0],&t);
    1199 sectostr(t,str);
    1200 if((js_str = JS_NewStringCopyZ(cx, str))==NULL)
    1201 return(JS_FALSE);
    1202
    1203 JS_SET_RVAL(cx, arglist, STRING_TO_JSVAL(js_str));

    ** CID 350811: Error handling issues (CHECKED_RETURN)
    /js_system.c: 1171 in js_datestr()


    ________________________________________________________________________________________________________
    *** CID 350811: Error handling issues (CHECKED_RETURN)
    /js_system.c: 1171 in js_datestr()
    1165 else {
    1166 if(JSVAL_IS_STRING(argv[0])) { /* convert from string to time_t? */
    1167 JSVALUE_TO_ASTRING(cx, argv[0], p, 10, NULL); 1168 JS_SET_RVAL(cx, arglist, DOUBLE_TO_JSVAL((double)dstrtounix(sys->cfg, p)));
    1169 return(JS_TRUE);
    1170 }
    CID 350811: Error handling issues (CHECKED_RETURN)
    Calling "JS_ValueToECMAUint32" without checking return value (as is done elsewhere 68 out of 71 times).
    1171 JS_ValueToECMAUint32(cx,argv[0],(uint32_t*)&t);
    1172 }
    1173 unixtodstr(sys->cfg,t,str);
    1174 if((js_str = JS_NewStringCopyZ(cx, str))==NULL)
    1175 return(JS_FALSE);
    1176


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DO-T-_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD5lmQkwtzbpuckFzICuBb-2BrzHxNzOQGFWU1wii6NtUwUINnM1SD13bgyTn-2F0F7qCyOVMOWvJkz8JpmgGX7IMstkqknb7-2FOCJJ4b-2BForC6hd6cNSyW5oO2x4Mpuy8QqNdzyI5-2FKFN3KrApvvfnbJilV7OSnsAMQKp00hkOCYfuisA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, March 24, 2022 12:51:58
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DFP18_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCflBuMVNA6gDC8IkyOIv-2FWsZJtVrBVHx97YtTpWpI-2Fu3nNS-2FqY3yfobcKRm6HbTvMZ-2FNxJk-2BjsOlUxrvqOMjC6GwHEaFA4-2Bu0A1iCRP2ePoR9QzO8HXb0iwm41A8qelmaDuGsti2VRtEmawfbYpdd1ZBFkJ4y3ti6y7-2Bb4Iy0feg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, March 28, 2022 12:55:29
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    11 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 351271: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-28-2022/src/xpdev/dirwrap.c: 319 in globi()


    ________________________________________________________________________________________________________
    *** CID 351271: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-28-2022/src/xpdev/dirwrap.c: 319 in globi()
    313 glob_t *g)
    314 {
    315 char pattern[MAX_PATH * 2] = "";
    316 int len = 0;
    317 char* fname = getfname(p);
    318
    CID 351271: Null pointer dereferences (REVERSE_INULL)
    Null-checking "p" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    319 if(p != NULL) {
    320 while(*p != '\0' && len < MAX_PATH) {
    321 if(p >= fname && IS_ALPHA(*p))
    322 len += sprintf(pattern + len, "[%c%c]", toupper(*p), tolower(*p));
    323 else
    324 pattern[len++] = *p;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D3MQr_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBHCLgLiAqWvsdsSvMvtYRCVKtxNV9b8XfYRQl1Ph-2BqJxQ0Ygv34l5-2Fu4fQtvx42Zh-2BRqVcRiGi7S56cijYNtVbyD93ITXFymk8m5C7-2FMScQUBSp3YH64ZEI9TV8-2FzGIfTTZKmGolrhJJ9NnUb4cpVgmkjY8SxgJG-2BJjiOIj1S6-2F1wje55yIH-2FtPFPTWUFvz7Y-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, April 05, 2022 12:57:23
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-05-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-05-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-05-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-05-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DtAnL_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAvTU5wHwwYOmdK5qaogK0f0gV5q9RoFED-2FFIX-2FkX3D-2BdiNJWKPWZl-2Fgw7r7-2FdWPDSxMFhCBKk8-2BnQojDxNnK2YMz78RLIxg-2FbQkZOb0Ig3x2CrYISwvhuLAAy2KBRouiTxID96k0iujaX0ZQvcRzLa30DP1tfImfq4eS8x9FN0Lg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, April 07, 2022 12:54:52
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dod2s_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDbtkLubWeLuGMvd8b6ZFT6ScizI9tleqJ-2FoE9arLEiTcKkSzvetvZGXSxFxQVSDO0yAC4XbQOxBM8E2pyRz5rq-2FrhRtAN4JjYRvY65IxN2LEj5zz-2ByPf-2FCS7f6TwVdoo1bJ4MN45uo6r2FPP38x-2FGEeTwq9fYSGL5g0QpXqNMK7Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, April 13, 2022 12:53:36
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-13-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-13-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-13-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-13-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DG1_e_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCSV-2F58RvLVS4zu3kyGh8jWzsWM1kXyDxPDb-2FOu9AHJbx2wg-2B-2B5urK3dx2Y1lRCZZrpP7WMroVj1AJl8tEoReN5dCGoSKszr7I7TgxU52UowyUdQF-2BLND0rWLW-2B-2BOcmAmmB1kniq8CtHurlJaI3fdWmOuU-2BGhM320adG3fr-2BWWbYg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, April 15, 2022 12:57:47
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 351999: Insecure data handling (TAINTED_SCALAR)


    ________________________________________________________________________________________________________
    *** CID 351999: Insecure data handling (TAINTED_SCALAR)
    /chat.cpp: 582 in sbbs_t::guru_page()()
    576 return(false);
    577 }
    578 if(read(file,gurubuf,length) != length)
    579 errormsg(WHERE, ERR_READ, path, length);
    580 gurubuf[length]=0;
    581 close(file);
    CID 351999: Insecure data handling (TAINTED_SCALAR)
    Passing tainted expression "*gurubuf" to "localguru", which uses it as a loop boundary.
    582 localguru(gurubuf,i);
    583 free(gurubuf);
    584 return(true);
    585 }
    586
    587 /****************************************************************************/

    ** CID 351998: API usage errors (PRINTF_ARGS)


    ________________________________________________________________________________________________________
    *** CID 351998: API usage errors (PRINTF_ARGS)
    /scfg/scfgsys.c: 1396 in sys_cfg()
    1390 if(cfg.mail_backup_level)
    1391 sprintf(str,"%hu",cfg.mail_backup_level);
    1392 else
    1393 strcpy(str,"None"); 1394 sprintf(opt[i++],"%-27.27s%s","Mail Database Backups",str);
    1395 if(cfg.max_log_size && cfg.max_logs_kept) {
    CID 351998: API usage errors (PRINTF_ARGS)
    Argument "cfg.max_logs_kept" to format specifier "%lu" was expected to have type "unsigned long" but has type "unsigned short".
    1396 SAFEPRINTF2(str, "%s bytes, keep %lu"
    1397 ,byte_count_to_str(cfg.max_log_size, tmp, sizeof(tmp))
    1398 ,cfg.max_logs_kept);
    1399 } else {
    1400 SAFECOPY(str, "Unlimited");
    1401 }

    ** CID 351997: API usage errors (PW.PRINTF_ARG_MISMATCH)
    /scfg/scfgsys.c: 1396 in ()


    ________________________________________________________________________________________________________
    *** CID 351997: API usage errors (PW.PRINTF_ARG_MISMATCH)
    /scfg/scfgsys.c: 1396 in ()
    1390 if(cfg.mail_backup_level)
    1391 sprintf(str,"%hu",cfg.mail_backup_level);
    1392 else
    1393 strcpy(str,"None"); 1394 sprintf(opt[i++],"%-27.27s%s","Mail Database Backups",str);
    1395 if(cfg.max_log_size && cfg.max_logs_kept) {
    CID 351997: API usage errors (PW.PRINTF_ARG_MISMATCH)
    argument is incompatible with corresponding format string conversion 1396 SAFEPRINTF2(str, "%s bytes, keep %lu"
    1397 ,byte_count_to_str(cfg.max_log_size, tmp, sizeof(tmp))
    1398 ,cfg.max_logs_kept);
    1399 } else {
    1400 SAFECOPY(str, "Unlimited");
    1401 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dv98d_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBQXq292UPSsYZB6Gh6KX7L3zQbhWOMu2Kkl4RkAFINrQC8BTQdoE8XeU2exLHjLVO2Cd4WbDBwt1lJWKsV7Yp8MRspW6dXps6YMEsM6ouXTLQbVrkmrc-2BuX7I2UmXPApyFOHO9YNWJ2sKXqPlIwYNDDJHauBS22j9Bg-2FopOXF8-2FQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, April 17, 2022 14:24:39
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-17-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-17-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-17-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-17-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DrJLw_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDUWAa9xKQQHkgS702OCjbSztEk77axI8kN2uHhV60deY9iahB0fkZ0Jrttbpx2ZOzqpPIOspyvfeZsWn-2BAjv3JENsW-2FY-2FQwzWkV6twVdvq89zf63elCQ4BlJAcpkRv5aRdXR2zcy5sby4ZR4k8DBBL3QDs3wanpm9bq8X6HK6QXQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, April 20, 2022 12:54:40
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-20-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-20-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-20-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-20-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DmIVP_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBeIf7Wgn7H2KvZRI2NNGlRqrj9kjA4Ba-2BHr3kOrCjvQBhiR-2FZDRwimN5uGdMLg23vwTQOREMIwKgySC2B1jNUk8-2FDiJE6VCgmKVGtrl0xmqvucgnoEM0JOEC8hY4YDsSYc4WFZiyGH3xnfSAqCRxH08xdMB2VlAl6wVnJARU9LMg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, April 24, 2022 12:54:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Apr-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Apr-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dkqv3_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBc65A6oosaUZHYdOCxNzSo-2FcSVTbfm0cHr72apFa7irvLaNYSXhOwI4rDYzVmI6JruHLx7xA6bvlSp5Da7jbK7TQ4XmA61EKRo1JNDtBJ3BGi7AOXouwXf-2Fzk0oC-2FUNt7u22-2F7un2Z591KDILsceHbgg2Y6-2BeUn2-2FXMQVhJ1CiRA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, April 29, 2022 12:53:27
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 174496: Integer handling issues (BAD_SHIFT)
    /scfg/scfgxtrn.c: 670 in tevents_cfg()


    ________________________________________________________________________________________________________
    *** CID 174496: Integer handling issues (BAD_SHIFT)
    /scfg/scfgxtrn.c: 670 in tevents_cfg()
    664 SAFECOPY(str,monthstr(cfg.event[i]->months));
    665 uifc.input(WIN_MID|WIN_SAV,0,0,"Months to Execute Event (or Any)"
    666 ,str,50,K_EDIT);
    667 cfg.event[i]->months=0;
    668 for(p=str;*p;p++) {
    669 if(atoi(p)) {
    CID 174496: Integer handling issues (BAD_SHIFT)
    In expression "1 << atoi(p) - 1", shifting by a negative amount has undefined behavior. The shift amount, "atoi(p) - 1", is -1.
    670 cfg.event[i]->months|=(1<<(atoi(p)-1));
    671 while(*p && IS_DIGIT(*p))
    672 p++; 673 } else {
    674 for(j=0;j<12;j++)
    675 if(strnicmp(mon[j],p,3)==0) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DVZMJ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCQmMgBhImIpoofA21e2cYWDMn9dQmSVHtjFCh60LPEB91qYxruc9ZGQnWSfgRIBCx31HV-2B9vykJP8nBxiFvarl1-2B0LIjP4E7k5t-2Bb2S9DBYSULH-2BW9IR1DBJq2v2Tmn3A-2F7NFVCMYXdJbh3-2FUaBuA0-2FKeM-2FzS-2FeqpNiUal0lsG1g-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, May 02, 2022 12:50:06
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-02-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-02-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-02-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-02-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DfZMC_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCZl-2BjPxt-2BbhzzGa4JXFwJvIe0AMA-2FoM7-2FloMmYua-2F6oTYvjiy4bfCDjKbHuJX-2FzfHjS1-2FzinpOHMPCUVXFSNx7GAn1JWda-2F8-2FoAaeXbGZtF-2Fi4JgSIrGUtfAJutUBZVgvudcSTg-2BTw4GJ4jvk1ry1vDHwAR4M1qtHV7B-2FR4ov-2B4A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, May 15, 2022 14:21:36
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DydxU_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBFuABnUyJaq9tIPnxNGHvUHfn-2FEs4rmiZ58dJJKW0Rw4vbT8vOZ-2B-2FIK2Zj4p6nKLmNHixrx22LnmeahT7mTLaFyfSOUbJ-2FO6dB7h79JrqiWOXdisq19eKvZGuP4Coh8vCBLvwXDdd-2BAUFOBu2eljufgv3fL-2FUe4FEfyP3VQC13XQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, May 19, 2022 12:55:33
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dn_Ny_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBtChI0HMBLLgbtg4iK0ZBLckadzL2rh999wqCBLjUQOAwF8dtaVz7gxU-2FnyoWZ0fYB9lz-2BAL21S4nm5ynRsrF4CzzsHAV4YDUwZ4mt7xFXW-2FLzwctZdf-2Fli0pUwuQSrp5WUr10-2FFdk45SSfJ0ONypqdlwJUuEQR8Jk7zTIeIcxqg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, May 25, 2022 12:52:05
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D1bce_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAtQDdFoFvKLSTB2a9pKZEuM8hGEkwPTR2OqdY8yoo4APy8jPEGSL9Gvq9UBEyTPVxEK9dinqx-2BmMjxYRwoDe0yfwUDa-2BRTxVs8dIFc93eZoFTQKwuwq4sQP1uVIuQyzdIt1qSzCeItfVidpehym1LOd2wYj5HS2HE4PSM4syXSfg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, May 27, 2022 12:52:09
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DvENn_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBUSHkrYkiP9AfzyBevLLyaQmAohHVfhNGBMl9LHex6nEbFzhM8spcU29jiUvTfGhPZhkYCR54IJZ0Sw4ahluPsBpq5QRFRHHEczXtvcsvikTAZiCtqssOPtycvq2lMkLo3BulnYAjLIT0Fhc4p1jN6TVdMSnbk7y7DST5QyJ7L8g-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, May 31, 2022 12:55:11
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-31-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-May-31-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-31-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-May-31-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dp1GC_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBdvk-2B0-2BIZkfCADJQR1mrKyfm2otuw-2Bb-2FMkvJzDtgojpgaDAEQMWzw6veEUc9wdmuf-2FRdkvjouIgGQqYQz65SCtWA6zbN6GERIGjrhLDEt6Da-2BnelrfKGNdjQ1vgtfwj7TvPtIFnYXYOjNuu4Sl5Iv4lIjPFztzpPfj0thtc0FnhqUQTVnOGaUal3up1MlB9Vc-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, June 07, 2022 12:55:18
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-07-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DusTJ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBOYO2aePjbiW1uaK4l54oAC4k5wjGGoVxArXl-2FmK183PD4P1v0lF-2Fd-2BeEXkAiJsZaK2dcN9gNa1ZwpHc5fiduEAFYgpPdG4vofxjwIOviEgONOVGGier7DWivKstj7NIINU4zo7yDNE1H0Jh0A6HjeJvudu9G8oyNPR9PpwohpIw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, June 10, 2022 12:55:45
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DqHqv_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAWuHsnB-2FLrspWilJhqsED2sesuNewdrhzP23PhoOY8vkHczKWlQDGJIROx7aS5epBi-2BP-2F4gixKslunCC6FmSKv-2BOxihCzB0L7dYL9GRTbFGBuEgf6CesHuUIbt47QSnz6Jvq1WFoRYAshdhIa-2BwfHur6GAuR2jJ1BdYYzz0qmFHA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, June 12, 2022 14:25:44
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DR2nt_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrArv4-2F8duyvx55KEQM-2BhUGp3PJjIGk0Lp4eH3-2F8wtn7zPLPR8UJ7iJk2wm4egz8xB2CuxzQFzJQ5padW0K5PRRwsCsOBuPaO4olMOPpyNraXO0B6AFn6a63kn1OObnGAYQcABrjus7guHkGh6Nu-2BfuVpYcfxWS6wDxr-2Fd5RW0WuNw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, June 18, 2022 12:51:28
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jun-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DMbvL_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBDYJ2f4enx1p2wCbk10ZgMqyO6BeLASC67kvvilobFV8z7xBcEruOQg1uBkbNaFscbbjeFzHBPzjQ0pOJQMqjmtChpTjNTLNHPLaWjGd0xBxTKNOAts8DNLx8-2FMJJrsS7xZ3MgmHoEqgpy2-2BYuezE9DdZtivCrRqJVPzCaVICvKw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, July 01, 2022 12:50:58
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-01-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DOVQJ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAuuz4jQMj41d405aQ6v8YzfLP7JftuVm6TLEWTHsBDleNu-2F8WlibOlzefOmmqCYELf6VUWiNjdUZeja0qhG9TkfpHiFuMZu29j7RRYRCUKhqijiVu922kbOWxUTb4hA5AX1kRyGrLkVZVo8PyH-2BBXFVXnQ-2F00V3OAdmwsL9YrtLQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, July 03, 2022 12:55:58
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DOXzq_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDm4aaeO2FdNjtneI8PJeMcsZan3lAlrX1Dl91Zhj8ct7TSEIpNfGktc3Ys0Y-2FiDD1II-2BUlqlyIMwEUhGjiF0VEqwOjWJ7zsXng0nhrHmH1wqccSOY66Vy3wyAHZozp6VeR-2BavVHe90JuxbHg54wXQxV2ueuu-2BxB7py5PATN7M-2BHQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, July 12, 2022 12:51:15
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D431d_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCLA9LjB0vw5tZyCe0LsSSDe4k7ta-2F4Q9hcGNJ58BqUgTyDr3AqGZqHGyXvp3YQZjUGrCliIghdomaFqW-2Byg0kwZGMoQBzonQ-2BKQK8wkj-2BMR-2Fann5QNhI73BYJ3yVR5FwBsFVjT9pj4mXtHZGkIVwu7Uahx3rWaEbr3KaqMJZ5i5A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, July 15, 2022 12:52:00
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D5zOH_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBHNC5gSyHJ5gJek3k-2FZt62TXKkMSkzM2yPpcOvHWpRI-2Beia-2BpXeQCZ6y2AWJaQtduznp65HyPPBeHe2Ebb9gLsQZE2qTovdoCNWCJ1iYowWHa5iCSS50sPzEbfxM3wkyI75su6WRFYPV5jsPSiX-2B2YDZK2TptGamkqlj2-2Bej2MtQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, July 21, 2022 12:53:04
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-21-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-21-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-21-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-21-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D6yWG_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCm6sJaj-2FdqFt4v4rFD08Et7-2FF6T7ATxWoC27y7XvXHm3Q0aCn-2F00XA9lhxQTK5K8340OSPZ6mWiLBApWPExiW6B28A5TNV3Dzmu5GJNXC-2Bn04NNtHEWjUBRDEagNOXtI5rwQJf7pOTla7xwAqzUruO0q8043PrdRjiQLITeWpdhQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, July 24, 2022 14:22:11
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Jul-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jul-24-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DgmOj_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD9i414ygVdH8am0h9Qj5triXoqHSarf-2BvzPSIfmRwrwlLkpkEMn71POy9Q3-2BsaG-2BseVnbf7HbgBn22Q42aFEKXakrBGqfcSZBC-2B3AsGAb60K8YA1N8lql5DMDx0gpdy8-2B7NAv5ojeU-2B5ppJUzXNPQ8pZ28Y362pdUWKtq0xNWg-2Fw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, August 03, 2022 12:53:31
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DDArm_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBlgwMProETcJ36y3PJ-2F2HvKnYyGO-2FDAN-2F2bF9je5isurJ6nESF0nJXbMH2hpRsTEa3K6MwxfVoMrbTkYvLRXxrkRJ738qZfXzUhmgfTBe44ydnycyCvOUcsDFJ3cN-2Fh3Ibax-2Fq8oaS3-2Fa0a1iCcit4LdKKN5ZVdb-2FTjSzKBZOe-2Bw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, August 08, 2022 12:51:11
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DT_Z4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA4mrFJdqfCMRYjU2DOEluHUrdjapY-2Fn-2FrZQFhatSXX1Lw1uHttBejEI9ZRT07n5UOdpYj61ddJQlDdmPpqYD9ZHozz7ljCv64BFO6XMrViDyf6CI1aXOyQDbJp4CTGcn-2BLSPcE4nkR5YlibCA91MQEai2qlsfz0tiIm5RtkEF2-2Fcj4Ys9RMtz92Y4HOmmXYcM-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, August 10, 2022 12:53:38
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D27bs_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDT-2BJWjPHos031vxsq5w-2BCgX3t-2Fy-2BxDBi1pocEvhNbX6rFMfsmuyE-2BMya3ly-2BRAfvVQTOOXVIV2P-2FYeXutHTCTKht91xRGpuuPfeERLQuAo57FeDddDItbz9cyoitLaJhdqaPw-2BWtSVFfSRyywUqLt8SKHY5svjvH6nWkTT9sujqw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, August 14, 2022 12:55:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-14-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-14-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-14-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-14-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D1KiJ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBK9ekjkW8PTQSzsReo6xsKPbCz0EPZFO315naGFusdX6fAPgVDPuISyq2MWCaabyfPzGo11EH1gBRUm1wK1mw7QFRqv7fdhZZeyZ-2Baauu6JH-2FAl9-2F-2Bvmotdtpnti0eRnem8EDTTSmENGNibI0inRn6YiCBvtbv1mNuj1kN3f2CqQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, August 16, 2022 12:51:49
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-16-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-16-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-16-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-16-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DvVUN_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDsbak0uHllwiVD4gerWysgrStdJaKwp6VQOWDUZQgaccFtkEYVbUKDElMqrHw0bjlkrwQPepUn55Oo0O2CKHDi1dso2ejp491LFXWz9-2F2Qm7LFG8imS-2F5FxJAbdxFazb9PMD1p7AA9vBNt3NifZeafMQwBRAj17VAAtKM8944YaQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, August 19, 2022 12:52:46
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DknCE_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAm-2BQCb9-2F-2BctfHN7nes2HQ4e-2FuViwvGc838Di71od-2Fkm-2FKXnhMO2rHW9kylh0GkI6NQTh1N6urX1T3zjOe7IPrZ7KCoE0Zsyon4reJJL7TrI5yKlw7RMh1ehtrjseErARo7hZnn5BLrtGPy3WFxmvlbQ2BFfAG-2B2PaRdEhMxHj-2Ftg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, August 22, 2022 12:56:48
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-22-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-22-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-22-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-22-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DWx9y_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBlbf3dYbUyrVjHAFR-2B5ViZ12XOeiHkHyIX28VtChIp0madSLCYXyquC3w9dT2ZcMVQORGLpIXsrWXbeLk6GAowmAefmKbjlw5BqhvpRcshjH-2Bcqpb50NWBSFJxGElENTsc7JMuiGxnt-2FRiBLRyIu6HIPTTBfS4CZwUNeWkPMDTPg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, August 26, 2022 12:51:47
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D-HIn_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAxO1k1QweYJ7WrlpkJ5xVfXupLhdoHYRieWNYhqHmChE1y5g2zsuqPz5fK7W8AQOXkW9Ndk8tkoWhateyX9-2B3WzcOPHYK1PRy7kLSsRy-2Frq-2FZZLfqyrX1REWQhPSKcnAdN8UkOW8dY-2BrgS6FE2QFWASyHxXrFbY0WZ1sitY-2B55XhxS71pYOINQDPPZdDQuvN4-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From DesotoFireflite@VERT/VALHALLA to Digital Man on Friday, August 26, 2022 12:15:07
    Re: New Defects reported by Coverity Scan for Synchronet
    By: scan-admin@coverity.com to cov-scan@synchro.net on Fri Aug 26 2022 12:51 pm

    Just curious, should we avoid updating on days where coverity scan finds errors.

    SysOp: C.G. Learn, AKA: DesotoFireflite
    Valhalla Home Services! - (Synchronet) - bbs.valhallabbs.com:23
    A Gamers Paradise - Over 250 Registered Online Game Doors!

    --- Don't eat the yellow snow!
    þ Synchronet þ Valhalla Home Services þ USA þ http://valhalla.synchro.net
  • From Digital Man@VERT to DesotoFireflite on Friday, August 26, 2022 20:14:17
    Re: New Defects reported by Coverity Scan for Synchronet
    By: DesotoFireflite to Digital Man on Fri Aug 26 2022 12:15 pm

    Just curious, should we avoid updating on days where coverity scan finds errors.

    If they're new errors, then maybe so, but those same 2 errors in the js/configure stuff keep popping up and then are flagged as resolved, over and over, even though I have the 3rd party stuff excluded from scan results. Just looks like a Coverity bug in that case and you can ignore those 2 errors specifically. Someday when we upgrade the JS library, they'll likely go away.
    --
    digital man (rob)

    Rush quote #32:
    Begging hands and bleeding hearts will only cry out for more
    Norco, CA WX: 76.2øF, 59.0% humidity, 4 mph S wind, 0.00 inches rain/24hrs

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, August 28, 2022 12:52:48
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-28-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DV18K_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrACS7uZ76VULmXyroFYF1DLXVMTiDOxlzrfHYed1o03ncaWBda2dFNWW2Hixf7xngdu6i1noe7yueHIvWj1dl920Svniw5GGjW9HLBxKGX-2FSx7lz5vbhC0gtQDK5rEyh-2F2h8u3JF0w-2B6L-2FDlltOBYKBaZvwJRaNOzf1vilcObilwg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, August 30, 2022 14:03:46
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Aug-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Aug-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DwusC_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrADcbE1sBgjquBCUlDQ8IOfFlWO-2FDoF5mTEOilZ8VbcnOHwaFGCJQ-2F87xF-2B91bb1qcnMfoUvHg1VucAQW5Ad4ATebxmTxQgLu1XnCUwElomg2cWu9biVNGJ5X0s2Gs5BpHDdnd5l6d-2BXuiqwOiD8lZkUS-2FFPf1PhFeJp73ohdD-2FFQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, September 04, 2022 12:53:50
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-04-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-04-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-04-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-04-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DCM5X_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBSgIrsC3Mij0NNyASUuhGVC9AxF-2FzOJcOUQltHfK-2Bjpp0n8lQbKkFYfm0eFh2PxLKAZtOV-2B5wpoT-2BQoMZdBldZiNruwVm72-2FvtVfUk1MQ9aOsUOOmvQzVv5-2BSlbPEnHfwYsVPMR8LHV6nQ4QPHea23zy6vx60Tja0wY-2FrIBkZBAg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, September 08, 2022 12:52:30
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-08-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DP3zl_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBeRFTbvxO3gzf-2B9N8Hbfpe0D-2FLRT-2FfF06CkOEcbjiQMUfULpUPCZojTbaIuTdxLVjt73Bs9s2n-2FSCxd2KljBI7EGcrxyv4QJAlbCE3HgcGJc4XGXVes-2FeUSvC2mjsqD44vMASnWmHqR548W-2BGpkc0zvk5g3tc2lNCxV3s-2FmQk78w-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, September 11, 2022 14:30:09
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-11-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-11-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-11-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-11-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DIXvs_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBBszUTtWWnGJdXyT5xEm5FZnqGzRBd6CGp63wqJhdtbFGUK49b7olj1p1dZstBnn-2B9YddIU0-2FK0PPk0HckYCwbwkYRzWnJCxgUWVEj9lwLhxyW7BWmqpPTSJOQScJKqHgGXC2-2FDDpxiFm8k-2BNBfz50ziwa1HZCRT45eMNL12NEUg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, September 18, 2022 12:56:43
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-18-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DdWGy_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCpHtGnw30-2FOqvo1pAy2SGBqjQmOGKxc2EEJkp0vVrRau002dcFlZtgdGsTEGYiCIodrLO15MsdGQ-2B6R0eWF86NDylNr2VT4byUwEteXPq58ecnCSR78nNWesX-2Bpt536BZfUGrkDlzEPgkER7nzkS2aAB4ykKBf-2BRhrQlMmq8ibcw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, September 20, 2022 12:52:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-20-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-20-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-20-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-20-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dkc7D_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAbXwJrxZ-2FiWBLA-2F5YSUM2NJpS0x3r0Iqc5VSiqg4Dls8Q1sZCeIICe8tQpXazoJv3V595PwvnFnciueWucMCPiL9MlQsG9gEt3KAEXqvqved4OcAJiCYGTm-2FLaI8FvSTyL76ILjL9j7pGDGIp-2Fo2g8Ptdp6Yd3t3EP6X8t-2BBqXkA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, September 26, 2022 12:52:35
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-26-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DVguD_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDe7yavcdz60wD46odg8lieKuNPdfkVNLd7wmh7xV98FIXppP1oBjmr6vrNOB3wHG7QkCEV3-2FN286b8tc7o32cAklCia9pGrfmnO5iLkT6lxqEbP0nJ5WIw9N7hzQ8q-2FRC3-2BlOWyB-2F-2BAfIvepGd9W8VIreEGO7pxijsNPsgRaa0Qg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, September 30, 2022 12:52:47
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Sep-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Sep-30-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DG7WG_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCbriSopUouvvs-2BMzK5kV2CGZV8dyI07iePMyVIlTeusqH6SCjkj1i-2F2aVIUDy83u-2FD4333Uew0kkY2MgHuxhyLPkDBCzYS0b7U2DCAg8f6ySOhldw0qZzJYEGh-2BZjWV-2B7byadLVeFWrU4EOexczn5eE4CVwOlx7WBnGrrbcEcTlD3C5jbV9kzGLcjJfdCfEKQ-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, October 02, 2022 14:23:39
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-02-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-02-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-02-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-02-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DlsaR_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCUXpDDrIOr9yadKPlupIaVxxRIKm0rYMSQw4RjbMw0Ap2bBzGbfz6SXXKaAQy4za7zzoo1NlWcBMdSBRoPT2HHcOCyxRjWPLC1F85U-2FMjvzfc1wgNn3q9I8a3-2Bc5iGgpy7isnOh2NJ25gL-2F-2F6Gs8kbAFpbmo2s4xhkqrFTuoAEf4Nf23XsH7-2BLT9wShyBbZ2c-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, October 06, 2022 12:52:49
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-06-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-06-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-06-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-06-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dtq5x_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBUMGDQvjMRhpgRrBjlpIVG18an1EzP-2Bprex3xAnJUVK7dxEsGHPLkQ3tluaEtdpWvhqMxB8f7tHdLW-2BzuSoRMoV4kmxsmZMS1fS7etNZq3WX5P8DPddTcVcU2fpG24PwW9TtMezFApzXJ2Ly7PNDdjUAeSmsVBi9VN-2FLaE2iCGAQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, October 10, 2022 12:54:28
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D5oFr_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD3dlvBesMAqsoEiimMHM0v65-2FKTSe-2BSi0T8Lvg4KCLkzgD23bNrKInias-2BuFVh3a-2FNlOj2xWjdSCojRJ-2F26N-2B-2BOIYYSEu2tp1XQ3jpv7AGTxApeUgr-2BViT46JAOL8C7WHHoWPXowUbVFKEQXYvc2LE66yToKGX6HvQ9UYBaXegiw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, October 12, 2022 12:51:27
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-12-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D2Ut9_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD7JL2-2Bn1KQxGrSj7g3Xl4-2FF0EmdjGlaC9tdJOyOJaZ4nH90wNLOGLBSSNYSHwsg7xbbU1IzxN6nGyPlrVvu-2FQuaYl0jnTKx7NMaATng0oK7ijxUAlQGdEUzOLziQDn0EYHa9Ufqk-2Bx-2FYF-2BHiXN3yNdFjpqCLhERedKZNQ-2FzTRjqg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, October 15, 2022 12:52:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-15-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DmYLr_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAzGTomwMMKevG32kv265WTtYYihMpygby11-2BYhY9onCGXc5VdafJ1-2FoQwtKf-2FtWgrIU0MnUmTcm6N-2FD7OavauEBJLW-2Fga7xPcsebBOCaGgJDbdK3Wvdwu95ePQ53szBrlyp0RzvC3qZKo1CmI8zUhs6yOCi3rlQjqYJznUtI37rw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, October 19, 2022 12:52:36
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-19-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DHv3g_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBmo2CBarK7AeJ-2BvGybBYg1xJ2oOCrU-2BsDnnGsM4uRuGqUUsdyHSYGtuOuEqEwtBrMB1JlZpYm70nE7RJLvugAEDnIP4fuNwYpPQI9wlgF2FbUVTcDt4fyjI0kSUMY8dxhBvkpf6mUOEZ9nADL7pIqU0FWwO2q1HGTwLibHjFg8DA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, October 22, 2022 12:54:38
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 319174: Memory - corruptions (OVERRUN)
    /ansiterm.cpp: 253 in sbbs_t::ansi_getxy(int *, int *)()


    ________________________________________________________________________________________________________
    *** CID 319174: Memory - corruptions (OVERRUN)
    /ansiterm.cpp: 253 in sbbs_t::ansi_getxy(int *, int *)()
    247 }
    248 start=time(NULL);
    249 }
    250 else if(ch=='R' && rsp)
    251 break;
    252 else {
    CID 319174: Memory - corruptions (OVERRUN)
    Overrunning array "str" of 128 bytes at byte offset 128 using index "rsp + 1UL" (which evaluates to 128).
    253 str[rsp + 1] = 0;
    254 #ifdef _DEBUG
    255 char dbg[128];
    256 c_escape_str(str, dbg, sizeof(dbg), /* Ctrl-only? */true);
    257 lprintf(LOG_DEBUG, "Unexpected ansi_getxy response: '%s'", dbg);
    258 #endif


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DK_2s_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBAK7NMQrSWVEBsHKlmstIvrmkQZ4VSw65lIFsHIJE6jS1GesXnVlCsTGpLR5qUUdd80zgEid6EVHMp1cssCJZ5Tiakh2Ds7teXqaDAU0go8cndC2e-2F9xJVI0PdiCdZoL9iimHBtruzexyq-2B0TsWi7DCKM2-2BTEO2i1G-2B5X3hGWn-2BQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, October 23, 2022 14:23:16
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-23-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-23-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-23-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-23-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DwnYI_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAHddxg3ska2UzvTTb0PY1RzN2UdoywyhD8tis6P-2BvgkMNyWv6RmRyMgS3sJLl8ZpLf6WzrRJiE-2B9GO7tg9EAeHIZ4GR8nuys4umsHzAZyM3sIEhar7-2FN2OIsEB3STwn3CB2fmyNGXUj6XSQvwcMSD3tMfH0ZH3taBjLe7erlcR1snMjh3Hqpgks4HgZ72daPQ-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, October 25, 2022 12:54:42
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-25-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DdnAF_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrApVtS6Rwbu63kvpClASHCFaYIfALTUp-2BaKUo9Y3-2BlueaeG5ADtfFc-2FVev1BbaaRN9O33-2Fd5V-2BqmkLgr8Ix6rUVpri6qJWhGlhFaDO0jPJLcX3gfCivlD1R090K1YhCsXENV7MGUVxQDzE-2FZcP5k0OVNl93u-2FeYZ-2B-2BvcGCsC-2Fmgcw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, October 27, 2022 12:52:32
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-27-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D_buA_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDc5XkaNGLS5DAizQSAhxPP2fiFsD8CH8nhIKgyJVYrFYa-2F8Vp0IzMcG6NHQzke3FDchUoVZQQzOZD1LTba-2BThDJJHbigRkpopzhmCwoAB-2FNzgPhQNgXaTSERTdR0LidYupfur7MhSdTiRyMaZRuFRjjPf4EJu85-2Bqk6ooo189XLw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, October 29, 2022 12:50:30
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-29-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Oct-29-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319807: Memory - illegal accesses (UNINIT)
    Using uninitialized value "res" when calling "uname".
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true

    ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-29-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main()


    ________________________________________________________________________________________________________
    *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Oct-29-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext <<EOF
    9238 #line 9239 "configure"
    9239 #include "confdefs.h"
    9240 #include <sys/utsname.h>
    9241 int main() {
    9242 struct utsname *res; char *domain;
    CID 319786: Null pointer dereferences (REVERSE_INULL)
    Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    9243 (void)uname(res); if (res != 0) { domain = res->domainname; }
    9244 ; return 0; }
    9245 EOF
    9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
    9247 rm -rf conftest*
    9248 ac_cv_have_uname_domainname_field=true


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DNVUm_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDHjtjPH9dPJ2u17EI8n0sCIvPq9pIyYSROpekoA7Rw48AO65IxFyqHCs3NLwah22hp8sQDJFO-2BCr9fORgAhFjOvF3NUuMxC96sY-2FdSanzqVnj3VGFQLjW4q3lFLSAU12G-2BkgqEc4U-2Fgv52PKdFwYlvzm3EJ-2Bcr7ofA5XFHlIXhkA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, November 10, 2022 13:38:00
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    89 new defect(s) introduced to Synchronet found with Coverity Scan.
    14 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 89 defect(s)


    ** CID 376409: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 376409: (SLEEP)
    /tmp/sbbs-Nov-10-2022/src/conio/sdl_con.c: 674 in sdl_add_key()
    668 setup_surfaces();
    669 return;
    670 }
    671 if(keyval <= 0xffff) {
    672 pthread_mutex_lock(&sdl_keylock);
    673 if(sdl_keynext+1==sdl_key) {
    CID 376409: (SLEEP)
    Call to "ciolib_beep" might sleep while holding lock "sdl_keylock".
    674 beep();
    675 pthread_mutex_unlock(&sdl_keylock);
    676 return;
    677 }
    678 if((sdl_keynext+2==sdl_key) && keyval > 0xff) {
    679 if(keyval==CIO_KEY_MOUSE) /tmp/sbbs-Nov-10-2022/src/conio/sdl_con.c: 682 in sdl_add_key()
    676 return;
    677 }
    678 if((sdl_keynext+2==sdl_key) && keyval > 0xff) {
    679 if(keyval==CIO_KEY_MOUSE)
    680 sdl_pending_mousekeys+=2;
    681 else
    CID 376409: (SLEEP)
    Call to "ciolib_beep" might sleep while holding lock "sdl_keylock".
    682 beep();
    683 pthread_mutex_unlock(&sdl_keylock);
    684 return;
    685 }
    686 sdl_keybuf[sdl_keynext++]=keyval & 0xff;
    687 sem_post(&sdl_key_pending);

    ** CID 376408: High impact quality (Y2K38_SAFETY)
    /con_out.cpp: 1141 in sbbs_t::ctrl_a(char)()


    ________________________________________________________________________________________________________
    *** CID 376408: High impact quality (Y2K38_SAFETY)
    /con_out.cpp: 1141 in sbbs_t::ctrl_a(char)()
    1135 ,tm.tm_hour==0 ? 12
    1136 : tm.tm_hour>12 ? tm.tm_hour-12 1137 : tm.tm_hour, tm.tm_min, tm.tm_hour>11 ? "pm":"am");
    1138 break;
    1139 case 'D': /* Date */
    1140 now=time(NULL);
    CID 376408: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->now" is cast to "time32_t".
    1141 bputs(unixtodstr(&cfg,(time32_t)now,tmp1)); 1142 break;
    1143 case ',': /* Delay 1/10 sec */
    1144 mswait(100);
    1145 break;
    1146 case ';': /* Delay 1/2 sec */

    ** CID 376407: High impact quality (Y2K38_SAFETY)
    /str.cpp: 841 in sbbs_t::timestr(long)()


    ________________________________________________________________________________________________________
    *** CID 376407: High impact quality (Y2K38_SAFETY)
    /str.cpp: 841 in sbbs_t::timestr(long)()
    835 }
    836 return(result);
    837 }
    838
    839 char* sbbs_t::timestr(time_t intime)
    840 {
    CID 376407: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "intime" is cast to "time32_t".
    841 return(::timestr(&cfg,(time32_t)intime,timestr_output));
    842 }
    843
    844 char* sbbs_t::datestr(time_t t)
    845 {
    846 return unixtodstr(&cfg, (time32_t)t, datestr_output);

    ** CID 376406: High impact quality (Y2K38_SAFETY)
    /websrvr.c: 1606 in http_logon()


    ________________________________________________________________________________________________________
    *** CID 376406: High impact quality (Y2K38_SAFETY)
    /websrvr.c: 1606 in http_logon()
    1600 else {
    1601 SAFECOPY(session->username,session->user.alias);
    1602 /* Adjust Connect and host */
    1603 SAFECOPY(session->user.modem, session->client.protocol);
    1604 SAFECOPY(session->user.comp, session->host_name);
    1605 SAFECOPY(session->user.ipaddr, session->host_ip);
    CID 376406: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "session->logon_time" is cast to "time32_t".
    1606 session->user.logontime = (time32_t)session->logon_time;
    1607 putuserdat(&scfg, &session->user);
    1608 }
    1609 session->client.user=session->username;
    1610 session->client.usernum = session->user.number;
    1611 client_on(session->socket, &session->client, /* update existing client record? */TRUE);

    ** CID 376405: High impact quality (Y2K38_SAFETY)
    /js_global.c: 827 in js_time()


    ________________________________________________________________________________________________________
    *** CID 376405: High impact quality (Y2K38_SAFETY)
    /js_global.c: 827 in js_time()
    821 return(JS_TRUE);
    822 }
    823
    824 static JSBool
    825 js_time(JSContext *cx, uintN argc, jsval *arglist)
    826 {
    CID 376405: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "uint32_t".
    827 JS_SET_RVAL(cx, arglist,UINT_TO_JSVAL((uint32_t)time(NULL))); 828 return(JS_TRUE);
    829 }
    830
    831
    832 static JSBool

    ** CID 376404: High impact quality (Y2K38_SAFETY)
    /sbbs_status.c: 638 in status_thread()


    ________________________________________________________________________________________________________
    *** CID 376404: High impact quality (Y2K38_SAFETY)
    /sbbs_status.c: 638 in status_thread()
    632 closesocket(*csock); 633 free(csock);
    634 lprintf(LOG_WARNING, "Invalid syspass: '%s'", p);
    635 pthread_mutex_lock(&status_thread_mutex);
    636 continue;
    637 }
    CID 376404: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "time32_t".
    638 client.time = time(NULL);
    639 listLock(&status_sock);
    640 listPushNode(&status_sock, csock);
    641 for (i=0; i<SERVICE_COUNT; i++) {
    642 /* SERVICE_EVENT doesn't have status, just logs */
    643 if (i == SERVICE_EVENT)

    ** CID 376403: Control flow issues (DEADCODE) /tmp/sbbs-Nov-10-2022/3rdp/src/cl/cryptses.c: 414 in sessionMessageFunction()


    ________________________________________________________________________________________________________
    *** CID 376403: Control flow issues (DEADCODE) /tmp/sbbs-Nov-10-2022/3rdp/src/cl/cryptses.c: 414 in sessionMessageFunction() 408 REQUIRES( setAttributeFunction != NULL );
    409
    410 /* Perform any protocol-specific additional checks if
    411 necessary */
    412 if( FNPTR_ISSET( sessionInfoPtr->checkAttributeFunction ) )
    413 {
    CID 376403: Control flow issues (DEADCODE)
    Execution cannot reach the expression "sessionInfoPtr->checkAttributeFunction.fnPtr" inside this statement: "checkAttributeFunction = (S...".
    414 const SES_CHECKATTRIBUTE_FUNCTION checkAttributeFunction = \
    415 ( SES_CHECKATTRIBUTE_FUNCTION ) \
    416 FNPTR_GET( sessionInfoPtr->checkAttributeFunction );
    417
    418 REQUIRES( checkAttributeFunction != NULL );
    419

    ** CID 376402: Program hangs (SLEEP) /tmp/sbbs-Nov-10-2022/src/conio/sdl_con.c: 235 in sdl_user_func()


    ________________________________________________________________________________________________________
    *** CID 376402: Program hangs (SLEEP) /tmp/sbbs-Nov-10-2022/src/conio/sdl_con.c: 235 in sdl_user_func()
    229 default:
    230 va_end(argptr);
    231 return;
    232 }
    233 va_end(argptr);
    234 while((rv = sdl.PeepEvents(&ev, 1, SDL_ADDEVENT, SDL_FIRSTEVENT, SDL_LASTEVENT))!=1)
    CID 376402: Program hangs (SLEEP)
    Call to "nanosleep" might sleep while holding lock "sdl_ufunc_mtx".
    235 YIELD();
    236 break;
    237 }
    238 pthread_mutex_unlock(&sdl_ufunc_mtx);
    239 }
    240

    ** CID 376401: (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 376401: (OVERRUN) /tmp/sbbs-Nov-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsobj.cpp: 4811 in js_DefineNativeProperty(JSContext *, JSObject *, long, const js::Value &, int (*)(JSContext *, JSObject *, long, js::Value *), int (*)(JSContext *, JSObject *, long, int, js::Value *), unsigned int, unsigned int, int, JSProperty **, unsigned int)()
    4805
    4806 /* Store valueCopy before calling addProperty, in case the latter GC's. */
    4807 if (obj->containsSlot(shape->slot))
    4808 obj->nativeSetSlot(shape->slot, valueCopy);
    4809
    4810 /* XXXbe called with lock held */
    CID 376401: (OVERRUN)
    Calling "CallAddPropertyHook" with "obj->slots" and "shape->slot" is suspicious because of the very large index, 4294967295. The index may be due to a negative parameter being interpreted as unsigned.
    4811 if (!CallAddPropertyHook(cx, clasp, obj, shape, &valueCopy)) { 4812 obj->removeProperty(cx, id);
    4813 return false;
    4814 }
    4815
    4816 if (defineHow & JSDNP_CACHE_RESULT) { /tmp/sbbs-Nov-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/jsobj.cpp: 4808 in js_DefineNativeProperty(JSContext *, JSObject *, long, const js::Value &, int (*)(JSContext *, JSObject *, long, js::Value *), int (*)(JSContext *, JSObject *, long, int, js::Value *), unsigned int, unsigned int, int, JSProperty **, unsigned int)()
    4802 JS_ASSERT(newshape == shape);
    4803 }
    4804 }
    4805
    4806 /* Store valueCopy before calling addProperty, in case the latter GC's. */
    4807 if (obj->containsSlot(shape->slot))
    CID 376401: (OVERRUN)
    Calling "nativeSetSlot" with "obj->slots" and "shape->slot" is suspicious because of the very large index, 4294967295. The index may be due to a negative parameter being interpreted as unsigned.
    4808 obj->nativeSetSlot(shape->slot, valueCopy);
    4809
    4810 /* XXXbe called with lock held */
    4811 if (!CallAddPropertyHook(cx, clasp, obj, shape, &valueCopy)) { 4812 obj->removeProperty(cx, id);
    4813 return false;

    ** CID 376400: Control flow issues (DEADCODE) /tmp/sbbs-Nov-10-2022/3rdp/src/cl/session/sess_attr.c: 332 in addCredential()


    ________________________________________________________________________________________________________
    *** CID 376400: Control flow issues (DEADCODE) /tmp/sbbs-Nov-10-2022/3rdp/src/cl/session/sess_attr.c: 332 in addCredential() 326 }
    327 #endif /* USE_BASE64ID */
    328
    329 /* Perform any protocol-specific additional checks if necessary */
    330 if( FNPTR_ISSET( sessionInfoPtr->checkAttributeFunction ) )
    331 {
    CID 376400: Control flow issues (DEADCODE)
    Execution cannot reach the expression "sessionInfoPtr->checkAttributeFunction.fnPtr" inside this statement: "checkAttributeFunction = (S...".
    332 const SES_CHECKATTRIBUTE_FUNCTION checkAttributeFunction = \
    333 ( SES_CHECKATTRIBUTE_FUNCTION ) \
    334 FNPTR_GET( sessionInfoPtr->checkAttributeFunction );
    335 MESSAGE_DATA msgData;
    336
    337 REQUIRES( checkAttributeFunction != NULL );

    ** CID 376399: High impact quality (Y2K38_SAFETY)
    /smbutil.c: 246 in postmsg()


    ________________________________________________________________________________________________________
    *** CID 376399: High impact quality (Y2K38_SAFETY)
    /smbutil.c: 246 in postmsg()
    240 charset = FIDO_CHARSET_ASCII;
    241 else
    242 charset = FIDO_CHARSET_CP437;
    243 }
    244
    245 memset(&msg,0,sizeof(smbmsg_t));
    CID 376399: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "uint32_t".
    246 msg.hdr.when_written.time=(uint32_t)time(NULL);
    247 msg.hdr.when_written.zone=tzone;
    248 msg.hdr.when_imported=msg.hdr.when_written;
    249
    250 if((to==NULL || stricmp(to,"All")==0) && to_address!=NULL)
    251 to=to_address;

    ** CID 376398: Memory - illegal accesses (USE_AFTER_FREE) /tmp/sbbs-Nov-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/dtoa.c: 1944 in _strtod(DtoaState *, const char *, char **)()


    ________________________________________________________________________________________________________
    *** CID 376398: Memory - illegal accesses (USE_AFTER_FREE) /tmp/sbbs-Nov-10-2022/3rdp/src/mozjs/js-1.8.5/js/src/dtoa.c: 1944 in _strtod(DtoaState *, const char *, char **)()
    1938 bs2 -= i;
    1939 }
    1940 if (bb5 > 0) {
    1941 bs = pow5mult(PASS_STATE bs, bb5);
    1942 bb1 = mult(PASS_STATE bs, bb);
    1943 Bfree(PASS_STATE bb);
    CID 376398: Memory - illegal accesses (USE_AFTER_FREE)
    Using freed pointer "bb1".
    1944 bb = bb1;
    1945 }
    1946 if (bb2 > 0)
    1947 bb = lshift(PASS_STATE bb, bb2);
    1948 if (bd5 > 0)
    1949 bd = pow5mult(PASS_STATE bd, bd5);

    ** CID 376397: High impact quality (Y2K38_SAFETY)
    /qwk.cpp: 193 in sbbs_t::update_qwkroute(char *)()


    ________________________________________________________________________________________________________
    *** CID 376397: High impact quality (Y2K38_SAFETY)
    /qwk.cpp: 193 in sbbs_t::update_qwkroute(char *)()
    187 if((stream=fnopen(&file,str,O_WRONLY|O_CREAT|O_TRUNC))!=NULL) {
    188 t=time(NULL);
    189 t-=(90L*24L*60L*60L);
    190 for(i=0;i<total_qwknodes;i++)
    191 if(qwknode[i].time>t)
    192 fprintf(stream,"%s %s:%s\r\n" >>> CID 376397: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->qwknode[i].time" is cast to "time32_t".
    193 ,unixtodstr(&cfg,(time32_t)qwknode[i].time,str),qwknode[i].id,qwknode[i].path);
    194 fclose(stream);
    195 }
    196 else
    197 errormsg(WHERE,ERR_OPEN,str,O_WRONLY|O_CREAT|O_TRUNC);
    198 FREE_AND_NULL(qwknode);

    ** CID 376396: Memory - corruptions (OVERRUN)
    /chat.cpp: 230 in sbbs_t::multinodechat(int)()


    ________________________________________________________________________________________________________
    *** CID 376396: Memory - corruptions (OVERRUN)
    /chat.cpp: 230 in sbbs_t::multinodechat(int)()
    224 if((gurubuf=(char *)malloc((size_t)filelength(file)+1))==NULL) {
    225 close(file); 226 errormsg(WHERE,ERR_ALLOC,str
    227 ,(size_t)filelength(file)+1);
    228 break;
    229 }
    CID 376396: Memory - corruptions (OVERRUN)
    Calling "read" with "gurubuf" and "(size_t)filelength(file)" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned. [Note: The source code implementation of the function has been overridden by a builtin model.]
    230 (void)read(file,gurubuf,(size_t)filelength(file));
    231 gurubuf[filelength(file)]=0;
    232 close(file);
    233 }
    234 preusrs=usrs;
    235 if(gurubuf)

    ** CID 376395: High impact quality (Y2K38_SAFETY)
    /str.cpp: 566 in sbbs_t::inputnstime32(int *)()


    ________________________________________________________________________________________________________
    *** CID 376395: High impact quality (Y2K38_SAFETY)
    /str.cpp: 566 in sbbs_t::inputnstime32(int *)()
    560 bool sbbs_t::inputnstime32(time32_t *dt)
    561 {
    562 bool retval;
    563 time_t tmptime=*dt;
    564
    565 retval=inputnstime(&tmptime);
    CID 376395: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "tmptime" is cast to "time32_t".
    566 *dt=(time32_t)tmptime;
    567 return(retval);
    568 }
    569
    570 bool sbbs_t::inputnstime(time_t *dt)
    571 {

    ** CID 376394: High impact quality (Y2K38_SAFETY)
    /qwk.cpp: 1046 in sbbs_t::qwk_vote(char **, const char *, unsigned short, const char *, unsigned int, int)()


    ________________________________________________________________________________________________________
    *** CID 376394: High impact quality (Y2K38_SAFETY)
    /qwk.cpp: 1046 in sbbs_t::qwk_vote(char **, const char *, unsigned short, const char *, unsigned int, int)()
    1040 smbmsg_t msg;
    1041 ZERO_VAR(msg);
    1042
    1043 if((p=iniGetString(ini, section, "WhenWritten", NULL, NULL)) != NULL) {
    1044 char zone[32];
    1045 xpDateTime_t dt=isoDateTimeStr_parse(p);
    CID 376394: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "xpDateTime_to_localtime(dt)" is cast to "uint32_t".
    1046 msg.hdr.when_written.time=(uint32_t)xpDateTime_to_localtime(dt);
    1047 msg.hdr.when_written.zone=dt.zone;
    1048 sscanf(p,"%*s %s",zone);
    1049 if(zone[0])
    1050 msg.hdr.when_written.zone=(ushort)strtoul(zone,NULL,16);
    1051 }

    ** CID 376393: Memory - corruptions (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 376393: Memory - corruptions (OVERRUN) /tmp/sbbs-Nov-10-2022/src/smblib/smbfile.c: 367 in smb_addfile_withlist()
    361
    362 if(list != NULL && *list != NULL) {
    363 size_t size = strListCount(list) * 1024;
    364 metadata = calloc(1, size);
    365 if(metadata == NULL)
    366 return SMB_ERR_MEM;
    CID 376393: Memory - corruptions (OVERRUN)
    Calling "strListCombine" with "metadata" and "size - 1UL" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned.
    367 strListCombine(list, metadata, size - 1, "\r\n");
    368 }
    369 result = smb_addfile(smb, file, storage, extdesc, metadata, path);
    370 free(metadata);
    371 return result;
    372 }

    ** CID 376392: Memory - corruptions (OVERRUN)
    /unbaja.c: 298 in bruteforce()


    ________________________________________________________________________________________________________
    *** CID 376392: Memory - corruptions (OVERRUN)
    /unbaja.c: 298 in bruteforce()
    292 for(i=1;brute_buf[i];i++)
    293 brute_crc_buf[i]=ucrc32(brute_buf[i],brute_crc_buf[i-1]);
    294 /* String is pre-filled with zeros so no need to terminate */
    295 goto LOOP_END;
    296 }
    297 *pos=first_char_table[*pos];
    CID 376392: Memory - corruptions (OVERRUN)
    Calling "memset" with "brute_buf + 1" and "l - 1UL" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned. [Note: The source code implementation of the function has been overridden by a builtin model.]
    298 memset(brute_buf+1,'_',l-1);
    299 brute_crc_buf[0]=ucrc32(brute_buf[0],~0UL);
    300 for(i=1;brute_buf[i];i++)
    301 brute_crc_buf[i]=ucrc32(brute_buf[i],brute_crc_buf[i-1]);
    302
    303 LOOP_END:

    ** CID 376391: High impact quality (Y2K38_SAFETY)
    /js_filebase.c: 1128 in js_get_file_time()


    ________________________________________________________________________________________________________
    *** CID 376391: High impact quality (Y2K38_SAFETY)
    /js_filebase.c: 1128 in js_get_file_time()
    1122 return JS_TRUE;
    1123
    1124 rc=JS_SUSPENDREQUEST(cx);
    1125 if((p->smb_result = smb_loadfile(&p->smb, filename, &file, file_detail_index)) == SMB_SUCCESS) {
    1126 char path[MAX_PATH + 1];
    1127 getfilepath(scfg, &file, path);
    CID 376391: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "getfiletime(scfg, &file)" is cast to "uint32".
    1128 JS_SET_RVAL(cx, arglist, UINT_TO_JSVAL((uint32)getfiletime(scfg, &file)));
    1129 smb_freefilemem(&file);
    1130 }
    1131 JS_RESUMEREQUEST(cx, rc);
    1132 free(filename);
    1133

    ** CID 376390: High impact quality (Y2K38_SAFETY)
    /uedit/uedit.c: 1565 in edit_personal()


    ________________________________________________________________________________________________________
    *** CID 376390: High impact quality (Y2K38_SAFETY)
    /uedit/uedit.c: 1565 in edit_personal()
    1559 case 13:
    1560 /* Password */
    1561 GETUSERDAT(cfg,user);
    1562 uifc.input(WIN_MID|WIN_ACT|WIN_SAV,0,0,"Password",user->pass,LEN_PASS,K_EDIT);
    1563 if(uifc.changes) {
    1564 putuserrec(cfg,user->number,U_PASS,LEN_PASS,user->pass);
    CID 376390: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "time32_t".
    1565 user->pwmod=time(NULL);
    1566 putuserrec(cfg,user->number,U_PWMOD,8,ultoa(user->pwmod,str,16));
    1567 }
    1568 break;
    1569 case 14:
    1570 /* Note */


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dekk9_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA-2FwrhvsG-2BKheEMIte-2BKd9q2NQrRsaYgrC6kE4ewG7zSvttqnkDy-2BfltPE-2BoKdxDwGPeGgGc5fd6dRrhHAE1C1roBc0jOwtt-2F2r-2Fg12OSY18uqKQlJCAX-2BL8Tt7el7tobW8yQHa-2F74XHXpTGt3tv85aMrQZOmKFDgwH-2B0n46xFPxw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Digital Man@VERT to scan-admin@coverity.com on Friday, November 11, 2022 23:51:37
    Re: New Defects reported by Coverity Scan for Synchronet
    By: scan-admin@coverity.com to cov-scan@synchro.net on Thu Nov 10 2022 01:38 pm

    89 new defect(s) introduced to Synchronet found with Coverity Scan.

    I also upgraded to the latest version of Coverity available and it includes some new bug checkers (e.g. year 2038 issue checker) which are now getting triggered. These aren't actually new defects in the code - old defects newly detected. :-)
    --
    digital man (rob)

    Sling Blade quote #19:
    Doyle: I can't so much as drink a damn glass of water around a midget
    Norco, CA WX: 55.0øF, 34.0% humidity, 0 mph ENE wind, 0.00 inches rain/24hrs

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, December 26, 2022 13:37:04
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 432266: Program hangs (ORDER_REVERSAL) /tmp/sbbs-Dec-26-2022/src/conio/sdl_con.c: 1082 in sdl_video_event_thread()


    ________________________________________________________________________________________________________
    *** CID 432266: Program hangs (ORDER_REVERSAL) /tmp/sbbs-Dec-26-2022/src/conio/sdl_con.c: 1082 in sdl_video_event_thread() 1076 void *pixels;
    1077 int pitch;
    1078 int row;
    1079 int tw, th;
    1080
    1081 sdl.RenderClear(renderer);
    CID 432266: Program hangs (ORDER_REVERSAL)
    Calling "pthread_mutex_lock" acquires lock "vstatlock" while holding lock "win_mutex" (count: 1 / 4).
    1082 pthread_mutex_lock(&vstatlock);
    1083 if (internal_scaling) {
    1084 struct graphics_buffer *gb;
    1085 int xscale, yscale;
    1086 internal_scaling_factors(cvstat.winwidth, cvstat.winheight, &xscale, &yscale);
    1087 gb = do_scale(list, xscale, yscale,


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DHBXD_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCyS5UyoQqKVmOMedFGLjn71yTeRcDL7fqmvbUSLPY1OWKWt59G-2BDzatjMcGJyCU2niQVF5GZicwHShu9rR5Tko09y26ywpI6qvkqed4WvIuyR7izNkMLacScaWBu9-2B-2FpmHIHwWZWKEjrMrksbmhc-2F9zKDxBoB1ZVQ1cTyfaA-2BEXA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, December 30, 2022 13:38:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    37 new defect(s) introduced to Synchronet found with Coverity Scan.
    24 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 37 defect(s)


    ** CID 433272: Code maintainability issues (UNUSED_VALUE)
    /useredit.cpp: 1039 in sbbs_t::maindflts(user_t *)()


    ________________________________________________________________________________________________________
    *** CID 433272: Code maintainability issues (UNUSED_VALUE)
    /useredit.cpp: 1039 in sbbs_t::maindflts(user_t *)()
    1033 putusermisc(user->number, user->misc); 1034 break;
    1035 case 'W':
    1036 if(!noyes(text[NewPasswordQ])) {
    1037 bputs(text[CurrentPassword]); 1038 console|=CON_R_ECHOX;
    CID 433272: Code maintainability issues (UNUSED_VALUE)
    Assigning value from "(char)this->getstr(str, 40UL, 1L, NULL)" to "ch" here, but that stored value is overwritten before it can be used.
    1039 ch=(char)getstr(str,LEN_PASS,K_UPPER);
    1040 console&=~(CON_R_ECHOX|CON_L_ECHOX);
    1041 if(sys_status&SS_ABORT)
    1042 break;
    1043 if(stricmp(str,user->pass)) { 1044 bputs(text[WrongPassword]);

    ** CID 433271: (RESOURCE_LEAK)
    /scfglib2.c: 658 in read_chat_cfg()
    /scfglib2.c: 759 in read_chat_cfg()
    /scfglib2.c: 679 in read_chat_cfg()
    /scfglib2.c: 687 in read_chat_cfg()
    /scfglib2.c: 651 in read_chat_cfg()
    /scfglib2.c: 718 in read_chat_cfg()
    /scfglib2.c: 752 in read_chat_cfg()
    /scfglib2.c: 725 in read_chat_cfg()


    ________________________________________________________________________________________________________
    *** CID 433271: (RESOURCE_LEAK)
    /scfglib2.c: 658 in read_chat_cfg()
    652 } else
    653 cfg->guru=NULL;
    654
    655 for(uint i=0; i<cfg->total_gurus; i++) {
    656 const char* name = list[i];
    657 if((cfg->guru[i]=(guru_t *)malloc(sizeof(guru_t)))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 658 return allocerr(error, maxerrlen, fname, "guru", sizeof(guru_t));
    659 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    660 memset(cfg->guru[i],0,sizeof(guru_t));
    661
    662 SAFECOPY(cfg->guru[i]->name, iniGetString(section, NULL, "name", name + 5, value));
    663 SAFECOPY(cfg->guru[i]->code, name + 5);
    /scfglib2.c: 759 in read_chat_cfg()
    753 } else
    754 cfg->page=NULL;
    755
    756 for(uint i=0; i<cfg->total_pages; i++) {
    757 const char* name = list[i];
    758 if((cfg->page[i]=(page_t *)malloc(sizeof(page_t)))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 759 return allocerr(error, maxerrlen, fname, "page", sizeof(page_t));
    760 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    761 memset(cfg->page[i],0,sizeof(page_t));
    762
    763 SAFECOPY(cfg->page[i]->cmd, iniGetString(section, NULL, "cmd", "", value));
    764
    /scfglib2.c: 679 in read_chat_cfg()
    673
    674 list = iniGetParsedSectionList(sections, "actions:");
    675 cfg->total_actsets = (uint16_t)strListCount(list);
    676
    677 if(cfg->total_actsets) {
    678 if((cfg->actset=(actset_t **)malloc(sizeof(actset_t *)*cfg->total_actsets))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 679 return allocerr(error, maxerrlen, fname, "actsets", sizeof(actset_t *)*cfg->total_actsets);
    680 } else
    681 cfg->actset=NULL;
    682
    683 cfg->total_chatacts = 0;
    684 for(uint i=0; i<cfg->total_actsets; i++) {
    /scfglib2.c: 687 in read_chat_cfg()
    681 cfg->actset=NULL;
    682
    683 cfg->total_chatacts = 0;
    684 for(uint i=0; i<cfg->total_actsets; i++) {
    685 const char* name = list[i];
    686 if((cfg->actset[i]=(actset_t *)malloc(sizeof(actset_t)))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 687 return allocerr(error, maxerrlen, fname, "actset", sizeof(actset_t));
    688 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    689 SAFECOPY(cfg->actset[i]->name, name + 8);
    690 str_list_t act_list = iniGetKeyList(section, NULL);
    691 for(uint j = 0; act_list != NULL && act_list[j] != NULL; j++) {
    692 chatact_t** np = realloc(cfg->chatact, sizeof(chatact_t *) * (cfg->total_chatacts + 1));
    /scfglib2.c: 651 in read_chat_cfg()
    645
    646 str_list_t list = iniGetParsedSectionList(sections, "guru:"); 647 cfg->total_gurus = (uint16_t)strListCount(list);
    648
    649 if(cfg->total_gurus) {
    650 if((cfg->guru=(guru_t **)malloc(sizeof(guru_t *)*cfg->total_gurus))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 651 return allocerr(error, maxerrlen, fname, "gurus", sizeof(guru_t *)*cfg->total_gurus);
    652 } else
    653 cfg->guru=NULL;
    654
    655 for(uint i=0; i<cfg->total_gurus; i++) {
    656 const char* name = list[i];
    /scfglib2.c: 718 in read_chat_cfg()
    712
    713 list = iniGetParsedSectionList(sections, "chan:");
    714 cfg->total_chans = (uint16_t)strListCount(list);
    715
    716 if(cfg->total_chans) {
    717 if((cfg->chan=(chan_t **)malloc(sizeof(chan_t *)*cfg->total_chans))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 718 return allocerr(error, maxerrlen, fname, "chans", sizeof(chan_t *)*cfg->total_chans);
    719 } else
    720 cfg->chan=NULL;
    721
    722 for(uint i=0; i<cfg->total_chans; i++) {
    723 const char* name = list[i];
    /scfglib2.c: 752 in read_chat_cfg()
    746
    747 list = iniGetParsedSectionList(sections, "pager:");
    748 cfg->total_pages = (uint16_t)strListCount(list);
    749
    750 if(cfg->total_pages) {
    751 if((cfg->page=(page_t **)malloc(sizeof(page_t *)*cfg->total_pages))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 752 return allocerr(error, maxerrlen, fname, "pages", sizeof(page_t *)*cfg->total_pages);
    753 } else
    754 cfg->page=NULL;
    755
    756 for(uint i=0; i<cfg->total_pages; i++) {
    757 const char* name = list[i];
    /scfglib2.c: 725 in read_chat_cfg()
    719 } else
    720 cfg->chan=NULL;
    721
    722 for(uint i=0; i<cfg->total_chans; i++) {
    723 const char* name = list[i];
    724 if((cfg->chan[i]=(chan_t *)malloc(sizeof(chan_t)))==NULL)
    CID 433271: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 725 return allocerr(error, maxerrlen, fname, "chan", sizeof(chan_t));
    726 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    727 memset(cfg->chan[i],0,sizeof(chan_t));
    728
    729 cfg->chan[i]->actset = getchatactset(cfg, iniGetString(section, NULL, "actions", "", value));
    730 SAFECOPY(cfg->chan[i]->name, iniGetString(section, NULL, "name", "", value));

    ** CID 433270: Null pointer dereferences (FORWARD_NULL)
    /scfglib1.c: 420 in read_msgs_cfg()


    ________________________________________________________________________________________________________
    *** CID 433270: Null pointer dereferences (FORWARD_NULL)
    /scfglib1.c: 420 in read_msgs_cfg()
    414 continue;
    415 *p = '\0';
    416 char* code = p + 1;
    417 int grpnum = getgrpnum_from_name(cfg, group);
    418 if(!is_valid_grpnum(cfg, grpnum))
    419 continue;
    CID 433270: Null pointer dereferences (FORWARD_NULL)
    Dereferencing null pointer "cfg->sub".
    420 if((cfg->sub[i]=(sub_t *)malloc(sizeof(sub_t)))==NULL) 421 return allocerr(error, maxerrlen, fname, "sub", sizeof(sub_t));
    422 section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    423 memset(cfg->sub[i],0,sizeof(sub_t));
    424 SAFECOPY(cfg->sub[i]->code_suffix, code);
    425

    ** CID 433269: Resource leaks (RESOURCE_LEAK)
    /scfglib2.c: 117 in read_file_cfg()


    ________________________________________________________________________________________________________
    *** CID 433269: Resource leaks (RESOURCE_LEAK)
    /scfglib2.c: 117 in read_file_cfg()
    111 return allocerr(error, maxerrlen, fname, "fcomps", sizeof(fcomp_t*)*cfg->total_fcomps);
    112 } else
    113 cfg->fcomp=NULL;
    114
    115 for(uint i=0; i<cfg->total_fcomps; i++) {
    116 if((cfg->fcomp[i]=(fcomp_t *)malloc(sizeof(fcomp_t)))==NULL)
    CID 433269: Resource leaks (RESOURCE_LEAK)
    Variable "fcomp_list" going out of scope leaks the storage it points to.
    117 return allocerr(error, maxerrlen, fname, "fcomp", sizeof(fcomp_t));
    118 str_list_t section = iniGetParsedSection(sections, fcomp_list[i], /* cut: */TRUE);
    119 memset(cfg->fcomp[i],0,sizeof(fcomp_t));
    120 SAFECOPY(cfg->fcomp[i]->ext, iniGetString(section, NULL, "extension", "", value));
    121 SAFECOPY(cfg->fcomp[i]->cmd, iniGetString(section, NULL, "cmd", "", value));
    122 SAFECOPY(cfg->fcomp[i]->arstr, iniGetString(section, NULL, "ars", "", value));

    ** CID 433268: Resource leaks (RESOURCE_LEAK)
    /scfglib2.c: 194 in read_file_cfg()


    ________________________________________________________________________________________________________
    *** CID 433268: Resource leaks (RESOURCE_LEAK)
    /scfglib2.c: 194 in read_file_cfg()
    188 return allocerr(error, maxerrlen, fname, "dlevents", sizeof(dlevent_t*)*cfg->total_dlevents);
    189 } else
    190 cfg->dlevent=NULL;
    191
    192 for(uint i=0; i<cfg->total_dlevents; i++) {
    193 if((cfg->dlevent[i]=(dlevent_t *)malloc(sizeof(dlevent_t)))==NULL)
    CID 433268: Resource leaks (RESOURCE_LEAK)
    Variable "dlevent_list" going out of scope leaks the storage it points to.
    194 return allocerr(error, maxerrlen, fname, "dlevent", sizeof(dlevent_t));
    195 str_list_t section = iniGetParsedSection(sections, dlevent_list[i], /* cut: */TRUE);
    196 memset(cfg->dlevent[i],0,sizeof(dlevent_t));
    197 SAFECOPY(cfg->dlevent[i]->ext, iniGetString(section, NULL, "extension", "", value));
    198 SAFECOPY(cfg->dlevent[i]->cmd, iniGetString(section, NULL, "cmd", "", value));
    199 SAFECOPY(cfg->dlevent[i]->workstr, iniGetString(section, NULL, "working", "", value));

    ** CID 433267: Control flow issues (DEADCODE)
    /mqtt.c: 41 in mqtt_init()


    ________________________________________________________________________________________________________
    *** CID 433267: Control flow issues (DEADCODE)
    /mqtt.c: 41 in mqtt_init()
    35 mqtt->host = host;
    36 mqtt->server = server;
    37 #ifdef USE_MOSQUITTO
    38 return mosquitto_lib_init();
    39 #endif
    40 }
    CID 433267: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "return 100;".
    41 return MQTT_FAILURE;
    42 }
    43
    44 static char* format_topic(struct mqtt* mqtt, enum topic_depth depth, char* str, size_t size, const char* sbuf)
    45 {
    46 switch(depth) {

    ** CID 433266: (RESOURCE_LEAK)
    /scfglib1.c: 523 in read_msgs_cfg()
    /scfglib1.c: 381 in read_msgs_cfg()
    /scfglib1.c: 373 in read_msgs_cfg()


    ________________________________________________________________________________________________________
    *** CID 433266: (RESOURCE_LEAK)
    /scfglib1.c: 523 in read_msgs_cfg()
    517 cfg->qhub=NULL;
    518
    519 cfg->total_qhubs = 0;
    520 for(uint i=0; qhub_list[i] != NULL; i++) {
    521 const char* name = qhub_list[i];
    522 if((cfg->qhub[i]=(qhub_t *)malloc(sizeof(qhub_t)))==NULL)
    CID 433266: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 523 return allocerr(error, maxerrlen, fname, "qhub", sizeof(qhub_t));
    524 section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    525 memset(cfg->qhub[i],0,sizeof(qhub_t));
    526
    527 SAFECOPY(cfg->qhub[i]->id, name + 5);
    528 cfg->qhub[i]->time = iniGetShortInt(section, NULL, "time", 0);
    /scfglib1.c: 381 in read_msgs_cfg()
    375 cfg->grp=NULL;
    376
    377 for(uint i=0; i<cfg->total_grps; i++) {
    378
    379 const char* name = grp_list[i];
    380 if((cfg->grp[i]=(grp_t *)malloc(sizeof(grp_t)))==NULL) >>> CID 433266: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 381 return allocerr(error, maxerrlen, fname, "group", sizeof(grp_t));
    382 section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    383 memset(cfg->grp[i],0,sizeof(grp_t));
    384 SAFECOPY(cfg->grp[i]->sname, name + 4);
    385 SAFECOPY(cfg->grp[i]->lname, iniGetString(section, NULL, "description", name + 4, value));
    386 SAFECOPY(cfg->grp[i]->code_prefix, iniGetString(section, NULL, "code_prefix", "", value));
    /scfglib1.c: 373 in read_msgs_cfg()
    367
    368 str_list_t grp_list = iniGetParsedSectionList(sections, "grp:");
    369 cfg->total_grps = (uint16_t)strListCount(grp_list);
    370
    371 if(cfg->total_grps) {
    372 if((cfg->grp=(grp_t **)malloc(sizeof(grp_t *)*cfg->total_grps))==NULL)
    CID 433266: (RESOURCE_LEAK)
    Variable "sections" going out of scope leaks the storage it points to. 373 return allocerr(error, maxerrlen, fname, "groups", sizeof(grp_t *)*cfg->total_grps);
    374 } else
    375 cfg->grp=NULL;
    376
    377 for(uint i=0; i<cfg->total_grps; i++) {
    378

    ** CID 433265: (RESOURCE_LEAK)
    /scfglib1.c: 381 in read_msgs_cfg()
    /scfglib1.c: 373 in read_msgs_cfg()


    ________________________________________________________________________________________________________
    *** CID 433265: (RESOURCE_LEAK)
    /scfglib1.c: 381 in read_msgs_cfg()
    375 cfg->grp=NULL;
    376
    377 for(uint i=0; i<cfg->total_grps; i++) {
    378
    379 const char* name = grp_list[i];
    380 if((cfg->grp[i]=(grp_t *)malloc(sizeof(grp_t)))==NULL) >>> CID 433265: (RESOURCE_LEAK)
    Variable "grp_list" going out of scope leaks the storage it points to. 381 return allocerr(error, maxerrlen, fname, "group", sizeof(grp_t));
    382 section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    383 memset(cfg->grp[i],0,sizeof(grp_t));
    384 SAFECOPY(cfg->grp[i]->sname, name + 4);
    385 SAFECOPY(cfg->grp[i]->lname, iniGetString(section, NULL, "description", name + 4, value));
    386 SAFECOPY(cfg->grp[i]->code_prefix, iniGetString(section, NULL, "code_prefix", "", value));
    /scfglib1.c: 373 in read_msgs_cfg()
    367
    368 str_list_t grp_list = iniGetParsedSectionList(sections, "grp:");
    369 cfg->total_grps = (uint16_t)strListCount(grp_list);
    370
    371 if(cfg->total_grps) {
    372 if((cfg->grp=(grp_t **)malloc(sizeof(grp_t *)*cfg->total_grps))==NULL)
    CID 433265: (RESOURCE_LEAK)
    Variable "grp_list" going out of scope leaks the storage it points to. 373 return allocerr(error, maxerrlen, fname, "groups", sizeof(grp_t *)*cfg->total_grps);
    374 } else
    375 cfg->grp=NULL;
    376
    377 for(uint i=0; i<cfg->total_grps; i++) {
    378

    ** CID 433264: Memory - corruptions (REVERSE_NEGATIVE)
    /main.cpp: 2347 in output_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 433264: Memory - corruptions (REVERSE_NEGATIVE)
    /main.cpp: 2347 in output_thread(void *)()
    2341 }
    2342 }
    2343 #endif
    2344 sbbs->terminate_output_thread = false;
    2345
    2346 /* Note: do not terminate when online==FALSE, that is expected for the terminal server output_thread */
    CID 433264: Memory - corruptions (REVERSE_NEGATIVE)
    You might be using variable "sbbs->client_socket" before verifying that it is >= 0.
    2347 while (sbbs->client_socket != INVALID_SOCKET && !terminate_server && !sbbs->terminate_output_thread) {
    2348 /*
    2349 * I'd like to check the linear buffer against the highwater
    2350 * at this point, but it would get too clumsy imho - Deuce
    2351 *
    2352 * Actually, another option would just be to have the size

    ** CID 433263: (RESOURCE_LEAK)
    /scfglib1.c: 548 in read_msgs_cfg()
    /scfglib1.c: 523 in read_msgs_cfg()
    /scfglib1.c: 515 in read_msgs_cfg()
    /scfglib1.c: 546 in read_msgs_cfg()


    ________________________________________________________________________________________________________
    *** CID 433263: (RESOURCE_LEAK)
    /scfglib1.c: 548 in read_msgs_cfg()
    542 if(k) {
    543 if((cfg->qhub[i]->sub=(sub_t**)malloc(sizeof(sub_t*)*k))==NULL)
    544 return allocerr(error, maxerrlen, fname, "qhub sub", sizeof(sub_t)*k);
    545 if((cfg->qhub[i]->conf=(ushort *)malloc(sizeof(ushort)*k))==NULL)
    546 return allocerr(error, maxerrlen, fname, "qhub conf", sizeof(ushort)*k);
    547 if((cfg->qhub[i]->mode=(char *)malloc(sizeof(char)*k))==NULL)
    CID 433263: (RESOURCE_LEAK)
    Variable "qhub_list" going out of scope leaks the storage it points to. 548 return allocerr(error, maxerrlen, fname, "qhub mode", sizeof(uchar)*k);
    549 }
    550
    551 for(uint j=0;j<k;j++) {
    552 uint16_t confnum;
    553 int subnum;
    /scfglib1.c: 523 in read_msgs_cfg()
    517 cfg->qhub=NULL;
    518
    519 cfg->total_qhubs = 0;
    520 for(uint i=0; qhub_list[i] != NULL; i++) {
    521 const char* name = qhub_list[i];
    522 if((cfg->qhub[i]=(qhub_t *)malloc(sizeof(qhub_t)))==NULL)
    CID 433263: (RESOURCE_LEAK)
    Variable "qhub_list" going out of scope leaks the storage it points to. 523 return allocerr(error, maxerrlen, fname, "qhub", sizeof(qhub_t));
    524 section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    525 memset(cfg->qhub[i],0,sizeof(qhub_t));
    526
    527 SAFECOPY(cfg->qhub[i]->id, name + 5);
    528 cfg->qhub[i]->time = iniGetShortInt(section, NULL, "time", 0);
    /scfglib1.c: 515 in read_msgs_cfg()
    509 /**********/
    510 str_list_t qhub_list = iniGetParsedSectionList(sections, "qhub:");
    511 cfg->total_qhubs = (uint16_t)strListCount(qhub_list);
    512
    513 if(cfg->total_qhubs) {
    514 if((cfg->qhub=(qhub_t **)malloc(sizeof(qhub_t *)*cfg->total_qhubs))==NULL)
    CID 433263: (RESOURCE_LEAK)
    Variable "qhub_list" going out of scope leaks the storage it points to. 515 return allocerr(error, maxerrlen, fname, "qhubs", sizeof(qhub_t*)*cfg->total_qhubs);
    516 } else
    517 cfg->qhub=NULL;
    518
    519 cfg->total_qhubs = 0;
    520 for(uint i=0; qhub_list[i] != NULL; i++) {
    /scfglib1.c: 546 in read_msgs_cfg()
    540 str_list_t qsub_list = iniGetParsedSectionList(sections, str);
    541 uint k = strListCount(qsub_list);
    542 if(k) {
    543 if((cfg->qhub[i]->sub=(sub_t**)malloc(sizeof(sub_t*)*k))==NULL)
    544 return allocerr(error, maxerrlen, fname, "qhub sub", sizeof(sub_t)*k);
    545 if((cfg->qhub[i]->conf=(ushort *)malloc(sizeof(ushort)*k))==NULL)
    CID 433263: (RESOURCE_LEAK)
    Variable "qhub_list" going out of scope leaks the storage it points to. 546 return allocerr(error, maxerrlen, fname, "qhub conf", sizeof(ushort)*k);
    547 if((cfg->qhub[i]->mode=(char *)malloc(sizeof(char)*k))==NULL)
    548 return allocerr(error, maxerrlen, fname, "qhub mode", sizeof(uchar)*k);
    549 }
    550
    551 for(uint j=0;j<k;j++) {

    ** CID 433262: High impact quality (Y2K38_SAFETY)
    /qwk.cpp: 1036 in sbbs_t::qwk_vote(char **, const char *, unsigned short, const char *, unsigned int, sbbs_t::msg_filters, int)()


    ________________________________________________________________________________________________________
    *** CID 433262: High impact quality (Y2K38_SAFETY)
    /qwk.cpp: 1036 in sbbs_t::qwk_vote(char **, const char *, unsigned short, const char *, unsigned int, sbbs_t::msg_filters, int)()
    1030 smbmsg_t msg;
    1031 ZERO_VAR(msg);
    1032
    1033 if((p=iniGetString(ini, section, "WhenWritten", NULL, NULL)) != NULL) {
    1034 char zone[32];
    1035 xpDateTime_t dt=isoDateTimeStr_parse(p);
    CID 433262: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "xpDateTime_to_localtime(dt)" is cast to "uint32_t".
    1036 msg.hdr.when_written.time=(uint32_t)xpDateTime_to_localtime(dt);
    1037 msg.hdr.when_written.zone=dt.zone;
    1038 sscanf(p,"%*s %s",zone);
    1039 if(zone[0])
    1040 msg.hdr.when_written.zone=(ushort)strtoul(zone,NULL,16);
    1041 }

    ** CID 433261: (RESOURCE_LEAK)
    /scfglib2.c: 245 in read_file_cfg()
    /scfglib2.c: 252 in read_file_cfg()


    ________________________________________________________________________________________________________
    *** CID 433261: (RESOURCE_LEAK)
    /scfglib2.c: 245 in read_file_cfg()
    239
    240 str_list_t lib_list = iniGetParsedSectionList(sections, "lib:");
    241 cfg->total_libs = (uint16_t)strListCount(lib_list);
    242
    243 if(cfg->total_libs) {
    244 if((cfg->lib=(lib_t **)malloc(sizeof(lib_t *)*cfg->total_libs))==NULL)
    CID 433261: (RESOURCE_LEAK)
    Variable "lib_list" going out of scope leaks the storage it points to. 245 return allocerr(error, maxerrlen, fname, "libs", sizeof(lib_t *)*cfg->total_libs);
    246 } else
    247 cfg->lib=NULL;
    248
    249 for(uint i=0; i<cfg->total_libs; i++) {
    250 char* name = lib_list[i];
    /scfglib2.c: 252 in read_file_cfg()
    246 } else
    247 cfg->lib=NULL;
    248
    249 for(uint i=0; i<cfg->total_libs; i++) {
    250 char* name = lib_list[i];
    251 if((cfg->lib[i]=(lib_t *)malloc(sizeof(lib_t)))==NULL) >>> CID 433261: (RESOURCE_LEAK)
    Variable "lib_list" going out of scope leaks the storage it points to. 252 return allocerr(error, maxerrlen, fname, "lib", sizeof(lib_t));
    253 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    254 memset(cfg->lib[i],0,sizeof(lib_t));
    255 cfg->lib[i]->offline_dir=INVALID_DIR;
    256 SAFECOPY(cfg->lib[i]->sname, name + 4);
    257 SAFECOPY(cfg->lib[i]->lname, iniGetString(section, NULL, "description", name + 4, value));

    ** CID 433260: (RESOURCE_LEAK)
    /scfglib1.c: 546 in read_msgs_cfg()
    /scfglib1.c: 548 in read_msgs_cfg()
    /scfglib1.c: 544 in read_msgs_cfg()


    ________________________________________________________________________________________________________
    *** CID 433260: (RESOURCE_LEAK)
    /scfglib1.c: 546 in read_msgs_cfg()
    540 str_list_t qsub_list = iniGetParsedSectionList(sections, str);
    541 uint k = strListCount(qsub_list);
    542 if(k) {
    543 if((cfg->qhub[i]->sub=(sub_t**)malloc(sizeof(sub_t*)*k))==NULL)
    544 return allocerr(error, maxerrlen, fname, "qhub sub", sizeof(sub_t)*k);
    545 if((cfg->qhub[i]->conf=(ushort *)malloc(sizeof(ushort)*k))==NULL)
    CID 433260: (RESOURCE_LEAK)
    Variable "qsub_list" going out of scope leaks the storage it points to. 546 return allocerr(error, maxerrlen, fname, "qhub conf", sizeof(ushort)*k);
    547 if((cfg->qhub[i]->mode=(char *)malloc(sizeof(char)*k))==NULL)
    548 return allocerr(error, maxerrlen, fname, "qhub mode", sizeof(uchar)*k);
    549 }
    550
    551 for(uint j=0;j<k;j++) {
    /scfglib1.c: 548 in read_msgs_cfg()
    542 if(k) {
    543 if((cfg->qhub[i]->sub=(sub_t**)malloc(sizeof(sub_t*)*k))==NULL)
    544 return allocerr(error, maxerrlen, fname, "qhub sub", sizeof(sub_t)*k);
    545 if((cfg->qhub[i]->conf=(ushort *)malloc(sizeof(ushort)*k))==NULL)
    546 return allocerr(error, maxerrlen, fname, "qhub conf", sizeof(ushort)*k);
    547 if((cfg->qhub[i]->mode=(char *)malloc(sizeof(char)*k))==NULL)
    CID 433260: (RESOURCE_LEAK)
    Variable "qsub_list" going out of scope leaks the storage it points to. 548 return allocerr(error, maxerrlen, fname, "qhub mode", sizeof(uchar)*k);
    549 }
    550
    551 for(uint j=0;j<k;j++) {
    552 uint16_t confnum;
    553 int subnum;
    /scfglib1.c: 544 in read_msgs_cfg()
    538 char str[128];
    539 SAFEPRINTF(str, "qhubsub:%s:", cfg->qhub[i]->id);
    540 str_list_t qsub_list = iniGetParsedSectionList(sections, str);
    541 uint k = strListCount(qsub_list);
    542 if(k) {
    543 if((cfg->qhub[i]->sub=(sub_t**)malloc(sizeof(sub_t*)*k))==NULL)
    CID 433260: (RESOURCE_LEAK)
    Variable "qsub_list" going out of scope leaks the storage it points to. 544 return allocerr(error, maxerrlen, fname, "qhub sub", sizeof(sub_t)*k);
    545 if((cfg->qhub[i]->conf=(ushort *)malloc(sizeof(ushort)*k))==NULL)
    546 return allocerr(error, maxerrlen, fname, "qhub conf", sizeof(ushort)*k);
    547 if((cfg->qhub[i]->mode=(char *)malloc(sizeof(char)*k))==NULL)
    548 return allocerr(error, maxerrlen, fname, "qhub mode", sizeof(uchar)*k);
    549 }

    ** CID 433259: Resource leaks (RESOURCE_LEAK)
    /upgrade_to_v320.c: 463 in upgrade_users()


    ________________________________________________________________________________________________________
    *** CID 433259: Resource leaks (RESOURCE_LEAK)
    /upgrade_to_v320.c: 463 in upgrade_users()
    457 return false;
    458 }
    459
    460 int file = v31x_openuserdat(&scfg, /* for_modify */FALSE);
    461 if(file == -1) {
    462 perror("user.dat");
    CID 433259: Resource leaks (RESOURCE_LEAK)
    Variable "out" going out of scope leaks the storage it points to.
    463 return false;
    464 }
    465 for(uint i = 1; i <= last; i++) {
    466 user_t user;
    467 ZERO_VAR(user);
    468 user.number = i;

    ** CID 433258: (RESOURCE_LEAK)
    /scfglib2.c: 481 in read_xtrn_cfg()
    /scfglib2.c: 500 in read_xtrn_cfg()
    /scfglib2.c: 462 in read_xtrn_cfg()
    /scfglib2.c: 428 in read_xtrn_cfg()
    /scfglib2.c: 541 in read_xtrn_cfg()
    /scfglib2.c: 594 in read_xtrn_cfg()
    /scfglib2.c: 534 in read_xtrn_cfg()
    /scfglib2.c: 579 in read_xtrn_cfg()
    /scfglib2.c: 455 in read_xtrn_cfg()
    /scfglib2.c: 601 in read_xtrn_cfg()
    /scfglib2.c: 421 in read_xtrn_cfg()
    /scfglib2.c: 572 in read_xtrn_cfg()


    ________________________________________________________________________________________________________
    *** CID 433258: (RESOURCE_LEAK)
    /scfglib2.c: 481 in read_xtrn_cfg()
    475
    476 list = iniGetParsedSectionList(sections, "prog:");
    477 cfg->total_xtrns = (uint16_t)strListCount(list);
    478
    479 if(cfg->total_xtrns) {
    480 if((cfg->xtrn=(xtrn_t **)malloc(sizeof(xtrn_t *)*cfg->total_xtrns))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    481 return allocerr(error, maxerrlen, fname, "xtrns", sizeof(xtrn_t *)*cfg->total_xtrns);
    482 } else
    483 cfg->xtrn=NULL;
    484
    485 cfg->total_xtrns = 0;
    486 for(uint i=0; list[i] != NULL; i++) {
    /scfglib2.c: 500 in read_xtrn_cfg()
    494 char* code = p + 1;
    495 int secnum = getxtrnsec(cfg, sec);
    496 if(!is_valid_xtrnsec(cfg, secnum))
    497 continue;
    498
    499 if((cfg->xtrn[i]=(xtrn_t *)malloc(sizeof(xtrn_t)))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    500 return allocerr(error, maxerrlen, fname, "xtrn", sizeof(xtrn_t));
    501 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    502 memset(cfg->xtrn[i],0,sizeof(xtrn_t));
    503 cfg->xtrn[i]->sec = secnum;
    504
    505 SAFECOPY(cfg->xtrn[i]->name, iniGetString(section, NULL, "name", code, value));
    /scfglib2.c: 462 in read_xtrn_cfg()
    456 } else
    457 cfg->xtrnsec=NULL;
    458
    459 for(uint i=0; i<cfg->total_xtrnsecs; i++) {
    460 const char* name = list[i];
    461 if((cfg->xtrnsec[i]=(xtrnsec_t *)malloc(sizeof(xtrnsec_t)))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    462 return allocerr(error, maxerrlen, fname, "xtrnsec", sizeof(xtrnsec_t));
    463 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    464 memset(cfg->xtrnsec[i],0,sizeof(xtrnsec_t));
    465 SAFECOPY(cfg->xtrnsec[i]->code, name + 4);
    466 SAFECOPY(cfg->xtrnsec[i]->name, iniGetString(section, NULL, "name", name + 4, value));
    467 SAFECOPY(cfg->xtrnsec[i]->arstr, iniGetString(section, NULL, "ars", "", value));
    /scfglib2.c: 428 in read_xtrn_cfg()
    422 } else
    423 cfg->xedit=NULL;
    424
    425 for(uint i=0; i<cfg->total_xedits; i++) {
    426 const char* name = list[i];
    427 if((cfg->xedit[i]=(xedit_t *)malloc(sizeof(xedit_t)))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    428 return allocerr(error, maxerrlen, fname, "xedit", sizeof(xedit_t));
    429 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    430 memset(cfg->xedit[i],0,sizeof(xedit_t));
    431 SAFECOPY(cfg->xedit[i]->code, name + 7);
    432 SAFECOPY(cfg->xedit[i]->name, iniGetString(section, NULL, "name", name + 7, value));
    433 SAFECOPY(cfg->xedit[i]->rcmd, iniGetString(section, NULL, "cmd", "", value));
    /scfglib2.c: 541 in read_xtrn_cfg()
    535 } else
    536 cfg->event=NULL;
    537
    538 for(uint i=0; i<cfg->total_events; i++) {
    539 const char* name = list[i];
    540 if((cfg->event[i]=(event_t *)malloc(sizeof(event_t)))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    541 return allocerr(error, maxerrlen, fname, "event", sizeof(event_t));
    542 memset(cfg->event[i],0,sizeof(event_t));
    543 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    544
    545 SAFECOPY(cfg->event[i]->code, name + 6);
    546 SAFECOPY(cfg->event[i]->cmd, iniGetString(section, NULL, "cmd", "", value));
    /scfglib2.c: 594 in read_xtrn_cfg()
    588
    589 list = iniGetParsedSectionList(sections, "hotkey:");
    590 cfg->total_hotkeys = (uint16_t)strListCount(list);
    591
    592 if(cfg->total_hotkeys) {
    593 if((cfg->hotkey=(hotkey_t **)malloc(sizeof(hotkey_t *)*cfg->total_hotkeys))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    594 return allocerr(error, maxerrlen, fname, "hotkeys", sizeof(hotkey_t *)*cfg->total_hotkeys);
    595 } else
    596 cfg->hotkey=NULL;
    597
    598 for(uint i=0; i<cfg->total_hotkeys; i++) {
    599 const char* section = list[i];
    /scfglib2.c: 534 in read_xtrn_cfg()
    528
    529 list = iniGetParsedSectionList(sections, "event:");
    530 cfg->total_events = (uint16_t)strListCount(list);
    531
    532 if(cfg->total_events) {
    533 if((cfg->event=(event_t **)malloc(sizeof(event_t *)*cfg->total_events))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    534 return allocerr(error, maxerrlen, fname, "events", sizeof(event_t *)*cfg->total_events);
    535 } else
    536 cfg->event=NULL;
    537
    538 for(uint i=0; i<cfg->total_events; i++) {
    539 const char* name = list[i];
    /scfglib2.c: 579 in read_xtrn_cfg()
    573 } else
    574 cfg->natvpgm=NULL;
    575
    576 for(uint i=0; i<cfg->total_natvpgms; i++) {
    577 const char* name = list[i];
    578 if((cfg->natvpgm[i]=(natvpgm_t *)malloc(sizeof(natvpgm_t)))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    579 return allocerr(error, maxerrlen, fname, "natvpgm", sizeof(natvpgm_t));
    580 memset(cfg->natvpgm[i],0,sizeof(natvpgm_t));
    581 SAFECOPY(cfg->natvpgm[i]->name, name + 7);
    582 }
    583 iniFreeStringList(list);
    584
    /scfglib2.c: 455 in read_xtrn_cfg()
    449 list = iniGetParsedSectionList(sections, "sec:");
    450 cfg->total_xtrnsecs = (uint16_t)strListCount(list);
    451
    452 if(cfg->total_xtrnsecs) {
    453 if((cfg->xtrnsec=(xtrnsec_t **)malloc(sizeof(xtrnsec_t *)*cfg->total_xtrnsecs))
    454 ==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    455 return allocerr(error, maxerrlen, fname, "xtrnsecs", sizeof(xtrnsec_t *)*cfg->total_xtrnsecs);
    456 } else
    457 cfg->xtrnsec=NULL;
    458
    459 for(uint i=0; i<cfg->total_xtrnsecs; i++) {
    460 const char* name = list[i];
    /scfglib2.c: 601 in read_xtrn_cfg()
    595 } else
    596 cfg->hotkey=NULL;
    597
    598 for(uint i=0; i<cfg->total_hotkeys; i++) {
    599 const char* section = list[i];
    600 if((cfg->hotkey[i]=(hotkey_t *)malloc(sizeof(hotkey_t)))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    601 return allocerr(error, maxerrlen, fname, "hotkey", sizeof(hotkey_t));
    602 memset(cfg->hotkey[i],0,sizeof(hotkey_t));
    603
    604 cfg->hotkey[i]->key = atoi(list[i] + 7);
    605 SAFECOPY(cfg->hotkey[i]->cmd, iniGetString(ini, section, "cmd", "", value));
    606 }
    /scfglib2.c: 421 in read_xtrn_cfg()
    415
    416 str_list_t list = iniGetParsedSectionList(sections, "editor:"); 417 cfg->total_xedits = (uint16_t)strListCount(list);
    418
    419 if(cfg->total_xedits) {
    420 if((cfg->xedit=(xedit_t **)malloc(sizeof(xedit_t *)*cfg->total_xedits))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    421 return allocerr(error, maxerrlen, fname, "xedits", sizeof(xedit_t *)*cfg->total_xedits);
    422 } else
    423 cfg->xedit=NULL;
    424
    425 for(uint i=0; i<cfg->total_xedits; i++) {
    426 const char* name = list[i];
    /scfglib2.c: 572 in read_xtrn_cfg()
    566
    567 list = iniGetParsedSectionList(sections, "native:");
    568 cfg->total_natvpgms = (uint16_t)strListCount(list);
    569
    570 if(cfg->total_natvpgms) {
    571 if((cfg->natvpgm=(natvpgm_t **)malloc(sizeof(natvpgm_t *)*cfg->total_natvpgms))==NULL)
    CID 433258: (RESOURCE_LEAK)
    Variable "list" going out of scope leaks the storage it points to.
    572 return allocerr(error, maxerrlen, fname, "natvpgms", sizeof(natvpgm_t *)*cfg->total_natvpgms);
    573 } else
    574 cfg->natvpgm=NULL;
    575
    576 for(uint i=0; i<cfg->total_natvpgms; i++) {
    577 const char* name = list[i];

    ** CID 433257: Null pointer dereferences (FORWARD_NULL)
    /scfglib2.c: 314 in read_file_cfg()


    ________________________________________________________________________________________________________
    *** CID 433257: Null pointer dereferences (FORWARD_NULL)
    /scfglib2.c: 314 in read_file_cfg()
    308 *p = '\0';
    309 char* code = p + 1;
    310 int libnum = getlibnum_from_name(cfg, lib);
    311 if(!is_valid_libnum(cfg, libnum))
    312 continue;
    313
    CID 433257: Null pointer dereferences (FORWARD_NULL)
    Dereferencing null pointer "cfg->dir".
    314 if((cfg->dir[i]=(dir_t *)malloc(sizeof(dir_t)))==NULL) 315 return allocerr(error, maxerrlen, fname, "dir", sizeof(dir_t));
    316 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    317 memset(cfg->dir[i],0,sizeof(dir_t));
    318 SAFECOPY(cfg->dir[i]->code_suffix, code);
    319

    ** CID 433256: Memory - corruptions (REVERSE_NEGATIVE)
    /websrvr.c: 6401 in http_output_thread()


    ________________________________________________________________________________________________________
    *** CID 433256: Memory - corruptions (REVERSE_NEGATIVE)
    /websrvr.c: 6401 in http_output_thread()
    6395 #endif
    6396
    6397 /*
    6398 * Do *not* exit on terminate_server... wait for session thread 6399 * to close the socket and set it to INVALID_SOCKET
    6400 */
    CID 433256: Memory - corruptions (REVERSE_NEGATIVE)
    You might be using variable "session->socket" before verifying that it is >= 0.
    6401 while(session->socket!=INVALID_SOCKET) {
    6402
    6403 /* Wait for something to output in the RingBuffer */ 6404 if((avail=RingBufFull(obuf))==0) { /* empty */ 6405 if(WaitForEvent(obuf->data_event, 1000) != WAIT_OBJECT_0)
    6406 continue;

    ** CID 433255: (RESOURCE_LEAK)
    /scfglib2.c: 296 in read_file_cfg()
    /scfglib2.c: 315 in read_file_cfg()


    ________________________________________________________________________________________________________
    *** CID 433255: (RESOURCE_LEAK)
    /scfglib2.c: 296 in read_file_cfg()
    290 cfg->sysop_dir=cfg->user_dir=cfg->upload_dir=INVALID_DIR;
    291 str_list_t dir_list = iniGetParsedSectionList(sections, "dir:");
    292 cfg->total_dirs = (uint16_t)strListCount(dir_list);
    293
    294 if(cfg->total_dirs) {
    295 if((cfg->dir=(dir_t **)malloc(sizeof(dir_t *)*(cfg->total_dirs+1)))==NULL)
    CID 433255: (RESOURCE_LEAK)
    Variable "dir_list" going out of scope leaks the storage it points to. 296 return allocerr(error, maxerrlen, fname, "dirs", sizeof(dir_t *)*(cfg->total_dirs+1));
    297 } else
    298 cfg->dir=NULL;
    299
    300 cfg->total_dirs = 0;
    301 for(uint i=0; dir_list[i] != NULL; i++) {
    /scfglib2.c: 315 in read_file_cfg()
    309 char* code = p + 1;
    310 int libnum = getlibnum_from_name(cfg, lib);
    311 if(!is_valid_libnum(cfg, libnum))
    312 continue;
    313
    314 if((cfg->dir[i]=(dir_t *)malloc(sizeof(dir_t)))==NULL) >>> CID 433255: (RESOURCE_LEAK)
    Variable "dir_list" going out of scope leaks the storage it points to. 315 return allocerr(error, maxerrlen, fname, "dir", sizeof(dir_t));
    316 str_list_t section = iniGetParsedSection(sections, name, /* cut: */TRUE);
    317 memset(cfg->dir[i],0,sizeof(dir_t));
    318 SAFECOPY(cfg->dir[i]->code_suffix, code);
    319
    320 cfg->dir[i]->dirnum = i;

    ** CID 433254: Resource leaks (RESOURCE_LEAK)
    /scfglib2.c: 167 in read_file_cfg()


    ________________________________________________________________________________________________________
    *** CID 433254: Resource leaks (RESOURCE_LEAK)
    /scfglib2.c: 167 in read_file_cfg()
    161 return allocerr(error, maxerrlen, fname, "ftests", sizeof(ftest_t*)*cfg->total_ftests);
    162 } else
    163 cfg->ftest=NULL;
    164
    165 for(uint i=0; i<cfg->total_ftests; i++) {
    166 if((cfg->ftest[i]=(ftest_t *)malloc(sizeof(ftest_t)))==NULL)
    CID 433254: Resource leaks (RESOURCE_LEAK)
    Variable "ftest_list" going out of scope leaks the storage it points to.
    167 return allocerr(error, maxerrlen, fname, "ftest", sizeof(ftest_t));
    168 str_list_t section = iniGetParsedSection(sections, ftest_list[i], /* cut: */TRUE);
    169 memset(cfg->ftest[i],0,sizeof(ftest_t));
    170 SAFECOPY(cfg->ftest[i]->ext, iniGetString(section, NULL, "extension", "", value));
    171 SAFECOPY(cfg->ftest[i]->cmd, iniGetString(section, NULL, "cmd", "", value));
    172 SAFECOPY(cfg->ftest[i]->workstr, iniGetString(section, NULL, "working", "", value));

    ** CID 433253: High impact quality (Y2K38_SAFETY)
    /data_ovl.cpp: 85 in sbbs_t::putuserdatetime(int, user_field, long)()


    ________________________________________________________________________________________________________
    *** CID 433253: High impact quality (Y2K38_SAFETY)
    /data_ovl.cpp: 85 in sbbs_t::putuserdatetime(int, user_field, long)()
    79 }
    80 return true;
    81 }
    82
    83 bool sbbs_t::putuserdatetime(int usernumber, enum user_field fnum, time_t t)
    84 {
    CID 433253: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    85 int result = ::putuserdatetime(&cfg, usernumber, fnum, (time32_t)t);
    86 if(result != 0) {
    87 errormsg(WHERE, ERR_WRITE, USER_DATA_FILENAME, result);
    88 return false;
    89 }
    90 return true;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DKDXB_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDurF1YI6zrehre-2ByboPjRtzp0Uy9HxsPpEX6zuOHgkysGkYAIhBrTkr4fuqAJ-2FB9iKqhkl3PBoU8Vxw9H0mOzOUPRQ8hRzN0dT2QpcICdfJX0ngV6zwPKV-2B-2BuWPoh6viSCOhOEjV9OKJBVoKjy1pwkvK0uVxvk593QiNyE8GHMjw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, January 24, 2023 13:36:42
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 434885: Null pointer dereferences (FORWARD_NULL)
    /services.c: 720 in js_client_update()


    ________________________________________________________________________________________________________
    *** CID 434885: Null pointer dereferences (FORWARD_NULL)
    /services.c: 720 in js_client_update()
    714 inet_addrtop(&addr, client.addr, sizeof(client.addr)); 715 client.port=inet_addrport(&addr);
    716 }
    717
    718 if(argc>1) {
    719 JSVALUE_TO_MSTRING(cx, argv[1], cstr, NULL);
    CID 434885: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "cstr" to "strncpy", which dereferences it.
    720 SAFECOPY(client.user, cstr);
    721 }
    722
    723 if(argc>2)
    724 JSVALUE_TO_STRBUF(cx, argv[2], client.host, sizeof(client.host), NULL);
    725

    ** CID 434884: Null pointer dereferences (FORWARD_NULL)
    /services.c: 666 in js_client_add()


    ________________________________________________________________________________________________________
    *** CID 434884: Null pointer dereferences (FORWARD_NULL)
    /services.c: 666 in js_client_add()
    660 client.port=inet_addrport(&addr);
    661 }
    662
    663 if(argc>1) {
    664 JSVALUE_TO_MSTRING(cx, argv[1], cstr, NULL);
    665 HANDLE_PENDING(cx, cstr);
    CID 434884: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "cstr" to "strncpy", which dereferences it.
    666 SAFECOPY(client.user, cstr);
    667 }
    668
    669 if(argc>2)
    670 JSVALUE_TO_STRBUF(cx, argv[2], client.host, sizeof(client.host), NULL);
    671


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DvLhJ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBNa4gwWWzuH4YpejndlE5gsky18iXCI4AkB01pepljfQqe7LF9jGy-2FPzogJNdd8GOgQ3TnLbTyrrZZkhw2xvoNM46EZwpq7pxgwtgEEnxcRLT7VMF9VB0-2Ff-2B2KirIMbgwvbghsG43LiLS-2FF-2BCh68FdiTiQ6aMChynPzZbnhEv4cw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, January 25, 2023 13:37:01
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    11 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 434888: Uninitialized variables (UNINIT)
    /xtrn.cpp: 1370 in sbbs_t::external(const char *, long, const char *)()


    ________________________________________________________________________________________________________
    *** CID 434888: Uninitialized variables (UNINIT)
    /xtrn.cpp: 1370 in sbbs_t::external(const char *, long, const char *)()
    1364 if(startup_dir!=NULL && startup_dir[0]) {
    1365 SAFECOPY(str, startup_dir);
    1366 *lastchar(str) = 0;
    1367 SAFECOPY(gamedir, getfname(str));
    1368 }
    1369
    CID 434888: Uninitialized variables (UNINIT)
    Using uninitialized value "*gamedir".
    1370 if(*gamedir == 0) {
    1371 lprintf(LOG_ERR, "No startup directory configured for DOS command-line: %s", cmdline);
    1372 fclose(dosemubatfp);
    1373 return -1;
    1374 }
    1375


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Di5Wp_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCu-2BeyEJW9rE8BW4LDJPQ2W2Wvs6n0p1O-2Fo9AM1iUao-2F2dlnwxD-2FRtUP2nmCEvhxiitStz1ds8-2B9EaUt0OTDXr5sDsyoKOngliXhJ9VISshWIOON7LUlF3dVpV2T8YLPOtt-2BDQXU15hmmSHz-2FmlMcFUnz-2Fr7tGDaZQcVs-2F9URbkGQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, January 30, 2023 13:36:32
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 435652: High impact quality (Y2K38_SAFETY)
    /logfile.cpp: 46 in hacklog()


    ________________________________________________________________________________________________________
    *** CID 435652: High impact quality (Y2K38_SAFETY)
    /logfile.cpp: 46 in hacklog()
    40 return false;
    41
    42 inet_addrtop(addr, ip, sizeof(ip));
    43 fprintf(fp,"SUSPECTED %s HACK ATTEMPT for user '%s' on %.24s%sUsing port %u at %s [%s]%s"
    44 ,prot
    45 ,user
    CID 435652: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "now" is cast to "time32_t".
    46 ,timestr(cfg, (time32_t)now, tstr)
    47 ,log_line_ending
    48 ,inet_addrport(addr)
    49 ,host
    50 ,ip
    51 ,log_line_ending

    ** CID 435651: High impact quality (Y2K38_SAFETY)
    /logfile.cpp: 102 in spamlog()


    ________________________________________________________________________________________________________
    *** CID 435651: High impact quality (Y2K38_SAFETY)
    /logfile.cpp: 102 in spamlog()
    96 if(from==NULL)
    97 from=host;
    98
    99 fprintf(fp, "SUSPECTED %s SPAM %s on %.24s%sHost: %s [%s]%sFrom: %.128s %s%s"
    100 ,prot
    101 ,action
    CID 435651: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "now" is cast to "time32_t".
    102 ,timestr(cfg, (time32_t)now, tstr)
    103 ,log_line_ending
    104 ,host
    105 ,ip_addr
    106 ,log_line_ending
    107 ,from


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DrmwL_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD1h-2BJFDuaPIzN3MjUxXvYYHQg-2Fq-2FfU-2Fa0iL0wmBIUr-2BFn-2Bh5d5qL-2FdY2FQedxymvZp-2Fl55lN-2BSO3rsaz-2BpIvPpEo8wZX8gGIoIufwknwcoNkG-2FC8e4PiByeZMHapM18xVRoUJvvlaXk0sHvmcwKAwJTorTghaXM6HlUMk6GBouCg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, February 13, 2023 13:37:11
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 436064: Error handling issues (CHECKED_RETURN)
    /scfg/scfg.c: 2266 in bail()


    ________________________________________________________________________________________________________
    *** CID 436064: Error handling issues (CHECKED_RETURN)
    /scfg/scfg.c: 2266 in bail()
    2260 if(code) {
    2261 printf("\nHit enter to continue...");
    2262 (void)getchar();
    2263 }
    2264 else if(forcesave) {
    2265 load_main_cfg(&cfg, error, sizeof(error));
    CID 436064: Error handling issues (CHECKED_RETURN)
    Calling "load_msgs_cfg" without checking return value (as is done elsewhere 4 out of 5 times).
    2266 load_msgs_cfg(&cfg, error, sizeof(error));
    2267 load_file_cfg(&cfg, error, sizeof(error));
    2268 load_chat_cfg(&cfg, error, sizeof(error));
    2269 load_xtrn_cfg(&cfg, error, sizeof(error));
    2270 cfg.new_install=new_install;
    2271 save_main_cfg(&cfg,backup_level);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DD5MO_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDTaDtSmOw-2Bk-2F2GY9-2Fd2mdj1kV98qMuZQMWgSaq-2FKJTpW1JmDNOWTqgrbhAT5Uu1FeAUx9pihjmNzRCgsVATSDaJVNi1-2Fy70syPCKRY-2FmYivvscQV3ejVXXYul1-2BVLFI3iZ6Tr68ZR3M-2FuWbVS2FOTtToDy4GMZVGnWexi0ASRqfA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, February 19, 2023 13:37:56
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    21 new defect(s) introduced to Synchronet found with Coverity Scan.
    16 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 21 defect(s)


    ** CID 436320: (SIGN_EXTENSION)
    /writemsg.cpp: 679 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    /writemsg.cpp: 680 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    /writemsg.cpp: 657 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    /writemsg.cpp: 294 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    /writemsg.cpp: 656 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 436320: (SIGN_EXTENSION)
    /writemsg.cpp: 679 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    673 *editor = "Synchronet msgeditor " GIT_BRANCH "/" GIT_HASH;
    674
    675 buf[0]=0;
    676 if(linesquoted || draft_restored) {
    677 if((file=nopen(msgtmp,O_RDONLY))!=-1) {
    678 length=(long)filelength(file);
    CID 436320: (SIGN_EXTENSION)
    Suspicious implicit sign extension: "this->cfg.level_linespermsg[useron_level]" with type "uint16_t" (16 bits, unsigned) is promoted in "this->cfg.level_linespermsg[useron_level] * (this->cols - 1) - 1" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "this->cfg.level_linespermsg[useron_level] * (this->cols - 1) - 1" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
    679 l=length>(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-1
    680 ? (cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-1 : length;
    681 lread(file,buf,l);
    682 buf[l]=0;
    683 close(file);
    684 // remove(msgtmp);
    /writemsg.cpp: 680 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    674
    675 buf[0]=0;
    676 if(linesquoted || draft_restored) {
    677 if((file=nopen(msgtmp,O_RDONLY))!=-1) {
    678 length=(long)filelength(file);
    679 l=length>(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-1
    CID 436320: (SIGN_EXTENSION)
    Suspicious implicit sign extension: "this->cfg.level_linespermsg[useron_level]" with type "uint16_t" (16 bits, unsigned) is promoted in "this->cfg.level_linespermsg[useron_level] * (this->cols - 1) - 1" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "this->cfg.level_linespermsg[useron_level] * (this->cols - 1) - 1" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
    680 ? (cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-1 : length;
    681 lread(file,buf,l);
    682 buf[l]=0;
    683 close(file);
    684 // remove(msgtmp);
    685 }
    /writemsg.cpp: 657 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    651 free(buf);
    652 return false;
    653 }
    654 l=strlen((char *)buf); /* reserve space for top and terminating null */
    655 /* truncate if too big */
    656 if(length>(long)((cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1))) {
    CID 436320: (SIGN_EXTENSION)
    Suspicious implicit sign extension: "this->cfg.level_linespermsg[useron_level]" with type "uint16_t" (16 bits, unsigned) is promoted in "this->cfg.level_linespermsg[useron_level] * (this->cols - 1)" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "this->cfg.level_linespermsg[useron_level] * (this->cols - 1)" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
    657 length=(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1);
    658 bputs(text[OutOfBytes]);
    659 }
    660 long rd = read(file,buf+l,length);
    661 close(file);
    662 if(rd != length) {
    /writemsg.cpp: 294 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    288
    289 useron_level=useron.level;
    290
    291 if(editor!=NULL)
    292 *editor=NULL;
    293
    CID 436320: (SIGN_EXTENSION)
    Suspicious implicit sign extension: "this->cfg.level_linespermsg[useron_level]" with type "uint16_t" (16 bits, unsigned) is promoted in "this->cfg.level_linespermsg[useron_level] * (this->cols - 1) + 1" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "this->cfg.level_linespermsg[useron_level] * (this->cols - 1) + 1" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
    294 if((buf=(char*)malloc((cfg.level_linespermsg[useron_level]*MAX_LINE_LEN) + 1))
    295 ==NULL) {
    296 errormsg(WHERE,ERR_ALLOC,fname
    297 ,(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN) +1);
    298 return(false);
    299 }
    /writemsg.cpp: 656 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    650 errormsg(WHERE, ERR_LEN, msgtmp, length);
    651 free(buf);
    652 return false;
    653 }
    654 l=strlen((char *)buf); /* reserve space for top and terminating null */
    655 /* truncate if too big */
    CID 436320: (SIGN_EXTENSION)
    Suspicious implicit sign extension: "this->cfg.level_linespermsg[useron_level]" with type "uint16_t" (16 bits, unsigned) is promoted in "this->cfg.level_linespermsg[useron_level] * (this->cols - 1)" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "this->cfg.level_linespermsg[useron_level] * (this->cols - 1)" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
    656 if(length>(long)((cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1))) {
    657 length=(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1);
    658 bputs(text[OutOfBytes]);
    659 }
    660 long rd = read(file,buf+l,length);
    661 close(file);

    ** CID 436319: High impact quality (Y2K38_SAFETY)
    /qwktomsg.cpp: 49 in qwk_parse_header_list(sbbs_t *, unsigned int, smbmsg_t *, char ***, bool, bool)()


    ________________________________________________________________________________________________________
    *** CID 436319: High impact quality (Y2K38_SAFETY)
    /qwktomsg.cpp: 49 in qwk_parse_header_list(sbbs_t *, unsigned int, smbmsg_t *, char ***, bool, bool)()
    43 msg->hdr.auxattr |= MSG_HFIELDS_UTF8;
    44 }
    45
    46 if((p=iniPopKey(headers,ROOT_SECTION,"WhenWritten",value))!=NULL) {
    47 xpDateTime_t dt=isoDateTimeStr_parse(p);
    48
    CID 436319: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "xpDateTime_to_localtime(dt)" is cast to "uint32_t".
    49 msg->hdr.when_written.time=(uint32_t)xpDateTime_to_localtime(dt);
    50 msg->hdr.when_written.zone=dt.zone;
    51 sscanf(p,"%*s %s",zone);
    52 if(zone[0])
    53 msg->hdr.when_written.zone=(ushort)strtoul(zone,NULL,16);
    54 }

    ** CID 436318: Error handling issues (CHECKED_RETURN)
    /tmp_xfer.cpp: 88 in sbbs_t::create_filelist(const char *, int)()


    ________________________________________________________________________________________________________
    *** CID 436318: Error handling issues (CHECKED_RETURN)
    /tmp_xfer.cpp: 88 in sbbs_t::create_filelist(const char *, int)()
    82 if(k)
    83 bprintf(text[CreatedFileList],name);
    84 else {
    85 if(online == ON_REMOTE)
    86 bputs(text[NoFiles]);
    87 SAFEPRINTF2(str,"%s%s",cfg.temp_dir,name);
    CID 436318: Error handling issues (CHECKED_RETURN)
    Calling "remove(str)" without checking return value. This library function may fail and return an error code.
    88 remove(str);
    89 }
    90 return(k);
    91 }
    92
    93 /****************************************************************************/

    ** CID 436317: High impact quality (Y2K38_SAFETY)
    /qwktomsg.cpp: 198 in sbbs_t::qwk_new_msg(unsigned int, smbmsg_t *, char *, int, char **, bool)()


    ________________________________________________________________________________________________________
    *** CID 436317: High impact quality (Y2K38_SAFETY)
    /qwktomsg.cpp: 198 in sbbs_t::qwk_new_msg(unsigned int, smbmsg_t *, char *, int, char **, bool)()
    192 tm.tm_year=((hdrblk[14]&0xf)*10)+(hdrblk[15]&0xf);
    193 if(tm.tm_year<Y2K_2DIGIT_WINDOW)
    194 tm.tm_year+=100;
    195 tm.tm_hour=((hdrblk[16]&0xf)*10)+(hdrblk[17]&0xf);
    196 tm.tm_min=((hdrblk[19]&0xf)*10)+(hdrblk[20]&0xf);
    197
    CID 436317: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "sane_mktime(&tm)" is cast to "uint32_t".
    198 msg->hdr.when_written.time=(uint32_t)sane_mktime(&tm); 199 }
    200
    201 if(msg->to==NULL)
    202 smb_hfield_str(msg,RECIPIENT,strip_ctrl(to, to));
    203

    ** CID 436316: Error handling issues (CHECKED_RETURN)
    /netmail.cpp: 1382 in sbbs_t::qnetmail(const char *, const char *, int, smb_t *, smbmsg_t *)()


    ________________________________________________________________________________________________________
    *** CID 436316: Error handling issues (CHECKED_RETURN)
    /netmail.cpp: 1382 in sbbs_t::qnetmail(const char *, const char *, int, smb_t *, smbmsg_t *)()
    1376 smb_close(&smb);
    1377 smb_stack(&smb,SMB_STACK_POP);
    1378 errormsg(WHERE,ERR_OPEN,msgpath,O_RDONLY|O_BINARY); 1379 return(false);
    1380 }
    1381
    CID 436316: Error handling issues (CHECKED_RETURN)
    Calling "fseeko(this->smb.sdt_fp, offset, 0)" without checking return value. This library function may fail and return an error code.
    1382 fseeko(smb.sdt_fp,offset,SEEK_SET);
    1383 xlat=XLAT_NONE;
    1384 fwrite(&xlat,2,1,smb.sdt_fp);
    1385 x=SDT_BLOCK_LEN-2; /* Don't read/write more than 255 */
    1386 while(!feof(instream)) {
    1387 memset(buf,0,x);

    ** CID 436315: Code maintainability issues (UNUSED_VALUE)
    /str.cpp: 406 in sbbs_t::sof(char *, char *, int)()


    ________________________________________________________________________________________________________
    *** CID 436315: Code maintainability issues (UNUSED_VALUE)
    /str.cpp: 406 in sbbs_t::sof(char *, char *, int)()
    400 max=max*10+(buf[++m]&0xf);
    401 }
    402 if(buf[m+1]=='.' && IS_DIGIT(buf[m+2])) {
    403 m++;
    404 min=buf[++m]&0xf;
    405 if(IS_DIGIT(buf[m+1]))
    CID 436315: Code maintainability issues (UNUSED_VALUE)
    Assigning value from "min * 10 + (buf[++m] & 0xf)" to "min" here, but that stored value is overwritten before it can be used.
    406 min=min*10+(buf[++m]&0xf);
    407 }
    408 if(buf[m+1]=='"') {
    409 max=0;
    410 m++;
    411 while(buf[++m]!='"' && max<80)

    ** CID 436314: (RESOURCE_LEAK)
    /xtrn.cpp: 1692 in sbbs_t::external(const char *, int, const char *)() /xtrn.cpp: 1692 in sbbs_t::external(const char *, int, const char *)()


    ________________________________________________________________________________________________________
    *** CID 436314: (RESOURCE_LEAK)
    /xtrn.cpp: 1692 in sbbs_t::external(const char *, int, const char *)()
    1686 dup2(fd, STDOUT_FILENO);
    1687 if(!(mode&EX_NOLOG))
    1688 dup2(fd, STDERR_FILENO);
    1689 if (fd > 2)
    1690 close(fd);
    1691 }
    CID 436314: (RESOURCE_LEAK)
    Handle variable "fd" going out of scope leaks the handle.
    1692 }
    1693
    1694 if(mode&EX_BG) /* background execution, detach child */
    1695 {
    1696 lprintf(LOG_INFO,"Detaching external process"); 1697 daemon(TRUE,FALSE);
    /xtrn.cpp: 1692 in sbbs_t::external(const char *, int, const char *)()
    1686 dup2(fd, STDOUT_FILENO);
    1687 if(!(mode&EX_NOLOG))
    1688 dup2(fd, STDERR_FILENO);
    1689 if (fd > 2)
    1690 close(fd);
    1691 }
    CID 436314: (RESOURCE_LEAK)
    Handle variable "fd" going out of scope leaks the handle.
    1692 }
    1693
    1694 if(mode&EX_BG) /* background execution, detach child */
    1695 {
    1696 lprintf(LOG_INFO,"Detaching external process"); 1697 daemon(TRUE,FALSE);

    ** CID 436313: (OVERRUN)
    /main.cpp: 4367 in node_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 436313: (OVERRUN)
    /main.cpp: 4383 in node_thread(void *)()
    4377
    4378 curshell=sbbs->useron.shell;
    4379 sbbs->main_csi.ip=sbbs->main_csi.cs; 4380 sbbs->menu_dir[0]=0;
    4381 sbbs->menu_file[0]=0;
    4382 }
    CID 436313: (OVERRUN)
    Calling "exec" with "sbbs->main_csi.cs" and "sbbs->main_csi.length" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned.
    4383 if(sbbs->exec(&sbbs->main_csi))
    4384 break;
    4385 }
    4386 listRemoveTaggedNode(&current_logins, sbbs->cfg.node_num, /* free_data */TRUE);
    4387 }
    4388
    /main.cpp: 4367 in node_thread(void *)()
    4361 close(file);
    4362 sbbs->errormsg(WHERE,ERR_ALLOC,str,sbbs->main_csi.length);
    4363 sbbs->hangup();
    4364 break;
    4365 }
    4366
    CID 436313: (OVERRUN)
    Calling "read" with "sbbs->main_csi.cs" and "sbbs->main_csi.length" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned. [Note: The source code implementation of the function has been overridden by a builtin model.]
    4367 if(lread(file,sbbs->main_csi.cs,sbbs->main_csi.length)
    4368 !=(int)sbbs->main_csi.length) { 4369 sbbs->errormsg(WHERE,ERR_READ,str,sbbs->main_csi.length);
    4370 close(file);
    4371 free(sbbs->main_csi.cs);
    4372 sbbs->main_csi.cs=NULL;

    ** CID 436312: Error handling issues (CHECKED_RETURN)
    /xtrn.cpp: 1750 in sbbs_t::external(const char *, int, const char *)()


    ________________________________________________________________________________________________________
    *** CID 436312: Error handling issues (CHECKED_RETURN)
    /xtrn.cpp: 1750 in sbbs_t::external(const char *, int, const char *)()
    1744 write(in_pipe[1],buf,wr);
    1745 }
    1746
    1747 bp=buf;
    1748 i=0;
    1749 if(mode&EX_NOLOG)
    CID 436312: Error handling issues (CHECKED_RETURN)
    Calling "poll(fds, 1UL, 1)" without checking return value. This library function may fail and return an error code. [Note: The source code implementation of the function has been overridden by a builtin model.]
    1750 poll(fds, 1, 1);
    1751 else {
    1752 while (poll(fds, 2, 1) > 0 && (fds[1].revents)
    1753 && (i < (int)sizeof(buf) - 1)) { 1754 if((rd=read(err_pipe[0],bp,1))>0) {
    1755 i+=rd;

    ** CID 436311: (OVERRUN)
    /exec.cpp: 812 in sbbs_t::exec_bin(const char *, csi_t *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 436311: (OVERRUN)
    /exec.cpp: 812 in sbbs_t::exec_bin(const char *, csi_t *, const char *)()
    806 }
    807 if((bin.cs=(uchar *)malloc(bin.length))==NULL) {
    808 close(file);
    809 errormsg(WHERE,ERR_ALLOC,str,bin.length);
    810 return(-1);
    811 }
    CID 436311: (OVERRUN)
    Calling "read" with "bin.cs" and "bin.length" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned. [Note: The source code implementation of the function has been overridden by a builtin model.]
    812 if(lread(file,bin.cs,bin.length)!=(ssize_t)bin.length) {
    813 close(file);
    814 errormsg(WHERE,ERR_READ,str,bin.length);
    815 free(bin.cs);
    816 return(-1);
    817 }
    /exec.cpp: 825 in sbbs_t::exec_bin(const char *, csi_t *, const char *)()
    819
    820 bin.ip=bin.cs;
    821 bin.rets=0;
    822 bin.cmdrets=0;
    823 bin.misc=0;
    824
    CID 436311: (OVERRUN)
    Calling "exec" with "bin.cs" and "bin.length" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned.
    825 while(exec(&bin)==0)
    826 if(!(bin.misc&CS_OFFLINE_EXEC)) {
    827 checkline();
    828 if(!online)
    829 break;
    830 }

    ** CID 436310: High impact quality (Y2K38_SAFETY)
    /xtrn_sec.cpp: 1114 in sbbs_t::moduserdat(unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 436310: High impact quality (Y2K38_SAFETY)
    /xtrn_sec.cpp: 1114 in sbbs_t::moduserdat(unsigned int)()
    1108 useron.level=(uint8_t)i;
    1109 putuserdec32(useron.number, USER_LEVEL, useron.level);
    1110 }
    1111 lseek(file,75,SEEK_CUR); /* read in expiration date */
    1112 read(file,&i,2); /* convert from julian to unix */
    1113 i = LE_INT(i);
    CID 436310: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "juliantounix(i)" is cast to "time32_t".
    1114 useron.expire=(time32_t)juliantounix(i);
    1115 putuserdatetime(useron.number, USER_EXPIRE, useron.expire);
    1116 }
    1117 close(file);
    1118 }
    1119 return;

    ** CID 436309: Error handling issues (CHECKED_RETURN)
    /qwk.cpp: 294 in sbbs_t::qwk_success(unsigned int, char, char)()


    ________________________________________________________________________________________________________
    *** CID 436309: Error handling issues (CHECKED_RETURN)
    /qwk.cpp: 294 in sbbs_t::qwk_success(unsigned int, char, char)()
    288 SAFECOPY(str, "downloaded QWK packet");
    289 logline("D-",str);
    290 posts_read+=msgcnt;
    291
    292 sprintf(str,"%sfile/%04u.qwk",cfg.data_dir,useron.number);
    293 if(fexistcase(str))
    CID 436309: Error handling issues (CHECKED_RETURN)
    Calling "remove(str)" without checking return value. This library function may fail and return an error code.
    294 remove(str);
    295
    296 if(!bi) {
    297 batch_download(-1);
    298 delfiles(cfg.temp_dir,ALLFILES);
    299 }

    ** CID 436308: (CHECKED_RETURN)
    /pack_qwk.cpp: 619 in sbbs_t::pack_qwk(char *, unsigned int *, bool)() /pack_qwk.cpp: 745 in sbbs_t::pack_qwk(char *, unsigned int *, bool)() /pack_qwk.cpp: 733 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()


    ________________________________________________________________________________________________________
    *** CID 436308: (CHECKED_RETURN)
    /pack_qwk.cpp: 619 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    613 fclose(voting);
    614 }
    615 if(personal) {
    616 fclose(personal); /* close PERSONAL.NDX */
    617 SAFEPRINTF(str,"%sPERSONAL.NDX",cfg.temp_dir);
    618 if(!flength(str))
    CID 436308: (CHECKED_RETURN)
    Calling "remove(str)" without checking return value. This library function may fail and return an error code.
    619 remove(str);
    620 }
    621 CRLF;
    622
    623 if(!prepack && online!=ON_LOCAL && ((sys_status&SS_ABORT) || !online)) {
    624 bputs(text[Aborted]);
    /pack_qwk.cpp: 745 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    739 if(file_count < 0)
    740 lprintf(LOG_ERR, "libarchive error (%s) creating %s", error, packet);
    741 else
    742 lprintf(LOG_INFO, "libarchive created %s from %d files", packet, file_count);
    743 }
    744 if(flength(packet) < 1) {
    CID 436308: (CHECKED_RETURN)
    Calling "remove(packet)" without checking return value. This library function may fail and return an error code.
    745 remove(packet);
    746 if((i = external(cmdstr(temp_cmd(),packet,path,NULL), ex|EX_WILDCARD)) != 0)
    747 errormsg(WHERE,ERR_EXEC,cmdstr(temp_cmd(),packet,path,NULL),i);
    748 if(flength(packet) < 1) {
    749 bputs(text[QWKCompressionFailed]);
    750 return(false);
    /pack_qwk.cpp: 733 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    727 }
    728 }
    729
    730 /*******************/
    731 /* Compress Packet */
    732 /*******************/
    CID 436308: (CHECKED_RETURN)
    Calling "remove(packet)" without checking return value. This library function may fail and return an error code.
    733 remove(packet);
    734 SAFEPRINTF2(path,"%s%s",cfg.temp_dir,ALLFILES);
    735 if(strListFind((str_list_t)supported_archive_formats, useron.tmpext, /* case_sensitive */FALSE) >= 0) {
    736 str_list_t file_list = directory(path);
    737 int file_count = create_archive(packet, useron.tmpext, /* with_path: */false, file_list, error, sizeof(error));
    738 strListFree(&file_list);

    ** CID 436307: High impact quality (Y2K38_SAFETY)
    /main.cpp: 4407 in node_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 436307: High impact quality (Y2K38_SAFETY)
    /main.cpp: 4407 in node_thread(void *)()
    4401 time_t now = time(NULL);
    4402 SAFEPRINTF(str, "%sclient.ini", sbbs->cfg.node_dir);
    4403 FILE* fp = fopen(str, "at");
    4404 if(fp != NULL) {
    4405 fprintf(fp, "user=%u\n", sbbs->useron.number);
    4406 fprintf(fp, "name=%s\n", sbbs->useron.alias);
    CID 436307: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "now" is cast to "uint".
    4407 fprintf(fp, "done=%u\n", (uint)now);
    4408 fclose(fp);
    4409 }
    4410
    4411 if(sbbs->sys_status&SS_DAILY) { // New day, run daily events/maintenance
    4412 sbbs->daily_maint();

    ** CID 436306: High impact quality (Y2K38_SAFETY)
    /atcodes.cpp: 1235 in sbbs_t::atcode(char *, char *, unsigned long, int *, bool, JSObject *)()


    ________________________________________________________________________________________________________
    *** CID 436306: High impact quality (Y2K38_SAFETY)
    /atcodes.cpp: 1235 in sbbs_t::atcode(char *, char *, unsigned long, int *, bool, JSObject *)()
    1229 f = (float)useron.dls / useron.uls;
    1230 safe_snprintf(str, maxlen, "%u", f ? (uint)(100 / f) : 0);
    1231 return str;
    1232 }
    1233
    1234 if(!strcmp(sp,"LASTNEW"))
    CID 436306: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->ns_time" is cast to "time32_t".
    1235 return(unixtodstr(&cfg,(time32_t)ns_time,str));
    1236
    1237 if(strncmp(sp, "LASTNEW:", 8) == 0) {
    1238 sp += 8;
    1239 c_unescape_str(sp);
    1240 memset(&tm, 0, sizeof(tm));

    ** CID 436305: (Y2K38_SAFETY)
    /pack_qwk.cpp: 128 in sbbs_t::pack_qwk(char *, unsigned int *, bool)() /pack_qwk.cpp: 598 in sbbs_t::pack_qwk(char *, unsigned int *, bool)() /pack_qwk.cpp: 603 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()


    ________________________________________________________________________________________________________
    *** CID 436305: (Y2K38_SAFETY)
    /pack_qwk.cpp: 128 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    122 errormsg(WHERE,ERR_OPEN,str,0);
    123 return(false);
    124 }
    125
    126 now=time(NULL);
    127 if(localtime_r(&now,&tm)==NULL) {
    CID 436305: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->now" is cast to "uint".
    128 errormsg(WHERE, ERR_CHK, "time", (uint)now); 129 return(false);
    130 }
    131
    132 fprintf(stream,"%s\r\n%s\r\n%s\r\n%s, Sysop\r\n0000,%s\r\n"
    133 "%02u-%02u-%u,%02u:%02u:%02u\r\n" /pack_qwk.cpp: 598 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    592 byte_estimate_to_str(ftell(qwk), tmp, sizeof(tmp), 1024, 1);
    593 if(online == ON_REMOTE)
    594 bprintf("\r\n\r\n\1n\1hPacked %u messages (%s bytes) in %u seconds "
    595 "(%lu messages/second)."
    596 ,(*msgcnt)+mailmsgs
    597 ,tmp
    CID 436305: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "elapsed" is cast to "uint".
    598 ,(uint)elapsed
    599 ,((*msgcnt)+mailmsgs) / elapsed);
    600 lprintf(LOG_INFO, "packed %u messages (%s bytes) in %u seconds (%u msgs/sec)"
    601 ,(*msgcnt)+mailmsgs
    602 ,tmp
    603 ,(uint)elapsed
    /pack_qwk.cpp: 603 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    597 ,tmp
    598 ,(uint)elapsed
    599 ,((*msgcnt)+mailmsgs) / elapsed);
    600 lprintf(LOG_INFO, "packed %u messages (%s bytes) in %u seconds (%u msgs/sec)"
    601 ,(*msgcnt)+mailmsgs
    602 ,tmp
    CID 436305: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "elapsed" is cast to "uint".
    603 ,(uint)elapsed
    604 ,(uint)(((*msgcnt)+mailmsgs)/elapsed));
    605 }
    606
    607 BOOL voting_data = FALSE;
    608 fclose(qwk); /* close MESSAGE.DAT */

    ** CID 436304: Error handling issues (CHECKED_RETURN)
    /writemsg.cpp: 242 in sbbs_t::process_edited_file(const char *, const char *, int, unsigned int *, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 436304: Error handling issues (CHECKED_RETURN)
    /writemsg.cpp: 242 in sbbs_t::process_edited_file(const char *, const char *, int, unsigned int *, unsigned int)()
    236 if((fp=fopen(src,"rb"))==NULL) {
    237 free(buf);
    238 return -3;
    239 }
    240
    241 memset(buf,0,len+1);
    CID 436304: Error handling issues (CHECKED_RETURN)
    "fread(void * restrict, size_t, size_t, FILE * restrict)" returns the number of bytes read, but it is ignored.
    242 fread(buf,len,sizeof(char),fp);
    243 fclose(fp);
    244
    245 if((fp=fopen(dest,"wb"))!=NULL) {
    246 len=process_edited_text(buf, fp, mode, lines, maxlines);
    247 fclose(fp);

    ** CID 436303: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 436303: Uninitialized variables (UNINIT)
    /readmsgs.cpp: 218 in sbbs_t::loadposts(unsigned int *, unsigned int, unsigned int, int, unsigned int *, unsigned int *)()
    212 if(idx.to!=namecrc && idx.from!=namecrc
    213 && idx.to!=aliascrc && idx.from!=aliascrc
    214 && (useron.number!=1 || idx.to!=sysop)) 215 continue;
    216 msg.idx=idx;
    217 if(!smb_lockmsghdr(&smb,&msg)) {
    CID 436303: Uninitialized variables (UNINIT)
    Using uninitialized value "msg.idx_offset" when calling "smb_getmsghdr".
    218 if(!smb_getmsghdr(&smb,&msg)) {
    219 if(stricmp(msg.to,useron.alias) 220 && stricmp(msg.from,useron.alias)
    221 && stricmp(msg.to,useron.name)
    222 && stricmp(msg.from,useron.name)
    223 && (useron.number!=1 || stricmp(msg.to,"sysop")

    ** CID 436302: Memory - illegal accesses (STRING_NULL)
    /telgate.cpp: 194 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char *, char *, char *)()


    ________________________________________________________________________________________________________
    *** CID 436302: Memory - illegal accesses (STRING_NULL)
    /telgate.cpp: 194 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char *, char *, char *)()
    188 l=K_CHAT;
    189 if(!(mode&TG_ECHO))
    190 l|=K_NOECHO;
    191 rd=getstr((char*)buf,sizeof(buf)-1,l);
    192 if(!rd)
    193 continue;
    CID 436302: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
    194 SAFECAT(buf,crlf);
    195 rd+=2;
    196 gotline=true;
    197 }
    198 if((mode&TG_CRLF) && buf[rd-1]=='\r') 199 buf[rd++]='\n';

    ** CID 436301: Insecure data handling (TAINTED_SCALAR)


    ________________________________________________________________________________________________________
    *** CID 436301: Insecure data handling (TAINTED_SCALAR)
    /writemsg.cpp: 752 in sbbs_t::writemsg(const char *, const char *, char *, int, unsigned int, const char *, const char *, const char **, const char **)()
    746 while(!feof(tag)) {
    747 if(!fgets(str,sizeof(str),tag)) 748 break;
    749 truncsp(str);
    750 if(utf8) {
    751 char buf[sizeof(str)*4];
    CID 436301: Insecure data handling (TAINTED_SCALAR)
    Passing tainted expression "str" to "cp437_to_utf8_str", which uses it as an offset.
    752 cp437_to_utf8_str(str, buf, sizeof(buf) - 1, /* minval: */'\x02');
    753 l+=fprintf(stream,"%s\r\n", buf);
    754 } else
    755 l+=fprintf(stream,"%s\r\n",str);
    756 lines++; /* line counter */
    757 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Drgn4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBgI3c58nn-2BM3pe4vcfOmT008rEPNCgcySL-2BxLmEpv67QM-2F5FYfBWKXdLuapzG8Uw08lzNE-2FII55Z3TUX6jcFlwAq3AECQ-2BNvq5LcItSQXmz87wTP5IweENV-2Fec52OWXZ5z-2Bkfj7gccdDWHh5Lsy5qHClX0MJc5hcJeyhGduvOrMQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, February 21, 2023 13:36:08
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 436563: High impact quality (Y2K38_SAFETY) /tmp/sbbs-Feb-21-2023/src/smblib/smblib.c: 2033 in smb_create()


    ________________________________________________________________________________________________________
    *** CID 436563: High impact quality (Y2K38_SAFETY) /tmp/sbbs-Feb-21-2023/src/smblib/smblib.c: 2033 in smb_create()
    2027 rewind(smb->sid_fp);
    2028 if(chsize(fileno(smb->sid_fp),0L) != 0)
    2029 return SMB_ERR_TRUNCATE;
    2030
    2031 SAFEPRINTF(str,"%s.ini",smb->file);
    2032 if((fp = fopen(str, "w")) != NULL) {
    CID 436563: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "int".
    2033 fprintf(fp, "Created = 0x%x\n", (int)time(NULL));
    2034 fclose(fp);
    2035 }
    2036 SAFEPRINTF(str,"%s.sda",smb->file);
    2037 (void)remove(str); /* if it exists, delete it */
    2038 SAFEPRINTF(str,"%s.sha",smb->file);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D6NZ4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrB-2BSws-2BCbxlcVNPlCMlu3BJhlBm9ihxGUC5HVYM0IVOs04Kz9bZ0eoogx9vF3V4RK7H-2FAqguVEOaGqUDhn-2BkizHNIhtSAreEeh-2FFRCp4Cd-2BnjQP8DEfNeZ9f9ZPjHBz4mF3SSPlmrjqNIqJn1YzLbAFkkez3JgMfD0h7jKBCjInFw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, March 05, 2023 13:47:46
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 446269: Error handling issues (CHECKED_RETURN)
    /download.cpp: 118 in sbbs_t::protocol(prot_t *, XFER_TYPE, const char *, const char *, bool, bool, long *)()


    ________________________________________________________________________________________________________
    *** CID 446269: Error handling issues (CHECKED_RETURN)
    /download.cpp: 118 in sbbs_t::protocol(prot_t *, XFER_TYPE, const char *, const char *, bool, bool, long *)()
    112 char msg[256];
    113 int i;
    114 long ex_mode;
    115 FILE* stream;
    116
    117 SAFEPRINTF(protlog,"%sPROTOCOL.LOG",cfg.node_dir);
    CID 446269: Error handling issues (CHECKED_RETURN)
    Calling "remove(protlog)" without checking return value. This library function may fail and return an error code.
    118 remove(protlog); /* Deletes the protocol log */
    119 autohang=false;
    120 if(autohangup) {
    121 if(useron.misc&AUTOHANG)
    122 autohang=true;
    123 else if(text[HangUpAfterXferQ][0])

    ** CID 446268: High impact quality (Y2K38_SAFETY)
    /download.cpp: 75 in sbbs_t::notdownloaded(long, long)()


    ________________________________________________________________________________________________________
    *** CID 446268: High impact quality (Y2K38_SAFETY)
    /download.cpp: 75 in sbbs_t::notdownloaded(long, long)()
    69 /****************************************************************************/
    70 void sbbs_t::notdownloaded(off_t size, time_t elapsed)
    71 {
    72 char str[256],tmp2[256];
    73 char tmp[512];
    74
    CID 446268: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "elapsed" is cast to "uint".
    75 SAFEPRINTF2(str,"Estimated Time: %s Transfer Time: %s"
    76 ,sectostr(cur_cps ? (uint)(size/cur_cps) : 0,tmp)
    77 ,sectostr((uint)(elapsed),tmp2));
    78 logline(nulstr,str);
    79 if(cfg.leech_pct && cur_cps /* leech detection */
    80 && elapsed>=cfg.leech_sec


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D0CIb_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDsLibgv2fl5LZs5fAQNGsZiCzF58zgFnZOT-2BlAwIBwcfoIFtkbk55EV3j6VxmkZw2I9Fj-2BLI35zSUrIN0KShaRGuiHzricb5Wsx-2BB-2BhnhGtOrWPGOz2109TMcJgLBqc5aFWaJOutaTnzR1bYeWA4E8s00cQ8HSd2ZyQUokgP9TtQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, March 21, 2023 12:39:57
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 451020: Resource leaks (RESOURCE_LEAK)
    /pack_qwk.cpp: 130 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()


    ________________________________________________________________________________________________________
    *** CID 451020: Resource leaks (RESOURCE_LEAK)
    /pack_qwk.cpp: 130 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    124 return(false);
    125 }
    126
    127 now=time(NULL);
    128 if(localtime_r(&now,&tm)==NULL) {
    129 errormsg(WHERE, ERR_CHK, "time", (uint)now); >>> CID 451020: Resource leaks (RESOURCE_LEAK)
    Variable "stream" going out of scope leaks the storage it points to. 130 return(false);
    131 }
    132
    133 fprintf(stream,"%s\r\n%s\r\n%s\r\n%s, Sysop\r\n0000,%s\r\n"
    134 "%02u-%02u-%u,%02u:%02u:%02u\r\n"
    135 ,cfg.sys_name

    ** CID 451019: (NEGATIVE_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 451019: (NEGATIVE_RETURNS)
    /main.cpp: 3434 in sbbs_t::init()()
    3428 }
    3429
    3430 /* Shared NODE files */
    3431 SAFEPRINTF2(str,"%s%s",cfg.ctrl_dir,"node.dab");
    3432 pthread_mutex_lock(&nodefile_mutex);
    3433 if((nodefile=nopen(str,O_DENYNONE|O_RDWR|O_CREAT))==-1) {
    CID 451019: (NEGATIVE_RETURNS)
    "this->client_socket" is passed to a parameter that cannot be negative. 3434 errormsg(WHERE, ERR_OPEN, str, cfg.node_num);
    3435 pthread_mutex_unlock(&nodefile_mutex);
    3436 return(false);
    3437 }
    3438 memset(&node,0,sizeof(node_t)); /* write NULL to node struct */
    3439 node.status=NODE_OFFLINE;
    /main.cpp: 3443 in sbbs_t::init()()
    3437 }
    3438 memset(&node,0,sizeof(node_t)); /* write NULL to node struct */
    3439 node.status=NODE_OFFLINE;
    3440 while(filelength(nodefile)<(int)(cfg.sys_nodes*sizeof(node_t))) {
    3441 lseek(nodefile,0L,SEEK_END);
    3442 if(write(nodefile,&node,sizeof(node_t))!=sizeof(node_t)) {
    CID 451019: (NEGATIVE_RETURNS)
    "this->client_socket" is passed to a parameter that cannot be negative. 3443 errormsg(WHERE,ERR_WRITE,str,sizeof(node_t)); 3444 break;
    3445 }
    3446 }
    3447 if(chsize(nodefile, (off_t)(cfg.sys_nodes*sizeof(node_t))) != 0)
    3448 errormsg(WHERE, ERR_LEN, str, cfg.sys_nodes*sizeof(node_t));

    ** CID 451018: (LOCK)
    /xtrn_sec.cpp: 1437 in sbbs_t::exec_xtrn(unsigned int, bool)()
    /xtrn_sec.cpp: 1437 in sbbs_t::exec_xtrn(unsigned int, bool)()


    ________________________________________________________________________________________________________
    *** CID 451018: (LOCK)
    /xtrn_sec.cpp: 1437 in sbbs_t::exec_xtrn(unsigned int, bool)()
    1431 ,cfg.xtrn[xtrnnum]->path);
    1432 end=time(NULL);
    1433
    1434 if(cfg.xtrn[xtrnnum]->misc&FREETIME)
    1435 starttime+=end-start;
    1436 if(cfg.xtrn[xtrnnum]->clean[0]) {
    CID 451018: (LOCK)
    "external" locks "this->input_thread_mutex" while it is locked.
    1437 external(cmdstr(cfg.xtrn[xtrnnum]->clean, drop_file, startup_dir, NULL, mode)
    1438 ,mode&~(EX_STDIN|EX_CONIO), cfg.xtrn[xtrnnum]->path);
    1439 }
    1440 max_socket_inactivity = startup->max_session_inactivity;
    1441 /* Re-open the logfile */
    1442 if(logfile_fp==NULL) {
    /xtrn_sec.cpp: 1437 in sbbs_t::exec_xtrn(unsigned int, bool)()
    1431 ,cfg.xtrn[xtrnnum]->path);
    1432 end=time(NULL);
    1433
    1434 if(cfg.xtrn[xtrnnum]->misc&FREETIME)
    1435 starttime+=end-start;
    1436 if(cfg.xtrn[xtrnnum]->clean[0]) {
    CID 451018: (LOCK)
    "external" unlocks "this->input_thread_mutex" while it is unlocked. 1437 external(cmdstr(cfg.xtrn[xtrnnum]->clean, drop_file, startup_dir, NULL, mode)
    1438 ,mode&~(EX_STDIN|EX_CONIO), cfg.xtrn[xtrnnum]->path);
    1439 }
    1440 max_socket_inactivity = startup->max_session_inactivity;
    1441 /* Re-open the logfile */
    1442 if(logfile_fp==NULL) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DwQj4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDdlFiTOYvOJ3q-2BXCmV5b82oIz6FZIN1OLfaOQTbpP8Gh-2F1BFBTVkQlZPmP-2FlpwdRVEElckq3ePaiX56HFlC4oTk3mo4UgkSGq0kVxPTfv2czS2IOfkwROgSnRu-2B3z34jIHguj-2BgdMQEhL57e4KO1qNvBjyCV-2FH1A5pF0aNBb218Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, March 26, 2023 12:39:18
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 451057: Uninitialized variables (UNINIT) /tmp/sbbs-Mar-26-2023/src/uifc/uifcx.c: 218 in ulist()


    ________________________________________________________________________________________________________
    *** CID 451057: Uninitialized variables (UNINIT) /tmp/sbbs-Mar-26-2023/src/uifc/uifcx.c: 218 in ulist()
    212 cur = &tmpcur;
    213
    214 for(opts=0;opts<MAX_OPTS;opts++)
    215 if(option[opts]==NULL || option[opts][0]==0)
    216 break;
    217
    CID 451057: Uninitialized variables (UNINIT)
    Using uninitialized value "*cur".
    218 if((*cur)>=opts)
    219 (*cur)=opts-1; /* returned after scrolled */ 220
    221 if((*cur)<0)
    222 (*cur)=0;
    223

    ** CID 451056: Error handling issues (CHECKED_RETURN)
    /umonitor/umonitor.c: 872 in main()


    ________________________________________________________________________________________________________
    *** CID 451056: Error handling issues (CHECKED_RETURN)
    /umonitor/umonitor.c: 872 in main()
    866 );
    867
    868 /* close .ini file here */
    869 if(fp!=NULL)
    870 fclose(fp);
    871
    CID 451056: Error handling issues (CHECKED_RETURN)
    Calling "chdir" without checking return value (as is done elsewhere 18 out of 21 times).
    872 chdir(bbs_startup.ctrl_dir);
    873
    874 /* Read .cfg files here */
    875 memset(&cfg,0,sizeof(cfg));
    876 cfg.size=sizeof(cfg);
    877 SAFECOPY(cfg.ctrl_dir,bbs_startup.ctrl_dir);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DQ4kK_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDg36x62girPn1zYBhcccXwhYdDfdMRepLksuDfaAvd4bat4-2FUDdrJDqZKFgkT5rhTEpd1i-2F-2F-2Bt12VuLwisIe8fgC5UgDGF2gzRbivh2YT2HQfxF8BKGqVwBOdsLqq8RDB0gsCQJzB5reNTbkfkMIUprGduJhT4EnW8bblt9BSyQw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, March 27, 2023 12:40:01
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 451084: Error handling issues (CHECKED_RETURN)
    /scfg/scfg.c: 2498 in bail()


    ________________________________________________________________________________________________________
    *** CID 451084: Error handling issues (CHECKED_RETURN)
    /scfg/scfg.c: 2498 in bail()
    2492 ,&web_startup
    2493 ,&run_mail
    2494 ,&mail_startup
    2495 ,&run_services
    2496 ,&services_startup
    2497 );
    CID 451084: Error handling issues (CHECKED_RETURN)
    Calling "sbbs_write_ini" without checking return value (as is done elsewhere 6 out of 7 times).
    2498 sbbs_write_ini(
    2499 fp
    2500 ,&cfg
    2501 ,&global_startup
    2502 ,run_bbs
    2503 ,&bbs_startup


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DnMb9_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD976-2FEjTE38STs1icREVMHniwNML6xZBdisRM-2BSa9a9nOxrT2-2FUUbpxDSqWvLS9bN6TGb-2FePVmC2NMTMzChJMlqHPiU-2Bv9-2FtIhNAHUUgzS1WPYTXv043GMHq3ZP4-2FQ5jrThKDjIa1z5hefsmxu160ET8xl2XIZjs04KQ8YG62aAw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, April 01, 2023 12:40:10
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 451182: Null pointer dereferences (NULL_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 451182: Null pointer dereferences (NULL_RETURNS)
    /scfg/scfgnode.c: 50 in adjust_last_node()
    44 uint last_node = iniGetUInteger(ini, section, key, cfg.sys_nodes);
    45 char prompt[128];
    46 SAFEPRINTF(prompt, "Update Terminal Server 'LastNode' value to %u", cfg.sys_nodes);
    47 if(last_node < cfg.sys_nodes && uifc.confirm(prompt)) {
    48 fp = iniOpenFile(ini_fname, /* modify */true);
    49 iniSetUInteger(&ini, section, key, cfg.sys_nodes, NULL);
    CID 451182: Null pointer dereferences (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "fp" when calling "iniWriteFile".
    50 iniWriteFile(fp, ini);
    51 iniCloseFile(fp);
    52 }
    53 iniFreeStringList(ini);
    54 }
    55


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DpuyQ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAa7nggF92-2FRxsLcvm87CK4-2Bto78Azi3yyX9qWek6JmUtnehJGAtrvzJBvO1d9nD-2Bg0GKKa4GqYzEva6Siznl2xJXy-2FjPn1uZ-2BKvYX68NoiQd5tzVJKUFlPrALUGvlehbzHDUYDbzILFgmSfjOdYWlAKHa0sR-2FUDtT5FufQM-2BrMyA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, April 14, 2023 12:38:41
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 452331: Incorrect expression (SIZEOF_MISMATCH)
    /writemsg.cpp: 936 in sbbs_t::msgeditor(char *, const char *, char *, unsigned int, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 452331: Incorrect expression (SIZEOF_MISMATCH)
    /writemsg.cpp: 936 in sbbs_t::msgeditor(char *, const char *, char *, unsigned int, unsigned int)()
    930 }
    931
    932 rioctl(IOCM|ABORT);
    933 rioctl(IOCS|ABORT);
    934
    935 if((str = strListDivide(NULL, buf, "\n")) == NULL) {
    CID 452331: Incorrect expression (SIZEOF_MISMATCH)
    Passing argument "getfname("writemsg.cpp")" of type "char *" and argument "8UL /* sizeof (char *) */ * (maxlines + 1)" to function "errormsg" is suspicious.
    936 errormsg(WHERE,ERR_ALLOC,"msgeditor",sizeof(char *)*(maxlines+1));
    937 return(0);
    938 }
    939 lines = strListCount(str);
    940 while(lines > maxlines)
    941 free(str[--lines]);

    ** CID 452330: Control flow issues (NO_EFFECT)
    /writemsg.cpp: 966 in sbbs_t::msgeditor(char *, const char *, char *, unsigned int, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 452330: Control flow issues (NO_EFFECT)
    /writemsg.cpp: 966 in sbbs_t::msgeditor(char *, const char *, char *, unsigned int, unsigned int)()
    960 cleartoeol(); /* delete to end of line */
    961 CRLF;
    962 }
    963 sync();
    964 rioctl(IOSM|ABORT);
    965 while(online) {
    CID 452330: Control flow issues (NO_EFFECT)
    This less-than-zero comparison of an unsigned value is never true. "line < 0U".
    966 if(line < 0)
    967 line = 0;
    968 if((int)line>(int)maxlines-10) {
    969 if(line >= maxlines)
    970 bprintf(text[NoMoreLines],line);
    971 else


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DXYWj_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCe3xJD-2By2cfraguiJlF6Q3ggv-2BQewqXHCAM-2Fbq0fOod1rV0SghwSJAQLLY7JR2Xg22UoJpTPmAA7i9XkIaQJXzZ-2BbJXoY-2BCdAkcnvE60sKg-2BPS6l7v-2FKFZFOwbcriVbnnje-2BbNcxdGeVrvLCQd8h-2BSecIZPgzSL8PiXCCNGI8f5Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, April 22, 2023 12:39:06
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 452566: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Apr-22-2023/src/conio/sdl_con.c: 636 in setup_surfaces_locked()


    ________________________________________________________________________________________________________
    *** CID 452566: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Apr-22-2023/src/conio/sdl_con.c: 636 in setup_surfaces_locked()
    630 sdl.SetHint(SDL_HINT_RENDER_SCALE_QUALITY, internal_scaling ? "0" : "2");
    631
    632 if (win == NULL) {
    633 // SDL2: This is slow sometimes... not sure why.
    634 if (sdl.CreateWindowAndRenderer(vs->winwidth, vs->winheight, flags, &win, &renderer) == 0) {
    635 sdl.GetWindowSize(win, &idealw, &idealh);
    CID 452566: Concurrent data access violations (MISSING_LOCK)
    Accessing "vs->winwidth" without holding lock "vstatlock". Elsewhere, "video_stats.winwidth" is accessed with "vstatlock" held 6 out of 9 times (1 of these accesses strongly imply that it is necessary).
    636 vs->winwidth = idealw;
    637 vs->winheight = idealh;
    638 sdl.RenderClear(renderer);
    639 if (internal_scaling)
    640 newtexture = sdl.CreateTexture(renderer, SDL_PIXELFORMAT_ARGB8888, SDL_TEXTUREACCESS_STREAMING, idealw, idealh);
    641 else


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DN0Qc_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDLFN7DabHG6aWM4wdfcqyFofwc0J38vQSMkCa4C-2Fn1N6Wj9IncPgqMVdR4cE24U-2FJpH1QYRv5aOH5-2FuiKTSVbfEwso1DL4WyWml5jydp92Rz-2B7A9cEiM6tQVeXRTuV4CWEOD86K4lmM1ZvAA4wQOq8iO6E2w2DDJuKvkIRCppQ5A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, April 24, 2023 12:38:45
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    7 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 7 of 7 defect(s)


    ** CID 452578: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 288 in bitmap_vmem_puttext_locked()


    ________________________________________________________________________________________________________
    *** CID 452578: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 288 in bitmap_vmem_puttext_locked()
    282 for(x=sx-1;x<ex;x++) {
    283 memcpy(&vmem_ptr->vmem[y*cio_textinfo.screenwidth+x], fill++, sizeof(*fill));
    284 bitmap_draw_one_char(x+1, y+1);
    285 }
    286 }
    287 pthread_mutex_lock(&vstatlock);
    CID 452578: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    288 release_vmem(vmem_ptr);
    289 pthread_mutex_unlock(&vstatlock);
    290 return(1);
    291 }
    292
    293 static void

    ** CID 452577: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 850 in update_from_vmem()


    ________________________________________________________________________________________________________
    *** CID 452577: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 850 in update_from_vmem()
    844 bitmap_draw_one_char(x+1,y+1);
    845 }
    846 pos++;
    847 }
    848 }
    849 pthread_mutex_lock(&vstatlock);
    CID 452577: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    850 release_vmem(vmem_ptr);
    851 pthread_mutex_unlock(&vstatlock);
    852
    853 vs = vstat;
    854
    855 return(0);

    ** CID 452576: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 1239 in bitmap_movetext()


    ________________________________________________________________________________________________________
    *** CID 452576: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 1239 in bitmap_movetext()
    1233 }
    1234
    1235 bitmap_movetext_screen(&screena, x, y, tox, toy, direction, height, width);
    1236 bitmap_movetext_screen(&screenb, x, y, tox, toy, direction, height, width);
    1237
    1238 pthread_mutex_lock(&vstatlock);
    CID 452576: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    1239 release_vmem(vmem_ptr);
    1240 pthread_mutex_unlock(&vstatlock);
    1241 pthread_mutex_unlock(&blinker_lock);
    1242
    1243 return(1);
    1244 }

    ** CID 452575: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 1264 in bitmap_clreol()


    ________________________________________________________________________________________________________
    *** CID 452575: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 1264 in bitmap_clreol()
    1258 pthread_mutex_unlock(&vstatlock);
    1259 for(x=cio_textinfo.curx+cio_textinfo.winleft-2; x<cio_textinfo.winright; x++) {
    1260 set_vmem_cell(vmem_ptr, pos+x, fill, ciolib_fg, ciolib_bg);
    1261 bitmap_draw_one_char(x+1, row);
    1262 }
    1263 pthread_mutex_lock(&vstatlock);
    CID 452575: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    1264 release_vmem(vmem_ptr);
    1265 pthread_mutex_unlock(&vstatlock);
    1266 pthread_mutex_unlock(&blinker_lock);
    1267 }
    1268
    1269 void bitmap_clrscr(void)

    ** CID 452574: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 1289 in bitmap_clrscr()


    ________________________________________________________________________________________________________
    *** CID 452574: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 1289 in bitmap_clrscr()
    1283 for(x=cio_textinfo.winleft-1; x<cio_textinfo.winright && x < cols; x++) {
    1284 set_vmem_cell(vmem_ptr, y*cio_textinfo.screenwidth+x, fill, ciolib_fg, ciolib_bg);
    1285 bitmap_draw_one_char(x+1, y+1);
    1286 }
    1287 }
    1288 pthread_mutex_lock(&vstatlock);
    CID 452574: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    1289 release_vmem(vmem_ptr);
    1290 pthread_mutex_unlock(&vstatlock);
    1291 pthread_mutex_unlock(&blinker_lock);
    1292 }
    1293
    1294 void bitmap_getcustomcursor(int *s, int *e, int *r, int *b, int *v)

    ** CID 452573: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 882 in bitmap_puttext()


    ________________________________________________________________________________________________________
    *** CID 452573: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 882 in bitmap_puttext()
    876 for(x=sx-1;x<ex;x++) {
    877 set_vmem_cell(vmem_ptr, y*cio_textinfo.screenwidth+x, *(buf++), 0x00ffffff, 0x00ffffff);
    878 bitmap_draw_one_char(x+1, y+1);
    879 }
    880 }
    881 pthread_mutex_lock(&vstatlock);
    CID 452573: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    882 release_vmem(vmem_ptr);
    883 pthread_mutex_unlock(&vstatlock);
    884 pthread_mutex_unlock(&blinker_lock);
    885 return ret;
    886 }
    887

    ** CID 452572: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 931 in bitmap_vmem_gettext()


    ________________________________________________________________________________________________________
    *** CID 452572: Concurrent data access violations (ATOMICITY) /tmp/sbbs-Apr-24-2023/src/conio/bitmap_con.c: 931 in bitmap_vmem_gettext()
    925 pthread_mutex_unlock(&vstatlock);
    926 for(y=sy-1;y<ey;y++) {
    927 for(x=sx-1;x<ex;x++)
    928 memcpy(fill++, &vmem_ptr->vmem[y*cio_textinfo.screenwidth+x], sizeof(*fill));
    929 }
    930 pthread_mutex_lock(&vstatlock);
    CID 452572: Concurrent data access violations (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    931 release_vmem(vmem_ptr);
    932 pthread_mutex_unlock(&vstatlock);
    933 pthread_mutex_unlock(&blinker_lock);
    934 return(1);
    935 }
    936


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dr6L5_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCXbrQFMtiQ7qKe-2BTRon-2FCE8v1liTsiFwBEYDEbQeWWd5eZFVeKpMGKUHmhD6LW8krne8DUx7vgGCgrnLZMbGKkkWrW3z-2FgyVLPDteaRWQpPZNj5xcazMwdijg8SS9WNZMtlsLir5gcOguFdBqjgvNYLOs-2BIw-2BtaMoNy3gAeALwzA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, April 25, 2023 12:57:18
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 452582: (ATOMICITY)
    /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 562 in bitmap_draw_one_char() /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 647 in bitmap_draw_one_char() /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 584 in bitmap_draw_one_char()


    ________________________________________________________________________________________________________
    *** CID 452582: (ATOMICITY)
    /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 562 in bitmap_draw_one_char()
    556 break;
    557 case 16:
    558 this_font = (unsigned char *)conio_fontdata[vmem_ptr->vmem[vmo].font].eight_by_sixteen;
    559 break;
    560 default:
    561 pthread_mutex_lock(&vstatlock); >>> CID 452582: (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    562 release_vmem(vmem_ptr);
    563 pthread_mutex_unlock(&vstatlock);
    564 return(-1);
    565 }
    566 }
    567 }
    /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 647 in bitmap_draw_one_char()
    641 if (x & 0x07)
    642 fontoffset++;
    643 pixeloffset += rsz;
    644 }
    645 pthread_mutex_unlock(&screenlock);
    646 pthread_mutex_lock(&vstatlock);
    CID 452582: (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    647 release_vmem(vmem_ptr);
    648 pthread_mutex_unlock(&vstatlock);
    649
    650 return(0);
    651 }
    652
    /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 584 in bitmap_draw_one_char()
    578 return(-1);
    579 }
    580
    581 if((!screena.rect) || (!screenb.rect)) {
    582 pthread_mutex_unlock(&screenlock);
    583 pthread_mutex_lock(&vstatlock);
    CID 452582: (ATOMICITY)
    Using an unreliable value of "vmem_ptr" inside the second locked section. If the data that "vmem_ptr" depends on was changed by another thread, this use might be incorrect.
    584 release_vmem(vmem_ptr);
    585 pthread_mutex_unlock(&vstatlock);
    586 return(-1);
    587 }
    588
    589 pixeloffset = PIXEL_OFFSET(screena, xoffset, yoffset);

    ** CID 452581: Program hangs (ORDER_REVERSAL)


    ________________________________________________________________________________________________________
    *** CID 452581: Program hangs (ORDER_REVERSAL) /tmp/sbbs-Apr-25-2023/src/conio/bitmap_con.c: 1608 in bitmap_replace_font() 1602 conio_fontdata[id].desc=name;
    1603 break;
    1604 default:
    1605 free(name);
    1606 free(data);
    1607 }
    CID 452581: Program hangs (ORDER_REVERSAL)
    Calling "request_redraw" acquires lock "vstatlock" while holding lock "screenlock" (count: 1 / 2).
    1608 request_redraw();
    1609 pthread_mutex_unlock(&screenlock);
    1610 }
    1611
    1612 int bitmap_setpalette(uint32_t index, uint16_t r, uint16_t g, uint16_t b)
    1613 {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DUSpV_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDmDz-2FisU4CybMTa4AFdNqjWoDadrImI2uOf58ArG-2FffJ7seqZM-2Bl84or1w-2BzxkvZYcPQITxGrgDJGv16GZTsMIutD2gv437SrvMcUM-2F5l3-2BKCAbVD4eiDR8izGVmzfzthTmQymbENGNMMEUITS2aGvAfi-2BZKEdNWTnMrEIlvUiBQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, May 06, 2023 12:39:53
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 453600: (NULL_RETURNS)
    /tmp/sbbs-May-06-2023/src/conio/genmap.c: 88 in main() /tmp/sbbs-May-06-2023/src/conio/genmap.c: 89 in main() /tmp/sbbs-May-06-2023/src/conio/genmap.c: 69 in main() /tmp/sbbs-May-06-2023/src/conio/genmap.c: 78 in main()


    ________________________________________________________________________________________________________
    *** CID 453600: (NULL_RETURNS)
    /tmp/sbbs-May-06-2023/src/conio/genmap.c: 88 in main()
    82 "#include <inttypes.h>\n"
    83 "\n"
    84 "extern const uint32_t r2y[16777216];\n"
    85 "extern const uint32_t y2r[16777216];\n"
    86 "\n"
    87 "#endif\n");
    CID 453600: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "r" when calling "fwrite". 88 fwrite(r2y, 4, 1 << 24, r);
    89 fwrite(y2r, 4, 1 << 24, y);
    90 fclose(s);
    91 fclose(h);
    92 fclose(r);
    93 fclose(y);
    94 return 0;
    /tmp/sbbs-May-06-2023/src/conio/genmap.c: 89 in main()
    83 "\n"
    84 "extern const uint32_t r2y[16777216];\n"
    85 "extern const uint32_t y2r[16777216];\n"
    86 "\n"
    87 "#endif\n");
    88 fwrite(r2y, 4, 1 << 24, r);
    CID 453600: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "y" when calling "fwrite". 89 fwrite(y2r, 4, 1 << 24, y);
    90 fclose(s);
    91 fclose(h);
    92 fclose(r);
    93 fclose(y);
    94 return 0;
    /tmp/sbbs-May-06-2023/src/conio/genmap.c: 69 in main()
    63 char *mangle = "";
    64
    65 init_r2y();
    66 if (argc > 1 && strcmp(argv[1], "win32") == 0)
    67 mangle = "_";
    68
    CID 453600: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "s" when calling "fprintf". [Note: The source code implementation of the function has been overridden by a builtin model.]
    69 fprintf(s,
    70 ".section .rodata\n"
    71 ".global %sr2y\n"
    72 ".global %sy2r\n"
    73 ".align 4\n"
    74 "%sr2y:\n"
    /tmp/sbbs-May-06-2023/src/conio/genmap.c: 78 in main()
    72 ".global %sy2r\n"
    73 ".align 4\n"
    74 "%sr2y:\n"
    75 " .incbin \"r2y.bin\"\n"
    76 "%sy2r:\n"
    77 " .incbin \"y2r.bin\"\n", mangle, mangle, mangle, mangle);
    CID 453600: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "h" when calling "fprintf". [Note: The source code implementation of the function has been overridden by a builtin model.]
    78 fprintf(h,
    79 "#ifndef RGBMAP_H\n"
    80 "#define RGBMAP_H\n"
    81 "\n"
    82 "#include <inttypes.h>\n"
    83 "\n"


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D2OWw_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA5TNjzrU6Rq5Mo9xdbzDwsTpy-2Bb09EocMoAjAvUXI0dqN9FjhoAs2WQX-2BupKjspvk11pluxiTxKgTDHQAhwzsXbwAERPEnGsAxkUULs14dstkoKyyk63U-2FI43vTGDPDLB-2BN8f1fqC8LeCf2cycw746w3RIwm3fIqgqrnx-2F8Y8WZA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, May 07, 2023 14:09:59
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 453850: Memory - corruptions (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 453850: Memory - corruptions (OVERRUN)
    /main.cpp: 2135 in input_thread(void *)()
    2129 else
    2130 wrbuf=telnet_interpret(sbbs, inbuf, rd, telbuf, wr);
    2131 if(wr > (int)sizeof(telbuf))
    2132 lprintf(LOG_ERR,"!TELBUF OVERFLOW (%d>%d)",wr,(int)sizeof(telbuf));
    2133
    2134 if(!(sbbs->console & CON_RAW_IN))
    CID 453850: Memory - corruptions (OVERRUN)
    Overrunning buffer pointed to by "wrbuf" of 4000 bytes by passing it to a function which accesses it at byte offset 4000 using argument "wr" (which evaluates to 4001).
    2135 sbbs->translate_input(wrbuf, wr);
    2136
    2137 if(sbbs->passthru_socket_active == true) {
    2138 BOOL writable = FALSE;
    2139 if(socket_check(sbbs->passthru_socket, NULL, &writable, 1000) && writable)
    2140 (void)sendsocket(sbbs->passthru_socket, (char*)wrbuf, wr);

    ** CID 453849: (STRING_SIZE)
    /tmp/sbbs-May-07-2023/src/conio/genmap.c: 72 in main() /tmp/sbbs-May-07-2023/src/conio/genmap.c: 74 in main() /tmp/sbbs-May-07-2023/src/conio/genmap.c: 68 in main() /tmp/sbbs-May-07-2023/src/conio/genmap.c: 70 in main()


    ________________________________________________________________________________________________________
    *** CID 453849: (STRING_SIZE)
    /tmp/sbbs-May-07-2023/src/conio/genmap.c: 72 in main()
    66 return EXIT_FAILURE;
    67 }
    68 sprintf(path, "%s/rgbmap.s", argv[2]);
    69 s = fopen(path, "w");
    70 sprintf(path, "%s/rgbmap.h", argv[2]);
    71 h = fopen(path, "w");
    CID 453849: (STRING_SIZE)
    Passing string "argv[2]" of unknown size to "sprintf".
    72 sprintf(path, "%s/r2y.bin", argv[2]);
    73 r = fopen(path, "wb");
    74 sprintf(path, "%s/y2r.bin", argv[2]);
    75 y = fopen(path, "wb");
    76 init_r2y();
    77 if (argc > 1 && strcmp(argv[1], "win32") == 0) /tmp/sbbs-May-07-2023/src/conio/genmap.c: 74 in main()
    68 sprintf(path, "%s/rgbmap.s", argv[2]);
    69 s = fopen(path, "w");
    70 sprintf(path, "%s/rgbmap.h", argv[2]);
    71 h = fopen(path, "w");
    72 sprintf(path, "%s/r2y.bin", argv[2]);
    73 r = fopen(path, "wb");
    CID 453849: (STRING_SIZE)
    Passing string "argv[2]" of unknown size to "sprintf".
    74 sprintf(path, "%s/y2r.bin", argv[2]);
    75 y = fopen(path, "wb");
    76 init_r2y();
    77 if (argc > 1 && strcmp(argv[1], "win32") == 0)
    78 mangle = "_";
    79
    /tmp/sbbs-May-07-2023/src/conio/genmap.c: 68 in main()
    62 char *mangle = "";
    63
    64 if (argc != 3) {
    65 fprintf(stderr, "Usage: %s <os> <path>\n", argv[0]);
    66 return EXIT_FAILURE;
    67 }
    CID 453849: (STRING_SIZE)
    Passing string "argv[2]" of unknown size to "sprintf".
    68 sprintf(path, "%s/rgbmap.s", argv[2]);
    69 s = fopen(path, "w");
    70 sprintf(path, "%s/rgbmap.h", argv[2]);
    71 h = fopen(path, "w");
    72 sprintf(path, "%s/r2y.bin", argv[2]);
    73 r = fopen(path, "wb");
    /tmp/sbbs-May-07-2023/src/conio/genmap.c: 70 in main()
    64 if (argc != 3) {
    65 fprintf(stderr, "Usage: %s <os> <path>\n", argv[0]);
    66 return EXIT_FAILURE;
    67 }
    68 sprintf(path, "%s/rgbmap.s", argv[2]);
    69 s = fopen(path, "w");
    CID 453849: (STRING_SIZE)
    Passing string "argv[2]" of unknown size to "sprintf".
    70 sprintf(path, "%s/rgbmap.h", argv[2]);
    71 h = fopen(path, "w");
    72 sprintf(path, "%s/r2y.bin", argv[2]);
    73 r = fopen(path, "wb");
    74 sprintf(path, "%s/y2r.bin", argv[2]);
    75 y = fopen(path, "wb");

    ** CID 453848: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-May-07-2023/src/conio/x_events.c: 562 in video_init()


    ________________________________________________________________________________________________________
    *** CID 453848: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-May-07-2023/src/conio/x_events.c: 562 in video_init()
    556 if (x_cvstat.scaling < 1 || vstat.scaling < 1)
    557 x_cvstat.scaling = vstat.scaling = 1;
    558 pthread_mutex_unlock(&vstatlock);
    559 /* Initialize mode 3 (text, 80x25, 16 colors) */
    560 if(load_vmode(&vstat, ciolib_initial_mode))
    561 return(-1);
    CID 453848: Concurrent data access violations (MISSING_LOCK)
    Accessing "x_cvstat" without holding lock "vstatlock". Elsewhere, "x_cvstat" is accessed with "vstatlock" held 3 out of 4 times (1 of these accesses strongly imply that it is necessary).
    562 x_cvstat = vstat;
    563 if(init_window())
    564 return(-1);
    565 bitmap_drv_init(x11_drawrect, x11_flush);
    566 pthread_mutex_lock(&vstatlock);
    567 bitmap_drv_init_mode(vstat.mode, NULL, NULL, 0, 0);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DHCK2_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCrnxZlR95qbad06mHzW16hipyALzV0mFuj3ay6pFxYR0eStfRzX4PFZA0tGWVeDEIjb6ggx0scvHBcaLMTSmWKTHh-2BY-2F-2FJXVJUS-2FMWWRke5EcHM57k-2F70xISfOM2XGn-2F4aK35uR43soY3XaxM-2BxoxpO-2BmFSex4uKhKezwAhOx42w-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, May 12, 2023 12:39:17
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 454698: Incorrect expression (IDENTICAL_BRANCHES) /tmp/sbbs-May-12-2023/src/conio/x_events.c: 336 in map_window()


    ________________________________________________________________________________________________________
    *** CID 454698: Incorrect expression (IDENTICAL_BRANCHES) /tmp/sbbs-May-12-2023/src/conio/x_events.c: 336 in map_window()
    330 }
    331
    332 bitmap_get_scaled_win_size(x_cvstat.scaling, &sh->base_width, &sh->base_height, 0, 0);
    333 bitmap_get_scaled_win_size(1.0, &sh->min_width, &sh->min_height, 0, 0);
    334 pthread_mutex_unlock(&vstatlock);
    335
    CID 454698: Incorrect expression (IDENTICAL_BRANCHES)
    The same code is executed regardless of whether "x_cvstat.aspect_width != 0 && x_cvstat.aspect_height != 0" is true, because the 'then' and 'else' branches are identical. Should one of the branches be modified, or the entire 'if' statement replaced?
    336 if (x_cvstat.aspect_width != 0 && x_cvstat.aspect_height != 0) {
    337 sh->min_aspect.x = sh->max_aspect.x = sh->min_width; 338 sh->min_aspect.y = sh->max_aspect.y = sh->min_height; 339 }
    340 else {
    341 sh->min_aspect.x = sh->max_aspect.x = sh->min_width;

    ** CID 454697: Program hangs (LOCK) /tmp/sbbs-May-12-2023/src/conio/x_events.c: 565 in video_init()


    ________________________________________________________________________________________________________
    *** CID 454697: Program hangs (LOCK) /tmp/sbbs-May-12-2023/src/conio/x_events.c: 565 in video_init()
    559 if (ciolib_initial_scaling != 0.0)
    560 x_cvstat.scaling = vstat.scaling = ciolib_initial_scaling;
    561 if (x_cvstat.scaling < 1.0 || vstat.scaling < 1.0)
    562 x_cvstat.scaling = vstat.scaling = 1;
    563 /* Initialize mode 3 (text, 80x25, 16 colors) */
    564 if(load_vmode(&vstat, ciolib_initial_mode))
    CID 454697: Program hangs (LOCK)
    Returning without unlocking "vstatlock".
    565 return(-1);
    566 x_cvstat = vstat;
    567 pthread_mutex_unlock(&vstatlock);
    568 if(init_window())
    569 return(-1);
    570 bitmap_drv_init(x11_drawrect, x11_flush);

    ** CID 454696: Control flow issues (UNREACHABLE) /tmp/sbbs-May-12-2023/src/conio/sdl_con.c: 346 in window_can_scale_internally()


    ________________________________________________________________________________________________________
    *** CID 454696: Control flow issues (UNREACHABLE) /tmp/sbbs-May-12-2023/src/conio/sdl_con.c: 346 in window_can_scale_internally() 340 {
    341 double ival;
    342 double fval = modf(vstat.scaling, &ival);
    343
    344 // TODO: Add toggle for software scaling
    345 return true;
    CID 454696: Control flow issues (UNREACHABLE)
    This code cannot be reached: "if (fval == 0.)
    return true;".
    346 if (fval == 0.0)
    347 return true;
    348 return false;
    349 }
    350
    351 static int sdl_init_mode(int mode, bool init)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DX8P7_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCo7meCvjTSwgjNWxh8U4aDHxfQHmMxsciENSIBRXp67uLEWOz8jwu3lZFR4uCjFHkbCONAY52JqWDBe66S35SQOx1f4wXv2LsZa7IQA5vCXFuyr8zmKHpG3m8Wuig8iyc7ux-2BQD0YVshzWBetWEqE7uzFZr9D2LkWv7T-2FSd8bmyg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, June 03, 2023 12:40:58
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    7 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 7 of 7 defect(s)


    ** CID 462165: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-03-2023/src/conio/x_events.c: 904 in local_draw_rect()


    ________________________________________________________________________________________________________
    *** CID 462165: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-03-2023/src/conio/x_events.c: 904 in local_draw_rect()
    898 x11.XFillRectangle(dpy, win, gc, 0, yoff, xoff, yoff + xim->height);
    899 x11.XFillRectangle(dpy, win, gc, xoff+xim->width, yoff, w, yoff + xim->height);
    900 x11.XFillRectangle(dpy, win, gc, 0, yoff + xim->height, w, h);
    901 }
    902 if (x_internal_scaling || xrender_found == false) {
    903 if (last == NULL)
    CID 462165: Null pointer dereferences (FORWARD_NULL)
    Dereferencing null pointer "source".
    904 x11.XPutImage(dpy, win, gc, xim, 0, 0, xoff, yoff, source->w, source->h);
    905 else {
    906 release_buffer(last);
    907 last = NULL;
    908 }
    909 }

    ** CID 462164: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Jun-03-2023/src/conio/sdl_con.c: 448 in internal_setwinsize()


    ________________________________________________________________________________________________________
    *** CID 462164: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Jun-03-2023/src/conio/sdl_con.c: 448 in internal_setwinsize()
    442 pthread_mutex_lock(&win_mutex);
    443 sdl.GetWindowSize(win, &w, &h);
    444 pthread_mutex_unlock(&win_mutex);
    445 if (w != vs->winwidth || h != vs->winheight)
    446 changed = true;
    447 pthread_mutex_unlock(&vstatlock);
    CID 462164: Concurrent data access violations (MISSING_LOCK)
    Accessing "vstat.scaling" without holding lock "vstatlock". Elsewhere, "video_stats.scaling" is accessed with "vstatlock" held 13 out of 18 times (1 of these accesses strongly imply that it is necessary).
    448 vstat.scaling = sdl_getscaling();
    449 }
    450 if (changed)
    451 setup_surfaces(vs);
    452 }
    453

    ** CID 462163: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Jun-03-2023/src/conio/sdl_con.c: 408 in update_cvstat()


    ________________________________________________________________________________________________________
    *** CID 462163: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Jun-03-2023/src/conio/sdl_con.c: 408 in update_cvstat()
    402 }
    403
    404 static void
    405 update_cvstat(struct video_stats *vs)
    406 {
    407 if (vs != NULL && vs != &vstat) {
    CID 462163: Concurrent data access violations (MISSING_LOCK)
    Accessing "vstat.scaling" without holding lock "vstatlock". Elsewhere, "video_stats.scaling" is accessed with "vstatlock" held 13 out of 18 times (1 of these accesses strongly imply that it is necessary).
    408 vstat.scaling = sdl_getscaling();
    409 pthread_mutex_lock(&vstatlock);
    410 *vs = vstat;
    411 pthread_mutex_unlock(&vstatlock);
    412 }
    413 }

    ** CID 462162: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Jun-03-2023/src/conio/sdl_con.c: 657 in setup_surfaces()


    ________________________________________________________________________________________________________
    *** CID 462162: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Jun-03-2023/src/conio/sdl_con.c: 657 in setup_surfaces()
    651 else if(sdl_init_good) {
    652 ev.type=SDL_QUIT;
    653 sdl_exitcode=1;
    654 sdl.PeepEvents(&ev, 1, SDL_ADDEVENT, SDL_FIRSTEVENT, SDL_LASTEVENT);
    655 }
    656 pthread_mutex_unlock(&win_mutex);
    CID 462162: Concurrent data access violations (MISSING_LOCK)
    Accessing "vstat.scaling" without holding lock "vstatlock". Elsewhere, "video_stats.scaling" is accessed with "vstatlock" held 13 out of 18 times (1 of these accesses strongly imply that it is necessary).
    657 vstat.scaling = sdl_getscaling();
    658 }
    659
    660 /* Called from event thread only */
    661 static void sdl_add_key(unsigned int keyval, struct video_stats *vs) 662 {

    ** CID 462161: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 511 in x_init()


    ________________________________________________________________________________________________________
    *** CID 462161: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 511 in x_init()
    505 xp_dlclose(dl);
    506 return(-1);
    507 }
    508 #ifdef WITH_XRENDER
    509 xrender_found = true;
    510 if ((dl2 = xp_dlopen(libnames2,RTLD_LAZY,7)) == NULL) {
    CID 462161: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "dl2" to "dlclose", which dereferences it.
    511 xp_dlclose(dl2);
    512 xrender_found = false;
    513 }
    514 if (xrender_found && ((x11.XRenderFindStandardFormat = xp_dlsym(dl2, XRenderFindStandardFormat)) == NULL)) {
    515 xp_dlclose(dl);
    516 xrender_found = false;

    ** CID 462160: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-03-2023/src/conio/x_events.c: 589 in init_window()


    ________________________________________________________________________________________________________
    *** CID 462160: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Jun-03-2023/src/conio/x_events.c: 589 in init_window()
    583 if (classhints) {
    584 classhints->res_name = (char *)ciolib_initial_program_name;
    585 classhints->res_class = (char *)ciolib_initial_program_class;
    586 }
    587 wmhints=x11.XAllocWMHints();
    588 wmhints->flags = 0;
    CID 462160: Null pointer dereferences (REVERSE_INULL)
    Null-checking "wmhints" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    589 if(wmhints) {
    590 wmhints->initial_state=NormalState;
    591 wmhints->flags |= (StateHint | InputHint);
    592 wmhints->input = True;
    593 set_icon(ciolib_initial_icon, ciolib_initial_icon_width, wmhints);
    594 x11.XSetWMProperties(dpy, win, NULL, NULL, 0, 0, NULL, wmhints, classhints);

    ** CID 462159: (RESOURCE_LEAK)
    /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 591 in x_init() /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 552 in x_init() /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 552 in x_init() /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 557 in x_init() /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 552 in x_init() /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 563 in x_init() /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 570 in x_init()


    ________________________________________________________________________________________________________
    *** CID 462159: (RESOURCE_LEAK)
    /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 591 in x_init()
    585 xp_dlclose(dl);
    586 sem_destroy(&pastebuf_set);
    587 sem_destroy(&pastebuf_used);
    588 sem_destroy(&init_complete);
    589 sem_destroy(&mode_set);
    590 pthread_mutex_destroy(&copybuf_mutex);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    591 return(-1);
    592 }
    593 _beginthread(x11_mouse_thread,1<<16,NULL);
    594 cio_api.options |= CONIO_OPT_SET_TITLE | CONIO_OPT_SET_NAME | CONIO_OPT_SET_ICON;
    595 return(0);
    596 }
    /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 552 in x_init()
    546 #endif
    547 setlocale(LC_ALL, "");
    548 x11.XSetLocaleModifiers("@im=none");
    549
    550 if(sem_init(&pastebuf_set, 0, 0)) {
    551 xp_dlclose(dl);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    552 return(-1);
    553 }
    554 if(sem_init(&pastebuf_used, 0, 0)) {
    555 xp_dlclose(dl);
    556 sem_destroy(&pastebuf_set);
    557 return(-1);
    /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 552 in x_init()
    546 #endif
    547 setlocale(LC_ALL, "");
    548 x11.XSetLocaleModifiers("@im=none");
    549
    550 if(sem_init(&pastebuf_set, 0, 0)) {
    551 xp_dlclose(dl);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    552 return(-1);
    553 }
    554 if(sem_init(&pastebuf_used, 0, 0)) {
    555 xp_dlclose(dl);
    556 sem_destroy(&pastebuf_set);
    557 return(-1);
    /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 557 in x_init()
    551 xp_dlclose(dl);
    552 return(-1);
    553 }
    554 if(sem_init(&pastebuf_used, 0, 0)) {
    555 xp_dlclose(dl);
    556 sem_destroy(&pastebuf_set);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    557 return(-1);
    558 }
    559 if(sem_init(&init_complete, 0, 0)) {
    560 xp_dlclose(dl);
    561 sem_destroy(&pastebuf_set);
    562 sem_destroy(&pastebuf_used); /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 552 in x_init()
    546 #endif
    547 setlocale(LC_ALL, "");
    548 x11.XSetLocaleModifiers("@im=none");
    549
    550 if(sem_init(&pastebuf_set, 0, 0)) {
    551 xp_dlclose(dl);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    552 return(-1);
    553 }
    554 if(sem_init(&pastebuf_used, 0, 0)) {
    555 xp_dlclose(dl);
    556 sem_destroy(&pastebuf_set);
    557 return(-1);
    /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 563 in x_init()
    557 return(-1);
    558 }
    559 if(sem_init(&init_complete, 0, 0)) {
    560 xp_dlclose(dl);
    561 sem_destroy(&pastebuf_set);
    562 sem_destroy(&pastebuf_used);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    563 return(-1);
    564 }
    565 if(sem_init(&mode_set, 0, 0)) {
    566 xp_dlclose(dl);
    567 sem_destroy(&pastebuf_set);
    568 sem_destroy(&pastebuf_used); /tmp/sbbs-Jun-03-2023/src/conio/x_cio.c: 570 in x_init()
    564 }
    565 if(sem_init(&mode_set, 0, 0)) {
    566 xp_dlclose(dl);
    567 sem_destroy(&pastebuf_set);
    568 sem_destroy(&pastebuf_used);
    569 sem_destroy(&init_complete);
    CID 462159: (RESOURCE_LEAK)
    Variable "dl2" going out of scope leaks the storage it points to.
    570 return(-1);
    571 }
    572
    573 if(pthread_mutex_init(&copybuf_mutex, 0)) {
    574 xp_dlclose(dl);
    575 sem_destroy(&pastebuf_set);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DIG4__g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBPyDfdctenEpBqzGZNVHs42ttgLTzzOGVhZnCvXDhpCF9jzW-2Bs67lHgn4mRJqKpKp0lKywESuC-2B8aPwq-2BHoGo6NvVv2XtDxVwk0ttDNXD70ZWDHBkynCZQ-2FnfDOJmi8gjr3lodcSxrI82eFAdcseucYkY4oNbs56dG5-2FpY2OKpzQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, June 04, 2023 12:43:02
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    6 new defect(s) introduced to Synchronet found with Coverity Scan.
    9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 6 of 6 defect(s)


    ** CID 462184: (RESOURCE_LEAK)
    /smbutil.c: 1166 in packmsgs()
    /smbutil.c: 1161 in packmsgs()
    /smbutil.c: 1249 in packmsgs()


    ________________________________________________________________________________________________________
    *** CID 462184: (RESOURCE_LEAK)
    /smbutil.c: 1166 in packmsgs()
    1160 if(fread(&hdr,1,sizeof(smbhdr_t),smb.shd_fp) < 1)
    1161 return;
    1162 fwrite(&hdr,1,sizeof(smbhdr_t),tmp_shd);
    1163 fwrite(&(smb.status),1,sizeof(smbstatus_t),tmp_shd);
    1164 for(l=sizeof(smbhdr_t)+sizeof(smbstatus_t);l<smb.status.header_offset;l++) {
    1165 if(fread(&ch,1,1,smb.shd_fp) < 1) /* copy additional base header records */
    CID 462184: (RESOURCE_LEAK)
    Variable "datoffset" going out of scope leaks the storage it points to. 1166 return;
    1167 fwrite(&ch,1,1,tmp_shd);
    1168 }
    1169 total=0;
    1170 for(l=0;l<smb.status.total_msgs;l++) {
    1171 ZERO_VAR(msg);
    /smbutil.c: 1161 in packmsgs()
    1155 fclose(tmp_sid);
    1156 fprintf(errfp,"\n%s!Error allocating memory\n",beep); 1157 return;
    1158 }
    1159 fseek(smb.shd_fp,0L,SEEK_SET);
    1160 if(fread(&hdr,1,sizeof(smbhdr_t),smb.shd_fp) < 1)
    CID 462184: (RESOURCE_LEAK)
    Variable "datoffset" going out of scope leaks the storage it points to. 1161 return;
    1162 fwrite(&hdr,1,sizeof(smbhdr_t),tmp_shd);
    1163 fwrite(&(smb.status),1,sizeof(smbstatus_t),tmp_shd);
    1164 for(l=sizeof(smbhdr_t)+sizeof(smbstatus_t);l<smb.status.header_offset;l++) {
    1165 if(fread(&ch,1,1,smb.shd_fp) < 1) /* copy additional base header records */
    1166 return;
    /smbutil.c: 1249 in packmsgs()
    1243
    1244 /* Actually copy the data */
    1245
    1246 n=smb_datblocks(m);
    1247 for(m=0;m<n;m++) {
    1248 if(fread(buf,1,SDT_BLOCK_LEN,smb.sdt_fp) < 1)
    CID 462184: (RESOURCE_LEAK)
    Variable "datoffset" going out of scope leaks the storage it points to. 1249 return;
    1250 if(!m && *(ushort *)buf!=XLAT_NONE && *(ushort *)buf!=XLAT_LZH) {
    1251 printf("\nUnsupported translation type (%04X)\n"
    1252 ,*(ushort *)buf);
    1253 break;
    1254 }

    ** CID 462183: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 564 in x_init()


    ________________________________________________________________________________________________________
    *** CID 462183: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 564 in x_init()
    558 xrender_found = false;
    559 }
    560 #endif
    561 #ifdef WITH_XINERAMA
    562 xinerama_found = true;
    563 if ((dl3 = xp_dlopen(libnames3,RTLD_LAZY,1)) == NULL) {
    CID 462183: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "dl3" to "dlclose", which dereferences it.
    564 xp_dlclose(dl3);
    565 xinerama_found = false;
    566 }
    567 if (xinerama_found && ((x11.XineramaQueryVersion = xp_dlsym(dl3, XineramaQueryVersion)) == NULL)) {
    568 xp_dlclose(dl3);
    569 xinerama_found = false;

    ** CID 462182: (RESOURCE_LEAK)
    /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 619 in x_init() /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 608 in x_init() /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 613 in x_init() /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 626 in x_init() /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 647 in x_init()


    ________________________________________________________________________________________________________
    *** CID 462182: (RESOURCE_LEAK)
    /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 619 in x_init()
    613 return(-1);
    614 }
    615 if(sem_init(&init_complete, 0, 0)) {
    616 xp_dlclose(dl);
    617 sem_destroy(&pastebuf_set);
    618 sem_destroy(&pastebuf_used);
    CID 462182: (RESOURCE_LEAK)
    Variable "dl4" going out of scope leaks the storage it points to.
    619 return(-1);
    620 }
    621 if(sem_init(&mode_set, 0, 0)) {
    622 xp_dlclose(dl);
    623 sem_destroy(&pastebuf_set);
    624 sem_destroy(&pastebuf_used); /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 608 in x_init()
    602 #endif
    603 setlocale(LC_ALL, "");
    604 x11.XSetLocaleModifiers("@im=none");
    605
    606 if(sem_init(&pastebuf_set, 0, 0)) {
    607 xp_dlclose(dl);
    CID 462182: (RESOURCE_LEAK)
    Variable "dl4" going out of scope leaks the storage it points to.
    608 return(-1);
    609 }
    610 if(sem_init(&pastebuf_used, 0, 0)) {
    611 xp_dlclose(dl);
    612 sem_destroy(&pastebuf_set);
    613 return(-1);
    /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 613 in x_init()
    607 xp_dlclose(dl);
    608 return(-1);
    609 }
    610 if(sem_init(&pastebuf_used, 0, 0)) {
    611 xp_dlclose(dl);
    612 sem_destroy(&pastebuf_set);
    CID 462182: (RESOURCE_LEAK)
    Variable "dl4" going out of scope leaks the storage it points to.
    613 return(-1);
    614 }
    615 if(sem_init(&init_complete, 0, 0)) {
    616 xp_dlclose(dl);
    617 sem_destroy(&pastebuf_set);
    618 sem_destroy(&pastebuf_used); /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 626 in x_init()
    620 }
    621 if(sem_init(&mode_set, 0, 0)) {
    622 xp_dlclose(dl);
    623 sem_destroy(&pastebuf_set);
    624 sem_destroy(&pastebuf_used);
    625 sem_destroy(&init_complete);
    CID 462182: (RESOURCE_LEAK)
    Variable "dl4" going out of scope leaks the storage it points to.
    626 return(-1);
    627 }
    628
    629 if(pthread_mutex_init(&copybuf_mutex, 0)) {
    630 xp_dlclose(dl);
    631 sem_destroy(&pastebuf_set); /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 647 in x_init()
    641 xp_dlclose(dl);
    642 sem_destroy(&pastebuf_set);
    643 sem_destroy(&pastebuf_used);
    644 sem_destroy(&init_complete);
    645 sem_destroy(&mode_set);
    646 pthread_mutex_destroy(&copybuf_mutex);
    CID 462182: (RESOURCE_LEAK)
    Variable "dl4" going out of scope leaks the storage it points to.
    647 return(-1);
    648 }
    649 _beginthread(x11_mouse_thread,1<<16,NULL);
    650 cio_api.options |= CONIO_OPT_SET_TITLE | CONIO_OPT_SET_NAME | CONIO_OPT_SET_ICON;
    651 return(0);
    652 }

    ** CID 462181: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 608 in x_init()


    ________________________________________________________________________________________________________
    *** CID 462181: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 608 in x_init()
    602 #endif
    603 setlocale(LC_ALL, "");
    604 x11.XSetLocaleModifiers("@im=none");
    605
    606 if(sem_init(&pastebuf_set, 0, 0)) {
    607 xp_dlclose(dl);
    CID 462181: Resource leaks (RESOURCE_LEAK)
    Variable "dl3" going out of scope leaks the storage it points to.
    608 return(-1);
    609 }
    610 if(sem_init(&pastebuf_used, 0, 0)) {
    611 xp_dlclose(dl);
    612 sem_destroy(&pastebuf_set);
    613 return(-1);

    ** CID 462180: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 579 in x_init()


    ________________________________________________________________________________________________________
    *** CID 462180: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-04-2023/src/conio/x_cio.c: 579 in x_init()
    573 xinerama_found = false;
    574 }
    575 #endif
    576 #ifdef WITH_XRANDR
    577 xrandr_found = true;
    578 if ((dl4 = xp_dlopen(libnames4,RTLD_LAZY,2)) == NULL) {
    CID 462180: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "dl4" to "dlclose", which dereferences it.
    579 xp_dlclose(dl4);
    580 xrandr_found = false;
    581 }
    582 if (xinerama_found && ((x11.XRRQueryVersion = xp_dlsym(dl4, XRRQueryVersion)) == NULL)) {
    583 xp_dlclose(dl4);
    584 xrandr_found = false;

    ** CID 462179: Control flow issues (DEADCODE) /tmp/sbbs-Jun-04-2023/src/conio/x_events.c: 304 in fullscreen_geometry()


    ________________________________________________________________________________________________________
    *** CID 462179: Control flow issues (DEADCODE) /tmp/sbbs-Jun-04-2023/src/conio/x_events.c: 304 in fullscreen_geometry()
    298 *height = xrrci->height;
    299 if (xrrci != NULL)
    300 x11.XRRFreeCrtcInfo(xrrci);
    301 return true;
    302 }
    303 if (xrrci != NULL)
    CID 462179: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "x11.XRRFreeCrtcInfo(xrrci);". 304 x11.XRRFreeCrtcInfo(xrrci);
    305 }
    306 #endif
    307 #ifdef WITH_XINERAMA
    308 if (xinerama_found) {
    309 // NOTE: Xinerama is limited to a short for the entire screen dimensions.


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DlE0W_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCCsYoL8-2BRAB8pSd-2BoykiJD4ftNgwReCmSBDHZUsIOaydl7n91VpHFpH-2B-2B6udD22Zx0rJjM18W-2BwzJlbPPHAhfNuJskDA1GbbK5bVcFums-2B-2FM-2F0YW6XnLxiKz5gFyKgOgNGYfroq20XOP9rDSr4aT-2Fr9-2BqXnGFlm6brcyj727rBsg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, June 06, 2023 12:40:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    6 new defect(s) introduced to Synchronet found with Coverity Scan.
    38 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 6 of 6 defect(s)


    ** CID 462239: (CHECKED_RETURN) /tmp/sbbs-Jun-06-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 428 in dlmmap_locked()
    /tmp/sbbs-Jun-06-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 416 in dlmmap_locked()


    ________________________________________________________________________________________________________
    *** CID 462239: (CHECKED_RETURN) /tmp/sbbs-Jun-06-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 428 in dlmmap_locked()
    422
    423 start = mmap (start, length, prot, flags, execfd, offset);
    424
    425 if (start == MFAIL)
    426 {
    427 munmap (ptr, length);
    CID 462239: (CHECKED_RETURN)
    Calling "ftruncate" without checking return value (as is done elsewhere 45 out of 52 times).
    428 ftruncate (execfd, offset);
    429 return start;
    430 }
    431
    432 mmap_exec_offset ((char *)start, length) = (char*)ptr - (char*)start; 433 /tmp/sbbs-Jun-06-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/closures.c: 416 in dlmmap_locked()
    410 {
    411 if (!offset)
    412 {
    413 close (execfd);
    414 goto retry_open;
    415 }
    CID 462239: (CHECKED_RETURN)
    Calling "ftruncate" without checking return value (as is done elsewhere 45 out of 52 times).
    416 ftruncate (execfd, offset);
    417 return MFAIL;
    418 }
    419 else if (!offset
    420 && open_temp_exec_file_opts[open_temp_exec_file_opts_idx].repeat)
    421 open_temp_exec_file_opts_next ();

    ** CID 462238: (RESOURCE_LEAK)
    /writemsg.cpp: 1731 in sbbs_t::editmsg(smb_t *, smbmsg_t *)()
    /writemsg.cpp: 1717 in sbbs_t::editmsg(smb_t *, smbmsg_t *)()


    ________________________________________________________________________________________________________
    *** CID 462238: (RESOURCE_LEAK)
    /writemsg.cpp: 1731 in sbbs_t::editmsg(smb_t *, smbmsg_t *)()
    1725 if(j>1 && (j!=x || feof(instream)) && buf[j-1]==LF && buf[j-2]==CR)
    1726 buf[j-1]=buf[j-2]=0; /* Convert to NULL */ 1727 if(fwrite(buf,j,1,smb->sdt_fp) != 1) {
    1728 errormsg(WHERE, ERR_WRITE, smb->file, j);
    1729 smb_unlocksmbhdr(smb);
    1730 smb_freemsgdat(smb,offset,length,1);
    CID 462238: (RESOURCE_LEAK)
    Variable "instream" going out of scope leaks the storage it points to. 1731 return false;
    1732 }
    1733 x=SDT_BLOCK_LEN;
    1734 }
    1735 fflush(smb->sdt_fp);
    1736 fclose(instream);
    /writemsg.cpp: 1717 in sbbs_t::editmsg(smb_t *, smbmsg_t *)()
    1711 fseeko(smb->sdt_fp,offset,SEEK_SET);
    1712 xlat=XLAT_NONE;
    1713 if(fwrite(&xlat,2,1,smb->sdt_fp) != 1) {
    1714 errormsg(WHERE, ERR_WRITE, smb->file, 2);
    1715 smb_unlocksmbhdr(smb);
    1716 smb_freemsgdat(smb,offset,length,1);
    CID 462238: (RESOURCE_LEAK)
    Variable "instream" going out of scope leaks the storage it points to. 1717 return false;
    1718 }
    1719 x=SDT_BLOCK_LEN-2; /* Don't read/write more than 255 */
    1720 while(!feof(instream)) {
    1721 memset(buf,0,x);
    1722 j=fread(buf,1,x,instream);

    ** CID 462237: Resource leaks (RESOURCE_LEAK)
    /writemsg.cpp: 244 in sbbs_t::process_edited_file(const char *, const char *, int, unsigned int *, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 462237: Resource leaks (RESOURCE_LEAK)
    /writemsg.cpp: 244 in sbbs_t::process_edited_file(const char *, const char *, int, unsigned int *, unsigned int)()
    238 }
    239
    240 memset(buf,0,len+1);
    241 int rd = fread(buf,len,1,fp);
    242 fclose(fp);
    243 if(rd != 1)
    CID 462237: Resource leaks (RESOURCE_LEAK)
    Variable "buf" going out of scope leaks the storage it points to.
    244 return -4;
    245
    246 if((fp=fopen(dest,"wb"))!=NULL) {
    247 len=process_edited_text(buf, fp, mode, lines, maxlines);
    248 fclose(fp);
    249 }

    ** CID 462236: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-06-2023/src/conio/x_cio.c: 588 in x_initciolib()


    ________________________________________________________________________________________________________
    *** CID 462236: Null pointer dereferences (FORWARD_NULL) /tmp/sbbs-Jun-06-2023/src/conio/x_cio.c: 588 in x_initciolib()
    582 }
    583 #endif
    584 #ifdef WITH_XRANDR
    585 xrandr_found = true;
    586 if ((dl4 = xp_dlopen(libnames4,RTLD_LAZY,2)) == NULL)
    587 xrandr_found = false;
    CID 462236: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "dl4" to "dlsym", which dereferences it.
    588 if (xinerama_found && ((x11.XRRQueryVersion = xp_dlsym(dl4, XRRQueryVersion)) == NULL)) {
    589 xp_dlclose(dl4);
    590 xrandr_found = false;
    591 }
    592 if (xinerama_found && ((x11.XRRGetScreenResources = xp_dlsym(dl4, XRRGetScreenResources)) == NULL)) {
    593 xp_dlclose(dl4);

    ** CID 462235: Resource leaks (RESOURCE_LEAK)
    /fmsgdump.c: 114 in msgdump()


    ________________________________________________________________________________________________________
    *** CID 462235: Resource leaks (RESOURCE_LEAK)
    /fmsgdump.c: 114 in msgdump()
    108 fprintf(stderr, "!MALLOC failure\n");
    109 return __COUNTER__;
    110 }
    111 fseek(fp, sizeof(hdr), SEEK_SET);
    112 if(fread(body, len, 1, fp) != 1) {
    113 perror("reading body text");
    CID 462235: Resource leaks (RESOURCE_LEAK)
    Variable "body" going out of scope leaks the storage it points to.
    114 return __COUNTER__;
    115 }
    116 fprintf(bodyfp, "\n-start of message text-\n");
    117 char* p = body;
    118 while(*p && p < body + len) {
    119 if((p == body || *(p - 1) == '\r') && *p == 1) {

    ** CID 462234: Resource leaks (RESOURCE_LEAK)
    /netmail.cpp: 303 in sbbs_t::netmail(const char *, const char *, int, smb_t *, smbmsg_t *, char **)()


    ________________________________________________________________________________________________________
    *** CID 462234: Resource leaks (RESOURCE_LEAK)
    /netmail.cpp: 303 in sbbs_t::netmail(const char *, const char *, int, smb_t *, smbmsg_t *, char **)()
    297 errormsg(WHERE,ERR_ALLOC,str,length);
    298 return(false);
    299 }
    300 if(read(file,buf,length) != length) {
    301 close(file);
    302 errormsg(WHERE, ERR_READ, str, length);
    CID 462234: Resource leaks (RESOURCE_LEAK)
    Variable "buf" going out of scope leaks the storage it points to.
    303 return false;
    304 }
    305 close(file);
    306
    307 smb_net_type_t nettype = NET_FIDO;
    308 smb_hfield_str(&msg,SENDER, from);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DcBRy_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrB-2FxlaM9N-2BytN4abAlhxBOfL2Gc48Kht9DWsIw0TGq4KCIUCjvrRsYhjbSc3n6GrPlyk6u8jzpB0aqRS4dcNK81E-2FeN0SyAuTTv987PncAi-2FzopZuXT78jKuoT04lLRnCeEbfBKD6ahQnLeiOpkIZgmfmv57IglbC4RNT9dRkvaUQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, June 09, 2023 12:40:16
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    14 new defect(s) introduced to Synchronet found with Coverity Scan.
    28 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 14 of 14 defect(s)


    ** CID 462300: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3525 in do_ansi()


    ________________________________________________________________________________________________________
    *** CID 462300: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3525 in do_ansi()
    3519 case 'e': /* Line Position Forward */
    3520 seq_default(seq, 0, 1);
    3521 if (seq->param_int[0] < 1)
    3522 break; 3523 adjust_currpos(cterm, 0, seq->param_int[0], 0);
    3524 break;
    CID 462300: Control flow issues (MISSING_BREAK)
    The case for value "'a'" is not terminated by a "break" statement.
    3525 case 'a': /* Character Position Forward */
    3526 clear_lcf(cterm);
    3527 case 'C': /* Cursor Right */
    3528 seq_default(seq, 0, 1);
    3529 if (seq->param_int[0] < 1)
    3530 break;

    ** CID 462299: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3533 in do_ansi()


    ________________________________________________________________________________________________________
    *** CID 462299: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3533 in do_ansi()
    3527 case 'C': /* Cursor Right */
    3528 seq_default(seq, 0, 1);
    3529 if (seq->param_int[0] < 1)
    3530 break; 3531 adjust_currpos(cterm, seq->param_int[0], 0, 0);
    3532 break;
    CID 462299: Control flow issues (MISSING_BREAK)
    The case for value "'j'" is not terminated by a "break" statement.
    3533 case 'j': /* Character Position Backward */
    3534 clear_lcf(cterm);
    3535 case 'D': /* Cursor Left */
    3536 seq_default(seq, 0, 1);
    3537 if (seq->param_int[0] < 1)
    3538 break;

    ** CID 462298: (NEGATIVE_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 462298: (NEGATIVE_RETURNS)
    /exec.cpp: 1892 in sbbs_t::exec(csi_t *)()
    1886 }
    1887 else
    1888 csi->logic=LOGIC_FALSE;
    1889 return(0);
    1890
    1891 case CS_SELECT_EDITOR:
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1892 csi->logic=select_editor() ? LOGIC_TRUE:LOGIC_FALSE;
    1893 return(0);
    1894 case CS_SET_EDITOR:
    1895 csi->logic=LOGIC_TRUE;
    1896 for(i=0;i<cfg.total_xedits;i++)
    1897 if(!stricmp(csi->str,cfg.xedit[i]->code)
    /exec.cpp: 1880 in sbbs_t::exec(csi_t *)()
    1874 case CS_SELECT_SHELL:
    1875 csi->logic=select_shell() ? LOGIC_TRUE:LOGIC_FALSE;
    1876 return(0);
    1877 case CS_SET_SHELL:
    1878 csi->logic=LOGIC_TRUE;
    1879 for(i=0;i<cfg.total_shells;i++)
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1880 if(!stricmp(csi->str,cfg.shell[i]->code)
    1881 && chk_ar(cfg.shell[i]->ar,&useron,&client))
    1882 break;
    1883 if(i<cfg.total_shells) {
    1884 useron.shell=i;
    1885 putuserstr(useron.number, USER_SHELL, cfg.shell[i]->code);
    /exec.cpp: 1181 in sbbs_t::exec(csi_t *)()
    1175 now=time(NULL);
    1176
    1177 if(csi->ip>=csi->cs+csi->length)
    1178 return(1);
    1179
    1180 if(*csi->ip>=CS_FUNCTIONS)
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1181 return(exec_function(csi));
    1182
    1183 /**********************************************/
    1184 /* Miscellaneous variable length instructions */
    1185 /**********************************************/
    1186
    /exec.cpp: 1499 in sbbs_t::exec(csi_t *)()
    1493
    1494 if(*csi->ip>=CS_TWO_BYTE) {
    1495 switch(*(csi->ip++)) {
    1496 case CS_TWO_MORE_BYTES:
    1497 switch(*(csi->ip++)) {
    1498 case CS_USER_EVENT:
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1499 user_event((user_event_t)*(csi->ip++));
    1500 return(0);
    1501 }
    1502 errormsg(WHERE,ERR_CHK,"shell instruction",*(csi->ip-1));
    1503 return(0);
    1504 case CS_SETLOGIC:
    /exec.cpp: 1181 in sbbs_t::exec(csi_t *)()
    1175 now=time(NULL);
    1176
    1177 if(csi->ip>=csi->cs+csi->length)
    1178 return(1);
    1179
    1180 if(*csi->ip>=CS_FUNCTIONS)
    CID 462298: (NEGATIVE_RETURNS)
    "this->cursubnum" is passed to a parameter that cannot be negative. 1181 return(exec_function(csi));
    1182
    1183 /**********************************************/
    1184 /* Miscellaneous variable length instructions */
    1185 /**********************************************/
    1186
    /exec.cpp: 1761 in sbbs_t::exec(csi_t *)()
    1755 if(logon())
    1756 csi->logic=LOGIC_TRUE; 1757 else
    1758 csi->logic=LOGIC_FALSE; 1759 return(0);
    1760 case CS_LOGOUT:
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1761 logout();
    1762 return(0);
    1763 case CS_EXIT:
    1764 return(1);
    1765 case CS_LOOP_BEGIN:
    1766 if(csi->loops<MAX_LOOPDEPTH) /exec.cpp: 1538 in sbbs_t::exec(csi_t *)()
    1532 thisnode.status=*csi->ip++; 1533 putnodedat(cfg.node_num,&thisnode);
    1534 } else
    1535 csi->ip++;
    1536 return(0);
    1537 case CS_MULTINODE_CHAT:
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1538 multinodechat(*csi->ip++);
    1539 return(0);
    1540 case CS_GETSTR:
    1541 csi->logic=LOGIC_TRUE;
    1542 getstr(csi->str,*csi->ip++,0);
    1543 if(sys_status&SS_ABORT) {
    /exec.cpp: 1875 in sbbs_t::exec(csi_t *)()
    1869 saveline();
    1870 return(0);
    1871 case CS_RESTORELINE:
    1872 restoreline();
    1873 return(0);
    1874 case CS_SELECT_SHELL:
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1875 csi->logic=select_shell() ? LOGIC_TRUE:LOGIC_FALSE;
    1876 return(0);
    1877 case CS_SET_SHELL:
    1878 csi->logic=LOGIC_TRUE;
    1879 for(i=0;i<cfg.total_shells;i++)
    1880 if(!stricmp(csi->str,cfg.shell[i]->code)
    /exec.cpp: 1897 in sbbs_t::exec(csi_t *)()
    1891 case CS_SELECT_EDITOR:
    1892 csi->logic=select_editor() ? LOGIC_TRUE:LOGIC_FALSE;
    1893 return(0);
    1894 case CS_SET_EDITOR:
    1895 csi->logic=LOGIC_TRUE;
    1896 for(i=0;i<cfg.total_xedits;i++)
    CID 462298: (NEGATIVE_RETURNS)
    "this->curdirnum" is passed to a parameter that cannot be negative. 1897 if(!stricmp(csi->str,cfg.xedit[i]->code)
    1898 && chk_ar(cfg.xedit[i]->ar,&useron,&client))
    1899 break;
    1900 if(i<cfg.total_xedits) {
    1901 useron.xedit=i+1;
    1902 putuserstr(useron.number, USER_XEDIT, cfg.xedit[i]->code);

    ** CID 462297: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 462297: Uninitialized variables (UNINIT)
    /readmsgs.cpp: 218 in sbbs_t::loadposts(unsigned int *, int, unsigned int, int, unsigned int *, unsigned int *)()
    212 if(idx.to!=namecrc && idx.from!=namecrc
    213 && idx.to!=aliascrc && idx.from!=aliascrc
    214 && (useron.number!=1 || idx.to!=sysop)) 215 continue;
    216 msg.idx=idx;
    217 if(!smb_lockmsghdr(&smb,&msg)) {
    CID 462297: Uninitialized variables (UNINIT)
    Using uninitialized value "msg.idx_offset" when calling "smb_getmsghdr".
    218 if(!smb_getmsghdr(&smb,&msg)) {
    219 if(stricmp(msg.to,useron.alias) 220 && stricmp(msg.from,useron.alias)
    221 && stricmp(msg.to,useron.name)
    222 && stricmp(msg.from,useron.name)
    223 && (useron.number!=1 || stricmp(msg.to,"sysop")

    ** CID 462296: Integer handling issues (SIGN_EXTENSION)
    /writemsg.cpp: 296 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 462296: Integer handling issues (SIGN_EXTENSION)
    /writemsg.cpp: 296 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    290
    291 useron_level=useron.level;
    292
    293 if(editor!=NULL)
    294 *editor=NULL;
    295
    CID 462296: Integer handling issues (SIGN_EXTENSION)
    Suspicious implicit sign extension: "this->cfg.level_linespermsg[useron_level]" with type "uint16_t" (16 bits, unsigned) is promoted in "this->cfg.level_linespermsg[useron_level] * (this->cols - 1 + 2) + 1" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "this->cfg.level_linespermsg[useron_level] * (this->cols - 1 + 2) + 1" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
    296 if((buf=(char*)malloc((cfg.level_linespermsg[useron_level]*MAX_LINE_LEN) + 1))
    297 ==NULL) {
    298 errormsg(WHERE,ERR_ALLOC,fname
    299 ,(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN) +1);
    300 return(false);
    301 }

    ** CID 462295: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3509 in do_ansi()


    ________________________________________________________________________________________________________
    *** CID 462295: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3509 in do_ansi()
    3503 seq->param_int[0] = cterm->width - j;
    3504 MOVETEXT(col, row, max_col - seq->param_int[0], row, col + seq->param_int[0], row);
    3505 for(l=0; l < seq->param_int[0]; l++)
    3506 PUTCH(' ');
    3507 cterm_gotoxy(cterm, i, j);
    3508 break;
    CID 462295: Control flow issues (MISSING_BREAK)
    The case for value "'A'" is not terminated by a "break" statement.
    3509 case 'A': /* Cursor Up */
    3510 clear_lcf(cterm);
    3511 case 'k': /* Line Position Backward */
    3512 seq_default(seq, 0, 1);
    3513 if (seq->param_int[0] < 1)
    3514 break;

    ** CID 462294: Integer handling issues (NEGATIVE_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 462294: Integer handling issues (NEGATIVE_RETURNS)
    /netmail.cpp: 1038 in sbbs_t::inetmail(const char *, const char *, int, smb_t *, smbmsg_t *, char **)()
    1032 if(remsg != NULL && resmb != NULL && !(mode&WM_QUOTE)) {
    1033 if(quotemsg(resmb, remsg, /* include tails: */true)) 1034 mode |= WM_QUOTE;
    1035 }
    1036
    1037 SAFEPRINTF(msgpath,"%snetmail.msg",cfg.node_dir);
    CID 462294: Integer handling issues (NEGATIVE_RETURNS)
    A negative constant "-1" is passed as an argument to a parameter that cannot be negative.
    1038 if(!writemsg(msgpath,nulstr,title,WM_NETMAIL|mode,INVALID_SUB, to_list, /* from: */your_addr, &editor, &charset)) {
    1039 strListFree(&rcpt_list);
    1040 bputs(text[Aborted]);
    1041 return(false);
    1042 }
    1043

    ** CID 462293: Integer handling issues (NEGATIVE_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 462293: Integer handling issues (NEGATIVE_RETURNS)
    /netmail.cpp: 200 in sbbs_t::netmail(const char *, const char *, int, smb_t *, smbmsg_t *, char **)()
    194 if(remsg != NULL && resmb != NULL && !(mode&WM_QUOTE)) {
    195 if(quotemsg(resmb, remsg, /* include tails: */true)) 196 mode |= WM_QUOTE;
    197 }
    198
    199 msg_tmp_fname(useron.xedit, msgpath, sizeof(msgpath));
    CID 462293: Integer handling issues (NEGATIVE_RETURNS)
    A negative constant "-1" is passed as an argument to a parameter that cannot be negative.
    200 if(!writemsg(msgpath,nulstr,subj,WM_NETMAIL|mode,INVALID_SUB, to, from, &editor, &charset)) {
    201 bputs(text[Aborted]);
    202 return(false);
    203 }
    204
    205 if(mode&WM_FILE) {

    ** CID 462292: (NULL_RETURNS)
    /execmisc.cpp: 526 in sbbs_t::exec_misc(csi_t *, const char *)()
    /execmisc.cpp: 526 in sbbs_t::exec_misc(csi_t *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 462292: (NULL_RETURNS)
    /execmisc.cpp: 526 in sbbs_t::exec_misc(csi_t *, const char *)()
    520 if(*pp1!=csi->str && (!*pp1 || i==MAX_SYSVARS)) {
    521 if(*pp1)
    522 *pp1=(char *)realloc(*pp1,strlen(*pp1)+strlen(*pp2)+1);
    523 else
    524 *pp1=(char *)realloc(*pp1,strlen(*pp2)+1);
    525 }
    CID 462292: (NULL_RETURNS)
    Dereferencing a pointer that might be "nullptr" "*pp1" when calling "strcat". [Note: The source code implementation of the function has been overridden by a builtin model.]
    526 strcat(*pp1,*pp2);
    527 return(0);
    528 case FORMAT_STR_VAR:
    529 pp=getstrvar(csi,*(int32_t *)csi->ip);
    530 csi->ip+=4; /* Skip variable name */
    531 p=format_string(this, csi); /execmisc.cpp: 526 in sbbs_t::exec_misc(csi_t *, const char *)()
    520 if(*pp1!=csi->str && (!*pp1 || i==MAX_SYSVARS)) {
    521 if(*pp1)
    522 *pp1=(char *)realloc(*pp1,strlen(*pp1)+strlen(*pp2)+1);
    523 else
    524 *pp1=(char *)realloc(*pp1,strlen(*pp2)+1);
    525 }
    CID 462292: (NULL_RETURNS)
    Dereferencing a pointer that might be "nullptr" "*pp1" when calling "strcat". [Note: The source code implementation of the function has been overridden by a builtin model.]
    526 strcat(*pp1,*pp2);
    527 return(0);
    528 case FORMAT_STR_VAR:
    529 pp=getstrvar(csi,*(int32_t *)csi->ip);
    530 csi->ip+=4; /* Skip variable name */
    531 p=format_string(this, csi);

    ** CID 462291: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3517 in do_ansi()


    ________________________________________________________________________________________________________
    *** CID 462291: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jun-09-2023/src/conio/cterm.c: 3517 in do_ansi()
    3511 case 'k': /* Line Position Backward */
    3512 seq_default(seq, 0, 1);
    3513 if (seq->param_int[0] < 1)
    3514 break; 3515 adjust_currpos(cterm, 0, 0 - seq->param_int[0], 0);
    3516 break;
    CID 462291: Control flow issues (MISSING_BREAK)
    The case for value "'B'" is not terminated by a "break" statement.
    3517 case 'B': /* Cursor Down */
    3518 clear_lcf(cterm);
    3519 case 'e': /* Line Position Forward */
    3520 seq_default(seq, 0, 1);
    3521 if (seq->param_int[0] < 1)
    3522 break;

    ** CID 462290: Integer handling issues (NEGATIVE_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 462290: Integer handling issues (NEGATIVE_RETURNS)
    /netmail.cpp: 1316 in sbbs_t::qnetmail(const char *, const char *, int, smb_t *, smbmsg_t *)()
    1310 if(remsg != NULL && resmb != NULL && !(mode&WM_QUOTE)) {
    1311 if(quotemsg(resmb, remsg, /* include tails: */true)) 1312 mode |= WM_QUOTE;
    1313 }
    1314
    1315 SAFEPRINTF(msgpath,"%snetmail.msg",cfg.node_dir);
    CID 462290: Integer handling issues (NEGATIVE_RETURNS)
    A negative constant "-1" is passed as an argument to a parameter that cannot be negative.
    1316 if(!writemsg(msgpath,nulstr,title, (mode|WM_QWKNET|WM_NETMAIL) ,INVALID_SUB,to,/* from: */useron.alias, &editor, &charset)) {
    1317 bputs(text[Aborted]);
    1318 return(false);
    1319 }
    1320
    1321 if((i=smb_stack(&smb,SMB_STACK_PUSH))!=SMB_SUCCESS) {

    ** CID 462289: Integer handling issues (NEGATIVE_RETURNS)


    ________________________________________________________________________________________________________
    *** CID 462289: Integer handling issues (NEGATIVE_RETURNS)
    /bulkmail.cpp: 53 in sbbs_t::bulkmail(unsigned char *)()
    47 && !noyes(text[AnonymousQ])) {
    48 msg.hdr.attr|=MSG_ANONYMOUS;
    49 wm_mode|=WM_ANON;
    50 }
    51
    52 msg_tmp_fname(useron.xedit, msgpath, sizeof(msgpath));
    CID 462289: Integer handling issues (NEGATIVE_RETURNS)
    A negative constant "-1" is passed as an argument to a parameter that cannot be negative.
    53 if(!writemsg(msgpath,nulstr,title,wm_mode,INVALID_SUB,"Bulk Mailing"
    54 ,/* From: */useron.alias
    55 ,&editor
    56 ,&charset)) {
    57 bputs(text[Aborted]);
    58 return(false);

    ** CID 462288: High impact quality (Y2K38_SAFETY)
    /upload.cpp: 351 in sbbs_t::upload(int)()


    ________________________________________________________________________________________________________
    *** CID 462288: High impact quality (Y2K38_SAFETY)
    /upload.cpp: 351 in sbbs_t::upload(int)()
    345 SAFEPRINTF(descbeg,text[Rated],toupper(ch));
    346 }
    347 if(cfg.dir[dirnum]->misc&DIR_ULDATE) {
    348 now=time(NULL);
    349 if(descbeg[0])
    350 strcat(descbeg," ");
    CID 462288: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->now" is cast to "time32_t".
    351 SAFEPRINTF(str,"%s ",unixtodstr(&cfg,(time32_t)now,tmp));
    352 strcat(descbeg,str);
    353 }
    354 if(cfg.dir[dirnum]->misc&DIR_MULT) {
    355 sync();
    356 if(!noyes(text[MultipleDiskQ])) {

    ** CID 462287: Insecure data handling (TAINTED_SCALAR)


    ________________________________________________________________________________________________________
    *** CID 462287: Insecure data handling (TAINTED_SCALAR)
    /writemsg.cpp: 762 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    756 while(!feof(tag)) {
    757 if(!fgets(str,sizeof(str),tag)) 758 break;
    759 truncsp(str);
    760 if(utf8) {
    761 char buf[sizeof(str)*4];
    CID 462287: Insecure data handling (TAINTED_SCALAR)
    Passing tainted expression "str" to "cp437_to_utf8_str", which uses it as an offset.
    762 cp437_to_utf8_str(str, buf, sizeof(buf) - 1, /* minval: */'\x02');
    763 l+=fprintf(stream,"%s\r\n", buf);
    764 } else
    765 l+=fprintf(stream,"%s\r\n",str);
    766 lines++; /* line counter */
    767 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DtLKg_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAqovISQpoxJCpfGf5WxBSwicKqoI1-2FF-2FaRmTPl-2BdVuGdSUZJZL-2FtmrL2VG6EaSuRynvnKTam4RxYwMKuXCyGzW07U-2FihjT83mqDNq6SOIYF1Sr-2FPyTE6vlrslg0L6d5zkvnLZ7buAIgjMdQW0NPYYLOxV54tcIwBqmxUNrcgSYSA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, July 21, 2023 12:39:32
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 462777: Error handling issues (CHECKED_RETURN)
    /sbbsecho.c: 1796 in alter_areas()


    ________________________________________________________________________________________________________
    *** CID 462777: Error handling issues (CHECKED_RETURN)
    /sbbsecho.c: 1796 in alter_areas()
    1790 chmod(outpath, st.st_mode);
    1791 if(cfg.areafile_backups == 0 || !backup(cfg.areafile, cfg.areafile_backups, /* ren: */TRUE))
    1792 delfile(cfg.areafile, __LINE__); /* Delete AREAS.BBS */
    1793 if(rename(outpath,cfg.areafile)) /* Rename new AREAS.BBS file */
    1794 lprintf(LOG_ERR,"ERROR line %d renaming %s to %s",__LINE__,outpath,cfg.areafile);
    1795 }
    CID 462777: Error handling issues (CHECKED_RETURN)
    Calling "remove(outpath)" without checking return value. This library function may fail and return an error code.
    1796 remove(outpath); // expected to fail (file does not exist) much of the time
    1797 }
    1798
    1799 bool add_sub_to_arealist(sub_t* sub, fidoaddr_t uplink)
    1800 {
    1801 FILE* fp = NULL;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D9Jsa_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBb4277PBgEvmZlC-2F75f6Wn0OW7OlFk2c1B-2BHtshOYvFkBSQP9EqEdk2ezaBaEw-2BucLGwfFouHIfPe-2Fyudqe7-2BvtImpG7nG3GNHNovDhmEdP7PSdTfD3wACCQeKNpizxWyAzNP4xAGsoa5IGtqS3OShzACd7MFIxkk2Y7iSTOvrLw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, September 06, 2023 12:42:06
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 465170: Resource leaks (RESOURCE_LEAK)
    /scfg/scfg.c: 2447 in new_item()


    ________________________________________________________________________________________________________
    *** CID 465170: Resource leaks (RESOURCE_LEAK)
    /scfg/scfg.c: 2447 in new_item()
    2441 void** p;
    2442 void* item;
    2443
    2444 if((item = calloc(size, 1)) == NULL)
    2445 return NULL;
    2446 if((p = realloc(list, size * ((*total) + 1))) == NULL)
    CID 465170: Resource leaks (RESOURCE_LEAK)
    Variable "item" going out of scope leaks the storage it points to.
    2447 return NULL;
    2448 list = p;
    2449 for(int i = *total; i > index; --i)
    2450 list[i] = list[i - 1];
    2451 list[index] = item;
    2452 ++(*total);

    ** CID 465169: (SIZEOF_MISMATCH)
    /scfg/scfgxfr1.c: 544 in xfer_opts()
    /scfg/scfgxfr1.c: 698 in xfer_opts()
    /scfg/scfgxfr1.c: 1124 in xfer_opts()
    /scfg/scfgxfr1.c: 844 in xfer_opts()
    /scfg/scfgxfr1.c: 412 in xfer_opts()
    /scfg/scfgxfr1.c: 982 in xfer_opts()


    ________________________________________________________________________________________________________
    *** CID 465169: (SIZEOF_MISMATCH)
    /scfg/scfgxfr1.c: 544 in xfer_opts()
    538 }
    539 if(msk == MSK_COPY) {
    540 savftest=*cfg.ftest[i]; 541 continue;
    542 }
    543 if(msk == MSK_PASTE) {
    CID 465169: (SIZEOF_MISMATCH)
    Passing argument "240UL /* sizeof (ftest_t) */" to function "new_item" and then casting the return value to "ftest_t **" is suspicious.
    544 if((cfg.ftest = (ftest_t**)new_item(cfg.ftest, sizeof(ftest_t), i, &cfg.total_ftests)) == NULL) {
    545 errormsg(WHERE, ERR_ALLOC, "ftests", sizeof(ftest_t) * (cfg.total_ftests + 1));
    546 cfg.total_ftests = 0;
    547 bail(1);
    548 }
    549 *cfg.ftest[i]=savftest; /scfg/scfgxfr1.c: 698 in xfer_opts()
    692 }
    693 if(msk == MSK_COPY) {
    694 savdlevent=*cfg.dlevent[i];
    695 continue;
    696 }
    697 if(msk == MSK_PASTE) {
    CID 465169: (SIZEOF_MISMATCH)
    Passing argument "240UL /* sizeof (dlevent_t) */" to function "new_item" and then casting the return value to "dlevent_t **" is suspicious.
    698 if((cfg.dlevent = (dlevent_t**)new_item(cfg.dlevent, sizeof(dlevent_t), i, &cfg.total_dlevents)) == NULL) {
    699 errormsg(WHERE, ERR_ALLOC, "dlevents", sizeof(dlevent_t) * (cfg.total_dlevents + 1));
    700 cfg.total_dlevents = 0;
    701 bail(1);
    702 }
    703 *cfg.dlevent[i]=savdlevent;
    /scfg/scfgxfr1.c: 1124 in xfer_opts()
    1118 }
    1119 if(msk == MSK_COPY) {
    1120 savprot=*cfg.prot[i]; 1121 continue;
    1122 }
    1123 if(msk == MSK_PASTE) {
    CID 465169: (SIZEOF_MISMATCH)
    Passing argument "720UL /* sizeof (prot_t) */" to function "new_item" and then casting the return value to "prot_t **" is suspicious.
    1124 if((cfg.prot = (prot_t**)new_item(cfg.prot, sizeof(prot_t), i, &cfg.total_prots)) == NULL) {
    1125 errormsg(WHERE, ERR_ALLOC, "prots", sizeof(prot_t) * (cfg.total_prots + 1));
    1126 cfg.total_prots=0;
    1127 bail(1);
    1128 }
    1129 *cfg.prot[i]=savprot; /scfg/scfgxfr1.c: 844 in xfer_opts()
    838 }
    839 if(msk == MSK_COPY) {
    840 savfextr=*cfg.fextr[i]; 841 continue;
    842 }
    843 if(msk == MSK_PASTE) {
    CID 465169: (SIZEOF_MISMATCH)
    Passing argument "199UL /* sizeof (fextr_t) */" to function "new_item" and then casting the return value to "fextr_t **" is suspicious.
    844 if((cfg.fextr = (fextr_t**)new_item(cfg.fextr, sizeof(fextr_t), i, &cfg.total_fextrs)) == NULL) {
    845 errormsg(WHERE, ERR_ALLOC, "fextrs", sizeof(fextr_t) * (cfg.total_fextrs + 1));
    846 cfg.total_fextrs = 0;
    847 bail(1);
    848 }
    849 *cfg.fextr[i]=savfextr; /scfg/scfgxfr1.c: 412 in xfer_opts()
    406 }
    407 if(msk == MSK_COPY) {
    408 savfview=*cfg.fview[i]; 409 continue;
    410 }
    411 if(msk == MSK_PASTE) {
    CID 465169: (SIZEOF_MISMATCH)
    Passing argument "199UL /* sizeof (fview_t) */" to function "new_item" and then casting the return value to "fview_t **" is suspicious.
    412 if((cfg.fview = (fview_t**)new_item(cfg.fview, sizeof(fview_t), i, &cfg.total_fviews)) == NULL) {
    413 errormsg(WHERE, ERR_ALLOC, "fviews", sizeof(fview_t) * (cfg.total_fviews + 1));
    414 cfg.total_fviews = 0;
    415 bail(1);
    416 }
    417 *cfg.fview[i]=savfview; /scfg/scfgxfr1.c: 982 in xfer_opts()
    976 }
    977 if(msk == MSK_COPY) {
    978 savfcomp=*cfg.fcomp[i]; 979 continue;
    980 }
    981 if(msk == MSK_PASTE) {
    CID 465169: (SIZEOF_MISMATCH)
    Passing argument "199UL /* sizeof (fcomp_t) */" to function "new_item" and then casting the return value to "fcomp_t **" is suspicious.
    982 if((cfg.fcomp = (fcomp_t**)new_item(cfg.fcomp, sizeof(fcomp_t), i, &cfg.total_fcomps)) == NULL) {
    983 errormsg(WHERE, ERR_ALLOC, "fcomps", sizeof(fcomp_t) * (cfg.total_fcomps + 1));
    984 cfg.total_fcomps = 0;
    985 bail(1);
    986 }
    987 *cfg.fcomp[i]=savfcomp;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D5wZ8_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCnsQIL3fFmuqL7faauDZIkRsjaF7SdWuX9-2F6F0cLhQPK2eigoJW5CI-2BTBbzcwuB-2Fnb9gU96N518jXtyrLldNWW25I5ASjWizI9KxhCsvWXL8lcGsg-2BB04X9jrEFEkrP4hbjq1CPbLr3dEPsMh2-2BJD6OG7PFXOCZ8vIf02fm0mzeA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, September 26, 2023 12:41:14
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 465835: High impact quality (Y2K38_SAFETY)
    /atcodes.cpp: 1344 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, JSObject *)()


    ________________________________________________________________________________________________________
    *** CID 465835: High impact quality (Y2K38_SAFETY)
    /atcodes.cpp: 1344 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, JSObject *)()
    1338 f = (float)useron.dls / useron.uls;
    1339 safe_snprintf(str, maxlen, "%u", f ? (uint)(100 / f) : 0);
    1340 return str;
    1341 }
    1342
    1343 if(!strcmp(sp,"LASTNEW"))
    CID 465835: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->ns_time" is cast to "time32_t".
    1344 return(unixtodstr(&cfg,(time32_t)ns_time,str));
    1345
    1346 if(strncmp(sp, "LASTNEW:", 8) == 0) {
    1347 SAFECOPY(tmp, sp + 8);
    1348 c_unescape_str(tmp);
    1349 memset(&tm, 0, sizeof(tm));


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DUPeu_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrC3rkJOOdMBm7nMBMgGcmpBP39czlPogoepUuUAf0jPqohwQMNy1ulVEkqUkOGShQTw40WBv406LhOm367tfkxK7FUNIoQlZBuwZ1omfunbNxXxVCmVw8GO3npVkZ3YxshRBZDZsP1O5VMLZ6DNCGvJ679Mp4a2XGGuVrVV7McBrQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, December 14, 2023 13:44:11
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    5 new defect(s) introduced to Synchronet found with Coverity Scan.
    6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 5 of 5 defect(s)


    ** CID 470557: Resource leaks (RESOURCE_LEAK)
    /mailsrvr.c: 3122 in smtp_client_thread()


    ________________________________________________________________________________________________________
    *** CID 470557: Resource leaks (RESOURCE_LEAK)
    /mailsrvr.c: 3122 in smtp_client_thread()
    3116 }
    3117
    3118 BOOL* mailproc_to_match = calloc(sizeof(*mailproc_to_match), mailproc_count);
    3119 if(mailproc_to_match == NULL) {
    3120 lprintf(LOG_CRIT,"%04d %s !ERROR allocating memory for mailproc_to_match", socket, client.protocol);
    3121 sockprintf(socket,client.protocol,session,smtp_error, "malloc failure");
    CID 470557: Resource leaks (RESOURCE_LEAK)
    Variable "spy" going out of scope leaks the storage it points to.
    3122 return false;
    3123 }
    3124
    3125 /* SMTP session active: */
    3126
    3127 sockprintf(socket,client.protocol,session,"220 %s Synchronet %s Server %s%c-%s Ready"

    ** CID 470556: (DC.WEAK_CRYPTO)
    /mailsrvr.c: 1157 in pop3_client_thread()
    /mailsrvr.c: 1159 in pop3_client_thread()


    ________________________________________________________________________________________________________
    *** CID 470556: (DC.WEAK_CRYPTO)
    /mailsrvr.c: 1157 in pop3_client_thread()
    1151 memset(&smb,0,sizeof(smb));
    1152 memset(&msg,0,sizeof(msg));
    1153 memset(&user,0,sizeof(user));
    1154 password[0]=0;
    1155
    1156 srand((unsigned int)(time(NULL) ^ (time_t)GetCurrentThreadId())); /* seed random number generator */
    CID 470556: (DC.WEAK_CRYPTO)
    "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
    1157 rand(); /* throw-away first result */
    1158 safe_snprintf(challenge,sizeof(challenge),"<%x%x%lx%lx@%.128s>"
    1159 ,rand(),socket,(ulong)time(NULL),(ulong)clock(), server_host_name());
    1160
    1161 sockprintf(socket,client.protocol,session,"+OK Synchronet %s Server %s%c-%s Ready %s"
    1162 ,client.protocol, VERSION, REVISION, PLATFORM_DESC, challenge);
    /mailsrvr.c: 1159 in pop3_client_thread()
    1153 memset(&user,0,sizeof(user));
    1154 password[0]=0;
    1155
    1156 srand((unsigned int)(time(NULL) ^ (time_t)GetCurrentThreadId())); /* seed random number generator */
    1157 rand(); /* throw-away first result */
    1158 safe_snprintf(challenge,sizeof(challenge),"<%x%x%lx%lx@%.128s>"
    CID 470556: (DC.WEAK_CRYPTO)
    "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
    1159 ,rand(),socket,(ulong)time(NULL),(ulong)clock(), server_host_name());
    1160
    1161 sockprintf(socket,client.protocol,session,"+OK Synchronet %s Server %s%c-%s Ready %s"
    1162 ,client.protocol, VERSION, REVISION, PLATFORM_DESC, challenge);
    1163
    1164 /* Requires USER or APOP command first */

    ** CID 470555: Error handling issues (CHECKED_RETURN)
    /mailsrvr.c: 1089 in pop3_client_thread()


    ________________________________________________________________________________________________________
    *** CID 470555: Error handling issues (CHECKED_RETURN)
    /mailsrvr.c: 1089 in pop3_client_thread()
    1083 if ((stat=cryptSetAttribute(session, CRYPT_SESSINFO_PRIVATEKEY, scfg.tls_certificate)) != CRYPT_OK) {
    1084 unlock_ssl_cert();
    1085 GCESH(stat, client.protocol, socket, host_ip, session, "setting private key");
    1086 return false;
    1087 }
    1088 nodelay = TRUE;
    CID 470555: Error handling issues (CHECKED_RETURN)
    Calling "setsockopt(socket, IPPROTO_TCP, 1, (char *)&nodelay, 4U)" without checking return value. This library function may fail and return an error code.
    1089 setsockopt(socket,IPPROTO_TCP,TCP_NODELAY,(char*)&nodelay,sizeof(nodelay));
    1090 nb=0;
    1091 ioctlsocket(socket,FIONBIO,&nb);
    1092 if ((stat = cryptSetAttribute(session, CRYPT_SESSINFO_NETWORKSOCKET, socket)) != CRYPT_OK) {
    1093 unlock_ssl_cert();
    1094 GCESH(stat, client.protocol, socket, host_ip, session, "setting session socket");

    ** CID 470554: Resource leaks (RESOURCE_LEAK)
    /mailsrvr.c: 3122 in smtp_client_thread()


    ________________________________________________________________________________________________________
    *** CID 470554: Resource leaks (RESOURCE_LEAK)
    /mailsrvr.c: 3122 in smtp_client_thread()
    3116 }
    3117
    3118 BOOL* mailproc_to_match = calloc(sizeof(*mailproc_to_match), mailproc_count);
    3119 if(mailproc_to_match == NULL) {
    3120 lprintf(LOG_CRIT,"%04d %s !ERROR allocating memory for mailproc_to_match", socket, client.protocol);
    3121 sockprintf(socket,client.protocol,session,smtp_error, "malloc failure");
    CID 470554: Resource leaks (RESOURCE_LEAK)
    Variable "rcptlst" going out of scope leaks the storage it points to. 3122 return false;
    3123 }
    3124
    3125 /* SMTP session active: */
    3126
    3127 sockprintf(socket,client.protocol,session,"220 %s Synchronet %s Server %s%c-%s Ready"

    ** CID 470553: (DC.WEAK_CRYPTO)
    /mailsrvr.c: 4204 in smtp_client_thread()
    /mailsrvr.c: 3078 in smtp_client_thread()
    /mailsrvr.c: 3079 in smtp_client_thread()


    ________________________________________________________________________________________________________
    *** CID 470553: (DC.WEAK_CRYPTO)
    /mailsrvr.c: 4204 in smtp_client_thread()
    4198 }
    4199 if(!stricmp(buf,"AUTH CRAM-MD5")) {
    4200 ZERO_VAR(relay_user);
    4201 listRemoveTaggedNode(&current_logins, socket, /* free_data */TRUE);
    4202
    4203 safe_snprintf(challenge,sizeof(challenge),"<%x%x%lx%lx@%s>"
    CID 470553: (DC.WEAK_CRYPTO)
    "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
    4204 ,rand(),socket,(ulong)time(NULL),(ulong)clock(),server_host_name());
    4205 #if 0
    4206 lprintf(LOG_DEBUG,"%04d SMTP CRAM-MD5 challenge: %s"
    4207 ,socket,challenge);
    4208 #endif
    4209 b64_encode(str,sizeof(str),challenge,strlen(challenge));
    /mailsrvr.c: 3078 in smtp_client_thread()
    3072 }
    3073 SAFEPRINTF(spam.file,"%sspam",scfg.data_dir);
    3074 spam.retry_time=scfg.smb_retry_time;
    3075 spam.subnum=INVALID_SUB;
    3076
    3077 srand((unsigned int)(time(NULL) ^ (time_t)GetCurrentThreadId())); /* seed random number generator */
    CID 470553: (DC.WEAK_CRYPTO)
    "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
    3078 rand(); /* throw-away first result */
    3079 SAFEPRINTF4(session_id,"%x%x%x%lx",getpid(),socket,rand(),(long)clock());
    3080 lprintf(LOG_DEBUG,"%04d %s [%s] Session ID=%s", socket, client.protocol, host_ip, session_id);
    3081 SAFEPRINTF3(msgtxt_fname,"%sSBBS_%s.%s.msg", scfg.temp_dir, client.protocol, session_id);
    3082 SAFEPRINTF3(newtxt_fname,"%sSBBS_%s.%s.new", scfg.temp_dir, client.protocol, session_id);
    3083 SAFEPRINTF3(logtxt_fname,"%sSBBS_%s.%s.log", scfg.temp_dir, client.protocol, session_id);
    /mailsrvr.c: 3079 in smtp_client_thread()
    3073 SAFEPRINTF(spam.file,"%sspam",scfg.data_dir);
    3074 spam.retry_time=scfg.smb_retry_time;
    3075 spam.subnum=INVALID_SUB;
    3076
    3077 srand((unsigned int)(time(NULL) ^ (time_t)GetCurrentThreadId())); /* seed random number generator */
    3078 rand(); /* throw-away first result */
    CID 470553: (DC.WEAK_CRYPTO)
    "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
    3079 SAFEPRINTF4(session_id,"%x%x%x%lx",getpid(),socket,rand(),(long)clock());
    3080 lprintf(LOG_DEBUG,"%04d %s [%s] Session ID=%s", socket, client.protocol, host_ip, session_id);
    3081 SAFEPRINTF3(msgtxt_fname,"%sSBBS_%s.%s.msg", scfg.temp_dir, client.protocol, session_id);
    3082 SAFEPRINTF3(newtxt_fname,"%sSBBS_%s.%s.new", scfg.temp_dir, client.protocol, session_id);
    3083 SAFEPRINTF3(logtxt_fname,"%sSBBS_%s.%s.log", scfg.temp_dir, client.protocol, session_id);
    3084 SAFEPRINTF3(rcptlst_fname,"%sSBBS_%s.%s.lst", scfg.temp_dir, client.protocol, session_id);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DMQd3_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCHTmGHVnVaZLqSbII6djd5LCfNN4WsVVM-2FraC40TFEmwnFiU15BSJwMmbqsO51yAB8H1Xj6zJDPHok6MSfH6DLipAvEvqiECGEj92Ja08CPuUfomEyNGrm6oICWjy04z9LEXD-2FV3t10gYjDHAgXUzBxC2US2YfoE3y-2FXo4-2F5AMeg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, December 18, 2023 13:39:50
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 470929: Error handling issues (CHECKED_RETURN)
    /js_system.c: 1474 in js_filter_ip()


    ________________________________________________________________________________________________________
    *** CID 470929: Error handling issues (CHECKED_RETURN)
    /js_system.c: 1474 in js_filter_ip()
    1468 js_system_private_t* sys;
    1469 if((sys = (js_system_private_t*)js_GetClassPrivate(cx,obj,&js_system_class))==NULL)
    1470 return JS_FALSE;
    1471
    1472 for(i=0; i<argc && fname == NULL; i++) {
    1473 if(JSVAL_IS_NUMBER(argv[i])) {
    CID 470929: Error handling issues (CHECKED_RETURN)
    Calling "JS_ValueToInt32" without checking return value (as is done elsewhere 261 out of 293 times).
    1474 JS_ValueToInt32(cx, argv[i], &duration);
    1475 continue;
    1476 }
    1477 if(!JSVAL_IS_STRING(argv[i]))
    1478 continue;
    1479 JSVALUE_TO_MSTRING(cx, argv[i], p, NULL);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3Dx5vI_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrD-2FFZVvmg9UFbNVSslGQHixwK2gY0JhpVYuBk-2BPEk2wVNUawfpNFUquIquIwrbnMLyXyOL-2Bbdyy88jhCHaZkpnLltM6SvZPalWR8uvzHGJLXvipDKrDTZ6KfbbjJDM-2B9TK-2Bfg-2Bntn7n3JXz8-2BbuvXtlotoQiRFNfFKyqSao3USU5A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, December 21, 2023 15:17:37
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 471381: Null pointer dereferences (NULL_RETURNS)
    /ssl.c: 412 in get_ssl_cert()


    ________________________________________________________________________________________________________
    *** CID 471381: Null pointer dereferences (NULL_RETURNS)
    /ssl.c: 412 in get_ssl_cert()
    406
    407 if(!do_cryptInit())
    408 return -1;
    409 ssl_sync(cfg);
    410 lock_ssl_cert_write();
    411 cert_entry = malloc(sizeof(*cert_entry));
    CID 471381: Null pointer dereferences (NULL_RETURNS)
    Dereferencing "cert_entry", which is known to be "NULL".
    412 cert_entry->sess = -1;
    413 cert_entry->epoch = cert_epoch;
    414 cert_entry->next = NULL;
    415
    416 /* Get the certificate... first try loading it from a file... */
    417 if(cryptStatusOK(cryptKeysetOpen(&ssl_keyset, CRYPT_UNUSED, CRYPT_KEYSET_FILE, cert_path, CRYPT_KEYOPT_READONLY))) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DNVYG_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAIQBrbLtBWXBu7NOIgqUVW-2FO9u7UhLy-2BFNLgqIU41zpqPfBM73Awa3dQxk3-2F184GO6VUS7KkG6sPhNBuQiQ4Keqf56uFZ5RoDxe4X35uihMatLZZvu1DTj5op2mLHIzl6CugzzedJw-2FjcHjqyoRYDdN5cjuB-2Bi1UXQGnATKvNQkg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, December 26, 2023 13:39:07
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 471656: Memory - corruptions (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 471656: Memory - corruptions (OVERRUN) /tmp/sbbs-Dec-26-2023/src/smblib/smbfile.c: 367 in smb_addfile_withlist()
    361
    362 if(list != NULL && *list != NULL) {
    363 size_t size = strListCount(list) * 1024;
    364 auxdata = calloc(1, size);
    365 if(auxdata == NULL)
    366 return SMB_ERR_MEM;
    CID 471656: Memory - corruptions (OVERRUN)
    Calling "strListCombine" with "auxdata" and "size - 1UL" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned.
    367 strListCombine(list, auxdata, size - 1, "\r\n");
    368 }
    369 result = smb_addfile(smb, file, storage, extdesc, auxdata, path);
    370 free(auxdata);
    371 return result;
    372 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3D2BKI_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCT6x0GAlc7xThQfLCGiCZdmR4qZP1NcowX1yNXO3dy1e3iYdu3LqPMf8Ps-2BXyXIS9z1-2BExxr9YuMCEQ-2FkgG8-2FT0EoCNRZOLQUTkkQaenBh-2FjMptDjEjYYaLSTPN90hBdPvbODU2Cx91ZtvmuRMrZszCSUsoWukacGJvvm4ij2thw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, December 30, 2023 13:39:01
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 476254: (NULL_RETURNS) /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 505 in getChannelAttribute()
    /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 517 in getChannelAttribute()
    /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 511 in getChannelAttribute()
    /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 525 in getChannelAttribute()


    ________________________________________________________________________________________________________
    *** CID 476254: (NULL_RETURNS) /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 505 in getChannelAttribute()
    499 if( isNullChannel( channelInfoPtr ) )
    500 return( CRYPT_ERROR_NOTFOUND );
    501 *value = channelInfoPtr->channelID;
    502 return( CRYPT_OK );
    503
    504 case CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE:
    CID 476254: (NULL_RETURNS)
    Dereferencing "writeChannelInfoPtr", which is known to be "NULL".
    505 if( isNullChannel( writeChannelInfoPtr ) )
    506 return( CRYPT_ERROR_NOTFOUND );
    507 *value = isActiveChannel( writeChannelInfoPtr ) ? TRUE : FALSE;
    508 return( CRYPT_OK );
    509
    510 case CRYPT_SESSINFO_SSH_CHANNEL_OPEN: /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 517 in getChannelAttribute()
    511 if( isNullChannel( writeChannelInfoPtr ) )
    512 return( CRYPT_ERROR_NOTFOUND );
    513 *value = ( writeChannelInfoPtr->flags & CHANNEL_FLAG_READCLOSED ) ? FALSE : TRUE;
    514 return( CRYPT_OK );
    515
    516 case CRYPT_SESSINFO_SSH_CHANNEL_WIDTH:
    CID 476254: (NULL_RETURNS)
    Dereferencing "writeChannelInfoPtr", which is known to be "NULL".
    517 if( isNullChannel( writeChannelInfoPtr ) )
    518 return( CRYPT_ERROR_NOTFOUND );
    519 if (writeChannelInfoPtr->width == 0)
    520 return CRYPT_ERROR_NOTFOUND;
    521 *value = channelInfoPtr->width;
    522 return( CRYPT_OK ); /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 511 in getChannelAttribute()
    505 if( isNullChannel( writeChannelInfoPtr ) )
    506 return( CRYPT_ERROR_NOTFOUND );
    507 *value = isActiveChannel( writeChannelInfoPtr ) ? TRUE : FALSE;
    508 return( CRYPT_OK );
    509
    510 case CRYPT_SESSINFO_SSH_CHANNEL_OPEN:
    CID 476254: (NULL_RETURNS)
    Dereferencing "writeChannelInfoPtr", which is known to be "NULL".
    511 if( isNullChannel( writeChannelInfoPtr ) )
    512 return( CRYPT_ERROR_NOTFOUND );
    513 *value = ( writeChannelInfoPtr->flags & CHANNEL_FLAG_READCLOSED ) ? FALSE : TRUE;
    514 return( CRYPT_OK );
    515
    516 case CRYPT_SESSINFO_SSH_CHANNEL_WIDTH: /tmp/sbbs-Dec-30-2023/3rdp/src/cl/session/ssh2_chn.c: 525 in getChannelAttribute()
    519 if (writeChannelInfoPtr->width == 0)
    520 return CRYPT_ERROR_NOTFOUND;
    521 *value = channelInfoPtr->width;
    522 return( CRYPT_OK );
    523
    524 case CRYPT_SESSINFO_SSH_CHANNEL_HEIGHT:
    CID 476254: (NULL_RETURNS)
    Dereferencing "writeChannelInfoPtr", which is known to be "NULL".
    525 if( isNullChannel( writeChannelInfoPtr ) )
    526 return( CRYPT_ERROR_NOTFOUND );
    527 if (writeChannelInfoPtr->height == 0)
    528 return CRYPT_ERROR_NOTFOUND;
    529 *value = channelInfoPtr->height;
    530 return( CRYPT_OK );

    ** CID 476253: Resource leaks (RESOURCE_LEAK)
    /jsdebug.c: 335 in script_debug_prompt()


    ________________________________________________________________________________________________________
    *** CID 476253: Resource leaks (RESOURCE_LEAK)
    /jsdebug.c: 335 in script_debug_prompt()
    329 JS_SetInterrupt(JS_GetRuntime(dbg->cx), finish_handler, NULL);
    330 return DEBUG_CONTINUE;
    331 }
    332 if(strncmp(line, "quit\n", 5)==0 ||
    333 strncmp(line, "q\n", 2)==0
    334 ) {
    CID 476253: Resource leaks (RESOURCE_LEAK)
    Variable "line" going out of scope leaks the storage it points to.
    335 return (DEBUG_EXIT);
    336 }
    337 if(strncmp(line, "eval ", 5)==0 ||
    338 strncmp(line, "e ", 2)==0
    339 ) {
    340 jsval ret;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3Dk6EJ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA-2FX8i-2FapdB1BvZRHSxZvnvG9Gt4EGgnMOyOKJdrt0Ow7WO8U9rY3qdLrGQhhG9KhbgCqQ-2BdjF-2FCZbP8g3Gc1r4QsbMjorELhC-2FfCV8hEXjaVc-2BoAqZ2-2FQeAkDjxFrK3m04is-2FE5aOQcl1hrivcYLiwVEHyHlsUWiqdJNrqtFX4OA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, January 09, 2024 13:51:54
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 477525: Error handling issues (CHECKED_RETURN)
    /ssl.c: 413 in get_ssl_cert()


    ________________________________________________________________________________________________________
    *** CID 477525: Error handling issues (CHECKED_RETURN)
    /ssl.c: 413 in get_ssl_cert()
    407 CRYPT_CERTIFICATE ssl_cert;
    408 char sysop_email[sizeof(cfg->sys_inetaddr)+6];
    409 struct cert_list *cert_entry;
    410
    411 if(!do_cryptInit(lprintf))
    412 return -1;
    CID 477525: Error handling issues (CHECKED_RETURN)
    Calling "ssl_sync" without checking return value (as is done elsewhere 6 out of 7 times).
    413 ssl_sync(cfg, lprintf);
    414 lock_ssl_cert_write();
    415 cert_entry = malloc(sizeof(*cert_entry));
    416 if(cert_entry == NULL) {
    417 unlock_ssl_cert_write(lprintf);
    418 free(cert_entry);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DG04V_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDEpEnmlDe-2FjbKZ4LOKbSyZqFRJl-2FW97DzLqL9YhzmfB5NVnMDaFqAVAu8sqMXAtM7gluOaLuz78sK9hLjatBB8CSJ6nN9iJHgKoglAvkWzF0D2D3-2FP2KvQ4r0FVsLXVQDobxZi1VHS1fHv1o1JN4QuvSLew5iAWvpjb3EkIuqiHp61IxzA0v1Q4zB-2F2vdQH-2Fs-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, January 24, 2024 13:43:19
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    40 new defect(s) introduced to Synchronet found with Coverity Scan.
    65 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 40 defect(s)


    ** CID 479110: Program hangs (LOCK)
    /pack_qwk.cpp: 753 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()


    ________________________________________________________________________________________________________
    *** CID 479110: Program hangs (LOCK)
    /pack_qwk.cpp: 753 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    747 if(flength(packet) < 1) {
    748 remove(packet);
    749 if((i = external(cmdstr(temp_cmd(),packet,path,NULL), ex|EX_WILDCARD)) != 0)
    750 errormsg(WHERE,ERR_EXEC,cmdstr(temp_cmd(),packet,path,NULL),i);
    751 if(flength(packet) < 1) {
    752 bputs(text[QWKCompressionFailed]);
    CID 479110: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    753 return(false);
    754 }
    755 }
    756
    757 if(!prepack && useron.rest&FLAG('Q')) {
    758 dir=opendir(cfg.temp_dir);

    ** CID 479109: (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/cmp_err.c: 349 in readPkiStatusInfo() /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/cmp_err.c: 364 in readPkiStatusInfo()


    ________________________________________________________________________________________________________
    *** CID 479109: (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/cmp_err.c: 349 in readPkiStatusInfo() 343 ( status, errorInfo,
    344 "Invalid PKI status string" ) );
    345 }
    346 hasErrorMessage = TRUE;
    347 }
    348 if( cryptStatusError( status ) )
    CID 479109: (DEADCODE)
    Execution cannot reach this statement: "return status;".
    349 return( status ); /* Residual error from peekTag() */
    350
    351 /* Read the failure information */
    352 if( checkStatusLimitsPeekTag( stream, status, tag, endPos ) && \
    353 tag == BER_BITSTRING )
    354 {
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/cmp_err.c: 364 in readPkiStatusInfo() 358 retExt( status,
    359 ( status, errorInfo,
    360 "Invalid PKI failure information" ) );
    361 }
    362 }
    363 if( cryptStatusError( status ) )
    CID 479109: (DEADCODE)
    Execution cannot reach this statement: "return status;".
    364 return( status ); /* Residual error from peekTag() */
    365
    366 /* If everything's OK, we're done */
    367 if( cmpStatusOK( errorCode ) )
    368 return( CRYPT_OK );
    369

    ** CID 479108: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/context/ctx_attr.c: 425 in getContextAttributeS()


    ________________________________________________________________________________________________________
    *** CID 479108: Control flow issues (MISSING_BREAK) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/context/ctx_attr.c: 425 in getContextAttributeS()
    419 out */
    420 return( attributeCopy( msgData, contextInfoPtr->ctxPKC->publicKeyInfo,
    421 contextInfoPtr->ctxPKC->publicKeyInfoSize ) );
    422 }
    423 STDC_FALLTHROUGH;
    424
    CID 479108: Control flow issues (MISSING_BREAK)
    The case for value "CRYPT_CTXINFO_SSH_PUBLIC_KEY" is not terminated by a "break" statement.
    425 case CRYPT_CTXINFO_SSH_PUBLIC_KEY:
    426 if ( needsKey( contextInfoPtr ) )
    427 return CRYPT_ERROR_NOTFOUND;
    428 if (contextType != CONTEXT_PKC)
    429 return CRYPT_ERROR_NOTFOUND;
    430 case CRYPT_IATTRIBUTE_KEY_PGP:

    ** CID 479107: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 857 in activateSession()


    ________________________________________________________________________________________________________
    *** CID 479107: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 857 in activateSession() 851 {
    852 const SES_ACTIVATESUBPROTOCOL_FUNCTION activateSubprotocolFunction = \
    853 ( SES_ACTIVATESUBPROTOCOL_FUNCTION ) \
    854 FNPTR_GET( sessionInfoPtr->activateInnerSubprotocolFunction );
    855 REQUIRES( activateSubprotocolFunction != NULL );
    856
    CID 479107: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "status = activateSubprotoco...".
    857 status = activateSubprotocolFunction( sessionInfoPtr );
    858 if( cryptStatusError( status ) )
    859 return( status );
    860
    861 /* Record the fact that the layered protocol has been
    862 activated */

    ** CID 479106: Error handling issues (CHECKED_RETURN) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/scvp_cli.c: 621 in readScvpResponse()


    ________________________________________________________________________________________________________
    *** CID 479106: Error handling issues (CHECKED_RETURN) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/scvp_cli.c: 621 in readScvpResponse() 615 assert( isWritePtr( stream, sizeof( STREAM ) ) );
    616 assert( isWritePtr( sessionInfoPtr, sizeof( SESSION_INFO ) ) ); 617 assert( isWritePtr( protocolInfo, sizeof( SCVP_PROTOCOL_INFO ) ) );
    618
    619 /* Skip the wrapper, version, and server configuration ID */ 620 readSequence( stream, NULL );
    CID 479106: Error handling issues (CHECKED_RETURN)
    Calling "readShortIntegerTag" without checking return value (as is done elsewhere 36 out of 45 times).
    621 readShortInteger( stream, &value );
    622 status = readShortInteger( stream, &value );
    623 if( cryptStatusError( status ) )
    624 {
    625 retExt( status,
    626 ( status, SESSION_ERRINFO,

    ** CID 479105: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 1030 in closeSession()


    ________________________________________________________________________________________________________
    *** CID 479105: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 1030 in closeSession() 1024 #if defined( USE_WEBSOCKETS ) || defined( USE_EAP )
    1025 if( sessionInfoPtr->subProtocol != CRYPT_SUBPROTOCOL_NONE ) 1026 {
    1027 /* If there's an inner protocol present, shut that down as well */
    1028 if( FNPTR_ISSET( sessionInfoPtr->closeInnerSubprotocolFunction ) )
    1029 {
    CID 479105: Control flow issues (DEADCODE)
    Execution cannot reach the expression "sessionInfoPtr->closeInnerSubprotocolFunction.fnPtr" inside this statement: "closeSubprotocolFunction = ...".
    1030 const SES_CLOSESUBPROTOCOL_FUNCTION closeSubprotocolFunction = \
    1031 ( SES_CLOSESUBPROTOCOL_FUNCTION ) \
    1032 FNPTR_GET( sessionInfoPtr->closeInnerSubprotocolFunction );
    1033 REQUIRES( closeSubprotocolFunction != NULL ); 1034
    1035 ( void ) closeSubprotocolFunction( sessionInfoPtr );

    ** CID 479104: (BAD_SHIFT) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/dn_string.c: 220 in getWidechar() /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/dn_string.c: 220 in getWidechar()


    ________________________________________________________________________________________________________
    *** CID 479104: (BAD_SHIFT) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/dn_string.c: 220 in getWidechar()
    214 non-char values can only be accessed on word-aligned boundaries */
    215 LOOP_SMALL( i = 0, i < WCHAR_SIZE, i++ )
    216 {
    217 ENSURES_EXT( LOOP_INVARIANT_SMALL( i, 0, WCHAR_SIZE - 1 ), 0 );
    218
    219 #ifdef DATA_LITTLEENDIAN
    CID 479104: (BAD_SHIFT)
    In expression "string[i] << shiftAmt", left shifting by more than 31 bits has undefined behavior. The shift amount, "shiftAmt", is at least 72.
    220 ch |= string[ i ] << shiftAmt;
    221 shiftAmt += 8;
    222 #else
    223 ch = ( ch << 8 ) | string[ i ];
    224 #endif /* DATA_LITTLEENDIAN */
    225 }
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/dn_string.c: 220 in getWidechar()
    214 non-char values can only be accessed on word-aligned boundaries */
    215 LOOP_SMALL( i = 0, i < WCHAR_SIZE, i++ )
    216 {
    217 ENSURES_EXT( LOOP_INVARIANT_SMALL( i, 0, WCHAR_SIZE - 1 ), 0 );
    218
    219 #ifdef DATA_LITTLEENDIAN
    CID 479104: (BAD_SHIFT)
    In expression "string[i] << shiftAmt", left shifting by more than 31 bits has undefined behavior. The shift amount, "shiftAmt", is at least 72.
    220 ch |= string[ i ] << shiftAmt;
    221 shiftAmt += 8;
    222 #else
    223 ch = ( ch << 8 ) | string[ i ];
    224 #endif /* DATA_LITTLEENDIAN */
    225 }

    ** CID 479103: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 479103: (SLEEP)
    /pack_rep.cpp: 120 in sbbs_t::pack_rep(unsigned int)()
    114 /*********************/
    115 /* Pack new messages */
    116 /*********************/
    117 SAFEPRINTF(smb.file,"%smail",cfg.data_dir);
    118 smb.retry_time=cfg.smb_retry_time;
    119 smb.subnum=INVALID_SUB;
    CID 479103: (SLEEP)
    Call to "smb_open" might sleep while holding lock "this->input_thread_mutex".
    120 if((i=smb_open(&smb))!=0) {
    121 fclose(rep);
    122 if(hdrs!=NULL)
    123 fclose(hdrs);
    124 if(voting!=NULL)
    125 fclose(voting);
    /pack_rep.cpp: 112 in sbbs_t::pack_rep(unsigned int)()
    106 errormsg(WHERE,ERR_CREATE,str,0);
    107 }
    108 if(!(cfg.qhub[hubnum]->misc&QHUB_NOVOTING)) {
    109 SAFEPRINTF(str,"%sVOTING.DAT",cfg.temp_dir);
    110 fexistcase(str);
    111 if((voting=fopen(str,"a"))==NULL)
    CID 479103: (SLEEP)
    Call to "errormsg" might sleep while holding lock "this->input_thread_mutex".
    112 errormsg(WHERE,ERR_CREATE,str,0);
    113 }
    114 /*********************/
    115 /* Pack new messages */
    116 /*********************/
    117 SAFEPRINTF(smb.file,"%smail",cfg.data_dir);
    /pack_rep.cpp: 106 in sbbs_t::pack_rep(unsigned int)()
    100 ,QWK_BLOCK_LEN, hubid_upper); /* So write header */
    101 }
    102 if(!(cfg.qhub[hubnum]->misc&QHUB_NOHEADERS)) {
    103 SAFEPRINTF(str,"%sHEADERS.DAT",cfg.temp_dir);
    104 fexistcase(str);
    105 if((hdrs=fopen(str,"a"))==NULL)
    CID 479103: (SLEEP)
    Call to "errormsg" might sleep while holding lock "this->input_thread_mutex".
    106 errormsg(WHERE,ERR_CREATE,str,0);
    107 }
    108 if(!(cfg.qhub[hubnum]->misc&QHUB_NOVOTING)) {
    109 SAFEPRINTF(str,"%sVOTING.DAT",cfg.temp_dir);
    110 fexistcase(str);
    111 if((voting=fopen(str,"a"))==NULL)

    ** CID 479102: Error handling issues (CHECKED_RETURN) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/enc_dec/asn1_algoenc.c: 662 in readCryptAlgoParams()


    ________________________________________________________________________________________________________
    *** CID 479102: Error handling issues (CHECKED_RETURN) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/enc_dec/asn1_algoenc.c: 662 in readCryptAlgoParams()
    656 RC2_KEYSIZE_MAGIC (corresponding to a 128-bit key) but in
    657 practice this doesn't really matter, we just use whatever we
    658 find inside the PKCS #1 padding */
    659 readSequence( stream, NULL );
    660 if( queryInfo->cryptMode != CRYPT_MODE_CBC ) 661 return( readShortInteger( stream, NULL ) );
    CID 479102: Error handling issues (CHECKED_RETURN)
    Calling "readShortIntegerTag" without checking return value (as is done elsewhere 36 out of 45 times).
    662 readShortInteger( stream, NULL );
    663 return( readOctetString( stream, queryInfo->iv, 664 &queryInfo->ivLength,
    665 MIN_IVSIZE, CRYPT_MAX_IVSIZE ) );
    666 #endif /* USE_RC2 */
    667

    ** CID 479101: (CHECKED_RETURN)
    /ssl.c: 353 in internal_do_cryptInit()
    /ssl.c: 345 in internal_do_cryptInit()


    ________________________________________________________________________________________________________
    *** CID 479101: (CHECKED_RETURN)
    /ssl.c: 353 in internal_do_cryptInit()
    347 }
    348 ret = cryptGetAttributeString(CRYPT_UNUSED, CRYPT_OPTION_INFO_PATCHES, patches, &stp);
    349 if (cryptStatusError(ret) || stp != 32 || memcmp(patches, CRYPTLIB_PATCHES, 32) != 0) {
    350 cryptInit_error = ret;
    351 cryptlib_initialized = false;
    352 cryptEnd();
    CID 479101: (CHECKED_RETURN)
    Calling "asprintf" without checking return value (as is done elsewhere 19 out of 21 times).
    353 asprintf(&cryptfail, "Incorrect cryptlib patch set %.32s (expected %s)", patches, CRYPTLIB_PATCHES);
    354 return;
    355 }
    356 return;
    357 }
    358
    /ssl.c: 345 in internal_do_cryptInit()
    339 }
    340 tmp = (maj * 100) + (min * 10) + stp;
    341 if (tmp != CRYPTLIB_VERSION) {
    342 cryptInit_error = CRYPT_ERROR_INVALID;
    343 cryptlib_initialized = false;
    344 cryptEnd();
    CID 479101: (CHECKED_RETURN)
    Calling "asprintf" without checking return value (as is done elsewhere 19 out of 21 times).
    345 asprintf(&cryptfail, "Incorrect cryptlib version %d (expected %d)", tmp, CRYPTLIB_VERSION);
    346 return;
    347 }
    348 ret = cryptGetAttributeString(CRYPT_UNUSED, CRYPT_OPTION_INFO_PATCHES, patches, &stp);
    349 if (cryptStatusError(ret) || stp != 32 || memcmp(patches, CRYPTLIB_PATCHES, 32) != 0) {
    350 cryptInit_error = ret;

    ** CID 479100: (ATOMICITY)
    /ssl.c: 659 in destroy_session()
    /ssl.c: 659 in destroy_session()


    ________________________________________________________________________________________________________
    *** CID 479100: (ATOMICITY)
    /ssl.c: 659 in destroy_session()
    653 lprintf(LOG_ERR, "Unable to unlock cert_epoch_lock for write at %d", __LINE__);
    654 return CRYPT_ERROR_INTERNAL;
    655 }
    656 sess->sess = -1;
    657 pthread_mutex_lock(&ssl_cert_list_mutex);
    658 sess->next = cert_list;
    CID 479100: (ATOMICITY)
    Using an unreliable value of "sess" inside the second locked section. If the data that "sess" depends on was changed by another thread, this use might be incorrect.
    659 cert_list = sess;
    660 pthread_mutex_unlock(&ssl_cert_list_mutex);
    661 ret = cryptDestroySession(csess);
    662 }
    663 else {
    664 if (!rwlock_unlock(&cert_epoch_lock)) {
    /ssl.c: 659 in destroy_session()
    653 lprintf(LOG_ERR, "Unable to unlock cert_epoch_lock for write at %d", __LINE__);
    654 return CRYPT_ERROR_INTERNAL;
    655 }
    656 sess->sess = -1;
    657 pthread_mutex_lock(&ssl_cert_list_mutex);
    658 sess->next = cert_list;
    CID 479100: (ATOMICITY)
    Using an unreliable value of "sess" inside the second locked section. If the data that "sess" depends on was changed by another thread, this use might be incorrect.
    659 cert_list = sess;
    660 pthread_mutex_unlock(&ssl_cert_list_mutex);
    661 ret = cryptDestroySession(csess);
    662 }
    663 else {
    664 if (!rwlock_unlock(&cert_epoch_lock)) {

    ** CID 479099: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/cmp_rdmsg.c: 495 in readResponseBody()


    ________________________________________________________________________________________________________
    *** CID 479099: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/cmp_rdmsg.c: 495 in readResponseBody()
    489 ( status, SESSION_ERRINFO,
    490 "Invalid caPubs field in %s", 491 getCMPMessageName( messageType ) ) );
    492 }
    493 }
    494 if( cryptStatusError( status ) )
    CID 479099: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "return status;".
    495 return( status ); /* Residual error from checkStatusPeekTag() */
    496
    497 /* If it's a revocation response then the only returned data is the
    498 status value */
    499 if( protocolInfo->operation == CTAG_PB_RR )
    500 {

    ** CID 479098: Program hangs (LOCK)
    /pack_rep.cpp: 95 in sbbs_t::pack_rep(unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 479098: Program hangs (LOCK)
    /pack_rep.cpp: 95 in sbbs_t::pack_rep(unsigned int)()
    89 if(fexistcase(str))
    90 fmode="r+b";
    91 else
    92 fmode="w+b";
    93 if((rep=fopen(str, fmode))==NULL) {
    94 errormsg(WHERE, ERR_CREATE, str, 0, fmode);
    CID 479098: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    95 return false;
    96 }
    97 fseek(rep, 0, SEEK_END);
    98 if(ftell(rep) < 1) { /* New REP packet */
    99 fprintf(rep, "%-*s"
    100 ,QWK_BLOCK_LEN, hubid_upper); /* So write header */

    ** CID 479097: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 1035 in closeSession()


    ________________________________________________________________________________________________________
    *** CID 479097: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 1035 in closeSession() 1029 {
    1030 const SES_CLOSESUBPROTOCOL_FUNCTION closeSubprotocolFunction = \
    1031 ( SES_CLOSESUBPROTOCOL_FUNCTION ) \
    1032 FNPTR_GET( sessionInfoPtr->closeInnerSubprotocolFunction );
    1033 REQUIRES( closeSubprotocolFunction != NULL ); 1034
    CID 479097: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "(void)closeSubprotocolFunct...".
    1035 ( void ) closeSubprotocolFunction( sessionInfoPtr );
    1036 }
    1037
    1038 /* If protocol management is handled by an outer protocol, don't
    1039 perform a session shutdown. This is in theory rather nasty in
    1040 that an attacker who can spoof an unsecured outer protocol packet

    ** CID 479096: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 685 in activateConnection()


    ________________________________________________________________________________________________________
    *** CID 479096: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/session.c: 685 in activateConnection()
    679
    680 /* If there's sub-protocol selected, activate that as well */ 681 #if defined( USE_WEBSOCKETS ) || defined( USE_EAP )
    682 if( sessionInfoPtr->subProtocol != CRYPT_SUBPROTOCOL_NONE && \ 683 FNPTR_ISSET( sessionInfoPtr->activateOuterSubprotocolFunction ) )
    684 {
    CID 479096: Control flow issues (DEADCODE)
    Execution cannot reach the expression "sessionInfoPtr->activateOuterSubprotocolFunction.fnPtr" inside this statement: "activateSubprotocolFunction...".
    685 const SES_ACTIVATESUBPROTOCOL_FUNCTION activateSubprotocolFunction = \
    686 ( SES_ACTIVATESUBPROTOCOL_FUNCTION ) \
    687 FNPTR_GET( sessionInfoPtr->activateOuterSubprotocolFunction );
    688 REQUIRES( activateSubprotocolFunction != NULL );
    689
    690 status = activateSubprotocolFunction( sessionInfoPtr );

    ** CID 479095: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/kernel/selftest.c: 130 in testSafetyMechanisms()


    ________________________________________________________________________________________________________
    *** CID 479095: Control flow issues (DEADCODE) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/kernel/selftest.c: 130 in testSafetyMechanisms()
    124 tmrIntB |= 0x800;
    125 tmrIntC |= 0x01;
    126 if( TMR_VALID( tmrInt ) || TMR_GET( tmrInt ) != 20 )
    127 return( FALSE );
    128 TMR_SCRUB( tmrInt );
    129 if( tmrIntA != 20 || tmrIntB != 20 || tmrIntC != 20 )
    CID 479095: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "return 0;".
    130 return( FALSE );
    131 CFI_CHECK_UPDATE( "TMR" );
    132
    133 /* Test the overflow-checking mechanisms. These checks will probably
    134 fall prey to optimiser inlining but it'll still statically check that
    135 they work as expected.

    ** CID 479094: (DEADCODE)
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/read.c: 720 in readAttributeCertInfo() /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/read.c: 668 in readAttributeCertInfo() /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/read.c: 641 in readAttributeCertInfo()


    ________________________________________________________________________________________________________
    *** CID 479094: (DEADCODE)
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/read.c: 720 in readAttributeCertInfo() 714 {
    715 return( certErrorReturn( certInfoPtr, "issuer unique ID",
    716 status ) );
    717 }
    718 }
    719 if( cryptStatusError( status ) )
    CID 479094: (DEADCODE)
    Execution cannot reach this statement: "return status;".
    720 return( status ); /* Residual error from peekTag() */
    721
    722 /* If there are no extensions present, we're done */
    723 if( stell( stream ) >= endPos )
    724 return( CRYPT_OK );
    725
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/read.c: 668 in readAttributeCertInfo() 662 if( cryptStatusOK( status ) )
    663 status = readIssuerDN( stream, certInfoPtr ); 664 if( cryptStatusError( status ) )
    665 return( certErrorReturn( certInfoPtr, "issuer name", status ) );
    666 }
    667 if( cryptStatusError( status ) )
    CID 479094: (DEADCODE)
    Execution cannot reach this statement: "return status;".
    668 return( status ); /* Residual error from peekTag() */
    669 if( checkStatusLimitsPeekTag( stream, status, tag, innerEndPos ) && \
    670 tag == MAKE_CTAG( CTAG_AC_ISSUER_BASECERTIFICATEID ) ) 671 {
    672 status = readUniversal( stream );
    673 }
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/read.c: 641 in readAttributeCertInfo() 635 if( cryptStatusOK( status ) )
    636 status = readSubjectDN( stream, certInfoPtr ); 637 if( cryptStatusError( status ) )
    638 return( certErrorReturn( certInfoPtr, "holder name", status ) );
    639 }
    640 if( cryptStatusError( status ) )
    CID 479094: (DEADCODE)
    Execution cannot reach this statement: "return status;".
    641 return( status ); /* Residual error from peekTag() */
    642 if( checkStatusLimitsPeekTag( stream, status, tag, innerEndPos ) && \
    643 tag == MAKE_CTAG( CTAG_AC_HOLDER_OBJECTDIGESTINFO ) ) 644 {
    645 /* This is a complicated structure that in effect encodes a generic
    646 hole reference to "other", for now we just skip it until we can

    ** CID 479093: (DEADCODE)
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cryptkey.c: 1779 in openKeyset() /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cryptkey.c: 1770 in openKeyset() /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cryptkey.c: 1771 in openKeyset()


    ________________________________________________________________________________________________________
    *** CID 479093: (DEADCODE)
    /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cryptkey.c: 1779 in openKeyset()
    1773 break;
    1774
    1775 case CRYPT_KEYSET_HTTP:
    1776 status = setAccessMethodHTTP( keysetInfoPtr ); 1777 break;
    1778
    CID 479093: (DEADCODE)
    Execution cannot reach this statement: "case CRYPT_KEYSET_LDAP:".
    1779 case CRYPT_KEYSET_LDAP:
    1780 status = setAccessMethodLDAP( keysetInfoPtr ); 1781 break;
    1782
    1783 default:
    1784 retIntError(); /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cryptkey.c: 1770 in openKeyset()
    1764 }
    1765
    1766 /* It's a specific type of keyset, set up the access information for it
    1767 and connect to it */
    1768 switch( keysetType )
    1769 {
    CID 479093: (DEADCODE)
    Execution cannot reach this statement: "case CRYPT_KEYSET_DATABASE:". 1770 case CRYPT_KEYSET_DATABASE:
    1771 case CRYPT_KEYSET_DATABASE_STORE:
    1772 status = setAccessMethodDBMS( keysetInfoPtr, keysetType );
    1773 break;
    1774
    1775 case CRYPT_KEYSET_HTTP: /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cryptkey.c: 1771 in openKeyset()
    1765
    1766 /* It's a specific type of keyset, set up the access information for it
    1767 and connect to it */
    1768 switch( keysetType )
    1769 {
    1770 case CRYPT_KEYSET_DATABASE:
    CID 479093: (DEADCODE)
    Execution cannot reach this statement: "case CRYPT_KEYSET_DATABASE_...".
    1771 case CRYPT_KEYSET_DATABASE_STORE:
    1772 status = setAccessMethodDBMS( keysetInfoPtr, keysetType );
    1773 break;
    1774
    1775 case CRYPT_KEYSET_HTTP:
    1776 status = setAccessMethodHTTP( keysetInfoPtr );

    ** CID 479092: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/ext_copy.c: 285 in copyAttribute()


    ________________________________________________________________________________________________________
    *** CID 479092: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/cert/ext_copy.c: 285 in copyAttribute()
    279 if( DATAPTR_ISSET_PTR( newAttributeHeadPtr ) ) 280 deleteAttributes( newAttributeHeadPtr );
    281 return( status );
    282 }
    283
    284 /* Append the new field to the new attribute list */ >>> CID 479092: Resource leaks (RESOURCE_LEAK)
    Variable "newAttributeField" going out of scope leaks the storage it points to.
    285 insertDoubleListElement( newAttributeHeadPtr, newAttributeListTail,
    286 newAttributeField, ATTRIBUTE_LIST );
    287 newAttributeListTail = newAttributeField;
    288 }
    289 ENSURES( LOOP_BOUND_OK );
    290 ENSURES( DATAPTR_ISSET_PTR( newAttributeHeadPtr ) );

    ** CID 479091: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/ssh2_msgcli.c: 707 in processChannelOpenConfirmation()


    ________________________________________________________________________________________________________
    *** CID 479091: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /tmp/sbbs-Jan-24-2024/3rdp/src/cl/session/ssh2_msgcli.c: 707 in processChannelOpenConfirmation()
    701 done */
    702 if( serviceType == SERVICE_PORTFORWARD ) {
    703 selectChannel( sessionInfoPtr, origWriteChannelNo, CHANNEL_WRITE );
    704 return( CRYPT_OK );
    705 }
    706
    CID 479091: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
    "255612575 || channelNo == 0 || !waitforWindow" is always true regardless of the values of its operands. This occurs as the logical operand of "if".
    707 if ( TRUE || channelNo == 0 || !waitforWindow )
    708 {
    709 /* It's a session open request that requires additional messages to do
    710 anything useful, create and send the extra packets. Unlike the
    711 overall open request, we can't wrap and send the packets in one go
    712 because serviceType == SERVICE_SHELL has to send multiple packets,


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3D_Ob8_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDXsFtzU0G-2FWPcCSE76ga65FpTOVnlTg2HlohxKy4ePNmfAvcTgQHzRuwjEUPYcoNsjv51yTcWgn-2B5ZoKEZbHKDuJHZyg4oYm-2B85r0HAuyVfWOvaujD7HGzC-2Bi-2BJJr4c31Rz-2B5noR-2FnEcQw4pO0lSZx8Qbg6Ydb9v-2FQISXmWX5vnA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, February 01, 2024 13:40:37
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 480410: Uninitialized variables (UNINIT) /tmp/sbbs-Feb-01-2024/src/conio/ciolib.c: 2152 in ciolib_rgb_to_legacyattr()


    ________________________________________________________________________________________________________
    *** CID 480410: Uninitialized variables (UNINIT) /tmp/sbbs-Feb-01-2024/src/conio/ciolib.c: 2152 in ciolib_rgb_to_legacyattr() 2146 }
    2147 }
    2148 }
    2149 }
    2150
    2151 return (bestb << 4) | bestf;
    CID 480410: Uninitialized variables (UNINIT)
    Using uninitialized value "bestf".


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3D0Whj_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCGuXH-2F8nbk79WMe2MJx6-2FI9exgVraqIoXRfw5t191-2Fkv7cvlCW07dWiwEkebe6LE7W-2FqT6ZfpHP5InVb8zXpzOgZvf4Ur9-2BJrsFE50Fqk6iSfX0glKX5AlD-2FYPX7BWAafhUDNW6RVuwz3H5dgusXmMWB9WTfpkkhCog7HEgqDjmg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, February 04, 2024 15:09:08
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 483188: Memory - corruptions (OVERRUN)
    /ssl.c: 349 in internal_do_cryptInit()


    ________________________________________________________________________________________________________
    *** CID 483188: Memory - corruptions (OVERRUN)
    /ssl.c: 349 in internal_do_cryptInit()
    343 cryptlib_initialized = false;
    344 cryptEnd();
    345 asprintf(&cryptfail, "Incorrect cryptlib version %d (expected %d)", tmp, CRYPTLIB_VERSION);
    346 return;
    347 }
    348 ret = cryptGetAttributeString(CRYPT_UNUSED, CRYPT_OPTION_INFO_PATCHES, patches, &stp);
    CID 483188: Memory - corruptions (OVERRUN)
    Overrunning array """" of 1 bytes by passing it to a function which accesses it at byte offset 31 using argument "32UL".
    349 if (cryptStatusError(ret) || stp != 32 || memcmp(patches, CRYPTLIB_PATCHES, 32) != 0) {
    350 cryptInit_error = ret;
    351 cryptlib_initialized = false;
    352 cryptEnd();
    353 asprintf(&cryptfail, "Incorrect cryptlib patch set %.32s (expected %s)", patches, CRYPTLIB_PATCHES);
    354 return;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DoE8P_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCgaHhvhfxqmGN-2F2MOiNHiXAXmmE5-2BoMir72-2FKS-2B4CChPr-2B6DUEcHFnW2fJcB9K-2BLqjLkG6SOds2KKoiOogAgt4kivLp-2Bbv0MawXscaXZ6U3zKSU8zPaw8llzmAMgAx1EcIlUZ9-2Faak-2B54E1Z-2BGSHEscOAt6ClVWnKMr9zoYGJFvw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, February 05, 2024 13:39:54
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 483249: Error handling issues (CHECKED_RETURN)
    /main.cpp: 3570 in sbbs_t::init()()


    ________________________________________________________________________________________________________
    *** CID 483249: Error handling issues (CHECKED_RETURN)
    /main.cpp: 3570 in sbbs_t::init()()
    3564 thisnode.misc&=(NODE_EVENT|NODE_LOCK|NODE_RRUN);
    3565 criterrs=thisnode.errors;
    3566 putnodedat(cfg.node_num,&thisnode);
    3567
    3568 // remove any pending node messages
    3569 safe_snprintf(str, sizeof(str), "%smsgs/n%3.3u.msg",cfg.data_dir,cfg.node_num);
    CID 483249: Error handling issues (CHECKED_RETURN)
    Calling "remove(str)" without checking return value. This library function may fail and return an error code.
    3570 remove(str);
    3571 // Delete any stale temporary files (with potentially sensitive content)
    3572 delfiles(cfg.temp_dir,ALLFILES);
    3573 safe_snprintf(str, sizeof(str), "%sMSGTMP", cfg.node_dir);
    3574 removecase(str);
    3575 safe_snprintf(str, sizeof(str), "%sQUOTES.TXT", cfg.node_dir);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DuxM4_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDlWnKXqUo4ko-2BswZDnU0KThZlBPhv1kFyIVU6rRp9K48otOTA5WQm5qg8o-2FY8FDqYkPfgDhKOyoUIQMv1mPwAY7yKStOAqjn6xloHvMgh0mRG0DJXpuxyIOkTyi2gGZzdoTshBDw9gCNjiMqTW3IeGxtntX-2B4oBRMrCvut8dx1Kg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, February 07, 2024 13:48:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 486181: (RESOURCE_LEAK)
    /js_bbs.cpp: 1730 in js_expand_atcodes(JSContext *, unsigned int, unsigned long *)()
    /js_bbs.cpp: 1732 in js_expand_atcodes(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 486181: (RESOURCE_LEAK)
    /js_bbs.cpp: 1730 in js_expand_atcodes(JSContext *, unsigned int, unsigned long *)()
    1724 if (instr == NULL)
    1725 return JS_FALSE;
    1726
    1727 if(JSVAL_IS_OBJECT(argv[1]) && !JSVAL_IS_NULL(argv[1])) {
    1728 JSObject* hdrobj;
    1729 if((hdrobj = JSVAL_TO_OBJECT(argv[1])) == NULL)
    CID 486181: (RESOURCE_LEAK)
    Variable "instr" going out of scope leaks the storage it points to. 1730 return JS_FALSE;
    1731 if(!js_GetMsgHeaderObjectPrivates(cx, hdrobj, /* smb_t: */NULL, &msg, /* post: */NULL))
    1732 return JS_FALSE;
    1733 }
    1734
    1735 rc = JS_SUSPENDREQUEST(cx);
    /js_bbs.cpp: 1732 in js_expand_atcodes(JSContext *, unsigned int, unsigned long *)()
    1726
    1727 if(JSVAL_IS_OBJECT(argv[1]) && !JSVAL_IS_NULL(argv[1])) {
    1728 JSObject* hdrobj;
    1729 if((hdrobj = JSVAL_TO_OBJECT(argv[1])) == NULL)
    1730 return JS_FALSE;
    1731 if(!js_GetMsgHeaderObjectPrivates(cx, hdrobj, /* smb_t: */NULL, &msg, /* post: */NULL))
    CID 486181: (RESOURCE_LEAK)
    Variable "instr" going out of scope leaks the storage it points to. 1732 return JS_FALSE;
    1733 }
    1734
    1735 rc = JS_SUSPENDREQUEST(cx);
    1736 sbbs->expand_atcodes(instr, result, sizeof result, msg);
    1737 free(instr);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DmylI_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDXJXQdHoPdhvgvF0Vb847O95f-2F78EIoUagepOVq0LGxVFLDoLOCCiMG-2Fo4JxZOKwjHbMnoOXJKKkCjtFcCkE7VRLhxJ-2FNLJW4jwAN0Jl-2F3no6moASPMez-2F6bxuKm8Qy55QwIHngsrpIdU6tJlGz6f2tQot6J2A4fn-2FWICSVomHTA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, February 09, 2024 13:39:53
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 486276: (USE_AFTER_FREE)
    /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf() /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()


    ________________________________________________________________________________________________________
    *** CID 486276: (USE_AFTER_FREE)
    /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL); /tmp/sbbs-Feb-09-2024/src/xpdev/xpprintf.c: 1378 in xp_vasprintf()
    1372 break;
    1373 case XP_PRINTF_TYPE_SIZET:
    1374 next=xp_asprintf_next(working, type, va_arg(va, size_t));
    1375 break;
    1376 }
    1377 if(next==NULL) {
    CID 486276: (USE_AFTER_FREE)
    Calling "free" frees pointer "working" which has already been freed. 1378 free(working);
    1379 return(NULL);
    1380 }
    1381 working=next;
    1382 }
    1383 next=xp_asprintf_end(working, NULL);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DIHvH_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCP2NMkGTJz9ej0zbFZSaut2su5O4d-2FdeN5YNfhO3vr5iN7SLkyWMmA-2BkVBoBNMCMtjp4F5UOP3BhPg-2B0yHPx-2BA66plmcHqc3TbhObiquLp-2FeS-2BJifVzCXGlHdvyg4PHEaoR6LUO7c-2FqTSbtEkku9P0EYfxZeeo5KgjMqT4aVuFYw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, February 14, 2024 13:40:33
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 486477: Error handling issues (CHECKED_RETURN)
    /writemsg.cpp: 416 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 486477: Error handling issues (CHECKED_RETURN)
    /writemsg.cpp: 416 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    410 free(buf);
    411 return(false);
    412 }
    413 if(!i && linesquoted)
    414 break;
    415 if(!i || quote[0]==all_key()) { /* Quote all */
    CID 486477: Error handling issues (CHECKED_RETURN)
    Calling "fseek(stream, l, 0)" without checking return value. This library function may fail and return an error code.
    416 fseek(stream,l,SEEK_SET);
    417 while(!feof(stream) && !ferror(stream)) {
    418 if(!fgets(str,sizeof(str),stream))
    419 break;
    420 quotestr(str);
    421 SAFEPRINTF2(tmp,quote_fmt,cols-4,str);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3D2gqt_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDyBxF-2BuedSB2oLaNTy6psp3Cor4F0rz-2B4SwaIkEVyFE7FwRjEukPY43bM1L1Hi7YMYgyrb0V1krz3N47RLZR8GIqMuk2Z3RqE2OO4o9y0KvmmLDJLp5jbtMBebo-2FmfheUw1RP41SRg-2FK16Oi1OoUubPmh6iPKTPVX1V81t13b6sA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, February 16, 2024 13:40:21
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 486496: (CHECKED_RETURN)
    /writemsg.cpp: 382 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    /writemsg.cpp: 344 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 486496: (CHECKED_RETURN)
    /writemsg.cpp: 382 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    376
    377 else if(useron_xedit && cfg.xedit[useron_xedit-1]->misc&QUOTENONE)
    378 ;
    379
    380 else if(yesno(text[QuoteMessageQ])) {
    381 if(!fexist(quotes_fname(useron_xedit, path, sizeof(path))))
    CID 486496: (CHECKED_RETURN)
    Calling "fexistcase" without checking return value (as is done elsewhere 117 out of 130 times).
    382 fexistcase(path);
    383 if((stream=fnopen(&file,path,O_RDONLY))==NULL) {
    384 errormsg(WHERE,ERR_OPEN,path,O_RDONLY); 385 free(buf);
    386 return(false);
    387 }
    /writemsg.cpp: 344 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    338 && cfg.sub[subnum]->misc&SUB_QUOTE))) {
    339
    340 /* Quote entire message to MSGTMP or INPUT.MSG */
    341
    342 if(useron_xedit && cfg.xedit[useron_xedit-1]->misc&QUOTEALL) {
    343 if(!fexist(quotes_fname(useron_xedit, path, sizeof(path))))
    CID 486496: (CHECKED_RETURN)
    Calling "fexistcase" without checking return value (as is done elsewhere 117 out of 130 times).
    344 fexistcase(path);
    345 if((stream=fnopen(NULL,path,O_RDONLY))==NULL) { 346 errormsg(WHERE,ERR_OPEN,path,O_RDONLY); 347 free(buf);
    348 return(false);
    349 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3Dzn-5_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDPrVkNTVRB68tnZKkkXRCkPUT71LTHn8QopE1tYVp-2FX-2Br08qA1yywGwU3c4MVrlWG-2BFbxw1q-2Fo2e8fear09VrdxSTaZYVAh-2F7Xjhpabc-2Bcxm1n9Xbtacc4z9BZManLJqZ02pp-2F9yM96t7IgwLb1rxOxJKJoizd1NnBghDuRAiDsQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, February 21, 2024 13:39:50
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 486966: Memory - illegal accesses (RETURN_LOCAL) /tmp/sbbs-Feb-21-2024/src/xpdev/ini_file.c: 1073 in iniGetSString()


    ________________________________________________________________________________________________________
    *** CID 486966: Memory - illegal accesses (RETURN_LOCAL) /tmp/sbbs-Feb-21-2024/src/xpdev/ini_file.c: 1073 in iniGetSString()
    1067 size_t pos;
    1068
    1069 ret = iniGetString(list, section, key, deflt, fval);
    1070 if (ret == NULL)
    1071 return ret;
    1072 if (ret == deflt)
    CID 486966: Memory - illegal accesses (RETURN_LOCAL)
    Returning pointer "ret" which points to local variable "fval".
    1073 return ret;
    1074 if (sz < 1 || value == NULL)
    1075 return value;
    1076 for (pos = 0; ret[pos]; pos++) {
    1077 if (pos == sz - 1)
    1078 break;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DCYsZ_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrB1fCECxNjHKDEt971XvCYyugWw34HvI84c7ZyY-2BmycHBmh3Jr1qZj7bY0gisTp5UvajQDEP9IZaQTdaMfzHs9DaKL5izWrIdkGSbov-2BkvcK5JM0MeIsMOKIH6vPln5vf0C7XQzN4AL02tzLGZGEYX2inJEOXX8A46m4M4faN8zLQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, February 24, 2024 13:40:32
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 486983: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Feb-24-2024/src/conio/bitmap_con.c: 503 in get_full_rectangle_locked()


    ________________________________________________________________________________________________________
    *** CID 486983: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Feb-24-2024/src/conio/bitmap_con.c: 503 in get_full_rectangle_locked()
    497 {
    498 struct rectlist *rect;
    499 size_t sz = screen->screenwidth * screen->screenheight;
    500 size_t pos;
    501
    502 // TODO: Some sort of caching here would make things faster...? >>> CID 486983: Concurrent data access violations (MISSING_LOCK)
    Accessing "callbacks.drawrect" without holding lock "bitmap_callbacks.lock". Elsewhere, "bitmap_callbacks.drawrect" is written to with "bitmap_callbacks.lock" held 1 out of 1 times (1 of these accesses strongly imply that it is necessary).
    503 if(callbacks.drawrect) {
    504 rect = alloc_full_rect(screen, true);
    505 if (!rect)
    506 return rect;
    507 for (pos = 0; pos < sz; pos++)
    508 rect->data[pos] = color_value(screen->rect->data[pos]);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3D8c0G_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAVcLrFKXhsSDRaqja0Q4G60ZIIHvAxvJ-2BFLnRXVDcep-2B1SeryMCXp8nrAo0L5iDlIM3xJ7X0g6QrD0mlxK5meH-2BBJ37jGt-2F-2BR0SSgqyC1ybNJHz3XT2-2F11T7UEUt5-2FUqhSnT2Rs5NZnjzJIv-2Bf3-2BxbnrqOl4LZRHeRWkBYW2FZNw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, February 27, 2024 13:40:04
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 487089: High impact quality (Y2K38_SAFETY)
    /logout.cpp: 97 in sbbs_t::logout(bool)()


    ________________________________________________________________________________________________________
    *** CID 487089: High impact quality (Y2K38_SAFETY)
    /logout.cpp: 97 in sbbs_t::logout(bool)()
    91 delfiles(cfg.temp_dir,ALLFILES);
    92 if(sys_status&SS_USERON) { // Insures the useron actually went through logon()/getmsgptrs() first
    93 putmsgptrs();
    94 }
    95 if(!REALSYSOP)
    96 logofflist();
    CID 487089: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->now" is cast to "time32_t".
    97 useron.laston=(time32_t)now;
    98
    99 ttoday=useron.ttoday-useron.textra; /* billable time used prev calls */
    100 if(ttoday>=cfg.level_timeperday[useron.level])
    101 i=0;
    102 else

    ** CID 487088: Error handling issues (CHECKED_RETURN)
    /logout.cpp: 89 in sbbs_t::logout(bool)()


    ________________________________________________________________________________________________________
    *** CID 487088: Error handling issues (CHECKED_RETURN)
    /logout.cpp: 89 in sbbs_t::logout(bool)()
    83 if(cfg.logout_mod[0]) {
    84 lprintf(LOG_DEBUG, "executing logout module: %s", cfg.logout_mod);
    85 exec_bin(cfg.logout_mod,&main_csi);
    86 }
    87 SAFEPRINTF2(path,"%smsgs/%4.4u.msg",cfg.data_dir,useron.number);
    88 if(fexistcase(path) && !flength(path)) /* remove any 0 byte message files */
    CID 487088: Error handling issues (CHECKED_RETURN)
    Calling "remove(path)" without checking return value. This library function may fail and return an error code.
    89 remove(path);
    90
    91 delfiles(cfg.temp_dir,ALLFILES);
    92 if(sys_status&SS_USERON) { // Insures the useron actually went through logon()/getmsgptrs() first
    93 putmsgptrs();
    94 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D6w7L_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZL2KLON9c0qMM4K5aJ-2BfdThB6-2BKGg4cWLgpEPITZFj21NY7HODKa21xNCYmqB9WQ9jGdCaJ8kxZplYYP3ZpJQciN5y3k5uG3vF-2Bbjho-2FJ80W4KFTLh14Ge0YKg4KwvJQypDruDryLBwEKW1kUPhOIUyQwbpfzm3Xgxi8Wb6VLKOw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, February 28, 2024 13:40:48
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    23 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 23 defect(s)


    ** CID 487180: Memory - corruptions (BUFFER_SIZE)
    /sftp.cpp: 1388 in sftp_readdir(sftp_string *, void *)()


    ________________________________________________________________________________________________________
    *** CID 487180: Memory - corruptions (BUFFER_SIZE)
    /sftp.cpp: 1388 in sftp_readdir(sftp_string *, void *)()
    1382 return generic_dot_entry(sbbs, dir, tmppath, &dd->info.rootdir.idx);
    1383 }
    1384 if (dd->info.rootdir.idx == dotdot) {
    1385 if (pm->sftp_patt[1]) {
    1386 char *dir = const_cast<char *>(".."); 1387 snprintf(tmppath, sizeof(tmppath) - 2 /* for dir */, pm->sftp_patt, sbbs->useron.alias);
    CID 487180: Memory - corruptions (BUFFER_SIZE)
    Buffer "tmppath" has a size of 4097 characters, and its string length (null character not included) is 4095 characters, leaving an available space of 2 characters. Appending "dir", whose string length (null character not included) is 2 characters, plus the null character overruns "tmppath".
    1388 strcat(tmppath, dir);
    1389 return generic_dot_realpath_entry(sbbs, dir, tmppath, &dd->info.rootdir.idx);
    1390 }
    1391 else
    1392 dd->info.rootdir.idx++;
    1393 }

    ** CID 487179: (MISSING_LOCK)
    /tmp/sbbs-Feb-28-2024/src/sftp/sftp_static.h: 63 in exit_function() /tmp/sbbs-Feb-28-2024/src/sftp/sftp_static.h: 63 in exit_function()


    ________________________________________________________________________________________________________
    *** CID 487179: (MISSING_LOCK)
    /tmp/sbbs-Feb-28-2024/src/sftp/sftp_static.h: 63 in exit_function()
    57 }
    58
    59 static bool
    60 exit_function(SFTP_STATIC_TYPE state, bool retval)
    61 {
    62 assert(state->running > 0);
    CID 487179: (MISSING_LOCK)
    Accessing "state->running" without holding lock "sftp_client_state.mtx". Elsewhere, "sftp_client_state.running" is written to with "sftp_client_state.mtx" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
    63 state->running--;
    64 pthread_mutex_unlock(&state->mtx);
    65 return retval;
    66 }
    67
    68 static bool
    /tmp/sbbs-Feb-28-2024/src/sftp/sftp_static.h: 63 in exit_function()
    57 }
    58
    59 static bool
    60 exit_function(SFTP_STATIC_TYPE state, bool retval)
    61 {
    62 assert(state->running > 0);
    CID 487179: (MISSING_LOCK)
    Accessing "state->running" without holding lock "sftp_server_state.mtx". Elsewhere, "sftp_server_state.running" is written to with "sftp_server_state.mtx" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
    63 state->running--;
    64 pthread_mutex_unlock(&state->mtx);
    65 return retval;
    66 }
    67
    68 static bool

    ** CID 487178: (RESOURCE_LEAK)
    /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 78 in s_open() /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 72 in s_open() /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 82 in s_open() /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 68 in s_open()


    ________________________________________________________________________________________________________
    *** CID 487178: (RESOURCE_LEAK) /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 78 in s_open()
    72 return true;
    73 }
    74 }
    75 if (!(flags & SSH_FXF_CREAT)) {
    76 if (flags & SSH_FXF_TRUNC) {
    77 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't truncate unless creating");
    CID 487178: (RESOURCE_LEAK)
    Variable "fname" going out of scope leaks the storage it points to.
    78 return true;
    79 }
    80 if (flags & SSH_FXF_EXCL) {
    81 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't open exclisive unless creating");
    82 return true;
    83 }
    /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 72 in s_open()
    66 if (flags & SSH_FXF_CREAT) {
    67 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't create unless writing");
    68 return true;
    69 }
    70 if (flags & SSH_FXF_APPEND) {
    71 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't append unless writing");
    CID 487178: (RESOURCE_LEAK)
    Variable "fname" going out of scope leaks the storage it points to.
    72 return true;
    73 }
    74 }
    75 if (!(flags & SSH_FXF_CREAT)) {
    76 if (flags & SSH_FXF_TRUNC) {
    77 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't truncate unless creating");
    /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 82 in s_open()
    76 if (flags & SSH_FXF_TRUNC) {
    77 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't truncate unless creating");
    78 return true;
    79 }
    80 if (flags & SSH_FXF_EXCL) {
    81 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't open exclisive unless creating");
    CID 487178: (RESOURCE_LEAK)
    Variable "fname" going out of scope leaks the storage it points to.
    82 return true;
    83 }
    84 }
    85 attrs = sftp_getfattr(state->rxp);
    86 if (attrs == NULL) {
    87 free_sftp_str(fname); /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 68 in s_open()
    62 if (fname == NULL)
    63 return false;
    64 flags = get32(state);
    65 if (!(flags & SSH_FXF_WRITE)) {
    66 if (flags & SSH_FXF_CREAT) {
    67 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't create unless writing");
    CID 487178: (RESOURCE_LEAK)
    Variable "fname" going out of scope leaks the storage it points to.
    68 return true;
    69 }
    70 if (flags & SSH_FXF_APPEND) {
    71 sftps_send_error(state, SSH_FX_OP_UNSUPPORTED, "Can't append unless writing");
    72 return true;
    73 }

    ** CID 487177: (Y2K38_SAFETY)
    /sftp.cpp: 433 in homefile_attrs(sbbs_t *, const char *)()
    /sftp.cpp: 433 in homefile_attrs(sbbs_t *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 487177: (Y2K38_SAFETY)
    /sftp.cpp: 433 in homefile_attrs(sbbs_t *, const char *)()
    427 if (attr == nullptr)
    428 return nullptr;
    429 sftp_fattr_set_permissions(attr, S_IFREG | S_IRWXU | S_IRUSR | S_IWUSR);
    430 sftp_fattr_set_uid_gid(attr, sbbs->useron.number, users_gid); 431 sftp_fattr_set_size(attr, flength(path));
    432 time_t fd = fdate(path);
    CID 487177: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "fd" is cast to "uint32_t".
    433 sftp_fattr_set_times(attr, fd, fd);
    434 return attr;
    435 }
    436
    437 static sftp_file_attr_t
    438 sshkeys_attrs(sbbs_t *sbbs, const char *path)
    /sftp.cpp: 433 in homefile_attrs(sbbs_t *, const char *)()
    427 if (attr == nullptr)
    428 return nullptr;
    429 sftp_fattr_set_permissions(attr, S_IFREG | S_IRWXU | S_IRUSR | S_IWUSR);
    430 sftp_fattr_set_uid_gid(attr, sbbs->useron.number, users_gid); 431 sftp_fattr_set_size(attr, flength(path));
    432 time_t fd = fdate(path);
    CID 487177: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "fd" is cast to "uint32_t".
    433 sftp_fattr_set_times(attr, fd, fd);
    434 return attr;
    435 }
    436
    437 static sftp_file_attr_t
    438 sshkeys_attrs(sbbs_t *sbbs, const char *path)

    ** CID 487176: (RESOURCE_LEAK)
    /sftp.cpp: 741 in find_lib(sbbs_t *, const char *)()
    /sftp.cpp: 741 in find_lib(sbbs_t *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 487176: (RESOURCE_LEAK)
    /sftp.cpp: 741 in find_lib(sbbs_t *, const char *)()
    735 *c = 0;
    736 for (l = 0; l < sbbs->cfg.total_libs; l++) {
    737 if (!can_user_access_lib(&sbbs->cfg, l, &sbbs->useron, &sbbs->client))
    738 continue;
    739 exp = expand_slash(sbbs->cfg.lib[l]->lname);
    740 if (exp == nullptr)
    CID 487176: (RESOURCE_LEAK)
    Variable "p" going out of scope leaks the storage it points to.
    741 return -1;
    742 if (strcmp(p, exp)) {
    743 free(exp);
    744 continue;
    745 }
    746 free(exp);
    /sftp.cpp: 741 in find_lib(sbbs_t *, const char *)()
    735 *c = 0;
    736 for (l = 0; l < sbbs->cfg.total_libs; l++) {
    737 if (!can_user_access_lib(&sbbs->cfg, l, &sbbs->useron, &sbbs->client))
    738 continue;
    739 exp = expand_slash(sbbs->cfg.lib[l]->lname);
    740 if (exp == nullptr)
    CID 487176: (RESOURCE_LEAK)
    Variable "p" going out of scope leaks the storage it points to.
    741 return -1;
    742 if (strcmp(p, exp)) {
    743 free(exp);
    744 continue;
    745 }
    746 free(exp);

    ** CID 487175: Resource leaks (RESOURCE_LEAK)
    /sftp.cpp: 1517 in sftp_readdir(sftp_string *, void *)()


    ________________________________________________________________________________________________________
    *** CID 487175: Resource leaks (RESOURCE_LEAK)
    /sftp.cpp: 1517 in sftp_readdir(sftp_string *, void *)()
    1511 }
    1512 attr = get_dir_attrs(sbbs, dd->info.filebase.idx);
    1513 if (attr == nullptr)
    1514 return sftps_send_error(sbbs->sftp_state, SSH_FX_FAILURE, "Attributes allocation failure");
    1515 ename = expand_slash(sbbs->cfg.dir[dd->info.filebase.idx]->lname);
    1516 if (ename == nullptr)
    CID 487175: Resource leaks (RESOURCE_LEAK)
    Variable "attr" going out of scope leaks the storage it points to.
    1517 return sftps_send_error(sbbs->sftp_state, SSH_FX_FAILURE, "EName allocation failure");
    1518 lname = get_longname(sbbs, ename, nullptr, attr);
    1519 if (lname == nullptr) {
    1520 free(ename);
    1521 sftp_fattr_free(attr);
    1522 return sftps_send_error(sbbs->sftp_state, SSH_FX_FAILURE, "Longname allocation failure");

    ** CID 487174: Code maintainability issues (UNUSED_VALUE)
    /main.cpp: 1993 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()


    ________________________________________________________________________________________________________
    *** CID 487174: Code maintainability issues (UNUSED_VALUE)
    /main.cpp: 1993 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()
    1987
    1988 if (cid != sbbs->sftp_channel && cid != sbbs->session_channel) {
    1989 lprintf(LOG_WARNING, "Node %d SSH WARNING: attempt to use channel '%s' (%d != %d or %d)"
    1990 , sbbs->cfg.node_num, cname ? cname : "<unknown>", cid, sbbs->session_channel, sbbs->sftp_channel);
    1991 if (cname) {
    1992 free_crypt_attrstr(cname);
    CID 487174: Code maintainability issues (UNUSED_VALUE)
    Assigning value "NULL" to "cname" here, but that stored value is overwritten before it can be used.
    1993 cname = nullptr;
    1994 }
    1995 if (ssname) {
    1996 free_crypt_attrstr(ssname);
    1997 ssname = nullptr;
    1998 }

    ** CID 487173: Program hangs (LOCK)
    /sftp.cpp: 987 in sftp_send(unsigned char *, unsigned long, void *)()


    ________________________________________________________________________________________________________
    *** CID 487173: Program hangs (LOCK)
    /sftp.cpp: 987 in sftp_send(unsigned char *, unsigned long, void *)()
    981 if (sbbs->sftp_channel == -1)
    982 return false;
    983 while (sent < len) {
    984 pthread_mutex_lock(&sbbs->ssh_mutex);
    985 status = cryptSetAttribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL, sbbs->sftp_channel);
    986 if (cryptStatusError(status))
    CID 487173: Program hangs (LOCK)
    Returning without unlocking "sbbs->ssh_mutex".
    987 return false;
    988 size_t sendbytes = len - sent;
    989 #define SENDBYTES_MAX 0x2000
    990 if (sendbytes > SENDBYTES_MAX)
    991 sendbytes = SENDBYTES_MAX;
    992 status = cryptSetAttribute(sbbs->ssh_session, CRYPT_OPTION_NET_WRITETIMEOUT, 5);

    ** CID 487172: Incorrect expression (CONSTANT_EXPRESSION_RESULT)
    /sftp.cpp: 171 in path_map::path_map(sbbs_t *, const unsigned char *, map_path_mode)()


    ________________________________________________________________________________________________________
    *** CID 487172: Incorrect expression (CONSTANT_EXPRESSION_RESULT)
    /sftp.cpp: 171 in path_map::path_map(sbbs_t *, const unsigned char *, map_path_mode)()
    165 return;
    166 }
    167 this->is_static_ = false;
    168 this->info.filebase.dir = -1;
    169 this->info.filebase.lib = -1;
    170 this->info.filebase.idx = dot;
    CID 487172: Incorrect expression (CONSTANT_EXPRESSION_RESULT)
    The expression "this->sftp_path[6UL /* files_path_len */] == 0 || this->sftp_path[6UL /* files_path_len */] == 0" does not accomplish anything because it evaluates to either of its identical operands, "this->sftp_path[6UL /* files_path_len */] == 0".
    171 if (this->sftp_path[files_path_len] == 0 || this->sftp_path[files_path_len] == 0) {
    172 // Root...
    173 result_ = MAP_TO_DIR;
    174 return;
    175 }
    176 const char *lib = &this->sftp_path[files_path_len + 1];

    ** CID 487171: Insecure data handling (TAINTED_SCALAR) /tmp/sbbs-Feb-28-2024/src/sftp/sftp_attr.c: 324 in sftp_getfattr()


    ________________________________________________________________________________________________________
    *** CID 487171: Insecure data handling (TAINTED_SCALAR) /tmp/sbbs-Feb-28-2024/src/sftp/sftp_attr.c: 324 in sftp_getfattr()
    318 ret->atime = sftp_get32(pkt);
    319 ret->mtime = sftp_get32(pkt);
    320 }
    321 if (ret->flags & SSH_FILEXFER_ATTR_EXTENDED) {
    322 uint32_t extcnt = sftp_get32(pkt);
    323 uint32_t ext;
    CID 487171: Insecure data handling (TAINTED_SCALAR)
    Using tainted variable "extcnt" as a loop boundary.
    324 for (ext = 0; ext < extcnt; ext++) {
    325 sftp_str_t type = sftp_getstring(pkt);
    326 if (type == NULL)
    327 break;
    328 sftp_str_t data = sftp_getstring(pkt);
    329 if (data == NULL) {

    ** CID 487170: Security best practices violations (TOCTOU)
    /sftp.cpp: 1147 in sftp_open(sftp_string *, unsigned int, sftp_file_attributes *, void *)()


    ________________________________________________________________________________________________________
    *** CID 487170: Security best practices violations (TOCTOU)
    /sftp.cpp: 1147 in sftp_open(sftp_string *, unsigned int, sftp_file_attributes *, void *)()
    1141 sbbs->sftp_filedes[fdidx]->dir = -1;
    1142 else {
    1143 sbbs->sftp_filedes[fdidx]->dir = pmap.info.filebase.dir;
    1144 sbbs->sftp_filedes[fdidx]->idx_offset = pmap.info.filebase.offset;
    1145 sbbs->sftp_filedes[fdidx]->idx_number = pmap.info.filebase.idx;
    1146 }
    CID 487170: Security best practices violations (TOCTOU)
    Calling function "access" to perform check on "pmap.local_path".
    1147 if (access(pmap.local_path, F_OK) != 0) {
    1148 // File did not exist, and we're creating
    1149 if (oflags & O_CREAT) {
    1150 sbbs->sftp_filedes[fdidx]->created = true;
    1151 }
    1152 }

    ** CID 487169: Error handling issues (CHECKED_RETURN)
    /sftp.cpp: 1044 in sftp_cleanup_callback(void *)()


    ________________________________________________________________________________________________________
    *** CID 487169: Error handling issues (CHECKED_RETURN)
    /sftp.cpp: 1044 in sftp_cleanup_callback(void *)()
    1038
    1039 for (unsigned i = 0; i < nfdes; i++) {
    1040 if (sbbs->sftp_filedes[i] != nullptr) {
    1041 close(sbbs->sftp_filedes[i]->fd);
    1042 if (sbbs->sftp_filedes[i]->created && sbbs->sftp_filedes[i]->local_path) {
    1043 // If we were uploading, delete the incomplete file
    CID 487169: Error handling issues (CHECKED_RETURN)
    Calling "remove(sbbs->sftp_filedes[i]->local_path)" without checking return value. This library function may fail and return an error code.
    1044 remove(sbbs->sftp_filedes[i]->local_path);
    1045 }
    1046 free(sbbs->sftp_filedes[i]->local_path);
    1047 free(sbbs->sftp_filedes[i]);
    1048 sbbs->sftp_filedes[i] = nullptr;
    1049 }

    ** CID 487168: (UNUSED_VALUE) /tmp/sbbs-Feb-28-2024/3rdp/src/cl/session/ssh2_msgsvr.c: 679 in processChannelRequest()
    /tmp/sbbs-Feb-28-2024/3rdp/src/cl/session/ssh2_msgsvr.c: 691 in processChannelRequest()


    ________________________________________________________________________________________________________
    *** CID 487168: (UNUSED_VALUE) /tmp/sbbs-Feb-28-2024/3rdp/src/cl/session/ssh2_msgsvr.c: 679 in processChannelRequest()
    673 setChannelAttribute(sessionInfoPtr, CRYPT_SESSINFO_SSH_CHANNEL_WIDTH, status);
    674 status = readUint32(stream);
    675 if (status > 0)
    676 setChannelAttribute(sessionInfoPtr, CRYPT_SESSINFO_SSH_CHANNEL_HEIGHT, status);
    677 break;
    678 case REQUEST_SHELL:
    CID 487168: (UNUSED_VALUE)
    Assigning value from "setChannelAttributeS(sessionInfoPtr, CRYPT_SESSINFO_SSH_CHANNEL_TYPE, "shell", 5)" to "status" here, but that stored value is overwritten before it can be used.
    679 status = setChannelAttributeS( sessionInfoPtr, 680 CRYPT_SESSINFO_SSH_CHANNEL_TYPE,
    681 "shell", 5 );
    682 break;
    683 case REQUEST_NOOP:
    684 /* Generic requests containing extra information that we're not
    /tmp/sbbs-Feb-28-2024/3rdp/src/cl/session/ssh2_msgsvr.c: 691 in processChannelRequest()
    685 interested in */
    686 break;
    687
    688 #ifdef USE_SSH_EXTENDED
    689 case REQUEST_EXEC:
    690 /* A further generic request that we're not interested in */
    CID 487168: (UNUSED_VALUE)
    Assigning value from "setChannelAttributeS(sessionInfoPtr, CRYPT_SESSINFO_SSH_CHANNEL_TYPE, "exec", 4)" to "status" here, but that stored value is overwritten before it can be used.
    691 status = setChannelAttributeS( sessionInfoPtr, 692 CRYPT_SESSINFO_SSH_CHANNEL_TYPE,
    693 "exec", 4 );
    694 break;
    695
    696 case REQUEST_SUBSYSTEM:

    ** CID 487167: Program hangs (LOCK)
    /main.cpp: 2048 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()


    ________________________________________________________________________________________________________
    *** CID 487167: Program hangs (LOCK)
    /main.cpp: 2048 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()
    2042 if (closed && sbbs->sftp_channel == -1 && sbbs->session_channel == -1)
    2043 return CRYPT_ERROR_COMPLETE; 2044 }
    2045 }
    2046 if (ret == CRYPT_ENVELOPE_RESOURCE)
    2047 return CRYPT_ERROR_TIMEOUT;
    CID 487167: Program hangs (LOCK)
    Returning without unlocking "sbbs->sftp_state->mtx".
    2048 return ret;
    2049 }
    2050 return CRYPT_ERROR_TIMEOUT;
    2051 }
    2052
    2053 void input_thread(void *arg)

    ** CID 487166: (CHECKED_RETURN)
    /main.cpp: 2036 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)() /main.cpp: 2028 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()


    ________________________________________________________________________________________________________
    *** CID 487166: (CHECKED_RETURN)
    /main.cpp: 2036 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()
    2030 closed = true;
    2031 }
    2032 }
    2033 if (sbbs->session_channel != -1) {
    2034 if (!channel_open(sbbs, sbbs->session_channel)) {
    2035 if (cryptStatusOK(cryptSetAttribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL, sbbs->session_channel)))
    CID 487166: (CHECKED_RETURN)
    Calling "cryptSetAttribute" without checking return value (as is done elsewhere 50 out of 61 times).
    2036 cryptSetAttribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE, 0);
    2037 sbbs->session_channel = -1;
    2038 closed = true;
    2039 }
    2040 }
    2041 // All channels are now closed. /main.cpp: 2028 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()
    2022 if (status != CRYPT_ERROR_NOTFOUND) 2023 sbbs->log_crypt_error_status_sock(status, "getting channel id");
    2024 closing_channel = -1;
    2025 if (sbbs->sftp_channel != -1) {
    2026 if (!channel_open(sbbs, sbbs->sftp_channel)) {
    2027 if (cryptStatusOK(cryptSetAttribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL, sbbs->sftp_channel)))
    CID 487166: (CHECKED_RETURN)
    Calling "cryptSetAttribute" without checking return value (as is done elsewhere 50 out of 61 times).
    2028 cryptSetAttribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE, 0);
    2029 sbbs->sftp_channel = -1;
    2030 closed = true;
    2031 }
    2032 }
    2033 if (sbbs->session_channel != -1) {

    ** CID 487165: (REVERSE_INULL)
    /main.cpp: 1984 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)() /main.cpp: 1975 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()


    ________________________________________________________________________________________________________
    *** CID 487165: (REVERSE_INULL)
    /main.cpp: 1984 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()
    1978 if (!sftps_recv(sbbs->sftp_state, reinterpret_cast<uint8_t *>(inbuf), tgot))
    1979 sbbs->sftp_end();
    1980 }
    1981 sbbs->sftp_channel = cid;
    1982 }
    1983 }
    CID 487165: (REVERSE_INULL)
    Null-checking "cname" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    1984 if (cname && sbbs->session_channel == -1 && strcmp(cname, "shell") == 0) {
    1985 sbbs->session_channel = cid;
    1986 }
    1987
    1988 if (cid != sbbs->sftp_channel && cid != sbbs->session_channel) {
    1989 lprintf(LOG_WARNING, "Node %d SSH WARNING: attempt to use channel '%s' (%d != %d or %d)"
    /main.cpp: 1975 in crypt_pop_channel_data(sbbs_t *, char *, int, int *)()
    1969 return status;
    1970 }
    1971 cname = get_crypt_attribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL_TYPE);
    1972 if (strcmp(cname, "subsystem") == 0) {
    1973 ssname = get_crypt_attribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL_ARG1);
    1974 }
    CID 487165: (REVERSE_INULL)
    Null-checking "cname" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
    1975 if (((startup->options & (BBS_OPT_ALLOW_SFTP | BBS_OPT_SSH_ANYAUTH)) == BBS_OPT_ALLOW_SFTP) && ssname && cname && sbbs->sftp_channel == -1 && strcmp(ssname, "sftp") == 0) {
    1976 if (sbbs->init_sftp(cid)) {
    1977 if (tgot > 0) { 1978 if (!sftps_recv(sbbs->sftp_state, reinterpret_cast<uint8_t *>(inbuf), tgot))
    1979 sbbs->sftp_end();
    1980 }

    ** CID 487164: Resource leaks (RESOURCE_LEAK)
    /sftp.cpp: 1424 in sftp_readdir(sftp_string *, void *)()


    ________________________________________________________________________________________________________
    *** CID 487164: Resource leaks (RESOURCE_LEAK)
    /sftp.cpp: 1424 in sftp_readdir(sftp_string *, void *)()
    1418 continue;
    1419 }
    1420 sprintf(tmppath, static_files[dd->info.rootdir.idx].sftp_patt, sbbs->useron.alias);
    1421 remove_trailing_slash(tmppath);
    1422 attr = get_attrs(sbbs, tmppath, &link);
    1423 if (attr == nullptr)
    CID 487164: Resource leaks (RESOURCE_LEAK)
    Variable "link" going out of scope leaks the storage it points to.
    1424 return sftps_send_error(sbbs->sftp_state, SSH_FX_FAILURE, "Attributes allocation failure");
    1425 lname = get_longname(sbbs, tmppath, link, attr);
    1426 if (lname == nullptr) {
    1427 sftp_fattr_free(attr);
    1428 return sftps_send_error(sbbs->sftp_state, SSH_FX_FAILURE, "Longname allocation failure");
    1429 }

    ** CID 487163: Program hangs (LOCK) /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 373 in sftps_recv()


    ________________________________________________________________________________________________________
    *** CID 487163: Program hangs (LOCK) /tmp/sbbs-Feb-28-2024/src/sftp/sftp_server.c: 373 in sftps_recv()
    367 if (!sftp_rx_pkt_append(&state->rxp, buf, sz))
    368 return exit_function(state, false);
    369 if (sftp_have_pkt_sz(state->rxp)) {
    370 uint32_t psz = sftp_pkt_sz(state->rxp);
    371 if (psz > SFTP_MAX_PACKET_SIZE) {
    372 state->lprintf(state->cb_data, "Packet too large (%" PRIu32 " bytes)", psz);
    CID 487163: Program hangs (LOCK)
    Returning without unlocking "state->mtx".
    373 return false;
    374 }
    375 }
    376 while (sftp_have_full_pkt(state->rxp)) {
    377 bool handled = false;
    378

    ** CID 487162: Control flow issues (DEADCODE)
    /sftp.cpp: 871 in get_attrs(sbbs_t *, const char *, char **)()


    ________________________________________________________________________________________________________
    *** CID 487162: Control flow issues (DEADCODE)
    /sftp.cpp: 871 in get_attrs(sbbs_t *, const char *, char **)()
    865 else
    866 ppath[0] = 0;
    867 ret = pm->get_attrs(sbbs, ppath);
    868 if (link && pm->link_patt) {
    869 asprintf(link, pm->link_patt, sbbs->useron.alias);
    870 if (link == nullptr) {
    CID 487162: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "sftp_fattr_free(ret);".
    871 sftp_fattr_free(ret);
    872 ret = nullptr;
    873 }
    874 }
    875 return ret;
    876 }

    ** CID 487161: (Y2K38_SAFETY)
    /sftp.cpp: 448 in sshkeys_attrs(sbbs_t *, const char *)()
    /sftp.cpp: 448 in sshkeys_attrs(sbbs_t *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 487161: (Y2K38_SAFETY)
    /sftp.cpp: 448 in sshkeys_attrs(sbbs_t *, const char *)()
    442 if (attr == nullptr)
    443 return nullptr;
    444 sftp_fattr_set_permissions(attr, S_IFLNK | S_IRWXU | S_IRUSR | S_IWUSR);
    445 sftp_fattr_set_uid_gid(attr, sbbs->useron.number, users_gid); 446 sftp_fattr_set_size(attr, flength(path));
    447 time_t fd = fdate(path);
    CID 487161: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "fd" is cast to "uint32_t".
    448 sftp_fattr_set_times(attr, fd, fd);
    449 return attr;
    450 }
    451
    452 void
    453 remove_trailing_slash(char *str)
    /sftp.cpp: 448 in sshkeys_attrs(sbbs_t *, const char *)()
    442 if (attr == nullptr)
    443 return nullptr;
    444 sftp_fattr_set_permissions(attr, S_IFLNK | S_IRWXU | S_IRUSR | S_IWUSR);
    445 sftp_fattr_set_uid_gid(attr, sbbs->useron.number, users_gid); 446 sftp_fattr_set_size(attr, flength(path));
    447 time_t fd = fdate(path);
    CID 487161: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "fd" is cast to "uint32_t".
    448 sftp_fattr_set_times(attr, fd, fd);
    449 return attr;
    450 }
    451
    452 void
    453 remove_trailing_slash(char *str)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D4ieG_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZz6Lg2xx1dh6E9z4lSXKW4n9yiZaua5LbXznpVF4MIwbp178psQJ2n-2Fpok7ErzI9IlNJTrPj-2F83NUNTOEjSUjSMYrpz0XVq0IKvzP47fjT8ZUoPS4k4FQsPlqiTS940mDZqL8H0V26aTBOs1jlgpdGUT2g7d1Ei-2FiSNIWvXxdCeA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, March 01, 2024 13:43:05
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 487600: Error handling issues (CHECKED_RETURN)
    /sftp.cpp: 1625 in sftp_readdir(sftp_string *, void *)()


    ________________________________________________________________________________________________________
    *** CID 487600: Error handling issues (CHECKED_RETURN)
    /sftp.cpp: 1625 in sftp_readdir(sftp_string *, void *)()
    1619 free(link);
    1620 if (lname == nullptr) {
    1621 sftp_fattr_free(attr);
    1622 return sftps_send_error(sbbs->sftp_state, SSH_FX_FAILURE, "Longname allocation failure");
    1623 }
    1624 vpath = getfname(tmppath);
    CID 487600: Error handling issues (CHECKED_RETURN)
    Calling "add_name" without checking return value (as is done elsewhere 4 out of 5 times).
    1625 fn.add_name(strdup(vpath), lname, attr);
    1626 }
    1627 }
    1628 else {
    1629 if (dd->info.filebase.lib == -1) {
    1630 // /files/ (ie: list of libs)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D_Mv9_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZAvea4qFQBhPrjKB4cHy2kAbmKz1-2F0ttbXdmTqhC-2BEq7-2Bvgywi6EN0yh9ZWlpucVXNfv4OAgSDch06A-2FyZfKQuykxNA3ygHnLLNJZ-2FPbpNGcgiztSzdmC0nW0gtMv3miUCmrLhEqR-2FOP8z9BsqWg6i-2B8KyEK4CuE0E7PMo9TUvnw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, March 03, 2024 13:41:26
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 487672: Null pointer dereferences (NULL_RETURNS) /tmp/sbbs-Mar-03-2024/src/xpdev/datewrap.c: 36 in checktime()


    ________________________________________________________________________________________________________
    *** CID 487672: Null pointer dereferences (NULL_RETURNS) /tmp/sbbs-Mar-03-2024/src/xpdev/datewrap.c: 36 in checktime()
    30 struct tm gmt;
    31 struct tm tm;
    32
    33 memset(&tm,0,sizeof(tm));
    34 tm.tm_year=94;
    35 tm.tm_mday=1;
    CID 487672: Null pointer dereferences (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "gmtime_r(&t, &gmt)" when calling "mktime".
    36 return mktime(&tm) - mktime(gmtime_r(&t,&gmt));
    37 }
    38
    39 /* Compensates for struct tm "weirdness" */
    40 time_t sane_mktime(struct tm* tm)
    41 {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D-9vV_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbdS62iBETJxCjfqof1M6S95WSy-2FViK1FGVTyAQx6ozqlGvN9awUs6gtEF2eXLxZfTJjLLUyT0fwRFvEc99-2BOQhjAl2O2TUGD1ycgVDsPOsObe7L7LzV-2FFPKXyVz9z9YuZdACZlhk3hv8V4jfGont8ig4eUY-2FGqtqgGqZWYwmWkLQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, March 19, 2024 13:22:45
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 488122: Concurrent data access violations (MISSING_LOCK)
    /websrvr.c: 6243 in respond()


    ________________________________________________________________________________________________________
    *** CID 488122: Concurrent data access violations (MISSING_LOCK)
    /websrvr.c: 6243 in respond()
    6237 ,session->socket, session->client.protocol, session->client.addr, session->req.physical_path
    6238 ,session->req.range_start,session->req.range_end, content_length);
    6239 else
    6240 lprintf(LOG_INFO,"%04d %s [%s] Sending file: %s (%"PRIdOFF" bytes)"
    6241 ,session->socket, session->client.protocol, session->client.addr, session->req.physical_path, content_length);
    6242 snt=sock_sendfile(session,session->req.physical_path,session->req.range_start,session->req.range_end);
    CID 488122: Concurrent data access violations (MISSING_LOCK)
    Accessing "session->send_failed" without holding lock "http_session_t.outbuf_write". Elsewhere, "http_session_t.send_failed" is written to with "http_session_t.outbuf_write" held 1 out of 1 times.
    6243 if(!session->send_failed) {
    6244 if(session->req.ld!=NULL) {
    6245 if(snt<0)
    6246 snt=0;
    6247 session->req.ld->size=snt;
    6248 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DmHtV_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbYwk4stqvOulAQyfb9Qz7UqXa-2FyYiLNtJQLdPQNB0BbrubVIHVqt8wbwLmHsBUJon6PC9sbncKQ-2BAxsdRHbzS8LHKyt8nQ5XXM7E400tls6CE8QTOmeO-2BbTPMyH95TYfYCuXcmmWIuH-2F2U7WSDFD5czc7Rvy8hX-2BZbhm7O5DgwmQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, March 23, 2024 12:40:16
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    5 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 5 of 5 defect(s)


    ** CID 488309: Memory - illegal accesses (STRING_NULL)


    ________________________________________________________________________________________________________
    *** CID 488309: Memory - illegal accesses (STRING_NULL)
    /str.cpp: 344 in sbbs_t::sif(char *, char *, int)()
    338 m+=2;
    339 for(l=m;l<length;l++)
    340 if(buf[l]=='"') {
    341 buf[l]=0;
    342 break;
    343 }
    CID 488309: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "(char *)buf + m" to "getkeys", which expects a null-terminated string.
    344 answers[a++]=(char)getkeys((char *)buf+m,0);
    345 }
    346 else {
    347 answers[a]=getkey(mode);
    348 outchar(answers[a++]);
    349 attr(LIGHTGRAY);

    ** CID 488308: (STRING_NULL)


    ________________________________________________________________________________________________________
    *** CID 488308: (STRING_NULL)
    /sbbsecho.c: 3666 in getzpt()
    3660 faddr=atofaddr(buf+i+6);
    3661 hdr->destzone=faddr.zone;
    3662 hdr->destnet=faddr.net;
    3663 hdr->destnode=faddr.node;
    3664 i+=6;
    3665 while(buf[i] && buf[i]!=' ') i++;
    CID 488308: (STRING_NULL)
    Passing unterminated string "buf + i + 1" to "atofaddr", which expects a null-terminated string.
    3666 faddr=atofaddr(buf+i+1);
    3667 hdr->origzone=faddr.zone;
    3668 hdr->orignet=faddr.net;
    3669 hdr->orignode=faddr.node;
    3670 intl_found = true;
    3671 }
    /sbbsecho.c: 3660 in getzpt()
    3654 if((!i || cr) && buf[i]==CTRL_A) { /* kludge */ 3655 if(!strncmp(buf+i+1,"TOPT ",5))
    3656 hdr->destpoint=atoi(buf+i+6);
    3657 else if(!strncmp(buf+i+1,"FMPT ",5))
    3658 hdr->origpoint=atoi(buf+i+6);
    3659 else if(!strncmp(buf+i+1,"INTL ",5)) {
    CID 488308: (STRING_NULL)
    Passing unterminated string "buf + i + 6" to "atofaddr", which expects a null-terminated string.
    3660 faddr=atofaddr(buf+i+6);
    3661 hdr->destzone=faddr.zone;
    3662 hdr->destnet=faddr.net;
    3663 hdr->destnode=faddr.node;
    3664 i+=6;
    3665 while(buf[i] && buf[i]!=' ') i++;

    ** CID 488307: Memory - illegal accesses (STRING_NULL)


    ________________________________________________________________________________________________________
    *** CID 488307: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Mar-23-2024/src/smblib/smblib.c: 1085 in smb_getmsghdr()
    1079 !=(size_t)msg->hfield[i].length) {
    1080 safe_snprintf(smb->last_error,sizeof(smb->last_error)
    1081 ,"%s reading header (#%d) field data (%d bytes)", __FUNCTION__, (int)i, (int)msg->hfield[i].length);
    1082 smb_freemsgmem(msg);
    1083 return(SMB_ERR_READ);
    1084 }
    CID 488307: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "msg->hfield_dat[i]" to "set_convenience_ptr", which expects a null-terminated string.
    1085 set_convenience_ptr(msg,msg->hfield[i].type,msg->hfield[i].length,msg->hfield_dat[i]);
    1086
    1087 l+=msg->hfield[i].length;
    1088 }
    1089
    1090 /* These convenience pointers must point to something */

    ** CID 488306: (STRING_NULL)
    /sauce.c: 60 in sauce_fread_charinfo()
    /sauce.c: 62 in sauce_fread_charinfo()
    /sauce.c: 59 in sauce_fread_charinfo()
    /sauce.c: 61 in sauce_fread_charinfo()


    ________________________________________________________________________________________________________
    *** CID 488306: (STRING_NULL)
    /sauce.c: 60 in sauce_fread_charinfo()
    54
    55 if(type != NULL)
    56 *type = record.filetype;
    57 if(info != NULL) {
    58 memset(info, 0, sizeof(*info));
    59 SAFECOPY(info->title, record.title); truncsp(info->title);
    CID 488306: (STRING_NULL)
    Passing unterminated string "record.author" to "strlcpy", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
    60 SAFECOPY(info->author, record.author); truncsp(info->author); 61 SAFECOPY(info->group, record.group); truncsp(info->group);
    62 SAFECOPY(info->date, record.date); truncsp(info->date);
    63 info->width = record.tinfo1;
    64 info->height = record.tinfo2;
    65 switch(record.filetype) {
    /sauce.c: 62 in sauce_fread_charinfo()
    56 *type = record.filetype;
    57 if(info != NULL) {
    58 memset(info, 0, sizeof(*info));
    59 SAFECOPY(info->title, record.title); truncsp(info->title);
    60 SAFECOPY(info->author, record.author); truncsp(info->author); 61 SAFECOPY(info->group, record.group); truncsp(info->group);
    CID 488306: (STRING_NULL)
    Passing unterminated string "record.date" to "strlcpy", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
    62 SAFECOPY(info->date, record.date); truncsp(info->date);
    63 info->width = record.tinfo1;
    64 info->height = record.tinfo2;
    65 switch(record.filetype) {
    66 case sauce_char_filetype_ascii:
    67 case sauce_char_filetype_ansi:
    /sauce.c: 59 in sauce_fread_charinfo()
    53 return false;
    54
    55 if(type != NULL)
    56 *type = record.filetype;
    57 if(info != NULL) {
    58 memset(info, 0, sizeof(*info));
    CID 488306: (STRING_NULL)
    Passing unterminated string "record.title" to "strlcpy", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
    59 SAFECOPY(info->title, record.title); truncsp(info->title);
    60 SAFECOPY(info->author, record.author); truncsp(info->author); 61 SAFECOPY(info->group, record.group); truncsp(info->group);
    62 SAFECOPY(info->date, record.date); truncsp(info->date);
    63 info->width = record.tinfo1;
    64 info->height = record.tinfo2;
    /sauce.c: 61 in sauce_fread_charinfo()
    55 if(type != NULL)
    56 *type = record.filetype;
    57 if(info != NULL) {
    58 memset(info, 0, sizeof(*info));
    59 SAFECOPY(info->title, record.title); truncsp(info->title);
    60 SAFECOPY(info->author, record.author); truncsp(info->author); >>> CID 488306: (STRING_NULL)
    Passing unterminated string "record.group" to "strlcpy", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
    61 SAFECOPY(info->group, record.group); truncsp(info->group);
    62 SAFECOPY(info->date, record.date); truncsp(info->date);
    63 info->width = record.tinfo1;
    64 info->height = record.tinfo2;
    65 switch(record.filetype) {
    66 case sauce_char_filetype_ascii:

    ** CID 488305: Memory - corruptions (STRING_OVERFLOW)
    /uedit/uedit.c: 1908 in main()


    ________________________________________________________________________________________________________
    *** CID 488305: Memory - corruptions (STRING_OVERFLOW)
    /uedit/uedit.c: 1908 in main()
    1902
    1903 sbbs_get_ini_fname(ini_file, ctrl_dir);
    1904
    1905 /* Initialize BBS startup structure */
    1906 memset(&bbs_startup,0,sizeof(bbs_startup));
    1907 bbs_startup.size=sizeof(bbs_startup);
    CID 488305: Memory - corruptions (STRING_OVERFLOW)
    You might overrun the 1024-character destination string "bbs_startup.ctrl_dir" by writing 4097 characters from "ctrl_dir".
    1908 strcpy(bbs_startup.ctrl_dir,ctrl_dir);
    1909
    1910 /* Read .ini file here */
    1911 if(ini_file[0]!=0 && (fp=fopen(ini_file,"r"))!=NULL) {
    1912 printf("Reading %s\n",ini_file);
    1913 /* We call this function to set defaults, even if there's no .ini file */


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DTnRX_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQaEw-2F35bzGVOVw-2BfAgK10nKBe2EaCuOVThBtA4zmIf-2FH6jtPrg8CF4KIxfGxqbWYZGzK5dEjEeJjcG-2FZFDV9g6z-2BKMwuy3tSgd6XVj6QkX-2FbE7goOVxulE2g8b9eGhrdwq7nNngW7QJqRO3KLACCgsN-2Bn56lb9VdBetusZbl3sfvQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, April 06, 2024 13:32:05
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 492209: High impact quality (Y2K38_SAFETY)
    /js_system.c: 2698 in js_system_resolve()


    ________________________________________________________________________________________________________
    *** CID 492209: High impact quality (Y2K38_SAFETY)
    /js_system.c: 2698 in js_system_resolve()
    2692 LAZY_INTEGER("version_hex", VERSION_HEX);
    2693
    2694 /* Git repo details */
    2695 LAZY_STRING("git_branch", git_branch);
    2696 LAZY_STRING("git_hash", git_hash);
    2697 LAZY_STRING("git_date", git_date);
    CID 492209: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "git_time" is cast to "uint32".
    2698 LAZY_INTEGER("git_time", git_time);
    2699
    2700 LAZY_STRING("platform", PLATFORM_DESC);
    2701 LAZY_STRING("architecture", ARCHITECTURE_DESC);
    2702 LAZY_STRFUNC("msgbase_lib", sprintf(str,"SMBLIB %s",smb_lib_ver()), str);
    2703 LAZY_STRFUNC("compiled_with", DESCRIBE_COMPILER(str), str);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DSh4N_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQaN8mnibgm8pDR-2F-2Bbe3f8EPEDiLDxICRbQfwsS-2Fj8I1S6oBPCdVVfNCUqkg9CbPMpOrc11Ju1i-2FZKGsMzQGZ93UZziuSMITFnGZKSuUqmlzwhD3piRfCu-2FFg3Xzyb2Yn1CDiKvT9pNBRM-2BVi7M2skqdIOXzqcGfoVNCwcEXj-2BCEWA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, April 09, 2024 13:19:43
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 492287: Error handling issues (CHECKED_RETURN)
    /main.cpp: 4472 in node_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 492287: Error handling issues (CHECKED_RETURN)
    /main.cpp: 4472 in node_thread(void *)()
    4466 }
    4467 SAFEPRINTF2(str,"%s%s.bin",sbbs->cfg.mods_dir
    4468 ,sbbs->cfg.shell[sbbs->useron.shell]->code);
    4469 if(sbbs->cfg.mods_dir[0]==0 || !fexistcase(str)) {
    4470 SAFEPRINTF2(str,"%s%s.bin",sbbs->cfg.exec_dir
    4471 ,sbbs->cfg.shell[sbbs->useron.shell]->code);
    CID 492287: Error handling issues (CHECKED_RETURN)
    Calling "fexistcase" without checking return value (as is done elsewhere 117 out of 131 times).
    4472 fexistcase(str);
    4473 }
    4474 if((file=sbbs->nopen(str,O_RDONLY))==-1) {
    4475 sbbs->errormsg(WHERE,ERR_OPEN,str,O_RDONLY);
    4476 sbbs->hangup();
    4477 break;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DHvP9_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQagYisv-2BW69zRWxBhimCtdag5Y-2FmNQU-2F9a-2BQz99muYyDMQHaJ9IAAUHt0J4m9PdQ-2FM2LeT5-2B1UNdpeKXpgNOTn265LNUeBHOZI40IJ3EqY58uotyMvBntmOFa6NssYuPj9pyF9jsG3Ot15K77yZ8uUVZ5aWBxVVnDKUwxo1ITxjHQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, May 04, 2024 12:40:02
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 493283: Incorrect expression (NO_EFFECT)
    /mqtt.c: 811 in mqtt_user_login_fail()


    ________________________________________________________________________________________________________
    *** CID 493283: Incorrect expression (NO_EFFECT)
    /mqtt.c: 811 in mqtt_user_login_fail()
    805 if(mqtt == NULL || mqtt->cfg == NULL || client == NULL)
    806 return MQTT_FAILURE;
    807
    808 if(!mqtt->cfg->mqtt.enabled)
    809 return MQTT_SUCCESS;
    810
    CID 493283: Incorrect expression (NO_EFFECT)
    Comparing an array to null is not useful: "client->protocol == NULL", since the test will always evaluate as true.
    811 if(client->protocol == NULL || username == NULL)
    812 return MQTT_FAILURE;
    813 snprintf(topic, sizeof(topic), "login_fail/%s", client->protocol);
    814 strlwr(topic);
    815 snprintf(str, sizeof(str), "%s\t%s\t%s"
    816 ,username


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DzAgs_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQadI1-2FAsWIvGn-2BZ2YIPvmhLCu-2B1HFus-2FViv7odM0blgwJlSMhW5FP3Xkis4Ci7djMxV4S-2FpyGhgUj8KAvsWeecIJ1ln5YucvZvzvyf4HPVrDO8-2FLvieqY0sywMQ-2FhJEqN8WVo9AKRxOHtw7NsNWjr9Is7xQTg-2BmQd-2BBa6Z-2BXsMiSw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, June 21, 2024 12:40:04
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 497098: Resource leaks (RESOURCE_LEAK)
    /js_filebase.c: 325 in parse_file_name()


    ________________________________________________________________________________________________________
    *** CID 497098: Resource leaks (RESOURCE_LEAK)
    /js_filebase.c: 325 in parse_file_name()
    319 if(JS_GetProperty(cx, obj, prop_name, &val) && !JSVAL_NULL_OR_VOID(val)) {
    320 JSVALUE_TO_MSTRING(cx, val, cp, NULL);
    321 if(cp == NULL) {
    322 JS_ReportError(cx, "Invalid '%s' string in file object", prop_name);
    323 return NULL;
    324 }
    CID 497098: Resource leaks (RESOURCE_LEAK)
    Variable "cp" going out of scope leaks the storage it points to.
    325 return strdup(cp);
    326 }
    327 JS_ReportError(cx, "Missing '%s' string in file object", prop_name);
    328 return NULL;
    329 }
    330


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DxkhG_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZZtSzYzfvQoBQM1WsYtjQc02R5bvuGDasDe1R1GX8VoPvtGi-2FoTZcq6T7jcTA9OlabmiybEJFFTwaaEcFcr7cqoyBFT0Xw3AZ-2Fgf8Xxa1nSM-2FLrkQMPM2ixtLH2vUsu17Tu25sW91h9WUpwNyEySd-2F9Tw4l4H0tRZM-2Bze1SwHZwg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, November 22, 2023 13:38:53
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    39 new defect(s) introduced to Synchronet found with Coverity Scan.
    12 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 39 defect(s)


    ** CID 469141: Data race undermines locking (LOCK_EVASION)
    /answer.cpp: 450 in sbbs_t::answer()()


    ________________________________________________________________________________________________________
    *** CID 469141: Data race undermines locking (LOCK_EVASION)
    /answer.cpp: 450 in sbbs_t::answer()()
    444 if(telnet_cols >= TERM_COLS_MIN && telnet_cols <= TERM_COLS_MAX)
    445 cols = telnet_cols;
    446 if(telnet_rows >= TERM_ROWS_MIN && telnet_rows <= TERM_ROWS_MAX)
    447 rows = telnet_rows;
    448 } else {
    449 lprintf(LOG_NOTICE, "no Telnet commands received, reverting to Raw TCP mode");
    CID 469141: Data race undermines locking (LOCK_EVASION)
    Thread1 sets "telnet_mode" to a new value. Now the two threads have an inconsistent view of "telnet_mode" and updates to fields correlated with "telnet_mode" may be lost.
    450 telnet_mode |= TELNET_MODE_OFF;
    451 client.protocol = "Raw";
    452 client_on(client_socket, &client,/* update: */true);
    453 SAFECOPY(connection, client.protocol);
    454 node_connection = NODE_CONNECTION_RAW;
    455 }

    ** CID 469140: Error handling issues (CHECKED_RETURN)
    /mqtt.c: 521 in mqtt_message_received()


    ________________________________________________________________________________________________________
    *** CID 469140: Error handling issues (CHECKED_RETURN)
    /mqtt.c: 521 in mqtt_message_received()
    515 if(bbs_startup->node_inbuf != NULL && bbs_startup->node_inbuf[i - 1] != NULL)
    516 RingBufWrite(bbs_startup->node_inbuf[i - 1], msg->payload, msg->payloadlen);
    517 return;
    518 }
    519 for(int i = bbs_startup->first_node; i <= bbs_startup->last_node; i++) {
    520 if(strcmp(msg->topic, mqtt_topic(mqtt, TOPIC_BBS, topic, sizeof(topic), "node/%d/msg", i)) == 0) {
    CID 469140: Error handling issues (CHECKED_RETURN)
    Calling "putnmsg" without checking return value (as is done elsewhere 4 out of 5 times).
    521 putnmsg(mqtt->cfg, i, msg->payload); 522 return;
    523 }
    524 if(strcmp(msg->topic, mqtt_topic(mqtt, TOPIC_BBS, topic, sizeof(topic), "node/%d/set/status", i)) == 0) {
    525 set_node_status(mqtt->cfg, i, mqtt_message_value(msg, 0));
    526 return;

    ** CID 469139: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1376 in JSRuntime::realloc(void *, unsigned long, unsigned long, JSContext *)()


    ________________________________________________________________________________________________________
    *** CID 469139: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1376 in JSRuntime::realloc(void *, unsigned long, unsigned long, JSContext *)()
    1370 }
    1371
    1372 void* realloc(void* p, size_t oldBytes, size_t newBytes, JSContext *cx = NULL) {
    1373 JS_ASSERT(oldBytes < newBytes);
    1374 updateMallocCounter(newBytes - oldBytes);
    1375 void *p2 = ::js_realloc(p, newBytes);
    CID 469139: Resource leaks (RESOURCE_LEAK)
    Failing to save or free storage allocated by "this->onOutOfMemory(p, newBytes, cx)" leaks it.
    1376 return JS_LIKELY(!!p2) ? p2 : onOutOfMemory(p, newBytes, cx); 1377 }
    1378
    1379 void* realloc(void* p, size_t bytes, JSContext *cx = NULL) {
    1380 /*
    1381 * For compatibility we do not account for realloc that increases

    ** CID 469138: Uninitialized variables (UNINIT)
    /getkey.cpp: 354 in sbbs_t::getkeys(const char *, unsigned int, int)()


    ________________________________________________________________________________________________________
    *** CID 469138: Uninitialized variables (UNINIT)
    /getkey.cpp: 354 in sbbs_t::getkeys(const char *, unsigned int, int)()
    348 attr(LIGHTGRAY);
    349 CRLF;
    350 }
    351 lncntr=0;
    352 return(-1);
    353 }
    CID 469138: Uninitialized variables (UNINIT)
    Using uninitialized value "*str" when calling "strchr". [Note: The source code implementation of the function has been overridden by a builtin model.]
    354 if(ch && !n && ((keys == NULL && !IS_DIGIT(ch)) || (strchr(str,ch)))) { /* return character if in string */
    355 if(ch > ' ') {
    356 if(!(mode&K_NOECHO))
    357 outchar(ch);
    358 if(useron.misc&COLDKEYS) {
    359 while(online && !(sys_status&SS_ABORT)) {

    ** CID 469137: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/dlmalloc.c: 3549 in sys_alloc()


    ________________________________________________________________________________________________________
    *** CID 469137: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/dlmalloc.c: 3549 in sys_alloc()
    3543 m->max_footprint = m->footprint;
    3544
    3545 if (!is_initialized(m)) { /* first-time initialization */
    3546 m->seg.base = m->least_addr = tbase;
    3547 m->seg.size = tsize;
    3548 set_segment_flags(&m->seg, mmap_flag);
    CID 469137: Concurrent data access violations (MISSING_LOCK)
    Accessing "mparams.magic" without holding lock "magic_init_mutex". Elsewhere, "malloc_params.magic" is written to with "magic_init_mutex" held 1 out of 1 times.
    3549 m->magic = mparams.magic;
    3550 init_bins(m);
    3551 if (is_global(m))
    3552 init_top(m, (mchunkptr)tbase, tsize - TOP_FOOT_SIZE);
    3553 else {
    3554 /* Offset top by embedded malloc_state */

    ** CID 469136: Program hangs (LOCK)
    /js_console.cpp: 2175 in js_lock_input(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 469136: Program hangs (LOCK)
    /js_console.cpp: 2175 in js_lock_input(JSContext *, unsigned int, unsigned long *)()
    2169 pthread_mutex_lock(&sbbs->input_thread_mutex);
    2170 } else {
    2171 pthread_mutex_unlock(&sbbs->input_thread_mutex);
    2172 }
    2173 JS_RESUMEREQUEST(cx, rc);
    2174
    CID 469136: Program hangs (LOCK)
    Returning without unlocking "sbbs->input_thread_mutex".
    2175 return(JS_TRUE);
    2176 }
    2177
    2178 static JSBool
    2179 js_telnet_cmd(JSContext *cx, uintN argc, jsval *arglist)
    2180 {

    ** CID 469135: Concurrent data access violations (MISSING_LOCK)
    /js_rtpool.c: 35 in jsrt_GetNew()


    ________________________________________________________________________________________________________
    *** CID 469135: Concurrent data access violations (MISSING_LOCK) /js_rtpool.c: 35 in jsrt_GetNew()
    29 {
    30 JSRuntime *ret;
    31
    32 if(!initialized) {
    33 initialized=TRUE;
    34 pthread_mutex_init(&jsrt_mutex, NULL);
    CID 469135: Concurrent data access violations (MISSING_LOCK)
    Accessing "rt_list" without holding lock "jsrt_mutex". Elsewhere, "rt_list" is written to with "jsrt_mutex" held 4 out of 5 times.
    35 listInit(&rt_list, 0);
    36 _beginthread(trigger_thread, TRIGGER_THREAD_STACK_SIZE, NULL); 37 }
    38 pthread_mutex_lock(&jsrt_mutex);
    39 ret=JS_NewRuntime(maxbytes);
    40 listPushNode(&rt_list, ret);

    ** CID 469134: Program hangs (LOCK)
    /writemsg.cpp: 1274 in sbbs_t::editfile(char *, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 469134: Program hangs (LOCK)
    /writemsg.cpp: 1274 in sbbs_t::editfile(char *, unsigned int)()
    1268 if(cfg.xedit[useron_xedit-1]->misc&WWIVCOLOR) 1269 mode|=EX_WWIV;
    1270 }
    1271 CLS;
    1272 rioctl(IOCM|PAUSE|ABORT);
    1273 if(external(cmdstr(cfg.xedit[useron_xedit-1]->rcmd,msgtmp,nulstr,NULL,mode), mode, cfg.node_dir)!=0)
    CID 469134: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    1274 return false;
    1275 l=process_edited_file(msgtmp, path, /* mode: */WM_EDIT, &lines,maxlines);
    1276 if(l>0) {
    1277 SAFEPRINTF3(str,"created or edited file: %s (%ld bytes, %u lines)"
    1278 ,path, l, lines);
    1279 logline(LOG_NOTICE,nulstr,str);

    ** CID 469133: Memory - corruptions (OVERRUN)


    ________________________________________________________________________________________________________
    *** CID 469133: Memory - corruptions (OVERRUN) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/jsobjinlines.h: 952 in js::NewNativeClassInstance(JSContext *, js::Class *, JSObject *, JSObject *)()
    946 }
    947
    948 static inline JSObject *
    949 NewNativeClassInstance(JSContext *cx, Class *clasp, JSObject *proto, JSObject *parent)
    950 {
    951 gc::FinalizeKind kind = gc::GetGCObjectKind(JSCLASS_RESERVED_SLOTS(clasp));
    CID 469133: Memory - corruptions (OVERRUN)
    Overrunning callee's array of size 11 by passing argument "kind" (which evaluates to 11) in call to "NewNativeClassInstance".
    952 return NewNativeClassInstance(cx, clasp, proto, parent, kind);
    953 }
    954
    955 bool
    956 FindClassPrototype(JSContext *cx, JSObject *scope, JSProtoKey protoKey, JSObject **protop,
    957 Class *clasp);

    ** CID 469132: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-22-2023/src/conio/sdl_con.c: 692 in sdl_add_key()


    ________________________________________________________________________________________________________
    *** CID 469132: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-22-2023/src/conio/sdl_con.c: 692 in sdl_add_key()
    686 static void sdl_add_key(unsigned int keyval, struct video_stats *vs) 687 {
    688 if(keyval==0xa600 && vs != NULL) {
    689 fullscreen=!fullscreen;
    690 cio_api.mode=fullscreen?CIOLIB_MODE_SDL_FULLSCREEN:CIOLIB_MODE_SDL;
    691 update_cvstat(vs);
    CID 469132: Concurrent data access violations (MISSING_LOCK)
    Accessing "win" without holding lock "win_mutex". Elsewhere, "win" is written to with "win_mutex" held 1 out of 1 times.
    692 sdl.SetWindowFullscreen(win, fullscreen ? SDL_WINDOW_FULLSCREEN_DESKTOP : 0);
    693 if (!fullscreen) {
    694 int w, h;
    695
    696 // Get current window size
    697 sdl.GetWindowSize(win, &w, &h);

    ** CID 469131: Concurrent data access violations (MISSING_LOCK)
    /exec.cpp: 848 in sbbs_t::skipto(csi_t *, unsigned char)()


    ________________________________________________________________________________________________________
    *** CID 469131: Concurrent data access violations (MISSING_LOCK)
    /exec.cpp: 848 in sbbs_t::skipto(csi_t *, unsigned char)()
    842 /* Skcsi->ip to a specific instruction */
    843 /****************************************************************************/
    844 void sbbs_t::skipto(csi_t *csi, uchar inst)
    845 {
    846 int i,j;
    847
    CID 469131: Concurrent data access violations (MISSING_LOCK)
    Accessing "csi->cs" without holding lock "sbbs_t.input_thread_mutex". Elsewhere, "csi_t.cs" is written to with "sbbs_t.input_thread_mutex" held 3 out of 3 times.
    848 while(csi->ip<csi->cs+csi->length && ((inst&0x80) || *csi->ip!=inst)) {
    849
    850 if(*csi->ip==CS_IF_TRUE || *csi->ip==CS_IF_FALSE
    851 || (*csi->ip>=CS_IF_GREATER && *csi->ip<=CS_IF_LESS_OR_EQUAL)) {
    852 csi->ip++;
    853 skipto(csi,CS_ENDIF);

    ** CID 469130: Program hangs (LOCK)
    /writemsg.cpp: 628 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 469130: Program hangs (LOCK)
    /writemsg.cpp: 628 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    622 lprintf(LOG_ERR, "ERROR %d (%s) saving draft message: %s", errno, strerror(errno), draft);
    623 }
    624
    625 if(result != EXIT_SUCCESS || !fexistcase(msgtmp) || !online
    626 || (linesquoted && qlen==flength(msgtmp) && qtime==fdate(msgtmp))) {
    627 free(buf);
    CID 469130: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    628 return(false);
    629 }
    630 SAFEPRINTF(str,"%sRESULT.ED",cfg.node_dir);
    631 if(!(mode&(WM_EXTDESC|WM_FILE))
    632 && fexistcase(str)) {
    633 if((fp=fopen(str,"r")) != NULL) {

    ** CID 469129: Data race undermines locking (LOCK_EVASION)
    /main.cpp: 3908 in sbbs_t::hangup()()


    ________________________________________________________________________________________________________
    *** CID 469129: Data race undermines locking (LOCK_EVASION)
    /main.cpp: 3908 in sbbs_t::hangup()()
    3902 if(client_socket!=INVALID_SOCKET) {
    3903 mswait(1000); /* Give socket output buffer time to flush */
    3904 client_off(client_socket);
    3905 if(ssh_mode) {
    3906 pthread_mutex_lock(&ssh_mutex);
    3907 ssh_session_destroy(client_socket, ssh_session, __LINE__);
    CID 469129: Data race undermines locking (LOCK_EVASION)
    Thread1 sets "ssh_mode" to a new value. Now the two threads have an inconsistent view of "ssh_mode" and updates to fields correlated with "ssh_mode" may be lost.
    3908 ssh_mode = false;
    3909 pthread_mutex_unlock(&ssh_mutex);
    3910 }
    3911 close_socket(client_socket);
    3912 client_socket=INVALID_SOCKET;
    3913 }

    ** CID 469128: Code maintainability issues (UNUSED_VALUE)
    /scfg/scfgchat.c: 716 in guru_cfg()


    ________________________________________________________________________________________________________
    *** CID 469128: Code maintainability issues (UNUSED_VALUE)
    /scfg/scfgchat.c: 716 in guru_cfg()
    710 *cfg.guru[i]=savguru;
    711 uifc.changes=1;
    712 continue;
    713 }
    714 if (msk != 0)
    715 continue;
    CID 469128: Code maintainability issues (UNUSED_VALUE)
    Assigning value "0" to "j" here, but that stored value is overwritten before it can be used.
    716 j=0;
    717 done=0;
    718 while(!done) {
    719 k=0;
    720 snprintf(opt[k++],MAX_OPLN,"%-27.27s%s","Guru Name",cfg.guru[i]->name);
    721 snprintf(opt[k++],MAX_OPLN,"%-27.27s%s","Guru Internal Code",cfg.guru[i]->code);

    ** CID 469127: Code maintainability issues (UNUSED_VALUE)
    /scfg/scfgchat.c: 873 in actsets_cfg()


    ________________________________________________________________________________________________________
    *** CID 469127: Code maintainability issues (UNUSED_VALUE)
    /scfg/scfgchat.c: 873 in actsets_cfg()
    867 uifc.changes=1;
    868 continue;
    869 }
    870 if (msk != 0)
    871 continue;
    872
    CID 469127: Code maintainability issues (UNUSED_VALUE)
    Assigning value "0" to "j" here, but that stored value is overwritten before it can be used.
    873 j=0;
    874 done=0;
    875 while(!done) {
    876 k=0;
    877 snprintf(opt[k++],MAX_OPLN,"%-27.27s%s","Action Set Name",cfg.actset[i]->name);
    878 snprintf(opt[k++],MAX_OPLN,"%-27.27s","Configure Chat Actions...");

    ** CID 469126: Data race undermines locking (LOCK_EVASION) /tmp/sbbs-Nov-22-2023/src/conio/sdl_con.c: 1196 in sdl_video_event_thread()


    ________________________________________________________________________________________________________
    *** CID 469126: Data race undermines locking (LOCK_EVASION) /tmp/sbbs-Nov-22-2023/src/conio/sdl_con.c: 1196 in sdl_video_event_thread() 1190 break;
    1191 case SDL_USEREVENT_INIT:
    1192 if(!sdl_init_good) { 1193 if(sdl.WasInit(SDL_INIT_VIDEO)==SDL_INIT_VIDEO) {
    1194 pthread_mutex_lock(&win_mutex);
    1195 _beginthread(sdl_mouse_thread, 0, NULL);
    CID 469126: Data race undermines locking (LOCK_EVASION)
    Thread1 sets "sdl_init_good" to a new value. Now the two threads have an inconsistent view of "sdl_init_good" and updates to fields correlated with "sdl_init_good" may be lost.
    1196 sdl_init_good=1;
    1197 pthread_mutex_unlock(&win_mutex);
    1198 }
    1199 }
    1200 sdl_ufunc_retval=0; 1201 sem_post(&sdl_ufunc_ret);

    ** CID 469125: Program hangs (LOCK)
    /js_console.cpp: 2149 in js_do_lock_input()


    ________________________________________________________________________________________________________
    *** CID 469125: Program hangs (LOCK)
    /js_console.cpp: 2149 in js_do_lock_input()
    2143
    2144 if(lock) {
    2145 pthread_mutex_lock(&sbbs->input_thread_mutex);
    2146 } else {
    2147 pthread_mutex_unlock(&sbbs->input_thread_mutex);
    2148 }
    CID 469125: Program hangs (LOCK)
    Returning without unlocking "sbbs->input_thread_mutex".
    2149 }
    2150
    2151 static JSBool
    2152 js_lock_input(JSContext *cx, uintN argc, jsval *arglist)
    2153 {
    2154 jsval *argv=JS_ARGV(cx, arglist);

    ** CID 469124: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1387 in JSRuntime::realloc(void *, unsigned long, JSContext *)()


    ________________________________________________________________________________________________________
    *** CID 469124: Resource leaks (RESOURCE_LEAK) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/jscntxt.h: 1387 in JSRuntime::realloc(void *, unsigned long, JSContext *)()
    1381 * For compatibility we do not account for realloc that increases
    1382 * previously allocated memory.
    1383 */
    1384 if (!p)
    1385 updateMallocCounter(bytes);
    1386 void *p2 = ::js_realloc(p, bytes);
    CID 469124: Resource leaks (RESOURCE_LEAK)
    Failing to save or free storage allocated by "this->onOutOfMemory(p, bytes, cx)" leaks it.
    1387 return JS_LIKELY(!!p2) ? p2 : onOutOfMemory(p, bytes, cx); 1388 }
    1389
    1390 void free(void* p) { ::js_free(p); }
    1391
    1392 bool isGCMallocLimitReached() const { return gcMallocBytes <= 0; }

    ** CID 469123: Memory - corruptions (USE_AFTER_FREE) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/dlmalloc.c: 3642 in release_unused_segments()


    ________________________________________________________________________________________________________
    *** CID 469123: Memory - corruptions (USE_AFTER_FREE) /tmp/sbbs-Nov-22-2023/3rdp/src/mozjs/js-1.8.5/js/src/ctypes/libffi/src/dlmalloc.c: 3642 in release_unused_segments()
    3636 m->footprint -= size;
    3637 /* unlink obsoleted record */
    3638 sp = pred;
    3639 sp->next = next;
    3640 }
    3641 else { /* back out if cannot unmap */
    CID 469123: Memory - corruptions (USE_AFTER_FREE)
    Dereferencing freed pointer "tp".
    3642 insert_large_chunk(m, tp, psize);
    3643 }
    3644 }
    3645 }
    3646 pred = sp;
    3647 sp = next;

    ** CID 469122: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-22-2023/src/conio/bitmap_con.c: 1945 in bitmap_drv_init()


    ________________________________________________________________________________________________________
    *** CID 469122: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-22-2023/src/conio/bitmap_con.c: 1945 in bitmap_drv_init()
    1939 }
    1940 pthread_mutex_unlock(&screenlock);
    1941 pthread_mutex_unlock(&vstatlock);
    1942
    1943 callbacks.drawrect=drawrect_cb;
    1944 callbacks.flush=flush_cb;
    CID 469122: Concurrent data access violations (MISSING_LOCK)
    Accessing "callbacks.rects" without holding lock "bitmap_callbacks.lock". Elsewhere, "bitmap_callbacks.rects" is written to with "bitmap_callbacks.lock" held 2 out of 3 times.
    1945 callbacks.rects = 0;
    1946 bitmap_initialized=1;
    1947 _beginthread(blinker_thread,0,NULL);
    1948
    1949 return(0);
    1950 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DezJc_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDT3F0wM8qs717Yj7QnFBvYyAUS7vXZd5Pzj9EaE-2FCuUUR9NEokXV0L9QGkQnwKG-2F4JnYcm1wvoWK2grpdczQI6n7wuX-2Bi09RPQD8-2Fo5FYqgA3L383Nxk-2F3tA3xct0exbA8dNWXjcBJFMBco67mM0qFopWSHsWYNweS2rfwVJx4JQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, November 23, 2023 13:39:20
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    11 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 469167: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 469167: (SLEEP)
    /main.cpp: 2494 in output_thread(void *)()
    2488 */
    2489 size_t sendbytes = buftop-bufbot;
    2490 if (sendbytes > 0x2000)
    2491 sendbytes = 0x2000;
    2492 if(cryptStatusError((err=cryptPushData(sbbs->ssh_session, (char*)buf+bufbot, buftop-bufbot, &i)))) {
    2493 /* Handle the SSH error here... */
    CID 469167: (SLEEP)
    Call to "lprintf" might sleep while holding lock "sbbs->ssh_mutex". 2494 GCESSTR(err, node, sbbs->ssh_session, "pushing data");
    2495 ssh_errors++;
    2496 sbbs->online=FALSE;
    2497 i=buftop-bufbot; // Pretend we sent it all
    2498 }
    2499 else {
    /main.cpp: 2479 in output_thread(void *)()
    2473 }
    2474 if(!sbbs->ssh_mode) {
    2475 pthread_mutex_unlock(&sbbs->ssh_mutex); 2476 continue;
    2477 }
    2478 if (cryptStatusError((err=cryptSetAttribute(sbbs->ssh_session, CRYPT_SESSINFO_SSH_CHANNEL, sbbs->session_channel)))) {
    CID 469167: (SLEEP)
    Call to "lprintf" might sleep while holding lock "sbbs->ssh_mutex". 2479 GCESSTR(err, node, sbbs->ssh_session, "setting channel");
    2480 ssh_errors++;
    2481 sbbs->online=FALSE;
    2482 i=buftop-bufbot; // Pretend we sent it all
    2483 }
    2484 else {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3D5OUN_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrAWre6lEuRZshFB9v23oRHfb6cJViSmU6jeWo6H6qjr2TD-2FKFU3E7Wk43r5o6gE3xpEUu2LCxXDEO7eIcPPMxFL1Nq6AhOVschJGcr-2Bj9V3IL2-2BV5MIEfM79IRScL2ukizExtyrX8BpZAnSaCd3CJdrnZtJg68NUadTHcpkaQqA0A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, December 09, 2023 13:46:36
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    5 new defect(s) introduced to Synchronet found with Coverity Scan.
    5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 5 of 5 defect(s)


    ** CID 470390: Program hangs (LOCK)
    /viewfile.cpp: 111 in sbbs_t::viewfile(const char *)()


    ________________________________________________________________________________________________________
    *** CID 470390: Program hangs (LOCK)
    /viewfile.cpp: 111 in sbbs_t::viewfile(const char *)()
    105 if(i >= cfg.total_fviews) {
    106 bprintf(text[NonviewableFile], getfname(path));
    107 return false;
    108 }
    109 if((i=external(cmdstr(viewcmd, path, path, NULL), EX_STDIO|EX_SH))!=0) {
    110 errormsg(WHERE,ERR_EXEC,viewcmd,i); /* must have EX_SH to ^C */
    CID 470390: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    111 return false;
    112 }
    113 return true;
    114 }
    115
    116 /****************************************************************************/

    ** CID 470389: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 470389: (SLEEP)
    /upload.cpp: 84 in sbbs_t::uploadfile(smbmsg_t *)()
    78 safe_snprintf(str,sizeof(str),"attempted to upload %s to %s %s (%s error code %d)"
    79 ,f->name
    80 ,cfg.lib[cfg.dir[f->dir]->lib]->sname,cfg.dir[f->dir]->sname,cfg.ftest[i]->ext
    81 ,result);
    82 logline(LOG_NOTICE,"U!",str);
    83 bprintf(text[FileHadErrors],f->name,cfg.ftest[i]->ext);
    CID 470389: (SLEEP)
    Call to "yesno" might sleep while holding lock "this->input_thread_mutex".
    84 if(!SYSOP || yesno(text[DeleteFileQ]))
    85 remove(path);
    86 return false;
    87 }
    88 SAFEPRINTF(str,"%ssbbsfile.nam",cfg.node_dir);
    89 if((stream=fopen(str,"r"))!=NULL) {
    /upload.cpp: 76 in sbbs_t::uploadfile(smbmsg_t *)()
    70 if(f->desc != NULL)
    71 fprintf(stream, "%s", f->desc);
    72 fclose(stream);
    73 }
    74 // Note: str (%s) is path/to/sbbsfile.des (used to be the description itself)
    75 int result = external(cmdstr(cfg.ftest[i]->cmd, path, str, NULL), EX_OFFLINE);
    CID 470389: (SLEEP)
    Call to "clearline" might sleep while holding lock "this->input_thread_mutex".
    76 clearline();
    77 if(result != 0) {
    78 safe_snprintf(str,sizeof(str),"attempted to upload %s to %s %s (%s error code %d)"
    79 ,f->name
    80 ,cfg.lib[cfg.dir[f->dir]->lib]->sname,cfg.dir[f->dir]->sname,cfg.ftest[i]->ext
    81 ,result);

    ** CID 470388: Program hangs (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 470388: Program hangs (SLEEP)
    /inkey.cpp: 203 in sbbs_t::handle_ctrlkey(char, int)()
    197 }
    198 js_execfile(cmdstr(cfg.hotkey[i]->cmd+1,nulstr,nulstr,tmp), /* startup_dir: */NULL, /* scope: */js_hotkey_glob, js_hotkey_cx, js_hotkey_glob);
    199 } else
    200 external(cmdstr(cfg.hotkey[i]->cmd,nulstr,nulstr,tmp),0);
    201 if(!(sys_status&SS_SPLITP)) {
    202 CRLF;
    CID 470388: Program hangs (SLEEP)
    Call to "restoreline" might sleep while holding lock "this->input_thread_mutex".
    203 restoreline();
    204 }
    205 lncntr=0;
    206 hotkey_inside &= ~(1<<ch);
    207 return(0);
    208 }

    ** CID 470387: Program hangs (LOCK)
    /chat.cpp: 654 in sbbs_t::sysop_page()()


    ________________________________________________________________________________________________________
    *** CID 470387: Program hangs (LOCK)
    /chat.cpp: 654 in sbbs_t::sysop_page()()
    648 ,sys_status&SS_SYSPAGE ? text[On] : text[Off]);
    649 nosound();
    650 }
    651 if(!(sys_status&SS_SYSPAGE))
    652 remove(syspage_semfile);
    653
    CID 470387: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    654 return(true);
    655 }
    656
    657 bprintf(text[SysopIsNotAvailable],cfg.sys_op);
    658
    659 return(false);

    ** CID 470386: Program hangs (LOCK)
    /upload.cpp: 86 in sbbs_t::uploadfile(smbmsg_t *)()


    ________________________________________________________________________________________________________
    *** CID 470386: Program hangs (LOCK)
    /upload.cpp: 86 in sbbs_t::uploadfile(smbmsg_t *)()
    80 ,cfg.lib[cfg.dir[f->dir]->lib]->sname,cfg.dir[f->dir]->sname,cfg.ftest[i]->ext
    81 ,result);
    82 logline(LOG_NOTICE,"U!",str);
    83 bprintf(text[FileHadErrors],f->name,cfg.ftest[i]->ext);
    84 if(!SYSOP || yesno(text[DeleteFileQ]))
    85 remove(path);
    CID 470386: Program hangs (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    86 return false;
    87 }
    88 SAFEPRINTF(str,"%ssbbsfile.nam",cfg.node_dir);
    89 if((stream=fopen(str,"r"))!=NULL) {
    90 if(fgets(str, sizeof(str), stream)) {
    91 truncsp(str);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DH5pk_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrA21pPFXGEfXQOHUavDSOcBiYGiM9SWkNBClk7lfGbusFiEUl9SxTFTJ4pQ4-2BlyM1UpLT55ROOl-2F1zOiBksbquFQPYPy5IMrVblt0Rt7EqhjGmGGXslDjsDDEmF37IS-2FgX2UOIpLYk00zJWe4Ps-2Bw7o9YA3yT5trQhVa4wKyo5Ljw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, December 11, 2023 13:38:31
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 470457: Incorrect expression (SIZEOF_MISMATCH)
    /umonitor/chat.c: 201 in chat()


    ________________________________________________________________________________________________________
    *** CID 470457: Incorrect expression (SIZEOF_MISMATCH)
    /umonitor/chat.c: 201 in chat()
    195 in=-1;
    196 }
    197
    198 utime(inpath,NULL);
    199 _setcursortype(_NORMALCURSOR);
    200 while(1) {
    CID 470457: Incorrect expression (SIZEOF_MISMATCH)
    Passing argument "&ch" of type "int *" and argument "1UL" to function "read" is suspicious because "sizeof (int) /*4*/" is expected.
    201 switch(read(in,&ch,1)) {
    202 case -1:
    203 close(in);
    204 in=-1;
    205 break;
    206


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3Dn7r8_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrC64hJyXzK3aRg-2FOh461xBPdPC3vMQG8wDm6SWRjPpByDWCbozrDoO3h7iN9haQ83FqvIEsneqqmYW1iHtvLfyFr9U7fTJVs-2FgzA-2B3NTVwG-2FkEOdCKTFxrJHyVvcaeKfjx-2FNRzmWtNl3SJh8ILqS8rD31VNGhVX-2F4wDJ-2F-2FhL0JK9w-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, August 08, 2024 12:40:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 508260: Null pointer dereferences (FORWARD_NULL)


    ________________________________________________________________________________________________________
    *** CID 508260: Null pointer dereferences (FORWARD_NULL)
    /js_msgbase.c: 950 in parse_header_object()
    944 msg->hdr.priority=i32;
    945 }
    946
    947 if(JS_GetProperty(cx, hdr, "field_list", &val) && JSVAL_IS_OBJECT(val)) {
    948 array=JSVAL_TO_OBJECT(val);
    949 len=0;
    CID 508260: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "array" to "JS_GetArrayLength", which dereferences it.
    950 if(array == NULL && !JS_GetArrayLength(cx, array, &len)) {
    951 JS_ReportError(cx, "Invalid \"field_list\" array in header object");
    952 goto err;
    953 }
    954
    955 for(i=0;i<len;i++) {

    ** CID 508259: Control flow issues (DEADCODE)
    /js_internal.c: 491 in js_execfile()


    ________________________________________________________________________________________________________
    *** CID 508259: Control flow issues (DEADCODE)
    /js_internal.c: 491 in js_execfile()
    485 else {
    486 JS_ReportError(cx, "Unable to get parent js."JAVASCRIPT_LOAD_PATH_LIST" array.");
    487 return JS_FALSE;
    488 }
    489 }
    490 else {
    CID 508259: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "JS_ReportError(cx, "Unable ...".
    491 JS_ReportError(cx, "Unable to get parent js object"); 492 return JS_FALSE;
    493 }
    494
    495 js_script=JS_CompileFile(cx, js_scope, path);
    496


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D20ER_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZSUgE3dQnVG6wGylJBHlsQHMU-2FeSvlPG-2BveassRKfh2KZ3KQqZYMDLXz99-2FrWMwJQ1T1J2N-2BE4YP3SycyU5tkbW6rwM2zqlUIvWZrfgy3l7iQ0Im12Z6xa2F5EX6ZCGf29mh7eZnuIJTmQCiel8IOekKUKQgh0LXaZSb3gnPQHBw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, August 10, 2024 12:40:35
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    6 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 6 of 6 defect(s)


    ** CID 508288: (STRING_NULL)
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()


    ________________________________________________________________________________________________________
    *** CID 508288: (STRING_NULL)
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
    381 l=K_CHAT;
    382 if(!(mode&TG_ECHO))
    383 l|=K_NOECHO;
    384 rd=getstr((char*)buf,sizeof(buf)-1,l);
    385 if(!rd)
    386 continue;
    CID 508288: (STRING_NULL)
    Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
    387 SAFECAT(buf,crlf);
    388 rd+=2;
    389 gotline=true;
    390 }
    391 if((mode&TG_CRLF) && buf[rd-1]=='\r') 392 buf[rd++]='\n';
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
    381 l=K_CHAT;
    382 if(!(mode&TG_ECHO))
    383 l|=K_NOECHO;
    384 rd=getstr((char*)buf,sizeof(buf)-1,l);
    385 if(!rd)
    386 continue;
    CID 508288: (STRING_NULL)
    Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
    387 SAFECAT(buf,crlf);
    388 rd+=2;
    389 gotline=true;
    390 }
    391 if((mode&TG_CRLF) && buf[rd-1]=='\r') 392 buf[rd++]='\n';

    ** CID 508287: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508287: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508287: Resource leaks (RESOURCE_LEAK)
    Variable "server_user_name" going out of scope leaks the storage it points to.
    3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }

    ** CID 508286: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508286: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508286: Resource leaks (RESOURCE_LEAK)
    Variable "addr" going out of scope leaks the storage it points to.
    3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }

    ** CID 508285: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508285: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508285: Resource leaks (RESOURCE_LEAK)
    Variable "term_type" going out of scope leaks the storage it points to. 3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }

    ** CID 508284: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3041 in js_telnet_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508284: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3041 in js_telnet_gate(JSContext *, unsigned int, unsigned long *)()
    3035 size_t tmplen = 0;
    3036 for(jsuint i = 0; i < count; ++i) {
    3037 jsval val;
    3038 if(!JS_GetElement(cx, array, i, &val)) 3039 break;
    3040 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508284: Resource leaks (RESOURCE_LEAK)
    Variable "addr" going out of scope leaks the storage it points to.
    3041 HANDLE_PENDING(cx, tmp);
    3042 strListPush(&send_strings, tmp);
    3043 }
    3044 free(tmp);
    3045 ++argn;
    3046 }

    ** CID 508283: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508283: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508283: Resource leaks (RESOURCE_LEAK)
    Variable "client_user_name" going out of scope leaks the storage it points to.
    3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Dbu0M_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZNG0uf3i6p71oTc15oH-2BfpO28bQfsz9QVBH3Gtyw7JI9gEMaDnmdnDolPrFN6u9WaZmPVFWjRjCPjNCgu0p853ViRUnY3jw7qF-2FmF-2FRD-2BDN3Me1aa8H00Bk6GPSZ1Hw1-2FmiCWeADspXOcpcxao-2F3gS8JgnOAEga0TIePnt023yjQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, September 14, 2024 12:40:31
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    5 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 5 of 5 defect(s)


    ** CID 509555: Null pointer dereferences (FORWARD_NULL)
    /js_filebase.c: 1307 in js_update_file()


    ________________________________________________________________________________________________________
    *** CID 509555: Null pointer dereferences (FORWARD_NULL)
    /js_filebase.c: 1307 in js_update_file()
    1301 char* extdesc = NULL;
    1302 char* auxdata = NULL;
    1303 rc=JS_SUSPENDREQUEST(cx);
    1304 if(filename != NULL && fileobj != NULL
    1305 && (p->smb_result = smb_loadfile(&p->smb, filename, &file, file_detail_extdesc)) == SMB_SUCCESS) {
    1306 p->smb_result = parse_file_properties(cx, fileobj, &file, &extdesc, &auxdata);
    CID 509555: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "file.name" to "strcmp", which dereferences it. 1307 if(p->smb_result == SMB_SUCCESS
    1308 && strcmp(filename, file.name) != 0 && smb_findfile(&p->smb, file.name, NULL) == SMB_SUCCESS) {
    1309 JS_ReportError(cx, "file (%s) already exists in base", file.name);
    1310 p->smb_result = SMB_DUPE_MSG;
    1311 }
    1312 if(p->smb_result == SMB_SUCCESS

    ** CID 509554: Memory - illegal accesses (STRING_NULL)
    /smbutil.c: 633 in dumpindex()


    ________________________________________________________________________________________________________
    *** CID 509554: Memory - illegal accesses (STRING_NULL)
    /smbutil.c: 633 in dumpindex()
    627 ,xpDate_to_isoDateStr(time_to_xpDate(idx.time), "-", tmp, sizeof(tmp)));
    628 if(smb_msg_type(idx.attr) == SMB_MSG_TYPE_FILE && idxreclen == sizeof(fileidxrec_t)) {
    629 fileidxrec_t fidx;
    630 fseek(smb.sid_fp,((start-1L) + l) * idxreclen,SEEK_SET);
    631 if(!fread(&fidx,sizeof(fidx),1,smb.sid_fp))
    632 break;
    CID 509554: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "fidx.name" to "printf", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
    633 printf(" %02X %.*s", fidx.hash.flags, (int)sizeof(fidx.name), fidx.name);
    634 }
    635 printf("\n");
    636 l++;
    637 }
    638 }

    ** CID 509553: Control flow issues (NESTING_INDENT_MISMATCH)
    /js_filebase.c: 1335 in js_update_file()


    ________________________________________________________________________________________________________
    *** CID 509553: Control flow issues (NESTING_INDENT_MISMATCH)
    /js_filebase.c: 1335 in js_update_file()
    1329 } else {
    1330 if(file.extdesc != NULL)
    1331 truncsp(file.extdesc);
    1332 if(!readd_always && strcmp(extdesc ? extdesc : "", file.extdesc ? file.extdesc : "") == 0
    1333 && strcmp(auxdata ? auxdata : "", file.auxdata ? file.auxdata : "") == 0)
    1334 p->smb_result = smb_putfile(&p->smb, &file);
    CID 509553: Control flow issues (NESTING_INDENT_MISMATCH)
    This 'if' statement is indented to column 41, as if it were nested within the preceding parent statement, but it is not.
    1335 if(p->smb_result != SMB_SUCCESS)
    1336 JS_ReportError(cx, "%d writing '%s'", p->smb_result, file.name);
    1337 else {
    1338 if((p->smb_result = smb_removefile_by_name(&p->smb, filename)) == SMB_SUCCESS) {
    1339 if(readd_always)
    1340 file.hdr.when_imported.time = 0; // we want the file to appear as "new"

    ** CID 509552: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 244 in smb_findfile()


    ________________________________________________________________________________________________________
    *** CID 509552: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 244 in smb_findfile()
    238 if(smb_fread(smb, &fidx, sizeof(fidx), smb->sid_fp) != sizeof(fidx))
    239 break;
    240
    241 f->idx_offset = offset++;
    242
    243 if(filename != NULL) {
    CID 509552: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "fidx.name" to "strcasecmp", which expects a null-terminated string.
    244 if(stricmp(fidx.name, fname) != 0)
    245 continue;
    246 f->file_idx = fidx;
    247 return SMB_SUCCESS;
    248 }
    249

    ** CID 509551: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 441 in smb_removefile()


    ________________________________________________________________________________________________________
    *** CID 509551: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 441 in smb_removefile()
    435 free(fidx);
    436 smb_unlocksmbhdr(smb);
    437 return SMB_ERR_READ;
    438 }
    439 rewind(smb->sid_fp);
    440 for(uint32_t i = 0; i < smb->status.total_files; i++) { >>> CID 509551: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "fidx[i].name" to "strcasecmp", which expects a null-terminated string.
    441 if(stricmp(fidx[i].name, fname) == 0) {
    442 removed++;
    443 continue;
    444 }
    445 if(fwrite(fidx + i, sizeof(*fidx), 1, smb->sid_fp) != 1) {
    446 safe_snprintf(smb->last_error, sizeof(smb->last_error), "%s re-writing index"


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DpoPN_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZXJOgCi8IFr2wp43pRrORx9tzLYjX2Y-2FSYnzacVgdrC5ToyfEd02kRU0czfft4zgHvFTf4l2icBGvZtBDP8972Z-2BLrNSb7QqVDHjYiK23CNzZR9MLbzXh1WOITpsswqNS5z337vFuU-2BJOMvO3veuWFvtJ3Xwk9mN-2FsudyolEK5nw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, September 22, 2024 12:43:45
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    17 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 509721: Resource leaks (RESOURCE_LEAK)
    /scfg/scfgmsg.c: 139 in import_msg_areas()


    ________________________________________________________________________________________________________
    *** CID 509721: Resource leaks (RESOURCE_LEAK)
    /scfg/scfgmsg.c: 139 in import_msg_areas()
    133 new_sub_misc = SUB_FIDO;
    134 ini = iniReadFile(stream);
    135 if(ini == NULL)
    136 return 0;
    137 list = iniGetSectionList(ini, /* prefix: */NULL);
    138 if(list == NULL)
    CID 509721: Resource leaks (RESOURCE_LEAK)
    Variable "ini" going out of scope leaks the storage it points to.
    139 return 0;
    140 break;
    141 default: // EchoLists (e.g. BACKBONE.NA, badareas.lst) and AREAS.BBS
    142 new_sub_misc = SUB_FIDO;
    143 break;
    144 }

    ** CID 509720: (RESOURCE_LEAK)
    /logon.cpp: 670 in sbbs_t::logonstats()()
    /logon.cpp: 676 in sbbs_t::logonstats()()
    /logon.cpp: 649 in sbbs_t::logonstats()()
    /logon.cpp: 673 in sbbs_t::logonstats()()
    /logon.cpp: 682 in sbbs_t::logonstats()()


    ________________________________________________________________________________________________________
    *** CID 509720: (RESOURCE_LEAK)
    /logon.cpp: 670 in sbbs_t::logonstats()()
    664 }
    665 fclose_dstats(dsts);
    666 }
    667 }
    668
    669 if(cfg.node_num==0) /* called from event_thread() */
    CID 509720: (RESOURCE_LEAK)
    Variable "csts" going out of scope leaks the storage it points to.
    670 return(0);
    671
    672 if(thisnode.status==NODE_QUIET) /* Quiet users aren't counted */
    673 return(0);
    674
    675 if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
    /logon.cpp: 676 in sbbs_t::logonstats()()
    670 return(0);
    671
    672 if(thisnode.status==NODE_QUIET) /* Quiet users aren't counted */
    673 return(0);
    674
    675 if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
    CID 509720: (RESOURCE_LEAK)
    Variable "csts" going out of scope leaks the storage it points to.
    676 return(0);
    677
    678 for(i=0;i<2;i++) {
    679 FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */TRUE);
    680 if(fp == NULL) {
    681 errormsg(WHERE, ERR_OPEN, "dsts.ini", i); /logon.cpp: 649 in sbbs_t::logonstats()()
    643 node.misc|=NODE_EVENT;
    644 putnodedat(i,&node);
    645 }
    646 if((dsts = fopen_dstats(&cfg, i, /* for_write: */TRUE)) == NULL) /* doesn't have stats yet */
    647 continue;
    648
    CID 509720: (RESOURCE_LEAK)
    Overwriting "csts" in "csts = fopen_cstats(&this->cfg, i, true)" leaks the storage that "csts" points to.
    649 if((csts = fopen_cstats(&cfg, i, /* for_write: */TRUE)) == NULL) {
    650 fclose_dstats(dsts);
    651 errormsg(WHERE, ERR_OPEN, "csts.tab", i);
    652 continue;
    653 }
    654
    /logon.cpp: 673 in sbbs_t::logonstats()()
    667 }
    668
    669 if(cfg.node_num==0) /* called from event_thread() */
    670 return(0);
    671
    672 if(thisnode.status==NODE_QUIET) /* Quiet users aren't counted */
    CID 509720: (RESOURCE_LEAK)
    Variable "csts" going out of scope leaks the storage it points to.
    673 return(0);
    674
    675 if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
    676 return(0);
    677
    678 for(i=0;i<2;i++) {
    /logon.cpp: 682 in sbbs_t::logonstats()()
    676 return(0);
    677
    678 for(i=0;i<2;i++) {
    679 FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */TRUE);
    680 if(fp == NULL) {
    681 errormsg(WHERE, ERR_OPEN, "dsts.ini", i);
    CID 509720: (RESOURCE_LEAK)
    Variable "csts" going out of scope leaks the storage it points to.
    682 return(0L);
    683 }
    684 if(!fread_dstats(fp, &stats)) {
    685 errormsg(WHERE, ERR_READ, "dsts.ini", i);
    686 } else {
    687 stats.today.logons++;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D1BBg_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYPIsZP1mUIcYDXV-2BIKqJmrVInqiYU6VTjqKrshCKgIaqKtr35-2BruWgG1P-2Bg0yB-2BuAgsL8JZmDQBzw15bXNroJeqqVZoqg0VkgzqvypQVJBEoWQ3SQD0dE3jrBkw3Qa7Rc5CMTgkEjMauyB8RHdROWl9YGmjuyI0AjbW-2Fmd2yoJLA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, October 12, 2024 12:41:05
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 510624: High impact quality (Y2K38_SAFETY)
    /upload.cpp: 361 in sbbs_t::upload(int, const char *)()


    ________________________________________________________________________________________________________
    *** CID 510624: High impact quality (Y2K38_SAFETY)
    /upload.cpp: 361 in sbbs_t::upload(int, const char *)()
    355 SAFEPRINTF(descbeg,text[Rated],toupper(ch));
    356 }
    357 if(cfg.dir[dirnum]->misc&DIR_ULDATE) {
    358 now=time(NULL);
    359 if(descbeg[0])
    360 strcat(descbeg," ");
    CID 510624: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->now" is cast to "time32_t".
    361 SAFEPRINTF(str,"%s ",unixtodstr(&cfg,(time32_t)now,tmp));
    362 strcat(descbeg,str);
    363 }
    364 if(cfg.dir[dirnum]->misc&DIR_MULT) {
    365 sync();
    366 if(!noyes(text[MultipleDiskQ])) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIddI_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYB81ZvyCqI0cAJ-2FU5ubhxKf4JbTpohfwGahN-2FqiJqEJS3JKhfKJrRClFb390j-2Bf3IyHjOgp4TSp0v4WjJhOyS2xAdq9DkOONT15FqaUuN3dwPvrgxJQAm5MhfGSzyQr2ebowkrz6Mx39u7LNSgoa0vxPkqTzBlpznq59pGc5zgjQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, October 28, 2024 12:49:24
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 511447: Control flow issues (DEADCODE)
    /js_bbs.cpp: 2334 in js_xfer_prot_menu(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 511447: Control flow issues (DEADCODE)
    /js_bbs.cpp: 2334 in js_xfer_prot_menu(JSContext *, unsigned int, unsigned long *)()
    2328 if((sbbs=js_GetPrivate(cx, JS_THIS_OBJECT(cx, arglist)))==NULL) 2329 return(JS_FALSE);
    2330
    2331 if(argc > 0 && argv[0] == JSVAL_TRUE)
    2332 xfer_type = XFER_BATCH_UPLOAD;
    2333 if(argc > 1 && argv[1] == JSVAL_TRUE)
    CID 511447: Control flow issues (DEADCODE)
    Execution cannot reach the expression "XFER_BATCH_UPLOAD" inside this statement: "xfer_type = ((xfer_type == ...".
    2334 xfer_type = (xfer_type == XFER_UPLOAD) ? XFER_BATCH_UPLOAD : XFER_BATCH_DOWNLOAD;
    2335
    2336 rc=JS_SUSPENDREQUEST(cx);
    2337 sbbs->xfer_prot_menu(xfer_type, &sbbs->useron, keys, sizeof keys);
    2338 JSString* js_str = JS_NewStringCopyZ(cx, keys);
    2339 if(js_str == nullptr)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DITFI_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQaq5jE-2BLt6d0xDUmd9IA4TiFW4D2c-2Fv2LVaAIklYCEHPyQvUq2Zlw7GDvJu3j8LRmS7SAP5K0MN-2FeHPuzVDlzgYGLGR7UoaRyivmdwaD-2F8GGj2SeuFl5CNmO4uJ75M69NpIJcEgiKbpoWpXeuJdzQYzNm1WuI45zNZnbxNBPzaHrg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, October 29, 2024 12:40:42
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 511508: High impact quality (Y2K38_SAFETY)
    /date_str.c: 158 in datestr()


    ________________________________________________________________________________________________________
    *** CID 511508: High impact quality (Y2K38_SAFETY)
    /date_str.c: 158 in datestr()
    152 /****************************************************************************/
    153 char* datestr(scfg_t* cfg, time_t t, char* str)
    154 {
    155 if(t == 0)
    156 return "---------";
    157 if(!cfg->sys_date_verbal)
    CID 511508: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    158 return unixtodstr(cfg, (time32_t)t, str);
    159 struct tm tm = {0};
    160 if(localtime_r(&t, &tm) == NULL)
    161 return "!!!!!!!!!";
    162 char fmt[32] = "";
    163 switch(cfg->sys_date_fmt) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DeIbg_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZqqLX5nOyr0GCOMCsCoPlrYhtCBBDisrUKXmOFR94rfPCeqYsaUhoG3UZ-2FYUaiUYrgUIufMTzxsRzH7-2B7zAyM4HCi34k5-2FbdZ1Kp-2FDSG9A8IDyw-2BIsKQ-2B2fNzoCls7j0N-2B7Pb2XI8MB8f5lr-2BCPTiUaqWkDFwSWHqbm0IZWY1GZQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, October 30, 2024 12:41:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 511621: High impact quality (Y2K38_SAFETY)
    /str.cpp: 990 in sbbs_t::unixtodstr(long, char *)()


    ________________________________________________________________________________________________________
    *** CID 511621: High impact quality (Y2K38_SAFETY)
    /str.cpp: 990 in sbbs_t::unixtodstr(long, char *)()
    984 }
    985
    986 char* sbbs_t::unixtodstr(time_t t, char* str)
    987 {
    988 if(str == nullptr)
    989 str = datestr_output;
    CID 511621: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    990 return ::unixtodstr(&cfg, t, str);
    991 }
    992
    993 void sbbs_t::sys_info()
    994 {
    995 char tmp[128];


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DFl35_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbldReasLeT64fJgl4QpY1aZbFANNQbDPFr-2BH2HYcH1IWW1-2FtRGPtb0gVjSH-2BBqjWAK7btzMhM331mrzEXRNmqAyTftaCh3YDujP4YB-2F7PQ4EGqELNq7SpMqQKEr5kiHI5KwG1KMczjzMucZ1MepWUctNMP3lW0eqjsOrH2fBSzrg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, November 02, 2024 12:39:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 512127: (Y2K38_SAFETY)
    /scfg/scfgsys.c: 1367 in edit_sys_date_verbal()
    /scfg/scfgsys.c: 1368 in edit_sys_date_verbal()


    ________________________________________________________________________________________________________
    *** CID 512127: (Y2K38_SAFETY)
    /scfg/scfgsys.c: 1367 in edit_sys_date_verbal()
    1361
    1362 int edit_sys_date_verbal(int page, int total)
    1363 {
    1364 int mode = WIN_SAV | WIN_MID;
    1365 int i = cfg.sys_date_verbal;
    1366 time_t t = time(NULL);
    CID 512127: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    1367 snprintf(opt[0],MAX_OPLN,"Numeric (e.g. %s)", unixtodstr(&cfg, (time32_t)t, tmp));
    1368 snprintf(opt[1],MAX_OPLN,"Verbal (e.g. %s)", verbal_datestr(&cfg, (time32_t)t, tmp));
    1369 opt[2][0] = '\0';
    1370 uifc.helpbuf=
    1371 "`Short Date Display Format:`\n"
    1372 "\n"
    /scfg/scfgsys.c: 1368 in edit_sys_date_verbal()
    1362 int edit_sys_date_verbal(int page, int total)
    1363 {
    1364 int mode = WIN_SAV | WIN_MID;
    1365 int i = cfg.sys_date_verbal;
    1366 time_t t = time(NULL);
    1367 snprintf(opt[0],MAX_OPLN,"Numeric (e.g. %s)", unixtodstr(&cfg, (time32_t)t, tmp));
    CID 512127: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    1368 snprintf(opt[1],MAX_OPLN,"Verbal (e.g. %s)", verbal_datestr(&cfg, (time32_t)t, tmp));
    1369 opt[2][0] = '\0';
    1370 uifc.helpbuf=
    1371 "`Short Date Display Format:`\n"
    1372 "\n"
    1373 "If you would like short (8 character) dates to be displayed using verbal\n"


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIT5o_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQavH6tAPUwXIDKUPRKBZGiRgKLj76Ij0uFpD4UCNwTCVen1QmVBk6yGbzTBSC2-2BxBE0GJfAoW-2B-2BWaxWl51M-2B9mp1hicInwTEKrQ8chQM9yGDR81PWtwXM-2Bq2j5YCl48NKAoGGKYo0R42EciGZugnM0LqGuohrShDzTlibesBwTavw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, November 03, 2024 13:41:00
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 514434: (NULL_RETURNS)
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 1001 in prestel_get_state()


    ________________________________________________________________________________________________________
    *** CID 514434: (NULL_RETURNS)
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 1001 in prestel_get_state()
    995 TERM_XY(&tx, &ty);
    996 line = malloc(sizeof(*line) * tx);
    997 prestel_new_line(cterm);
    998 if (tx > 1) {
    999 vmem_gettext(cterm->x, sy, cterm->x + tx - 2, sy, line);
    1000 for (int i = 0; i < (tx - 1); i++) {
    CID 514434: (NULL_RETURNS)
    Dereferencing "line", which is known to be "NULL".
    1001 uint8_t ch = line[i].ch;
    1002 if (line[i].fg & 0x7F000000) {
    1003 ch = (line[i].fg & 0x7F000000) >> 24; 1004 prestel_apply_ctrl(cterm, ch);
    1005 }
    1006 else {
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 999 in prestel_get_state()
    993
    994 SCR_XY(&sx, &sy);
    995 TERM_XY(&tx, &ty);
    996 line = malloc(sizeof(*line) * tx);
    997 prestel_new_line(cterm);
    998 if (tx > 1) {
    CID 514434: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_gettext".
    999 vmem_gettext(cterm->x, sy, cterm->x + tx - 2, sy, line);
    1000 for (int i = 0; i < (tx - 1); i++) {
    1001 uint8_t ch = line[i].ch;
    1002 if (line[i].fg & 0x7F000000) {
    1003 ch = (line[i].fg & 0x7F000000) >> 24; 1004 prestel_apply_ctrl(cterm, ch);

    ** CID 514433: (NULL_RETURNS)
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4990 in prestel_fix_line()


    ________________________________________________________________________________________________________
    *** CID 514433: (NULL_RETURNS)
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4985 in prestel_fix_line()
    4979 bool fixed = false;
    4980 bool fixedheight = false;
    4981
    4982 coord_conv_xy(cterm, CTERM_COORD_TERM, CTERM_COORD_SCREEN, &sy, &sx);
    4983 ex = sx + TERM_MAXX - 1;
    4984 line = malloc(sizeof(*line) * (ex - sx + 1));
    CID 514433: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_gettext".
    4985 vmem_gettext(sx, sy, ex, sy, line);
    4986 prestel_new_line(cterm);
    4987 for (int i = 0; i < TERM_MAXX; i++) {
    4988 uint8_t ch;
    4989 // Go through the line applying attributes, held mosaics, etc.
    4990 if (line[i].fg & 0x7F000000) { /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 5098 in prestel_fix_line()
    5092 line[i].ch += 64;
    5093 fixed = true;
    5094 }
    5095 }
    5096 }
    5097 if (force || fixed)
    CID 514433: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_puttext".
    5098 vmem_puttext(sx, sy, ex, sy, line);
    5099 free(line);
    5100 if (restore) {
    5101 cterm->extattr = extattr;
    5102 cterm->fg_color = fg_color;
    5103 cterm->bg_color = bg_color; /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4990 in prestel_fix_line()
    4984 line = malloc(sizeof(*line) * (ex - sx + 1));
    4985 vmem_gettext(sx, sy, ex, sy, line);
    4986 prestel_new_line(cterm);
    4987 for (int i = 0; i < TERM_MAXX; i++) {
    4988 uint8_t ch;
    4989 // Go through the line applying attributes, held mosaics, etc.
    CID 514433: (NULL_RETURNS)
    Dereferencing "line", which is known to be "NULL".
    4990 if (line[i].fg & 0x7F000000) {
    4991 // This is a control character
    4992 ch = (line[i].fg & 0x7F000000) >> 24;
    4993 prestel_apply_ctrl_before(cterm, ch);
    4994 if ((cterm->extattr & CTERM_EXTATTR_PRESTEL_DOUBLE_HEIGHT) && ((line[i].bg & 0x01000000) == 0)) {
    4995 // Should be double-high


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIdOQ_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbN8RSzLdCZbSy14N5iWP9J-2FcpNjQ0eI2Oj6rPhHqZBQZA4UM9PchXs94tTdeyxdvCkcPzkWohEpzrEBvlrnd6-2FTfmIpMAsE2mi-2BdkX8vzesYff-2FsK9jSFcjEXcYS-2Fxznm-2FxoYdKxCkLPJPKyAUp9zwS3A1OhpfjMprQ34Tb-2BWdhw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, November 04, 2024 13:40:33
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 514483: API usage errors (PRINTF_ARGS)


    ________________________________________________________________________________________________________
    *** CID 514483: API usage errors (PRINTF_ARGS)
    /websrvr.c: 1659 in http_logon()
    1653 SAFECOPY(session->user.modem, session->client.protocol);
    1654 SAFECOPY(session->user.comp, session->host_name);
    1655 SAFECOPY(session->user.ipaddr, session->host_ip);
    1656 session->user.logontime = (time32_t)session->logon_time;
    1657 int result = putuserdat(&scfg, &session->user);
    1658 if(result != 0)
    CID 514483: API usage errors (PRINTF_ARGS)
    No argument for format specifier "%d".
    1659 lprintf(LOG_ERR, "%04d %s [%s] <%s> !Error %d writing user data for user #%d"
    1660 ,session->socket, session->client.protocol, session->host_ip
    1661 ,session->username, session->user.number);
    1662
    1663 }
    1664 SAFECOPY(session->client.user, session->username);

    ** CID 514482: API usage errors (PW.TOO_FEW_PRINTF_ARGS)
    /websrvr.c: 1661 in ()


    ________________________________________________________________________________________________________
    *** CID 514482: API usage errors (PW.TOO_FEW_PRINTF_ARGS)
    /websrvr.c: 1661 in ()
    1655 SAFECOPY(session->user.ipaddr, session->host_ip);
    1656 session->user.logontime = (time32_t)session->logon_time;
    1657 int result = putuserdat(&scfg, &session->user);
    1658 if(result != 0)
    1659 lprintf(LOG_ERR, "%04d %s [%s] <%s> !Error %d writing user data for user #%d"
    1660 ,session->socket, session->client.protocol, session->host_ip
    CID 514482: API usage errors (PW.TOO_FEW_PRINTF_ARGS)
    the format string requires additional arguments
    1661 ,session->username, session->user.number);
    1662
    1663 }
    1664 SAFECOPY(session->client.user, session->username);
    1665 session->client.usernum = session->user.number;
    1666 client_on(session->socket, &session->client, /* update existing client record? */true);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DjGNe_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZrw1ACipL81Cfrev1KTkNSpg9ocZGsXxFU4AldvxV89V-2FFS8Im4F3ZlIWKiU1IgZ7U6FnHvW5nOIPElnOgDye48Et-2FcrMwNOZVyWRSzqRdvKvjv7tIxk-2BD72e1fmIEEOvn4SDov1pv-2FzEWSevpHegP3dEU8oXtKIA8RNAEjZ1XUg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, November 05, 2024 13:40:05
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 514519: (LOCK)
    /main.cpp: 4849 in sbbs_t::daily_maint()()
    /main.cpp: 4849 in sbbs_t::daily_maint()()


    ________________________________________________________________________________________________________
    *** CID 514519: (LOCK)
    /main.cpp: 4849 in sbbs_t::daily_maint()()
    4843 lprintf(result ? LOG_ERR : LOG_INFO, "Daily event: '%s' returned %d", cmd, result);
    4844 }
    4845 if((sys_status & SS_NEW_MONTH) && cfg.sys_monthly[0]) {
    4846 lputs(LOG_INFO, "DAILY: Running monthly event");
    4847 const char* cmd = cmdstr(cfg.sys_monthly,nulstr,nulstr,NULL);
    4848 online = ON_LOCAL;
    CID 514519: (LOCK)
    "external" unlocks "this->input_thread_mutex" while it is unlocked. 4849 int result = external(cmd, EX_OFFLINE);
    4850 online = false;
    4851 lprintf(result ? LOG_ERR : LOG_INFO, "Monthly event: '%s' returned %d", cmd, result);
    4852 }
    4853 lputs(LOG_INFO, "DAILY: System maintenance ended");
    4854 sys_status&=~SS_DAILY;
    /main.cpp: 4849 in sbbs_t::daily_maint()()
    4843 lprintf(result ? LOG_ERR : LOG_INFO, "Daily event: '%s' returned %d", cmd, result);
    4844 }
    4845 if((sys_status & SS_NEW_MONTH) && cfg.sys_monthly[0]) {
    4846 lputs(LOG_INFO, "DAILY: Running monthly event");
    4847 const char* cmd = cmdstr(cfg.sys_monthly,nulstr,nulstr,NULL);
    4848 online = ON_LOCAL;
    CID 514519: (LOCK)
    "external" locks "this->input_thread_mutex" while it is locked.
    4849 int result = external(cmd, EX_OFFLINE);
    4850 online = false;
    4851 lprintf(result ? LOG_ERR : LOG_INFO, "Monthly event: '%s' returned %d", cmd, result);
    4852 }
    4853 lputs(LOG_INFO, "DAILY: System maintenance ended");
    4854 sys_status&=~SS_DAILY;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DmVJv_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZYt7Pe-2B8KlpNPxf3vYfbGXTetKrkOysaWsLoXwVVJy-2BlT3vWHLSa-2F-2BgpVoMRk-2FB9lZhpdNOATgKKch-2FKRWKdw7CGPsa8-2BoRGvrYP8DjPqUmQVJXsmXD2xm4gPlAPoQOpnW8tWCZcdj7lp745Fp7QOqFvNAcU4EQLHiapc9wQpj6A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, November 10, 2024 14:42:03
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 514629: API usage errors (PW.PRINTF_ARG_MISMATCH) /tmp/sbbs-Nov-10-2024/src/smblib/smblib.c: 298 in ()


    ________________________________________________________________________________________________________
    *** CID 514629: API usage errors (PW.PRINTF_ARG_MISMATCH) /tmp/sbbs-Nov-10-2024/src/smblib/smblib.c: 298 in ()
    292 else
    293 if(time(NULL)-start>=(time_t)smb->retry_time) 294 break;
    295 ++count;
    296 SLEEP((count / 10) * smb->retry_delay);
    297 }
    CID 514629: API usage errors (PW.PRINTF_ARG_MISMATCH)
    argument is incompatible with corresponding format string conversion (expected type "int" but argument has type "long")
    298 safe_snprintf(smb->last_error,sizeof(smb->last_error),"%s timeout locking message base after %d seconds", __FUNCTION__, time(NULL) - start);
    299 return(SMB_ERR_TIMEOUT);
    300 }
    301
    302 /****************************************************************************/
    303 /* Read the SMB header from the header file and place into smb.status */

    ** CID 514628: API usage errors (PRINTF_ARGS)


    ________________________________________________________________________________________________________
    *** CID 514628: API usage errors (PRINTF_ARGS) /tmp/sbbs-Nov-10-2024/src/smblib/smblib.c: 298 in smb_locksmbhdr()
    292 else
    293 if(time(NULL)-start>=(time_t)smb->retry_time) 294 break;
    295 ++count;
    296 SLEEP((count / 10) * smb->retry_delay);
    297 }
    CID 514628: API usage errors (PRINTF_ARGS)
    Argument "time(NULL) - start" to format specifier "%d" was expected to have type "int" but has type "long".
    298 safe_snprintf(smb->last_error,sizeof(smb->last_error),"%s timeout locking message base after %d seconds", __FUNCTION__, time(NULL) - start);
    299 return(SMB_ERR_TIMEOUT);
    300 }
    301
    302 /****************************************************************************/
    303 /* Read the SMB header from the header file and place into smb.status */


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D04SY_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbRNqpwvGc4zcZ5uKeIndhuSqNnxi4ZbqnqhqxxcEUjkJJHGyGkBZt6V7UXUX2xnB2lvPBmqBCBxBghPzBYV7kJY89l3F0Je2EKuh7lbcH1Ki5248pEoplbC6UdQ14IH1AzZ-2BYu06Kjq-2F-2BS7xugvit0MheMfmyl63WZ-2BGQqWv04fA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, November 11, 2024 14:28:43
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 514647: Resource leaks (RESOURCE_LEAK)
    /userdat.c: 1397 in getnodeext()


    ________________________________________________________________________________________________________
    *** CID 514647: Resource leaks (RESOURCE_LEAK)
    /userdat.c: 1397 in getnodeext()
    1391 {
    1392 int f;
    1393
    1394 if(!VALID_CFG(cfg) || num < 1)
    1395 return "";
    1396 if((f = opennodeext(cfg)) < 1)
    CID 514647: Resource leaks (RESOURCE_LEAK)
    Handle variable "f" going out of scope leaks the handle.
    1397 return "";
    1398 (void)lseek(f, (num-1) * 128, SEEK_SET);
    1399 if(read(f, buf, 128) != 128)
    1400 memset(buf, 0, 128);
    1401 close(f);
    1402 buf[127] = 0;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DNrRS_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZ3ELp6fsbhc-2FY9mD5Zp1-2FoSxtPMVY9W2gQFqb-2BWiMKBXb3R551uQj1an4L8jxHGCtVzJ8f8hTy9TuLVRQzLD3L1M-2FICoSbiZvQ-2FUBPSeV-2BCcsclK4jYNyukSMcGAKOr-2BtLQBr5jUdpUtVX-2FuxQBKwF4hNcUqyrDA8X7YI-2FfcIZtw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, November 19, 2024 13:40:34
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 515048: Security best practices violations (SECURE_TEMP)
    /sbbsecho.c: 1848 in add_areas_from_echolists()


    ________________________________________________________________________________________________________
    *** CID 515048: Security best practices violations (SECURE_TEMP)
    /sbbsecho.c: 1848 in add_areas_from_echolists()
    1842 match=0;
    1843 for(k=0; cfg.listcfg[j].keys[k] ;k++) {
    1844 if(match) break;
    1845 for(x=0; nodecfg->keys[x] ;x++) {
    1846 if(!stricmp(cfg.listcfg[j].keys[k]
    1847 ,nodecfg->keys[x])) {
    CID 515048: Security best practices violations (SECURE_TEMP)
    "tmpfile" creates files with predictable names, which is unsafe.
    1848 if((fwdfile=tmpfile())==NULL) { 1849 lprintf(LOG_ERR,"ERROR line %d opening forward temp "
    1850 "file",__LINE__);
    1851 match=1;
    1852 break;
    1853 }

    ** CID 515047: Control flow issues (NO_EFFECT)
    /sbbsecho.c: 1635 in alter_areas_ini()


    ________________________________________________________________________________________________________
    *** CID 515047: Control flow issues (NO_EFFECT)
    /sbbsecho.c: 1635 in alter_areas_ini()
    1629 continue;
    1630 }
    1631 }
    1632 if(add_area[0] != NULL) { /* Check for areas to add */
    1633 bool add_all = (stricmp(add_area[0], "+ALL") == 0);
    1634 j = strListFind(add_area, echotag, /* case-sensitive */false);
    CID 515047: Control flow issues (NO_EFFECT)
    This greater-than-or-equal-to-zero comparison of an unsigned value is always true. "j >= 0U".
    1635 if(add_all || j >= 0) {
    1636 if(j >= 0)
    1637 add_area[j][0]=0; /* So we can check other lists */
    1638 uint areanum = find_area(echotag);
    1639 if(!area_is_valid(areanum)) {
    1640 lprintf(LOG_ERR, "Invalid area num on line %d", __LINE__);

    ** CID 515046: Error handling issues (CHECKED_RETURN)
    /sbbsecho.c: 1989 in alter_areas()


    ________________________________________________________________________________________________________
    *** CID 515046: Error handling issues (CHECKED_RETURN)
    /sbbsecho.c: 1989 in alter_areas()
    1983 ,smb_faddrtoa(&addr,NULL), (ulong)added, cfg.areafile);
    1984 if(deleted)
    1985 lprintf(LOG_DEBUG, "AreaFix (for %s) Removed links to %lu areas in %s"
    1986 ,smb_faddrtoa(&addr,NULL), (ulong)deleted, cfg.areafile);
    1987 if(added || deleted) {
    1988 if(stat(cfg.areafile, &st) == 0)
    CID 515046: Error handling issues (CHECKED_RETURN)
    Calling "chmod(outpath, st.st_mode)" without checking return value. This library function may fail and return an error code.
    1989 chmod(outpath, st.st_mode);
    1990 if(cfg.areafile_backups == 0 || !backup(cfg.areafile, cfg.areafile_backups, /* ren: */TRUE))
    1991 delfile(cfg.areafile, __LINE__); /* Delete AREAS.BBS */
    1992 if(rename(outpath,cfg.areafile)) /* Rename new AREAS.BBS file */
    1993 lprintf(LOG_ERR,"ERROR line %d renaming %s to %s",__LINE__,outpath,cfg.areafile);
    1994 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D1jSz_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbxEcP2FV-2FE8SZ4Zj-2B5i-2FvXMBc1u-2B9IyI73gYzjnV6pIIbqC2pGfKYB3KXIl7XZEKXLdLz8vi8-2BwsF6O91kuZqV1ShM13vaTkO37J3VV7GT6YwOX288v8WtwpdrdHMhRE2EqIozgp1HMSE07wuarfyxBLAND56oVPlNda7IFeLuFA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, November 21, 2024 13:54:30
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 515063: Security best practices violations (SECURE_TEMP)
    /sbbsecho.c: 2142 in areamgr_command()


    ________________________________________________________________________________________________________
    *** CID 515063: Security best practices violations (SECURE_TEMP)
    /sbbsecho.c: 2142 in areamgr_command()
    2136 nodecfg->archive = SBBSECHO_ARCHIVE_NONE;
    2137 else {
    2138 for(u=0;u<cfg.arcdefs;u++)
    2139 if(stricmp(p,cfg.arcdef[u].name) == 0) 2140 break;
    2141 if(u==cfg.arcdefs) {
    CID 515063: Security best practices violations (SECURE_TEMP)
    "tmpfile" creates files with predictable names, which is unsafe.
    2142 if((tmpf=tmpfile())==NULL) {
    2143 lprintf(LOG_ERR,"ERROR line %d opening tmpfile()",__LINE__);
    2144 return false;
    2145 }
    2146 SAFEPRINTF(str, "Compression type unavailable: %s", p);
    2147 lprintf(LOG_INFO, "AreaMgr (for %s) %s", faddrtoa(&addr), str);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DGoz1_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYHiJRuOAYx4mtSc3Rs7eY9P2HGERsO3Ui1TozxvEl3HSa54-2BxmZuyJa4rdPvK8KqeFliWPJD252StMkW9mo-2B6uT2KWq9YxJqegr2CCurq6i8coJamUQEMyVcyknmxOhR1KJArkVSLfkYq8-2BmPn9fVdieJLgwrSG692S4HB3dKfZQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, November 24, 2024 15:11:51
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 515130: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-24-2024/src/conio/sdl_con.c: 357 in sdl_get_bounds()


    ________________________________________________________________________________________________________
    *** CID 515130: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-24-2024/src/conio/sdl_con.c: 357 in sdl_get_bounds()
    351 SDL_Rect r;
    352 int ABUw, ABUh;
    353 int pixelw, pixelh;
    354
    355 if (sdl.GetDisplayUsableBounds(0, &r) != 0)
    356 return false;
    CID 515130: Concurrent data access violations (MISSING_LOCK)
    Accessing "win" without holding lock "win_mutex". Elsewhere, "win" is written to with "win_mutex" held 1 out of 1 times.
    357 sdl.GetWindowSize(win, &ABUw, &ABUh);
    358 sdl.GetWindowSizeInPixels(win, &pixelw, &pixelh);
    359 if (pixelw == 0 || pixelh == 0 || ABUw == 0 || ABUh == 0) {
    360 *w = r.w;
    361 *h = r.h;
    362 return true;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D_t4Q_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYVVBXfFUuA-2FsWyQ5uMS5ufMK7jgOcJ6VIupDH54bwQZq7SuxKbKUjUqnKiK9OnXbOb5gfXyBtjeI0-2BrMXfePEiZJ6tllUVEkd4WCimYeBdVV8tZ-2FZWYZleIzw9Ex3-2BGpSI29JxK7ySTVVle557znXI2HDyHti8hj8D3RvYxamaIw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Monday, December 02, 2024 13:42:27
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    14 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 14 of 14 defect(s)


    ** CID 515601: Program hangs (LOCK)
    /js_bbs.cpp: 3400 in js_get_node_message(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 515601: Program hangs (LOCK)
    /js_bbs.cpp: 3400 in js_get_node_message(JSContext *, unsigned int, unsigned long *)()
    3394 clearline = JSVAL_TO_BOOLEAN(argv[0]);
    3395
    3396 rc=JS_SUSPENDREQUEST(cx);
    3397 sbbs->getnmsg(clearline ? true : false);
    3398 JS_RESUMEREQUEST(cx, rc);
    3399
    CID 515601: Program hangs (LOCK)
    Returning without unlocking "sbbs->nodefile_mutex".
    3400 return(JS_TRUE);
    3401 }
    3402
    3403 static JSBool
    3404 js_put_node_message(JSContext *cx, uintN argc, jsval *arglist)
    3405 {

    ** CID 515600: Error handling issues (CHECKED_RETURN)
    /download.cpp: 367 in sbbs_t::seqwait(unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 515600: Error handling issues (CHECKED_RETURN)
    /download.cpp: 367 in sbbs_t::seqwait(unsigned int)()
    361
    362 if(!devnum)
    363 return;
    364 for(start=now=time(NULL);online && now-start<90;now=time(NULL)) {
    365 if(msgabort()) /* max wait ^^^^ sec */
    366 break;
    CID 515600: Error handling issues (CHECKED_RETURN)
    Calling "getnodedat" without checking return value (as is done elsewhere 52 out of 59 times).
    367 getnodedat(cfg.node_num,&thisnode,true); /* open and lock this record */
    368 for(i=1;i<=cfg.sys_nodes;i++) {
    369 if(i==cfg.node_num) continue;
    370 if(getnodedat(i,&node, true)) {
    371 if((node.status==NODE_INUSE || node.status==NODE_QUIET)
    372 && node.action==NODE_RFSD && node.aux==devnum) {

    ** CID 515599: Concurrent data access violations (MISSING_LOCK)
    /putnode.cpp: 108 in sbbs_t::unlocknodedat(unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 515599: Concurrent data access violations (MISSING_LOCK) /putnode.cpp: 108 in sbbs_t::unlocknodedat(unsigned int)()
    102 errormsg(WHERE, ERR_CHK, "node number", number);
    103 return false;
    104 }
    105 int result = unlock(nodefile, (number - 1) * sizeof(node_t), sizeof(node_t));
    106 if(cfg.node_misc & NM_CLOSENODEDAB) {
    107 close(nodefile);
    CID 515599: Concurrent data access violations (MISSING_LOCK)
    Accessing "this->nodefile" without holding lock "sbbs_t.nodefile_mutex". Elsewhere, "sbbs_t.nodefile" is written to with "sbbs_t.nodefile_mutex" held 4 out of 5 times.
    108 nodefile = -1;
    109 }
    110 pthread_mutex_unlock(&nodefile_mutex);
    111 return result == 0;
    112 }
    113

    ** CID 515598: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 515598: (SLEEP)
    /getnode.cpp: 268 in sbbs_t::getnmsg(bool)()
    262 buf[length]=0;
    263
    264 if(clearline)
    265 this->clearline();
    266 else if(column)
    267 CRLF;
    CID 515598: (SLEEP)
    Call to "putmsg" might sleep while holding lock "this->nodefile_mutex". 268 putmsg(buf,P_NOATCODES);
    269 free(buf);
    270
    271 return retval == 0;
    272 }
    273
    /getnode.cpp: 265 in sbbs_t::getnmsg(bool)()
    259 }
    260 int retval = chsize(file,0L);
    261 close(file);
    262 buf[length]=0;
    263
    264 if(clearline)
    CID 515598: (SLEEP)
    Call to "clearline" might sleep while holding lock "this->nodefile_mutex".
    265 this->clearline();
    266 else if(column)
    267 CRLF;
    268 putmsg(buf,P_NOATCODES);
    269 free(buf);
    270

    ** CID 515597: Program hangs (LOCK)
    /main.cpp: 2243 in input_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 515597: Program hangs (LOCK)
    /main.cpp: 2243 in input_thread(void *)()
    2237 }
    2238 else
    2239 #endif
    2240 rd = recv(sock, (char*)inbuf, rd, 0);
    2241
    2242 if(pthread_mutex_unlock(&sbbs->input_thread_mutex)!=0) >>> CID 515597: Program hangs (LOCK)
    "errormsg" locks "sbbs->nodefile_mutex" while it is locked.
    2243 sbbs->errormsg(WHERE,ERR_UNLOCK,"input_thread_mutex",0);
    2244
    2245 if (rd == 0 && !socket_recvdone(sock, 0))
    2246 continue;
    2247
    2248 if(rd == SOCKET_ERROR)

    ** CID 515596: Program hangs (LOCK)
    /logfile.cpp: 331 in sbbs_t::errormsg(int, const char *, const char *, const char *, const char *, int, const char *)()


    ________________________________________________________________________________________________________
    *** CID 515596: Program hangs (LOCK)
    /logfile.cpp: 331 in sbbs_t::errormsg(int, const char *, const char *, const char *, const char *, int, const char *)()
    325 fprintf(logfile_fp,"!! %s%s", str, log_line_ending); 326 logcol=1;
    327 fflush(logfile_fp);
    328 }
    329
    330 errormsg_inside=false;
    CID 515596: Program hangs (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    331 }
    332
    333 /****************************************************************************/
    334 /* Open a log file for append, supporting log rotation based on size */
    335 /****************************************************************************/
    336 extern "C" FILE* fopenlog(scfg_t* cfg, const char* path)

    ** CID 515595: Program hangs (LOCK)
    /main.cpp: 4335 in sbbs_t::logoffstats()()


    ________________________________________________________________________________________________________
    *** CID 515595: Program hangs (LOCK)
    /main.cpp: 4335 in sbbs_t::logoffstats()()
    4329
    4330 for(i=0;i<2;i++) {
    4331 FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */true);
    4332 if(fp == NULL)
    4333 continue;
    4334 if(!fread_dstats(fp, &stats)) {
    CID 515595: Program hangs (LOCK)
    "errormsg" locks "this->nodefile_mutex" while it is locked.
    4335 errormsg(WHERE, ERR_READ, "dsts.ini", i);
    4336 } else {
    4337 stats.total.timeon += minutes_used;
    4338 stats.today.timeon += minutes_used;
    4339 if(!fwrite_dstats(fp, &stats, __FUNCTION__)) 4340 errormsg(WHERE, ERR_WRITE, "dsts.ini", i);

    ** CID 515594: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 515594: (SLEEP)
    /main.cpp: 4649 in sbbs_t::daily_maint()()
    4643 backup(str,cfg.user_backup_level,false);
    4644 }
    4645
    4646 if(cfg.mail_backup_level) {
    4647 lputs(LOG_INFO,"DAILY: Backing-up mail data...");
    4648 smb_t mail;
    CID 515594: (SLEEP)
    Call to "smb_open_sub" might sleep while holding lock "this->nodefile_mutex".
    4649 int result = smb_open_sub(&cfg, &mail, INVALID_SUB); 4650 if(result != SMB_SUCCESS)
    4651 lprintf(LOG_ERR, "ERROR %d (%s) opening mail base", result, mail.last_error);
    4652 else {
    4653 result = smb_lock(&mail);
    4654 if(result != SMB_SUCCESS)
    /main.cpp: 4778 in sbbs_t::daily_maint()()
    4772 closeuserdat(userfile);
    4773
    4774 lputs(LOG_INFO,"DAILY: Purging deleted/expired e-mail");
    4775 SAFEPRINTF(smb.file,"%smail",cfg.data_dir);
    4776 smb.retry_time=cfg.smb_retry_time;
    4777 smb.subnum=INVALID_SUB;
    CID 515594: (SLEEP)
    Call to "smb_open" might sleep while holding lock "this->nodefile_mutex".
    4778 if((i=smb_open(&smb))!=0)
    4779 errormsg(WHERE,ERR_OPEN,smb.file,i,smb.last_error); 4780 else {
    4781 if(filelength(fileno(smb.shd_fp))>0) {
    4782 if((i=smb_locksmbhdr(&smb))!=0)
    4783 errormsg(WHERE,ERR_LOCK,smb.file,i,smb.last_error);

    ** CID 515593: (LOCK)
    /getnode.cpp: 258 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 252 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 242 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 271 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 237 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 247 in sbbs_t::getnmsg(bool)()


    ________________________________________________________________________________________________________
    *** CID 515593: (LOCK)
    /getnode.cpp: 258 in sbbs_t::getnmsg(bool)()
    252 return false;
    253 }
    254 if(read(file,buf,length)!=length) {
    255 close(file);
    256 free(buf);
    257 errormsg(WHERE,ERR_READ,str,length);
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    258 return false;
    259 }
    260 int retval = chsize(file,0L);
    261 close(file);
    262 buf[length]=0;
    263
    /getnode.cpp: 252 in sbbs_t::getnmsg(bool)()
    246 close(file);
    247 return true;
    248 }
    249 if((buf=(char *)malloc(length+1))==NULL) {
    250 close(file);
    251 errormsg(WHERE,ERR_ALLOC,str,length+1);
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    252 return false;
    253 }
    254 if(read(file,buf,length)!=length) {
    255 close(file);
    256 free(buf);
    257 errormsg(WHERE,ERR_READ,str,length);
    /getnode.cpp: 242 in sbbs_t::getnmsg(bool)()
    236 if(flength(str)<1L)
    237 return true;
    238 if((file=nopen(str,O_RDWR))==-1) {
    239 /**
    240 errormsg(WHERE,ERR_OPEN,str,O_RDWR);
    241 **/
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    242 return false;
    243 }
    244 length=(long)filelength(file);
    245 if(length <= 0) {
    246 close(file);
    247 return true;
    /getnode.cpp: 271 in sbbs_t::getnmsg(bool)()
    265 this->clearline();
    266 else if(column)
    267 CRLF;
    268 putmsg(buf,P_NOATCODES);
    269 free(buf);
    270
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    271 return retval == 0;
    272 }
    273
    274 /****************************************************************************/
    275 /* 'ext' must be at least 128 bytes! */
    276 /****************************************************************************/
    /getnode.cpp: 237 in sbbs_t::getnmsg(bool)()
    231 thisnode.misc&=~NODE_NMSG; /* clear the NMSG flag */
    232 putnodedat(cfg.node_num,&thisnode);
    233 }
    234
    235 SAFEPRINTF2(str,"%smsgs/n%3.3u.msg",cfg.data_dir,cfg.node_num); 236 if(flength(str)<1L)
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    237 return true;
    238 if((file=nopen(str,O_RDWR))==-1) {
    239 /**
    240 errormsg(WHERE,ERR_OPEN,str,O_RDWR);
    241 **/
    242 return false;
    /getnode.cpp: 247 in sbbs_t::getnmsg(bool)()
    241 **/
    242 return false;
    243 }
    244 length=(long)filelength(file);
    245 if(length <= 0) {
    246 close(file);
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    247 return true;
    248 }
    249 if((buf=(char *)malloc(length+1))==NULL) {
    250 close(file);
    251 errormsg(WHERE,ERR_ALLOC,str,length+1);
    252 return false;

    ** CID 515592: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 515592: (SLEEP)
    /getnode.cpp: 162 in sbbs_t::nodesync(bool)()
    156 thisnode.misc&=~NODE_UDAT;
    157 putnodedat(cfg.node_num,&thisnode);
    158 }
    159 }
    160 if(!(sys_status&SS_MOFF)) {
    161 if(thisnode.misc&NODE_MSGW)
    CID 515592: (SLEEP)
    Call to "getsmsg" might sleep while holding lock "this->nodefile_mutex".
    162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */
    163 if(thisnode.misc&NODE_NMSG)
    164 getnmsg(clearline); /* getnmsg clears NMSG flag */
    165 }
    166 }
    167
    /getnode.cpp: 174 in sbbs_t::nodesync(bool)()
    168 if(cfg.sync_mod[0])
    169 exec_bin(cfg.sync_mod,&main_csi);
    170
    171 if(thisnode.misc&NODE_INTR) {
    172 bputs(text[NodeLocked]);
    173 logline(LOG_NOTICE,nulstr,"Interrupted");
    CID 515592: (SLEEP)
    Call to "hangup" might sleep while holding lock "this->nodefile_mutex". 174 hangup();
    175 nodesync_inside=0;
    176 return;
    177 }
    178
    179 if(thisnode.misc&NODE_LCHAT) { // pulled into local chat with sysop
    /getnode.cpp: 164 in sbbs_t::nodesync(bool)()
    158 }
    159 }
    160 if(!(sys_status&SS_MOFF)) {
    161 if(thisnode.misc&NODE_MSGW)
    162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */
    163 if(thisnode.misc&NODE_NMSG)
    CID 515592: (SLEEP)
    Call to "getnmsg" might sleep while holding lock "this->nodefile_mutex".
    164 getnmsg(clearline); /* getnmsg clears NMSG flag */
    165 }
    166 }
    167
    168 if(cfg.sync_mod[0])
    169 exec_bin(cfg.sync_mod,&main_csi);
    /getnode.cpp: 211 in sbbs_t::nodesync(bool)()
    205 }
    206
    207 if(sys_status&SS_USERON && online && (timeleft/60)<(5-timeleft_warn)
    208 && !SYSOP) {
    209 timeleft_warn=5-(timeleft/60);
    210 if(!(sys_status&SS_MOFF)) {
    CID 515592: (SLEEP)
    Call to "attr" might sleep while holding lock "this->nodefile_mutex". 211 attr(LIGHTGRAY);
    212 bprintf(text[OnlyXminutesLeft]
    213 ,((ushort)timeleft/60)+1,(timeleft/60) ? "s" : nulstr);
    214 }
    215 }
    216
    /getnode.cpp: 217 in sbbs_t::nodesync(bool)()
    211 attr(LIGHTGRAY);
    212 bprintf(text[OnlyXminutesLeft]
    213 ,((ushort)timeleft/60)+1,(timeleft/60) ? "s" : nulstr);
    214 }
    215 }
    216
    CID 515592: (SLEEP)
    Call to "attr" might sleep while holding lock "this->nodefile_mutex". 217 attr(atr); /* replace original attributes */
    218 nodesync_inside=0;
    219 }
    220
    221 /****************************************************************************/
    222 /* Prints short messages waiting for this node, if any... */
    /getnode.cpp: 181 in sbbs_t::nodesync(bool)()
    175 nodesync_inside=0;
    176 return;
    177 }
    178
    179 if(thisnode.misc&NODE_LCHAT) { // pulled into local chat with sysop
    180 saveline();
    CID 515592: (SLEEP)
    Call to "privchat" might sleep while holding lock "this->nodefile_mutex".
    181 privchat(true);
    182 restoreline();
    183 }
    184
    185 if(thisnode.misc&NODE_FCHAT) { // forced into private chat
    186 int n = getpagingnode(&cfg);
    /getnode.cpp: 182 in sbbs_t::nodesync(bool)()
    176 return;
    177 }
    178
    179 if(thisnode.misc&NODE_LCHAT) { // pulled into local chat with sysop
    180 saveline();
    181 privchat(true);
    CID 515592: (SLEEP)
    Call to "restoreline" might sleep while holding lock "this->nodefile_mutex".
    182 restoreline();
    183 }
    184
    185 if(thisnode.misc&NODE_FCHAT) { // forced into private chat
    186 int n = getpagingnode(&cfg);
    187 if(n) {
    /getnode.cpp: 197 in sbbs_t::nodesync(bool)()
    191 action = save_action;
    192 restoreline();
    193 }
    194 if(getnodedat(cfg.node_num, &thisnode, true)) {
    195 thisnode.action = action;
    196 thisnode.misc &= ~NODE_FCHAT;
    CID 515592: (SLEEP)
    Call to "putnodedat" might sleep while holding lock "this->nodefile_mutex".
    197 putnodedat(cfg.node_num, &thisnode);
    198 }
    199 }
    200
    201 if(sys_status&SS_USERON && memcmp(&nodesync_user,&useron,sizeof(user_t))) {
    202 getusrdirs();

    ** CID 515591: (LOCK)
    /getnode.cpp: 219 in sbbs_t::nodesync(bool)()
    /getnode.cpp: 157 in sbbs_t::nodesync(bool)()


    ________________________________________________________________________________________________________
    *** CID 515591: (LOCK)
    /getnode.cpp: 219 in sbbs_t::nodesync(bool)()
    213 ,((ushort)timeleft/60)+1,(timeleft/60) ? "s" : nulstr);
    214 }
    215 }
    216
    217 attr(atr); /* replace original attributes */
    218 nodesync_inside=0;
    CID 515591: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    219 }
    220
    221 /****************************************************************************/
    222 /* Prints short messages waiting for this node, if any... */
    223 /****************************************************************************/
    224 bool sbbs_t::getnmsg(bool clearline)
    /getnode.cpp: 164 in sbbs_t::nodesync(bool)()
    158 }
    159 }
    160 if(!(sys_status&SS_MOFF)) {
    161 if(thisnode.misc&NODE_MSGW)
    162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */
    163 if(thisnode.misc&NODE_NMSG)
    CID 515591: (LOCK)
    "getnmsg" locks "this->nodefile_mutex" while it is locked.
    164 getnmsg(clearline); /* getnmsg clears NMSG flag */
    165 }
    166 }
    167
    168 if(cfg.sync_mod[0])
    169 exec_bin(cfg.sync_mod,&main_csi);
    /getnode.cpp: 197 in sbbs_t::nodesync(bool)()
    191 action = save_action;
    192 restoreline();
    193 }
    194 if(getnodedat(cfg.node_num, &thisnode, true)) {
    195 thisnode.action = action;
    196 thisnode.misc &= ~NODE_FCHAT;
    CID 515591: (LOCK)
    "putnodedat" locks "this->nodefile_mutex" while it is locked.
    197 putnodedat(cfg.node_num, &thisnode);
    198 }
    199 }
    200
    201 if(sys_status&SS_USERON && memcmp(&nodesync_user,&useron,sizeof(user_t))) {
    202 getusrdirs();
    /getnode.cpp: 157 in sbbs_t::nodesync(bool)()
    151 }
    152 }
    153 if(thisnode.misc&NODE_UDAT && !(useron.rest&FLAG('G'))) { /* not guest */
    154 getuserdat(&cfg, &useron);
    155 if(getnodedat(cfg.node_num,&thisnode, true)) { 156 thisnode.misc&=~NODE_UDAT;
    CID 515591: (LOCK)
    "putnodedat" locks "this->nodefile_mutex" while it is locked.
    157 putnodedat(cfg.node_num,&thisnode);
    158 }
    159 }
    160 if(!(sys_status&SS_MOFF)) {
    161 if(thisnode.misc&NODE_MSGW)
    162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */

    ** CID 515590: (LOCK)
    /un_qwk.cpp: 94 in sbbs_t::unpack_qwk(char *, unsigned int)()
    /un_qwk.cpp: 123 in sbbs_t::unpack_qwk(char *, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 515590: (LOCK)
    /un_qwk.cpp: 94 in sbbs_t::unpack_qwk(char *, unsigned int)()
    88 lprintf(LOG_ERR, "libarchive error %ld (%s) extracting %s", file_count, error, packet);
    89 if(*cfg.qhub[hubnum]->unpack == '\0')
    90 return false;
    91 i=external(cmdstr(cfg.qhub[hubnum]->unpack,packet,ALLFILES,NULL),EX_OFFLINE);
    92 if(i) {
    93 errormsg(WHERE,ERR_EXEC,cmdstr(cfg.qhub[hubnum]->unpack,packet,ALLFILES,NULL),i);
    CID 515590: (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    94 return(false);
    95 }
    96 }
    97 SAFEPRINTF(str,"%sMESSAGES.DAT",cfg.temp_dir);
    98 if(!fexistcase(str)) {
    99 lprintf(LOG_WARNING,"%s doesn't contain MESSAGES.DAT (%s)",packet,str);
    /un_qwk.cpp: 123 in sbbs_t::unpack_qwk(char *, unsigned int)()
    117 remove(fname);
    118 }
    119 SAFEPRINTF(fname, "%sVOTING.DAT", cfg.temp_dir);
    120 if(fexistcase(fname)) {
    121 lprintf(LOG_DEBUG, "Reading %s", fname);
    122 if((fp=fopen(fname,"r")) == NULL)
    CID 515590: (LOCK)
    "errormsg" locks "this->nodefile_mutex" while it is locked.
    123 errormsg(WHERE,ERR_OPEN,fname,O_RDONLY);
    124 else {
    125 voting=iniReadFile(fp);
    126 fclose(fp);
    127 }
    128 remove(fname);

    ** CID 515589: Error handling issues (CHECKED_RETURN)
    /logon.cpp: 124 in sbbs_t::logon()()


    ________________________________________________________________________________________________________
    *** CID 515589: Error handling issues (CHECKED_RETURN)
    /logon.cpp: 124 in sbbs_t::logon()()
    118 ,useron.number,useron.alias);
    119 logline(LOG_NOTICE,"+!",str);
    120 hangup();
    121 return(false);
    122 }
    123 if(yesno(text[RemoveNodeLockQ])) {
    CID 515589: Error handling issues (CHECKED_RETURN)
    Calling "getnodedat" without checking return value (as is done elsewhere 52 out of 59 times).
    124 getnodedat(cfg.node_num,&thisnode, true);
    125 logline("S-","Removed Node Lock");
    126 thisnode.misc&=~NODE_LOCK;
    127 }
    128 else
    129 getnodedat(cfg.node_num,&thisnode, true);

    ** CID 515588: (SLEEP)
    /main.cpp: 3450 in event_thread(void *)()
    /main.cpp: 3272 in event_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 515588: (SLEEP)
    /main.cpp: 3277 in event_thread(void *)()
    3271 while(!sbbs->terminated) {
    3272 mswait(1000); 3273 now=time(NULL); 3274 if(now-start>10 && now-lastnodechk<10)
    3275 continue;
    3276 for(j=first_node;j<=last_node;j++) {
    CID 515588: (SLEEP)
    Call to "getnodedat" might sleep while holding lock "sbbs->nodefile_mutex".
    3277 if(!sbbs->getnodedat(j,&node, true))
    3278 continue;
    3279 if(node.status==NODE_WFC)
    3280 node.status=NODE_EVENT_LIMBO;
    3281 node.aux=sbbs->cfg.event[i]->node;
    3282 sbbs->putnodedat(j,&node);
    /main.cpp: 3450 in event_thread(void *)()
    3444 }
    3445 }
    3446 }
    3447 }
    3448 }
    3449 sbbs->event_code = nulstr;
    CID 515588: (SLEEP)
    Call to "nanosleep" might sleep while holding lock "sbbs->nodefile_mutex".
    3450 mswait(1000);
    3451 }
    3452 sbbs->cfg.node_num=0;
    3453 sbbs->useron.number = 0;
    3454 sbbs->js_cleanup();
    3455
    /main.cpp: 3373 in event_thread(void *)()
    3367 && (sbbs->cfg.event[i]->node<first_node || sbbs->cfg.event[i]->node>last_node)) {
    3368 sbbs->lprintf(LOG_NOTICE,"Changing node status for nodes %d through %d to WFC"
    3369 ,first_node,last_node); 3370 sbbs->cfg.event[i]->last=(time32_t)now;
    3371 for(j=first_node;j<=last_node;j++) {
    3372 node.status=NODE_INVALID_STATUS;
    CID 515588: (SLEEP)
    Call to "getnodedat" might sleep while holding lock "sbbs->nodefile_mutex".
    3373 if(!sbbs->getnodedat(j,&node, true))
    3374 continue;
    3375 node.status=NODE_WFC; 3376 sbbs->putnodedat(j,&node);
    3377 }
    3378 }
    /main.cpp: 3413 in event_thread(void *)()
    3407 cmd = sbbs->cmdstr(cmd, nulstr, sbbs->cfg.event[i]->dir, NULL);
    3408 sbbs->lprintf(LOG_INFO,"Running %s%stimed event: %s"
    3409 ,native_executable(&sbbs->cfg, cmd, ex_mode) ? "native ":"16-bit DOS "
    3410 ,(ex_mode&EX_BG) ? "background ":""
    3411 ,cmd);
    3412 {
    CID 515588: (SLEEP)
    Call to "external" might sleep while holding lock "sbbs->nodefile_mutex".
    3413 int result = sbbs->external(cmd, ex_mode, sbbs->cfg.event[i]->dir);
    3414 if(!(ex_mode&EX_BG)) 3415 sbbs->lprintf(result ? sbbs->cfg.event[i]->errlevel : LOG_INFO, "Timed event: '%s' returned %d", cmd, result);
    3416 else
    3417 sbbs->lprintf(LOG_DEBUG, "Background timed event spawned: %s", cmd);
    3418 }
    /main.cpp: 3277 in event_thread(void *)()
    3271 while(!sbbs->terminated) {
    3272 mswait(1000); 3273 now=time(NULL); 3274 if(now-start>10 && now-lastnodechk<10)
    3275 continue;
    3276 for(j=first_node;j<=last_node;j++) {
    CID 515588: (SLEEP)
    Call to "getnodedat" might sleep while holding lock "sbbs->nodefile_mutex".
    3277 if(!sbbs->getnodedat(j,&node, true))
    3278 continue;
    3279 if(node.status==NODE_WFC)
    3280 node.status=NODE_EVENT_LIMBO;
    3281 node.aux=sbbs->cfg.event[i]->node;
    3282 sbbs->putnodedat(j,&node);
    /main.cpp: 2986 in event_thread(void *)()
    2980 if(!fexist(fname))
    2981 continue;
    2982 sbbs->useron.number = 0;
    2983 sbbs->lprintf(LOG_INFO, "QWK pack semaphore signaled: %s", fname);
    2984 int usernum = atoi(fname+offset);
    2985 sbbs->useron.number = usernum;
    CID 515588: (SLEEP)
    Call to "getuserdat" might sleep while holding lock "sbbs->nodefile_mutex".
    2986 int retval = getuserdat(&sbbs->cfg,&sbbs->useron);
    2987 if(retval != 0) {
    2988 sbbs->lprintf(LOG_WARNING, "ERROR %d reading user data for user #%d", retval, usernum);
    2989 sbbs->fremove(WHERE, fname, /* log-all-errors: */true);
    2990 continue;
    2991 }
    /main.cpp: 3272 in event_thread(void *)()
    3266 sbbs->lprintf(LOG_DEBUG,"event last run: %s (0x%08x)"
    3267 ,sbbs->timestr(sbbs->cfg.event[i]->last)
    3268 ,sbbs->cfg.event[i]->last);
    3269 lastnodechk=0; /* really last event time check */
    3270 start=time(NULL);
    3271 while(!sbbs->terminated) {
    CID 515588: (SLEEP)
    Call to "nanosleep" might sleep while holding lock "sbbs->nodefile_mutex".
    3272 mswait(1000); 3273 now=time(NULL); 3274 if(now-start>10 && now-lastnodechk<10)
    3275 continue;
    3276 for(j=first_node;j<=last_node;j++) {
    3277 if(!sbbs->getnodedat(j,&node, true))


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D0VuE_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZXtRHBZwsv7Kfty0nOtNaK0UAFlR-2FrVR2f6CKktOSW3KEH5A-2BAGbll45RILco6MRWsB-2BPA-2F5LbzoDmAwnm2EdPSGWu8DKQDA8ovxbR0nzs0zWwn4zpQwqZ0g5MQ5Uxv60wCv-2BEyap91XzPuWSQ2OUE7j0iN0wndXT1J2mredhBFg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, December 06, 2024 13:41:13
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 515659: Resource leaks (RESOURCE_LEAK)
    /readmail.cpp: 814 in sbbs_t::readmail(unsigned int, int, int)()


    ________________________________________________________________________________________________________
    *** CID 515659: Resource leaks (RESOURCE_LEAK)
    /readmail.cpp: 814 in sbbs_t::readmail(unsigned int, int, int)()
    808 }
    809
    810 smb_close(&smb);
    811 smb_stack(&smb,SMB_STACK_POP);
    812 current_msg=NULL;
    813
    CID 515659: Resource leaks (RESOURCE_LEAK)
    Variable "mail" going out of scope leaks the storage it points to.
    814 return lm_mode;
    815 }
    816
    817 int sbbs_t::searchmail(mail_t *mail, int start, int msgs, int which, const char *search, const char* order)
    818 {
    819 char* buf;

    ** CID 515658: Error handling issues (CHECKED_RETURN)


    ________________________________________________________________________________________________________
    *** CID 515658: Error handling issues (CHECKED_RETURN)
    /dupefind.c: 75 in display_filename()
    69 char *display_filename(scfg_t *cfg, uint dirnum, uint32_t fil_off)
    70 {
    71 static char str[256];
    72 static smb_t smb;
    73 if(smb_open_dir(cfg, &smb, dirnum) != SMB_SUCCESS)
    74 return smb.last_error;
    CID 515658: Error handling issues (CHECKED_RETURN)
    Calling "smb_fseek(smb.sid_fp, (fil_off - 1U) * 128UL, 0)" without checking return value. It wraps a library function that may fail and return an error code.
    75 smb_fseek(smb.sid_fp, (fil_off - 1) * sizeof(fileidxrec_t), SEEK_SET); 76 fileidxrec_t idx;
    77 if(smb_fread(&smb, &idx, sizeof(idx), smb.sid_fp) != sizeof(idx)) {
    78 smb_close(&smb);
    79 return smb.last_error;
    80 }

    ** CID 515657: Error handling issues (CHECKED_RETURN)
    /load_cfg.c: 627 in smb_open_dir()


    ________________________________________________________________________________________________________
    *** CID 515657: Error handling issues (CHECKED_RETURN)
    /load_cfg.c: 627 in smb_open_dir()
    621 if(filelength(fileno(smb->shd_fp)) < 1) {
    622 smb->status.max_files = cfg->dir[dirnum]->maxfiles; 623 smb->status.max_age = cfg->dir[dirnum]->maxage;
    624 smb->status.attr = SMB_FILE_DIRECTORY; 625 if(cfg->dir[dirnum]->misc & DIR_NOHASH)
    626 smb->status.attr |= SMB_NOHASH;
    CID 515657: Error handling issues (CHECKED_RETURN)
    Calling "smb_create" without checking return value (as is done elsewhere 16 out of 17 times).
    627 smb_create(smb);
    628 }
    629 return SMB_SUCCESS;
    630 }
    631
    632 int get_lang_count(scfg_t* cfg)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DArCi_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZBUi-2F07t06F46PFVW9NK8AEOuHmZrMv6aNSdOw0AIeo4ogvPzV8VRWZ8jRTfiHC12zKsA4sipybJiH6RgyZ0m7AfiNQvXpSFbavk3k9Q6PyWgsjGH13ueAcyWa7DsklJg0kfAfT7EZWBHjtJZZ7z9FYBEIQ4aPAWfq3llNwIH-2F5w-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, December 07, 2024 13:42:14
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 515673: Code maintainability issues (SIZEOF_MISMATCH)
    /sbbsecho.c: 1309 in link_area()


    ________________________________________________________________________________________________________
    *** CID 515673: Code maintainability issues (SIZEOF_MISMATCH)
    /sbbsecho.c: 1309 in link_area()
    1303 return false;
    1304 }
    1305
    1306 void link_area(unsigned area_num, const fidoaddr_t* addr)
    1307 {
    1308 area_t* area = &cfg.area[area_num];
    CID 515673: Code maintainability issues (SIZEOF_MISMATCH)
    Passing argument "area->link" of type "fidoaddr_t const *" and argument "8UL /* sizeof (addr) */ * (area->links + 1)" to function "realloc_or_free" is suspicious. In this case, "sizeof (fidoaddr_t const *)" is equal to "sizeof (fidoaddr_t const)", but this is not a portable assumption.
    1309 if((area->link = realloc_or_free(area->link, (sizeof addr) * (area->links + 1))) == NULL) {
    1310 lprintf(LOG_ERR,"ERROR line %d allocating memory for area "
    1311 "#%u links.",__LINE__, area_num + 1);
    1312 bail(1);
    1313 return;
    1314 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DjswB_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZTIkIcVsFEubRKPyVR-2BCuKY5oHLU9ayFn6T1x6if3eS0nVM4zzDglf0kSu84NvdLQvLmLpVUMBWFTCqIbKw97TOhNhU4Up-2FQ0gGVaItXyTTfc3Uu2zZfP2qWOCQU0YU4SaCyb8-2B3kJNnxUzaATxOedk4YqKEgN0RG-2F7ZgTWOZJ5A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, December 08, 2024 13:41:14
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 515715: Incorrect expression (SIZEOF_MISMATCH)
    /userdat.c: 1420 in node_vstatus()


    ________________________________________________________________________________________________________
    *** CID 515715: Incorrect expression (SIZEOF_MISMATCH)
    /userdat.c: 1420 in node_vstatus()
    1414 return cfg->text != NULL ? cfg->text[NodeStatusOffline] : "Offline";
    1415 case NODE_NETTING: /* Obsolete */
    1416 return "Networking";
    1417 case NODE_LOGON:
    1418 return cfg->text != NULL ? cfg->text[NodeStatusLogon] : "At login prompt";
    1419 case NODE_LOGOUT:
    CID 515715: Incorrect expression (SIZEOF_MISMATCH)
    Passing argument "str" of type "char *" and argument "8UL /* sizeof (str) */" to function "safe_snprintf" is suspicious.
    1420 snprintf(str, sizeof str, cfg->text != NULL ? cfg->text[NodeStatusLogout] : "Logging out %s", username(cfg,node->useron,tmp));
    1421 return str;
    1422 case NODE_EVENT_WAITING:
    1423 return cfg->text != NULL ? cfg->text[NodeStatusEventWaiting] : "Waiting for all nodes to become inactive";
    1424 case NODE_EVENT_LIMBO:
    1425 snprintf(str, size, cfg->text != NULL ? cfg->text[NodeStatusEventLimbo] : "Waiting for node %d to finish external event"

    ** CID 515714: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 515714: Uninitialized variables (UNINIT)
    /getnode.cpp: 289 in sbbs_t::getnodeext(unsigned int, char *)()
    283 errormsg(WHERE,ERR_CHK,"node number",number);
    284 return false;
    285 }
    286
    287 if((node_ext=opennodeext(&cfg))==-1) {
    288 memset(ext,0,128);
    CID 515714: Uninitialized variables (UNINIT)
    Using uninitialized value "*str" when calling "errormsg".
    289 errormsg(WHERE,ERR_OPEN,str,O_RDONLY|O_DENYNONE);
    290 return false;
    291 }
    292
    293 number--; /* make zero based */
    294 for(count=0;count<LOOP_NODEDAB;count++) {

    ** CID 515713: Incorrect expression (SIZEOF_MISMATCH)
    /userdat.c: 1512 in node_activity()


    ________________________________________________________________________________________________________
    *** CID 515713: Incorrect expression (SIZEOF_MISMATCH)
    /userdat.c: 1512 in node_activity()
    1506 return cfg->text != NULL ? cfg->text[NodeActivityLoggingOn] : "logging on";
    1507 case NODE_LCHT:
    1508 snprintf(str, size, cfg->text != NULL ? cfg->text[NodeActivityLocalChat] : "chatting with %s", cfg->sys_op);
    1509 break;
    1510 case NODE_MCHT:
    1511 if(node->aux != 0)
    CID 515713: Incorrect expression (SIZEOF_MISMATCH)
    Passing argument "str" of type "char *" and argument "8UL /* sizeof (str) */" to function "safe_snprintf" is suspicious.
    1512 snprintf(str, sizeof str
    1513 ,cfg->text != NULL ? cfg->text[NodeActivityChatChannel] : "in multinode chat channel %d"
    1514 ,node->aux & 0xff);
    1515 else
    1516 return cfg->text != NULL ? cfg->text[NodeActivityGlobalChat] : "in multinode global chat channel";
    1517 break;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Drf1g_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQY9ty8xtnl2sw1SqlPRU2WILlz6B-2F41RYA0wpD7iGPK7iJJRJMlj06LpTw8H4oLu0ZD6NOR-2Fs4yPZ6xU2n8ZKWHL4-2F4cgQ0xljfi-2B5nJtvQuTTNG4kyAp2Ph0XvRGRr1KcMs8Gin6jWDWu2x-2Bkj9Q6Trx86Of-2BJRienYR-2Fbv9gQgw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, December 15, 2024 13:49:15
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 516068: Null pointer dereferences (FORWARD_NULL)
    /websrvr.c: 5419 in js_ErrorReporter()


    ________________________________________________________________________________________________________
    *** CID 516068: Null pointer dereferences (FORWARD_NULL)
    /websrvr.c: 5419 in js_ErrorReporter()
    5413 pthread_mutex_lock(&mutex);
    5414 if(lastline == report->lineno && report->filename != NULL && strcmp(lastfile, report->filename) == 0)
    5415 log_level = LOG_WARNING;
    5416 else
    5417 log_level = LOG_ERR;
    5418 lastline = report->lineno;
    CID 516068: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "report->filename" to "strlcpy", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
    5419 SAFECOPY(lastfile, report->filename);
    5420 pthread_mutex_unlock(&mutex);
    5421 warning="";
    5422 }
    5423
    5424 lprintf(log_level,"%04d !JavaScript %s%s%s: %s, Request: %s"


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DwGMb_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYoPlNm5BibC088PrWc35An4cdaeXCJhAHOfo6MdQKpuyixiVEFSUvV84YSqGOWCuXdzqHO6D3vFmsefEKTNsriv31FvxSemaYCwQ1e-2F5VqBGX6SKqkk-2F5GGTcyG8HHnvAZdIDYA7eRF8DYP-2F3cg26HCdIpmNxtLPnr6lFDWLJb2Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, December 17, 2024 13:48:21
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    9 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 9 of 9 defect(s)


    ** CID 516415: Error handling issues (CHECKED_RETURN)
    /userdat.c: 1472 in node_activity()


    ________________________________________________________________________________________________________
    *** CID 516415: Error handling issues (CHECKED_RETURN)
    /userdat.c: 1472 in node_activity()
    1466 case NODE_AMSG:
    1467 return cfg->text != NULL ? cfg->text[NodeActivityAutoMsg] : "posting auto-message";
    1468 case NODE_XTRN:
    1469 if(node->aux == 0)
    1470 return cfg->text != NULL ? cfg->text[NodeActivityXtrnMenu] : "at external program menu";
    1471 user.number = node->useron;
    CID 516415: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    1472 getuserdat(cfg, &user);
    1473 xtrnnum = getxtrnnum(cfg, user.curxtrn);
    1474 if(is_valid_xtrnnum(cfg, xtrnnum))
    1475 snprintf(str, size, "%s %s"
    1476 ,cfg->text != NULL ? cfg->text[NodeActivityRunningXtrn] : "running"
    1477 ,cfg->xtrn[xtrnnum]->name);

    ** CID 516414: Error handling issues (CHECKED_RETURN)
    /useredit.cpp: 65 in sbbs_t::useredit(int)()


    ________________________________________________________________________________________________________
    *** CID 516414: Error handling issues (CHECKED_RETURN)
    /useredit.cpp: 65 in sbbs_t::useredit(int)()
    59 if(sys_status&SS_INUEDIT)
    60 return;
    61 sys_status|=SS_INUEDIT;
    62 while(online) {
    63 CLS;
    64 attr(LIGHTGRAY);
    CID 516414: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    65 getuserdat(&cfg,&user);
    66 if(!user.number) {
    67 user.number=1;
    68 getuserdat(&cfg,&user);
    69 if(!user.number) {
    70 bputs(text[NoUserData]);

    ** CID 516413: Error handling issues (CHECKED_RETURN)
    /answer.cpp: 168 in sbbs_t::answer()()


    ________________________________________________________________________________________________________
    *** CID 516413: Error handling issues (CHECKED_RETURN)
    /answer.cpp: 168 in sbbs_t::answer()()
    162 (but keep full terminal type/speed string in rlogin_term): */
    163 truncstr(terminal,"/");
    164 useron.number = 0;
    165 if(rlogin_name[0])
    166 useron.number = find_login_id(&cfg, rlogin_name);
    167 if(useron.number) {
    CID 516413: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    168 getuserdat(&cfg,&useron);
    169 SAFEPRINTF(path,"%srlogin.cfg",cfg.ctrl_dir);
    170 if(!findstr(client.addr,path)) {
    171 SAFECOPY(tmp, rlogin_pass);
    172 for(i=0;i<3 && online;i++) { 173 if(stricmp(tmp,useron.pass)) {

    ** CID 516412: Error handling issues (CHECKED_RETURN)
    /login.cpp: 51 in sbbs_t::login(const char *, const char *, const char *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 516412: Error handling issues (CHECKED_RETURN)
    /login.cpp: 51 in sbbs_t::login(const char *, const char *, const char *, const char *)()
    45 long useron_misc=useron.misc;
    46
    47 username = parse_login(username);
    48
    49 useron.number = find_login_id(&cfg, username);
    50 if(useron.number) {
    CID 516412: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    51 getuserdat(&cfg,&useron);
    52 if(useron.number && useron.misc&(DELETED|INACTIVE))
    53 useron.number=0;
    54 }
    55
    56 if(!useron.number) {

    ** CID 516411: (CHECKED_RETURN)
    /useredit.cpp: 733 in sbbs_t::maindflts(user_t *)()
    /useredit.cpp: 738 in sbbs_t::maindflts(user_t *)()


    ________________________________________________________________________________________________________
    *** CID 516411: (CHECKED_RETURN)
    /useredit.cpp: 733 in sbbs_t::maindflts(user_t *)()
    727
    728 action=NODE_DFLT;
    729 if (cfg.usercfg_mod[0]) {
    730 char cmdline[256];
    731 snprintf(cmdline, sizeof(cmdline), "%s %u", cfg.usercfg_mod, user->number);
    732 exec_bin(cmdline, &main_csi);
    CID 516411: (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    733 getuserdat(&cfg, user);
    734 return;
    735 }
    736 while(online) {
    737 CLS;
    738 getuserdat(&cfg,user);
    /useredit.cpp: 738 in sbbs_t::maindflts(user_t *)()
    732 exec_bin(cmdline, &main_csi);
    733 getuserdat(&cfg, user);
    734 return;
    735 }
    736 while(online) {
    737 CLS;
    CID 516411: (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    738 getuserdat(&cfg,user);
    739 bprintf(text[UserDefaultsHdr],user->alias,user->number);
    740 if(user == &useron) {
    741 update_nodeterm();
    742 load_user_text();
    743 }

    ** CID 516410: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 1662 in http_logon()


    ________________________________________________________________________________________________________
    *** CID 516410: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 1662 in http_logon()
    1656 session->req.finished=true;
    1657 }
    1658
    1659 void http_logon(http_session_t * session, user_t *usr)
    1660 {
    1661 if(usr==NULL)
    CID 516410: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    1662 getuserdat(&scfg, &session->user);
    1663 else
    1664 session->user=*usr;
    1665
    1666 if(session->user.number==session->last_user_num)
    1667 return;

    ** CID 516409: Error handling issues (CHECKED_RETURN)
    /str.cpp: 1388 in sbbs_t::change_user()()


    ________________________________________________________________________________________________________
    *** CID 516409: Error handling issues (CHECKED_RETURN)
    /str.cpp: 1388 in sbbs_t::change_user()()
    1382 putmsgptrs();
    1383 putuserstr(useron.number, USER_CURSUB
    1384 ,cfg.sub[usrsub[curgrp][cursub[curgrp]]]->code);
    1385 putuserstr(useron.number, USER_CURDIR
    1386 ,cfg.dir[usrdir[curlib][curdir[curlib]]]->code);
    1387 useron.number=i;
    CID 516409: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    1388 getuserdat(&cfg,&useron);
    1389 if(getnodedat(cfg.node_num,&thisnode, true)) {
    1390 thisnode.useron=useron.number;
    1391 putnodedat(cfg.node_num,&thisnode);
    1392 }
    1393 getmsgptrs();

    ** CID 516408: Error handling issues (CHECKED_RETURN)
    /useredit.cpp: 1166 in sbbs_t::purgeuser(int)()


    ________________________________________________________________________________________________________
    *** CID 516408: Error handling issues (CHECKED_RETURN)
    /useredit.cpp: 1166 in sbbs_t::purgeuser(int)()
    1160
    1161 void sbbs_t::purgeuser(int usernumber)
    1162 { char str[128];
    1163 user_t user;
    1164
    1165 user.number=usernumber;
    CID 516408: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    1166 getuserdat(&cfg,&user);
    1167 SAFEPRINTF2(str,"Purged %s #%u",user.alias,usernumber);
    1168 logentry("!*",str);
    1169 delallmail(usernumber, MAIL_ANY);
    1170 putusername(&cfg,usernumber,nulstr);
    1171 putusermisc(usernumber, user.misc | DELETED);

    ** CID 516407: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 2037 in check_ars()


    ________________________________________________________________________________________________________
    *** CID 516407: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 2037 in check_ars()
    2031 else
    2032 lprintf(LOG_NOTICE,"%04d !UNKNOWN USER: '%s'" 2033 ,session->socket,session->req.auth.username);
    2034 return(false);
    2035 }
    2036 thisuser.number=i;
    CID 516407: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    2037 getuserdat(&scfg, &thisuser);
    2038 switch(session->req.auth.type) {
    2039 case AUTHENTICATION_TLS_PSK:
    2040 if((auth_allowed & (1<<AUTHENTICATION_TLS_PSK))==0)
    2041 return(false);
    2042 if(session->last_user_num!=0) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DQyWe_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZaRdcpKH1DbVbWKil-2BYXbuPo6Nlz2IWCRH2bHbIl-2BZWutyiZLTcraL5FS1iiZSM0cIaa70yw-2BvQnYvTFtY90cnRY6AunfTZ3TOchBhkmrNG5r6R9YGJilsgu5Suh4msrRA-2BqV-2BHoo-2B29c88W6IVBSZdgQoHyw-2Bn9zmKTgeEHvaqQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, December 20, 2024 13:38:55
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 516431: Incorrect expression (EVALUATION_ORDER)
    /scfg/scfgsys.c: 1740 in sys_cfg()


    ________________________________________________________________________________________________________
    *** CID 516431: Incorrect expression (EVALUATION_ORDER)
    /scfg/scfgsys.c: 1740 in sys_cfg()
    1734 char sys_pass[sizeof(cfg.sys_pass)];
    1735 SAFECOPY(sys_pass, cfg.sys_pass);
    1736 while(1) {
    1737 i=0;
    1738 snprintf(opt[i++],MAX_OPLN,"%-20s%s","BBS Name",cfg.sys_name);
    1739 snprintf(opt[i++],MAX_OPLN,"%-20s%s","Location",cfg.sys_location);
    CID 516431: Incorrect expression (EVALUATION_ORDER)
    In argument #6 of "safe_snprintf(opt[i++], 75UL, "%-20s%s%s %s", "Local Time Zone", ((cfg.sys_timezone == -1) ? "Auto: " : ""), smb_zonestr(sys_timezone(&cfg), NULL), ((!(cfg.sys_timezone <= 1000 && cfg.sys_timezone >= -1000) && (cfg.sys_timezone & 0xc000 || cfg.sys_timezone == 4096 || cfg.sys_timezone == 4156 || cfg.sys_timezone == 4216 || cfg.sys_timezone == 4816 || cfg.sys_timezone == 4696 || cfg.sys_timezone == 4666) && cfg.sys_misc & 0x4000U) ? "(Auto-DST)" : ""))", a call is made to "sys_timezone(&cfg)". In argument #1 of this function, the object "cfg.sys_timezone" is modified. This object is also used in "(cfg.sys_timezone == -1) ? "Auto: " : """, the argument #5 of the outer function call. The order in which these arguments are evaluated is not specified, and will vary between platforms.
    1740 snprintf(opt[i++],MAX_OPLN,"%-20s%s%s %s","Local Time Zone"
    1741 ,cfg.sys_timezone == SYS_TIMEZONE_AUTO ? "Auto: " : ""
    1742 ,smb_zonestr(sys_timezone(&cfg),NULL)
    1743 ,SMB_TZ_HAS_DST(cfg.sys_timezone) && cfg.sys_misc&SM_AUTO_DST ? "(Auto-DST)" : "");
    1744 snprintf(opt[i++],MAX_OPLN,"%-20s%s (e.g. %s)","Short Date Format"
    1745 ,date_format(&cfg, str, sizeof str)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Du0AK_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZX-2BkC2-2BAZJhPPYfXPDeIQ-2B4YvLEfkbd-2Bd6D-2Bq6Hgb3A8yT9nXPdJTazBcJukBEh03pJKxvVooRsB2exFituB7-2FZiW-2B-2FFf3SbStI-2Fat2UXSZKXBODkmruS46NddedKGixq1GgfIg-2BgPQfkssXqpoMR-2BzxwZcTjLKvzCO0Vk2ny9Gw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, December 21, 2024 13:40:03
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 516448: High impact quality (Y2K38_SAFETY)
    /js_msgbase.c: 1441 in js_get_msg_header_resolve()


    ________________________________________________________________________________________________________
    *** CID 516448: High impact quality (Y2K38_SAFETY)
    /js_msgbase.c: 1441 in js_get_msg_header_resolve()
    1435 /* Fixed length portion of msg header */
    1436 LAZY_UINTEGER("type", p->msg.hdr.type, JSPROP_ENUMERATE);
    1437 LAZY_UINTEGER("version", p->msg.hdr.version, JSPROP_ENUMERATE); 1438 LAZY_UINTEGER("attr", p->msg.hdr.attr, JSPROP_ENUMERATE);
    1439 LAZY_UINTEGER("auxattr", p->msg.hdr.auxattr, JSPROP_ENUMERATE); 1440 LAZY_UINTEGER("netattr", p->msg.hdr.netattr, JSPROP_ENUMERATE); >>> CID 516448: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(p->msg.hdr.when_written)" is cast to "uint32".
    1441 LAZY_UINTEGER("when_written_time", smb_time(p->msg.hdr.when_written), JSPROP_ENUMERATE);
    1442 LAZY_INTEGER("when_written_zone", p->msg.hdr.when_written.zone, JSPROP_ENUMERATE);
    1443 LAZY_INTEGER("when_written_zone_offset", smb_tzutc(p->msg.hdr.when_written.zone), JSPROP_ENUMERATE|JSPROP_READONLY);
    1444 LAZY_UINTEGER("when_imported_time", p->msg.hdr.when_imported.time, JSPROP_ENUMERATE);
    1445 LAZY_INTEGER("when_imported_zone", p->msg.hdr.when_imported.zone, JSPROP_ENUMERATE);
    1446 LAZY_INTEGER("when_imported_zone_offset", smb_tzutc(p->msg.hdr.when_imported.zone), JSPROP_ENUMERATE|JSPROP_READONLY);

    ** CID 516447: High impact quality (Y2K38_SAFETY)
    /postmsg.cpp: 625 in votemsg()


    ________________________________________________________________________________________________________
    *** CID 516447: High impact quality (Y2K38_SAFETY)
    /postmsg.cpp: 625 in votemsg()
    619 }
    620 answers++;
    621 }
    622 }
    623 }
    624 safe_snprintf(smsg, sizeof(smsg), smsgfmt
    CID 516447: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg->hdr.when_written)" is cast to "time32_t".
    625 ,timestr(cfg, (time32_t)smb_time(msg->hdr.when_written), tstr)
    626 ,cfg->grp[cfg->sub[smb->subnum]->grp]->sname
    627 ,cfg->sub[smb->subnum]->sname
    628 ,from
    629 ,remsg.subj);
    630 SAFECAT(smsg, votes);

    ** CID 516446: (Y2K38_SAFETY)
    /qwknodes.c: 366 in main()
    /qwknodes.c: 392 in main()
    /qwknodes.c: 361 in main()
    /qwknodes.c: 384 in main()
    /qwknodes.c: 333 in main()
    /qwknodes.c: 343 in main()


    ________________________________________________________________________________________________________
    *** CID 516446: (Y2K38_SAFETY)
    /qwknodes.c: 366 in main()
    360 ,msg.from,p+1
    361 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
    362 ,str); 363 else
    364 fprintf(users,"%-25.25s %-8.8s %s\r\n"
    365 ,msg.from,str
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    366 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp));
    367 }
    368 if(cmd&NODES && msg.from_net.type==NET_QWK) {
    369 if(mode&TAGS)
    370 gettag(&msg,tag);
    371 if(mode&FEED) /qwknodes.c: 392 in main()
    386 }
    387 else
    388 fprintf(nodes,"%-8.8s %s\r\n"
    389 ,str 390 ,mode&TAGS
    391 ? tag >>> CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    392 : unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp));
    393 }
    394 }
    395 }
    396 smb_freemsgmem(&msg);
    397 }
    /qwknodes.c: 361 in main()
    355 else
    356 strcpy(str,msg.from_net.addr);
    357 p=strrchr(str,'/');
    358 if(p)
    359 fprintf(users,"%-25.25s %-8.8s %s (%s)\r\n"
    360 ,msg.from,p+1
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    361 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
    362 ,str); 363 else
    364 fprintf(users,"%-25.25s %-8.8s %s\r\n"
    365 ,msg.from,str
    366 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp));
    /qwknodes.c: 384 in main()
    378 fprintf(nodes,"%-8.8s %s\r\n"
    379 ,p+1
    380 ,tag);
    381 else
    382 fprintf(nodes,"%-8.8s %s (%s)\r\n"
    383 ,p+1
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    384 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
    385 ,str);
    386 }
    387 else
    388 fprintf(nodes,"%-8.8s %s\r\n"
    389 ,str /qwknodes.c: 333 in main()
    327 p=strrchr(addr,'/');
    328 if(!p)
    329 p=addr; 330 else
    331 *(p++)=0;
    332 safe_snprintf(str, sizeof(str), "%s %s:%s%c%s"
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    333 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
    334 ,p,cfg.sys_id,p==addr ? 0 : '/'
    335 ,addr); 336 fprintf(route,"%s\r\n",str);
    337 }
    338 else {
    /qwknodes.c: 343 in main()
    337 }
    338 else {
    339 p=strrchr(addr,'/');
    340 if(p) {
    341 *(p++)=0;
    342 fprintf(route,"%s %s:%.*s\r\n"
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    343 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),str)
    344 ,p
    345 ,(uint)(p-addr)
    346 ,addr); 347 }
    348 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DNGSj_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYgWGJ9BYEIxvdbhMAIayAni-2FuUZOlays8-2BQNW1Qj2YoLcEBScLdhHrJ52SvmolJ5itsnLRiKIwdue9DQ-2F9PO-2FUFGY-2Fa0jLnspeSlF2FiQB80TbxuUTyDk42cNSQCBuIqgPC4jh5ZIq8dm-2B49xrAWdl9U3UIFg1xXJFs0kJktVUnA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tuesday, December 24, 2024 13:46:54
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 516462: Resource leaks (RESOURCE_LEAK)
    /str.cpp: 277 in sbbs_t::sif(char *, char *, int)()


    ________________________________________________________________________________________________________
    *** CID 516462: Resource leaks (RESOURCE_LEAK)
    /str.cpp: 277 in sbbs_t::sif(char *, char *, int)()
    271 errormsg(WHERE,ERR_OPEN,str,O_RDONLY);
    272 return;
    273 }
    274 length=(int)filelength(file);
    275 if(length < 0) {
    276 errormsg(WHERE, ERR_CHK, str, length);
    CID 516462: Resource leaks (RESOURCE_LEAK)
    Handle variable "file" going out of scope leaks the handle.
    277 return;
    278 }
    279 if((buf=(char *)calloc(length + 1, 1))==0) {
    280 close(file);
    281 errormsg(WHERE,ERR_ALLOC,str,length);
    282 return;

    ** CID 516461: Resource leaks (RESOURCE_LEAK)
    /writemsg.cpp: 678 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 516461: Resource leaks (RESOURCE_LEAK)
    /writemsg.cpp: 678 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    672 return(false);
    673 }
    674 length=(long)filelength(file);
    675 if(length < 0) {
    676 errormsg(WHERE, ERR_LEN, msgtmp, length);
    677 free(buf);
    CID 516461: Resource leaks (RESOURCE_LEAK)
    Handle variable "file" going out of scope leaks the handle.
    678 return false;
    679 }
    680 l=strlen((char *)buf); /* reserve space for top and terminating null */
    681 /* truncate if too big */
    682 if(length>(long)((cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1))) {
    683 length=(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1);

    ** CID 516460: Error handling issues (CHECKED_RETURN)
    /chat.cpp: 254 in sbbs_t::multinodechat(int)()


    ________________________________________________________________________________________________________
    *** CID 516460: Error handling issues (CHECKED_RETURN)
    /chat.cpp: 254 in sbbs_t::multinodechat(int)()
    248 if(getstr(str,8,K_UPPER|K_ALPHA|K_LINE)) {
    249 getnodedat(cfg.node_num,&thisnode,true);
    250 thisnode.aux=channel;
    251 packchatpass(str,&thisnode);
    252 }
    253 else {
    CID 516460: Error handling issues (CHECKED_RETURN)
    Calling "getnodedat" without checking return value (as is done elsewhere 54 out of 58 times).
    254 getnodedat(cfg.node_num,&thisnode,true);
    255 thisnode.aux=channel;
    256 }
    257 }
    258 else {
    259 getnodedat(cfg.node_num,&thisnode,true);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DT8kj_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZ0FBX-2BUT7uzaWITu7U3dUMhdetuA-2BXV7YO8edQOGefnmNi1UdppKCC6vLOx06Y8sPuw5srJbsIYFYToJzSPdHxTD057AtOipCaMaoVsZPXJm19KDepDOzvHsB8koLerJtFoWwn5Qu57g8OiPy6q-2FxqWajzzHkfT1WyGUJ-2Bbs009Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, January 01, 2025 13:40:24
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 528581: Control flow issues (DEADCODE) /tmp/sbbs-Jan-01-2025/src/conio/sdl_con.c: 994 in sdl_video_event_thread()


    ________________________________________________________________________________________________________
    *** CID 528581: Control flow issues (DEADCODE) /tmp/sbbs-Jan-01-2025/src/conio/sdl_con.c: 994 in sdl_video_event_thread()
    988 if (bios_key >= 429496730 ||
    989 (bios_key == 429496729 && ((ev.key.keysym.sym > SDLK_KP_5) || (ev.key.keysym.sym == SDLK_KP_0)))) {
    990 terminate_bios = true;
    991 }
    992 }
    993 else {
    CID 528581: Control flow issues (DEADCODE)
    Execution cannot reach the expression "ev.key.keysym.sym > SDLK_KP_5" inside this statement: "if (bios_key >= 26U || (bio...".
    994 if (bios_key >= 26 ||
    995 (bios_key == 429496729 && ((ev.key.keysym.sym > SDLK_KP_5) || (ev.key.keysym.sym == SDLK_KP_0)))) {
    996 terminate_bios = true;
    997 }
    998 }
    999 if (terminate_bios) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DXNhu_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbC0dee144hDhJdlAtpKcHwzMEyb91qJk06-2BZ5IIx-2F9DZxU4TfNPF8J4DJ1D5ZwCMW0WOJBoN8726nac3S-2FDDq0nwEjPKYHJxK0wxgZqFE1jRhzJfndbA8hvw5ibvT9tO3VGpQu88n0PuZ5Z9AmM7-2Fkauxnye2PWIl66kbToPTPZw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, January 05, 2025 15:11:19
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 529876: (OVERRUN)
    /tmp/sbbs-Jan-05-2025/src/encode/lzh.c: 457 in lzh_update() /tmp/sbbs-Jan-05-2025/src/encode/lzh.c: 458 in lzh_update()


    ________________________________________________________________________________________________________
    *** CID 529876: (OVERRUN)
    /tmp/sbbs-Jan-05-2025/src/encode/lzh.c: 457 in lzh_update()
    451
    452 tmp = huff->child[c];
    453 huff->parent[tmp] = l;
    454 if (tmp < LZH_TABLE_SZ)
    455 huff->parent[tmp + 1] = l;
    456
    CID 529876: (OVERRUN)
    Overrunning array "huff->child" of 628 2-byte elements at element index 628 (byte offset 1257) using index "l" (which evaluates to 628).
    457 tmp2 = huff->child[l];
    458 huff->child[l] = tmp;
    459
    460 huff->parent[tmp2] = c;
    461 if (tmp2 < LZH_TABLE_SZ)
    462 huff->parent[tmp2 + 1] = c; /tmp/sbbs-Jan-05-2025/src/encode/lzh.c: 458 in lzh_update()
    452 tmp = huff->child[c];
    453 huff->parent[tmp] = l;
    454 if (tmp < LZH_TABLE_SZ)
    455 huff->parent[tmp + 1] = l;
    456
    457 tmp2 = huff->child[l];
    CID 529876: (OVERRUN)
    Overrunning array "huff->child" of 628 2-byte elements at element index 628 (byte offset 1257) using index "l" (which evaluates to 628).
    458 huff->child[l] = tmp;
    459
    460 huff->parent[tmp2] = c;
    461 if (tmp2 < LZH_TABLE_SZ)
    462 huff->parent[tmp2 + 1] = c;
    463 huff->child[c] = tmp2;

    ** CID 529875: (OVERRUN)
    /tmp/sbbs-Jan-05-2025/src/encode/lzh.c: 450 in lzh_update() /tmp/sbbs-Jan-05-2025/src/encode/lzh.c: 449 in lzh_update() /tmp/sbbs-Jan-05-2025/src/encode/lzh.c: 445 in lzh_update()


    ________________________________________________________________________________________________________
    *** CID 529875: (OVERRUN)
    /tmp/sbbs-Jan-05-2025/src/encode/lzh.c: 450 in lzh_update()
    444 // If we exited before the end of table, decrement l
    445 if (tmp <= huff->freq[l])
    446 l--;
    447
    448 // Now swap nodes
    449 huff->freq[c] = huff->freq[l];
    CID 529875: (OVERRUN)
    Overrunning array "huff->freq" of 628 2-byte elements at element index 628 (byte offset 1257) using index "l" (which evaluates to 628).
    450 huff->freq[l] = tmp;
    451
    452 tmp = huff->child[c];
    453 huff->parent[tmp] = l;
    454 if (tmp < LZH_TABLE_SZ)
    455 huff->parent[tmp + 1] = l; /tmp/sbbs-Jan-05-2025/src/encode/lzh.c: 449 in lzh_update()
    443
    444 // If we exited before the end of table, decrement l
    445 if (tmp <= huff->freq[l])
    446 l--;
    447
    448 // Now swap nodes
    CID 529875: (OVERRUN)
    Overrunning array "huff->freq" of 628 2-byte elements at element index 628 (byte offset 1257) using index "l" (which evaluates to 628).
    449 huff->freq[c] = huff->freq[l];
    450 huff->freq[l] = tmp;
    451
    452 tmp = huff->child[c];
    453 huff->parent[tmp] = l;
    454 if (tmp < LZH_TABLE_SZ) /tmp/sbbs-Jan-05-2025/src/encode/lzh.c: 445 in lzh_update()
    439 * that has a lower frequency than our new one 440 */
    441 for (l = c + 1; l <= LZH_TABLE_SZ && tmp > huff->freq[l]; l++)
    442 ;
    443
    444 // If we exited before the end of table, decrement l
    CID 529875: (OVERRUN)
    Overrunning array "huff->freq" of 628 2-byte elements at element index 628 (byte offset 1257) using index "l" (which evaluates to 628).
    445 if (tmp <= huff->freq[l])
    446 l--;
    447
    448 // Now swap nodes
    449 huff->freq[c] = huff->freq[l];
    450 huff->freq[l] = tmp;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DVjXG_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYmOS4dF7bzpu1cVppVHTeUZERPDt2v2E4lCt9lCuWdNtkNglNtUqzAPEUlnwGBzZlBueizPFLO26MyF5roLbzi-2F0G80IHg4mwTrYLGZfPUf8Sg5333ueo95zQQtd4OVT7zx85Gr8TBXnJTKyUKhNeMTemzlJoM0HPQHEa-2FpXlaaw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wednesday, January 08, 2025 13:40:58
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 529977: Incorrect expression (SIZEOF_MISMATCH)
    /atcodes.cpp: 2311 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, JSObject *)()


    ________________________________________________________________________________________________________
    *** CID 529977: Incorrect expression (SIZEOF_MISMATCH)
    /atcodes.cpp: 2311 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, JSObject *)()
    2305 : (current_file->from == nullptr ? nulstr : current_file->from);
    2306 if(strcmp(sp, "FILE_BYTES") == 0) {
    2307 safe_snprintf(str, maxlen, "%ld", (long)current_file->size);
    2308 return str;
    2309 }
    2310 if(strcmp(sp, "FILE_SIZE") == 0)
    CID 529977: Incorrect expression (SIZEOF_MISMATCH)
    Passing argument "str" of type "char *" and argument "8UL /* sizeof (str) */" to function "byte_estimate_to_str" is suspicious.
    2311 return byte_estimate_to_str(current_file->size, str, sizeof str, /* units: */1024, /* precision: */1);
    2312 if(strcmp(sp, "FILE_CREDITS") == 0) {
    2313 safe_snprintf(str, maxlen, "%" PRIu64, current_file->cost);
    2314 return str;
    2315 }
    2316 if(strcmp(sp, "FILE_CRC32") == 0) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, http://url2497.blackduck.com/ls/click?upn=u001.Ji18sHaXCxZb7Rfw8sC51j9Suwl84vq-2FeHTSxCm409PbgTgYEdi2VnuaQNlDgcb5JjALxNeaZf2yWZEMA-2FE6JEQm092Z-2B02AUi7Sp54Z-2B6I-3DjXBk_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZ-2BccbwOBuD5ui7v9trYaUtAyk5nXDg6l2xX3MkPoD01xhpnfT-2Fkg6ap91bIfb4XqTQXNlxWOzjRjRNOVMZ2H7I9Q-2BXHowhaav-2B3SVUHs-2B21No7COFVbHUcCKKxzwKovyWxOeYInAxTYvAJs43a5sYtCMrwgWJgXbztBD8zm37Rwg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, January 09, 2025 20:33:48
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 529991: Control flow issues (DEADCODE) /tmp/sbbs-Jan-09-2025/src/xpdev/genwrap.c: 1151 in xp_fast_timer64()


    ________________________________________________________________________________________________________
    *** CID 529991: Control flow issues (DEADCODE) /tmp/sbbs-Jan-09-2025/src/xpdev/genwrap.c: 1151 in xp_fast_timer64()
    1145 if (clock_getres(CLOCK_MONOTONIC_RAW, &ts) == 0)
    1146 cid = CLOCK_MONOTONIC_RAW;
    1147 }
    1148 cid = CLOCK_MONOTONIC_RAW;
    1149 #endif
    1150 if (cid == CLOCK_REALTIME)
    CID 529991: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "cid = 1;".
    1151 cid = CLOCK_MONOTONIC;
    1152
    1153 if (clock_gettime(cid, &ts) == 0)
    1154 ret = ts.tv_sec;
    1155 else
    1156 ret = -1;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, http://url2497.blackduck.com/ls/click?upn=u001.Ji18sHaXCxZb7Rfw8sC51j9Suwl84vq-2FeHTSxCm409PbgTgYEdi2VnuaQNlDgcb5JjALxNeaZf2yWZEMA-2FE6JEQm092Z-2B02AUi7Sp54Z-2B6I-3DJzn7_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYw9HgWY5fw-2BKTu3iNJoyd7G2ZoeBsWXuqG5dV8s2gHJJ3z7riRhQ4NsZmnjMPwb0d5EgUIDxBYRgoxCBOeIJM-2FTyx1gDXnmdIG86yJoS96pjUoxOjapj4QBWqvYthXwRmCXtEhEMTEAYvLzxwt5vpbI04EqHQ4ulGmUuTBimQnkA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Friday, January 10, 2025 17:21:22
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 530002: (NULL_RETURNS)
    /tmp/sbbs-Jan-10-2025/src/conio/bitmap_con.c: 1544 in bitmap_clrscr()


    ________________________________________________________________________________________________________
    *** CID 530002: (NULL_RETURNS)
    /tmp/sbbs-Jan-10-2025/src/conio/bitmap_con.c: 1547 in bitmap_clrscr()
    1541 cols = vstat.cols;
    1542 for (y = cio_textinfo.wintop - 1; y < cio_textinfo.winbottom && y < rows; y++) {
    1543 for (x = cio_textinfo.winleft - 1; x < cio_textinfo.winright && x < cols; x++) {
    1544 va[c++] = *set_vmem_cell(vmem_ptr, y * cio_textinfo.screenwidth + x, fill, ciolib_fg, ciolib_bg);
    1545 }
    1546 }
    CID 530002: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "va" when calling "bitmap_draw_vmem".
    1547 bitmap_draw_vmem(cio_textinfo.winleft, cio_textinfo.wintop, cio_textinfo.winright, cio_textinfo.winbottom, va);
    1548 release_vmem(vmem_ptr);
    1549 pthread_mutex_unlock(&vstatlock);
    1550 }
    1551
    1552 void bitmap_getcustomcursor(int *s, int *e, int *r, int *b, int *v) /tmp/sbbs-Jan-10-2025/src/conio/bitmap_con.c: 1544 in bitmap_clrscr()
    1538 pthread_mutex_lock(&vstatlock);
    1539 vmem_ptr = get_vmem(&vstat);
    1540 rows = vstat.rows;
    1541 cols = vstat.cols;
    1542 for (y = cio_textinfo.wintop - 1; y < cio_textinfo.winbottom && y < rows; y++) {
    1543 for (x = cio_textinfo.winleft - 1; x < cio_textinfo.winright && x < cols; x++) {
    CID 530002: (NULL_RETURNS)
    Dereferencing "va", which is known to be "NULL".
    1544 va[c++] = *set_vmem_cell(vmem_ptr, y * cio_textinfo.screenwidth + x, fill, ciolib_fg, ciolib_bg);
    1545 }
    1546 }
    1547 bitmap_draw_vmem(cio_textinfo.winleft, cio_textinfo.wintop, cio_textinfo.winright, cio_textinfo.winbottom, va);
    1548 release_vmem(vmem_ptr);
    1549 pthread_mutex_unlock(&vstatlock);

    ** CID 530001: (EVALUATION_ORDER)
    /pack_qwk.cpp: 750 in sbbs_t::pack_qwk(char *, unsigned int *, bool)() /pack_qwk.cpp: 750 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()


    ________________________________________________________________________________________________________
    *** CID 530001: (EVALUATION_ORDER)
    /pack_qwk.cpp: 750 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    744 lprintf(LOG_ERR, "libarchive error (%s) creating %s", error, packet);
    745 else
    746 lprintf(LOG_INFO, "libarchive created %s from %d files", packet, file_count);
    747 }
    748 if(flength(packet) < 1) {
    749 remove(packet);
    CID 530001: (EVALUATION_ORDER)
    In argument #1 of "this->external(this->cmdstr(this->temp_cmd(ex), packet, path, NULL, ex), ex | 1, NULL)", a call is made to "this->temp_cmd(ex)". In argument #1 of this function, the object "ex" is modified. This object is also used in "ex | 1", the argument #2 of the outer function call. The order in which these arguments are evaluated is not specified, and will vary between platforms.
    750 if((i = external(cmdstr(temp_cmd(ex),packet,path,NULL,ex), ex|EX_WILDCARD)) != 0)
    751 errormsg(WHERE, ERR_EXEC, cmdstr_output, i); 752 if(flength(packet) < 1) {
    753 bputs(text[QWKCompressionFailed]);
    754 return(false);
    755 }
    /pack_qwk.cpp: 750 in sbbs_t::pack_qwk(char *, unsigned int *, bool)()
    744 lprintf(LOG_ERR, "libarchive error (%s) creating %s", error, packet);
    745 else
    746 lprintf(LOG_INFO, "libarchive created %s from %d files", packet, file_count);
    747 }
    748 if(flength(packet) < 1) {
    749 remove(packet);
    CID 530001: (EVALUATION_ORDER)
    In argument #1 of "this->cmdstr(this->temp_cmd(ex), packet, path, NULL, ex)", a call is made to "this->temp_cmd(ex)". In argument #1 of this function, the object "ex" is modified. This object is also used in "ex", the argument #5 of the outer function call. The order in which these arguments are evaluated is not specified, and will vary between platforms.
    750 if((i = external(cmdstr(temp_cmd(ex),packet,path,NULL,ex), ex|EX_WILDCARD)) != 0)
    751 errormsg(WHERE, ERR_EXEC, cmdstr_output, i); 752 if(flength(packet) < 1) {
    753 bputs(text[QWKCompressionFailed]);
    754 return(false);
    755 }

    ** CID 530000: (RESOURCE_LEAK)
    /tmp/sbbs-Jan-10-2025/src/conio/bitmap_con.c: 1550 in bitmap_clrscr() /tmp/sbbs-Jan-10-2025/src/conio/bitmap_con.c: 1536 in bitmap_clrscr()


    ________________________________________________________________________________________________________
    *** CID 530000: (RESOURCE_LEAK) /tmp/sbbs-Jan-10-2025/src/conio/bitmap_con.c: 1550 in bitmap_clrscr()
    1544 va[c++] = *set_vmem_cell(vmem_ptr, y * cio_textinfo.screenwidth + x, fill, ciolib_fg, ciolib_bg);
    1545 }
    1546 }
    1547 bitmap_draw_vmem(cio_textinfo.winleft, cio_textinfo.wintop, cio_textinfo.winright, cio_textinfo.winbottom, va);
    1548 release_vmem(vmem_ptr);
    1549 pthread_mutex_unlock(&vstatlock);
    CID 530000: (RESOURCE_LEAK)
    Variable "va" going out of scope leaks the storage it points to.
    1550 }
    1551
    1552 void bitmap_getcustomcursor(int *s, int *e, int *r, int *b, int *v) 1553 {
    1554 pthread_mutex_lock(&vstatlock);
    1555 if(s)
    /tmp/sbbs-Jan-10-2025/src/conio/bitmap_con.c: 1536 in bitmap_clrscr()
    1530 struct vstat_vmem *vmem_ptr;
    1531 size_t c = 0;
    1532 int rows, cols;
    1533 struct vmem_cell *va = malloc(((cio_textinfo.winright - cio_textinfo.winleft + 1) * (cio_textinfo.winbottom - cio_textinfo.wintop + 1)) * sizeof(struct vmem_cell));
    1534
    1535 if(!bitmap_initialized)
    CID 530000: (RESOURCE_LEAK)
    Variable "va" going out of scope leaks the storage it points to.
    1536 return;
    1537
    1538 pthread_mutex_lock(&vstatlock);
    1539 vmem_ptr = get_vmem(&vstat);
    1540 rows = vstat.rows;
    1541 cols = vstat.cols;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sunday, January 12, 2025 15:13:29
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    46 new defect(s) introduced to Synchronet found with Coverity Scan.
    22 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 20 of 46 defect(s)


    ** CID 530529: Insecure data handling (INTEGER_OVERFLOW)


    ________________________________________________________________________________________________________
    *** CID 530529: Insecure data handling (INTEGER_OVERFLOW)
    /str.cpp: 420 in sbbs_t::sif(char *, char *, int)()
    414 answers[a+cr]=str[cr];
    415 while(cr<max)
    416 answers[a+cr++]=ETX;
    417 a+=max;
    418 }
    419 else {
    CID 530529: Insecure data handling (INTEGER_OVERFLOW)
    "max", which might have underflowed, is passed to "putrec(answers, a, max, str)".
    420 putrec(answers,a,max,str);
    421 putrec(answers,a+max,2,crlf);
    422 a+=max+2;
    423 }
    424 }
    425 }

    ** CID 530527: Data race undermines locking (LOCK_EVASION)
    /download.cpp: 188 in sbbs_t::protocol(prot_t *, XFER_TYPE, const char *, const char *, bool, bool, long *)()


    ________________________________________________________________________________________________________
    *** CID 530527: Data race undermines locking (LOCK_EVASION)
    /download.cpp: 188 in sbbs_t::protocol(prot_t *, XFER_TYPE, const char *, const char *, bool, bool, long *)()
    182 logline(LOG_DEBUG,nulstr,protlog);
    183 }
    184 fclose(stream);
    185 }
    186
    187 CRLF;
    CID 530527: Data race undermines locking (LOCK_EVASION)
    Thread1 sets "sys_status" to a new value. Now the two threads have an inconsistent view of "sys_status" and updates to fields correlated with "sys_status" may be lost.
    188 if(autohang) sys_status|=SS_PAUSEOFF; /* Pause off after download */
    189 if(elapsed != nullptr) {
    190 *elapsed = end - start;
    191 if(*elapsed < 0)
    192 *elapsed = 0;
    193 }

    ** CID 530526: Control flow issues (UNREACHABLE)
    /uedit/uedit.c: 2189 in main()


    ________________________________________________________________________________________________________
    *** CID 530526: Control flow issues (UNREACHABLE)
    /uedit/uedit.c: 2189 in main()
    2183 edit_user(&cfg, atoi(opt[i]));
    2184 break;
    2185 }
    2186 }
    2187 }
    2188 }
    CID 530526: Control flow issues (UNREACHABLE)
    This code cannot be reached: "free_opts(opt);".
    2189 free_opts(opt);

    ** CID 530525: Insecure data handling (INTEGER_OVERFLOW)
    /getmsg.cpp: 540 in sbbs_t::getmsgnum(int, long)()


    ________________________________________________________________________________________________________
    *** CID 530525: Insecure data handling (INTEGER_OVERFLOW)
    /getmsg.cpp: 540 in sbbs_t::getmsgnum(int, long)()
    534 errormsg(WHERE,ERR_OPEN,smb.file,i,smb.last_error);
    535 return 0;
    536 }
    537 int result = smb_getmsgidx_by_time(&smb, &idx, t);
    538 smb_close(&smb);
    539 if(result >= SMB_SUCCESS)
    CID 530525: Insecure data handling (INTEGER_OVERFLOW)
    "idx.number - 1U", which might have underflowed, is returned from the function.
    540 return idx.number - 1;
    541 return ~0;
    542 }
    543
    544 /****************************************************************************/
    545 /* Returns the time of the message number pointed to by 'ptr' */

    ** CID 530524: Data race undermines locking (LOCK_EVASION)
    /exec.cpp: 1410 in sbbs_t::exec(csi_t *)()


    ________________________________________________________________________________________________________
    *** CID 530524: Data race undermines locking (LOCK_EVASION)
    /exec.cpp: 1410 in sbbs_t::exec(csi_t *)()
    1404 csi->logic=strnicmp(csi->str,(char*)csi->ip,strlen((char*)csi->ip));
    1405 break;
    1406 default:
    1407 errormsg(WHERE,ERR_CHK,"shell instruction",*(csi->ip-1));
    1408 break;
    1409 }
    CID 530524: Data race undermines locking (LOCK_EVASION)
    Thread1 sets "ip" to a new value. Now the two threads have an inconsistent view of "ip" and updates to fields correlated with "ip" may be lost.
    1410 while(*(csi->ip++)); /* Find NULL */
    1411 return(0);
    1412 }
    1413
    1414 if(*csi->ip>=CS_THREE_BYTE) {
    1415 switch(*(csi->ip++)) {

    ** CID 530523: Insecure data handling (INTEGER_OVERFLOW)


    ________________________________________________________________________________________________________
    *** CID 530523: Insecure data handling (INTEGER_OVERFLOW)
    /chat.cpp: 178 in sbbs_t::multinodechat(int)()
    172 SAFECAT(str,"0");
    173 i=getkeys(str,cfg.total_chans);
    174 if(i&0x80000000L) { /* change channel */
    175 savch=(char)(i&~0x80000000L); 176 if(savch==channel)
    177 continue;
    CID 530523: Insecure data handling (INTEGER_OVERFLOW)
    "savch - 1", which might have underflowed, is passed to "this->chan_access(savch - 1)".
    178 if(!chan_access(savch-1))
    179 continue;
    180 bprintf(text[WelcomeToChannelN] 181 ,savch,cfg.chan[savch-1]->name);
    182
    183 usrs=0;

    ** CID 530521: Control flow issues (DEADCODE)
    /websrvr.c: 6459 in read_post_data()


    ________________________________________________________________________________________________________
    *** CID 530521: Control flow issues (DEADCODE)
    /websrvr.c: 6459 in read_post_data()
    6453 if(ch_len==0)
    6454 break;
    6455 /* Check size */
    6456 s += ch_len;
    6457 if(s > MAX_POST_LEN) {
    6458 if(s > SIZE_MAX) {
    CID 530521: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "send_error(session, 6459U, ...".
    6459 send_error(session,__LINE__,"413 Request entity too large");
    6460 FCLOSE_OPEN_FILE(fp); 6461 return(false);
    6462 }
    6463 if(fp==NULL) {
    6464 fp=open_post_file(session);

    ** CID 530517: Resource leaks (RESOURCE_LEAK)
    /sbbsecho.c: 5884 in find_stray_packets()


    ________________________________________________________________________________________________________
    *** CID 530517: Resource leaks (RESOURCE_LEAK)
    /sbbsecho.c: 5884 in find_stray_packets()
    5878 }
    5879 if(terminator == FIDO_PACKET_TERMINATOR)
    5880 lprintf(LOG_DEBUG, "Stray packet already finalized: %s", packet);
    5881 else {
    5882 if((pkt->fp = fopen(pkt->filename, "ab")) == NULL) {
    5883 lprintf(LOG_ERR, "ERROR %d (%s) opening %s", errno, strerror(errno), pkt->filename);
    CID 530517: Resource leaks (RESOURCE_LEAK)
    Freeing "pkt" without freeing its pointer field "filename" leaks the storage that "filename" points to.
    5884 free(pkt);
    5885 continue;
    5886 }
    5887 }
    5888 pkt->orig = pkt_orig;
    5889 pkt->dest = pkt_dest;

    ** CID 530516: Integer handling issues (INTEGER_OVERFLOW)
    /sbbsecho.c: 3920 in putfmsg()


    ________________________________________________________________________________________________________
    *** CID 530516: Integer handling issues (INTEGER_OVERFLOW)
    /sbbsecho.c: 3920 in putfmsg()
    3914 lastlen=9; /* +strlen(seenby); */
    3915 net_exists=0;
    3916 fprintf(stream,"\rSEEN-BY:"); 3917 }
    3918 }
    3919
    CID 530516: Integer handling issues (INTEGER_OVERFLOW)
    Expression "u++", where "u" is known to be equal to 4294967295, overflows the type of "u++", which is type "unsigned int".
    3920 for(u=0;u<area.links;u++) { /* Add all links to SEEN-BYs */
    3921 nodecfg_t* nodecfg=findnodecfg(&cfg, area.link[u], /* exact: */false);
    3922 if(nodecfg!=NULL && nodecfg->passive) 3923 continue;
    3924 strcpy(seenby," ");
    3925 if(foreign_zone(addr.zone, area.link[u].zone) || area.link[u].point)

    ** CID 530515: Insecure data handling (INTEGER_OVERFLOW)
    /js_system.c: 1575 in js_get_node()


    ________________________________________________________________________________________________________
    *** CID 530515: Insecure data handling (INTEGER_OVERFLOW)
    /js_system.c: 1575 in js_get_node()
    1569 JS_DefineProperty(cx, nodeobj, "action", INT_TO_JSVAL((int)node.action), NULL, NULL, JSPROP_ENUMERATE);
    1570 JS_DefineProperty(cx, nodeobj, "activity", STRING_TO_JSVAL(JS_NewStringCopyZ(cx, node_activity(sys->cfg, &node, str, sizeof str, node_num))), NULL, NULL, JSPROP_ENUMERATE);
    1571 JS_DefineProperty(cx, nodeobj, "useron", INT_TO_JSVAL((int)node.useron), NULL, NULL, JSPROP_ENUMERATE);
    1572 JS_DefineProperty(cx, nodeobj, "connection", INT_TO_JSVAL((int)node.connection), NULL, NULL, JSPROP_ENUMERATE);
    1573 JS_DefineProperty(cx, nodeobj, "misc", INT_TO_JSVAL((int)node.misc), NULL, NULL, JSPROP_ENUMERATE);
    1574 JS_DefineProperty(cx, nodeobj, "aux", INT_TO_JSVAL((int)node.aux), NULL, NULL, JSPROP_ENUMERATE);
    CID 530515: Insecure data handling (INTEGER_OVERFLOW)
    The cast of "node.extaux" to a signed type could result in a negative number.
    1575 JS_DefineProperty(cx, nodeobj, "extaux", INT_TO_JSVAL((int)node.extaux), NULL, NULL, JSPROP_ENUMERATE);
    1576 JS_SET_RVAL(cx, arglist, OBJECT_TO_JSVAL(nodeobj));
    1577 return JS_TRUE;
    1578 }
    1579
    1580 static JSBool

    ** CID 530514: (INTEGER_OVERFLOW)
    /scansubs.cpp: 312 in sbbs_t::new_scan_ptr_cfg()()
    /scansubs.cpp: 375 in sbbs_t::new_scan_ptr_cfg()()


    ________________________________________________________________________________________________________
    *** CID 530514: (INTEGER_OVERFLOW)
    /scansubs.cpp: 312 in sbbs_t::new_scan_ptr_cfg()()
    306 else
    307 subscan[usrsub[i][j]].ptr=l-s;
    308 }
    309 progress(text[LoadingMsgPtrs], subs, total_subs);
    310 continue;
    311 }
    CID 530514: (INTEGER_OVERFLOW)
    Expression "i", where "(s & 0xffffffff7fffffffL) - 1L" is known to be equal to -1, overflows the type of "i", which is type "int".
    312 i=(s&~0x80000000L)-1;
    313 while(online) {
    314 l=0;
    315 bprintf(text[CfgSubLstHdr],cfg.grp[usrgrp[i]]->lname);
    316 for(j=0;j<usrsubs[i] && !msgabort();j++) {
    317 checkline();
    /scansubs.cpp: 375 in sbbs_t::new_scan_ptr_cfg()()
    369 subscan[usrsub[i][j]].ptr=l-s;
    370 }
    371 progress(text[LoadingMsgPtrs], j, usrsubs[i]);
    372 continue;
    373 }
    374 else {
    CID 530514: (INTEGER_OVERFLOW)
    Expression "j", where "(s & 0xffffffff7fffffffL) - 1L" is known to be equal to -1, overflows the type of "j", which is type "int".
    375 j=(s&~0x80000000L)-1;
    376 mnemonics(text[SetMsgPtrPrompt]);
    377 SAFEPRINTF2(keys, "%s%c", text[DateLastKeys], quit_key());
    378 s=getkeys(keys, 9999);
    379 if(s==-1 || s==quit_key())
    380 continue;

    ** CID 530512: Integer handling issues (INTEGER_OVERFLOW)
    /scansubs.cpp: 472 in sbbs_t::new_scan_cfg(unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 530512: Integer handling issues (INTEGER_OVERFLOW)
    /scansubs.cpp: 472 in sbbs_t::new_scan_cfg(unsigned int)()
    466 subscan[usrsub[i][j]].cfg&=~SUB_CFG_YSCAN;
    467 subscan[usrsub[i][j]].cfg|=misc;
    468 }
    469 }
    470 continue;
    471 }
    CID 530512: Integer handling issues (INTEGER_OVERFLOW)
    Expression "j", where "(s & 0xffffffff7fffffffL) - 1L" is known to be equal to -1, overflows the type of "j", which is type "int".
    472 j=(s&~0x80000000L)-1;
    473 if(misc&SUB_CFG_NSCAN && !(subscan[usrsub[i][j]].cfg&misc)) {
    474 if(!(useron.rest&FLAG('Q')) && !noyes(text[MsgsToYouOnlyQ]))
    475 subscan[usrsub[i][j]].cfg|=SUB_CFG_YSCAN;
    476 else
    477 subscan[usrsub[i][j]].cfg&=~SUB_CFG_YSCAN;

    ** CID 530511: (INTEGER_OVERFLOW)
    /websrvr.c: 706 in sess_sendbuf()
    /websrvr.c: 719 in sess_sendbuf()


    ________________________________________________________________________________________________________
    *** CID 530511: (INTEGER_OVERFLOW)
    /websrvr.c: 706 in sess_sendbuf()
    700 }
    701 else
    702 *failed=true;
    703 result = tls_sent;
    704 }
    705 else {
    CID 530511: (INTEGER_OVERFLOW)
    "len - sent", which might have underflowed, is passed to "send(session->socket, buf + sent, len - sent, 0)".
    706 result=sendsocket(session->socket,buf+sent,len-sent);
    707 if(result==SOCKET_ERROR) {
    708 if(SOCKET_ERRNO==ECONNRESET) 709 lprintf(LOG_NOTICE,"%04d Connection reset by peer on send",session->socket);
    710 else if(SOCKET_ERRNO==ECONNABORTED)
    711 lprintf(LOG_NOTICE,"%04d Connection aborted by peer on send",session->socket);
    /websrvr.c: 719 in sess_sendbuf()
    713 else if(SOCKET_ERRNO==EPIPE) 714 lprintf(LOG_NOTICE,"%04d Unable to send to peer",session->socket);
    715 #endif
    716 else if(session->socket != INVALID_SOCKET)
    717 lprintf(LOG_WARNING,"%04d !ERROR %d sending on socket",session->socket,SOCKET_ERRNO);
    718 *failed=true;
    CID 530511: (INTEGER_OVERFLOW)
    "sent", which might have underflowed, is returned from the function. 719 return(sent);
    720 }
    721 }
    722 }
    723 else {
    724 lprintf(LOG_WARNING,"%04d Timeout waiting for socket to become writable",session->socket);

    ** CID 530509: (INTEGER_OVERFLOW)
    /getstr.cpp: 338 in sbbs_t::getstr(char *, unsigned long, int, char **)() /getstr.cpp: 482 in sbbs_t::getstr(char *, unsigned long, int, char **)() /getstr.cpp: 427 in sbbs_t::getstr(char *, unsigned long, int, char **)() /getstr.cpp: 617 in sbbs_t::getstr(char *, unsigned long, int, char **)()


    ________________________________________________________________________________________________________
    *** CID 530509: (INTEGER_OVERFLOW)
    /getstr.cpp: 338 in sbbs_t::getstr(char *, unsigned long, int, char **)()
    332 l=strlen(strout);
    333 if(mode&K_NOECHO)
    334 return(l);
    335 if(mode&K_MSG)
    336 redrwstr(strout,i,l,K_MSG);
    337 else {
    CID 530509: (INTEGER_OVERFLOW)
    Expression "i--", where "i" is known to be equal to 0, underflows the type of "i--", which is type "size_t".
    338 while(i--)
    339 bputs("\b");
    340 bputs(strout);
    341 if(mode&K_LINE)
    342 attr(LIGHTGRAY);
    343 }
    /getstr.cpp: 482 in sbbs_t::getstr(char *, unsigned long, int, char **)()
    476 if(history != NULL) {
    477 if(history[hidx + 1] == NULL) { 478 outchar(BEL);
    479 break;
    480 }
    481 hidx++;
    CID 530509: (INTEGER_OVERFLOW)
    Expression "i--", where "i" is known to be equal to 0, underflows the type of "i--", which is type "size_t".
    482 while(i--)
    483 backspace();
    484 SAFECOPY(str1, history[hidx]); 485 i=l=strlen(str1);
    486 rputs(str1);
    487 cleartoeol();
    /getstr.cpp: 427 in sbbs_t::getstr(char *, unsigned long, int, char **)()
    421 }
    422 i=0;
    423 console|=CON_DELETELINE;
    424 break;
    425 case CTRL_Z: /* Undo */
    426 if(!(mode&K_NOECHO)) {
    CID 530509: (INTEGER_OVERFLOW)
    Expression "i--", where "i" is known to be equal to 0, underflows the type of "i--", which is type "size_t".
    427 while(i--)
    428 backspace();
    429 }
    430 SAFECOPY(str1,undo);
    431 i=l=strlen(str1);
    432 rputs(str1);
    /getstr.cpp: 617 in sbbs_t::getstr(char *, unsigned long, int, char **)()
    611 }
    612 getstr_offset=i;
    613 if(!online)
    614 return(0);
    615 if(i>l)
    616 l=i;
    CID 530509: (INTEGER_OVERFLOW)
    "l", which might have underflowed, is passed to "str1[l]".
    617 str1[l]=0;
    618 if(!(sys_status&SS_ABORT)) {
    619 strcpy(strout,str1);
    620 if(mode&K_TRIM)
    621 truncsp(strout);
    622 if((strip_invalid_attr(strout) || (console&CON_INSERT)) && !(mode&K_NOECHO))

    ** CID 530506: Concurrent data access violations (MISSING_LOCK)
    /ssl.c: 640 in destroy_session()


    ________________________________________________________________________________________________________
    *** CID 530506: Concurrent data access violations (MISSING_LOCK)
    /ssl.c: 640 in destroy_session()
    634 while (sess != NULL) {
    635 if (sess->sess == csess) {
    636 if (psess == NULL) {
    637 sess_list = sess->next;
    638 }
    639 else {
    CID 530506: Concurrent data access violations (MISSING_LOCK)
    Accessing "psess->next" without holding lock "ssl_cert_list_mutex". Elsewhere, "cert_list.next" is written to with "ssl_cert_list_mutex" held 2 out of 4 times (2 of these accesses strongly imply that it is necessary).
    640 psess->next = sess->next;
    641 }
    642 break;
    643 }
    644 psess = sess;
    645 sess = sess->next;

    ** CID 530505: Resource leaks (RESOURCE_LEAK)
    /bulkmail.cpp: 177 in sbbs_t::bulkmailhdr(smb_t *, smbmsg_t *, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 530505: Resource leaks (RESOURCE_LEAK)
    /bulkmail.cpp: 177 in sbbs_t::bulkmailhdr(smb_t *, smbmsg_t *, unsigned int)() 171
    172 user.number=usernum;
    173 if(getuserdat(&cfg, &user)!=0)
    174 return(0);
    175
    176 if((i=smb_copymsgmem(NULL,&newmsg,msg))!=SMB_SUCCESS)
    CID 530505: Resource leaks (RESOURCE_LEAK)
    Variable "newmsg" going out of scope leaks the storage "newmsg.hfield_dat" points to.
    177 return(i);
    178
    179 SAFECOPY(str,user.alias);
    180 smb_hfield_str(&newmsg,RECIPIENT,str);
    181
    182 if(cfg.sys_misc&SM_FWDTONET && user.misc&NETMAIL && user.netmail[0]) {

    ** CID 530504: Insecure data handling (INTEGER_OVERFLOW)
    /websrvr.c: 6476 in read_post_data()


    ________________________________________________________________________________________________________
    *** CID 530504: Insecure data handling (INTEGER_OVERFLOW)
    /websrvr.c: 6476 in read_post_data()
    6470 return(false);
    6471 }
    6472 }
    6473 else {
    6474 /* realloc() to new size */ 6475 /* FREE()d in close_request */ >>> CID 530504: Insecure data handling (INTEGER_OVERFLOW)
    "s", which might have underflowed, is passed to "realloc(session->req.post_data, s)".
    6476 p=realloc(session->req.post_data, s);
    6477 if(p==NULL) {
    6478 errprintf(LOG_CRIT, WHERE, "%04d !ERROR Allocating %lu bytes of memory",session->socket, (ulong)session->req.post_len);
    6479 send_error(session,__LINE__,"413 Request entity too large");
    6480 FCLOSE_OPEN_FILE(fp); 6481 return(false);

    ** CID 530501: Resource leaks (RESOURCE_LEAK)
    /js_socket.c: 3239 in js_connected_socket_constructor()


    ________________________________________________________________________________________________________
    *** CID 530501: Resource leaks (RESOURCE_LEAK)
    /js_socket.c: 3239 in js_connected_socket_constructor()
    3233
    3234 dbprintf(false, p, "object constructed");
    3235 return(JS_TRUE);
    3236
    3237 fail:
    3238 if (p)
    CID 530501: Resource leaks (RESOURCE_LEAK)
    Freeing "p" without freeing its handle field "sock" leaks the handle. 3239 free(p);
    3240 if (protocol)
    3241 free(protocol);
    3242 if (host)
    3243 free(host);
    3244 return JS_FALSE;

    ** CID 530500: Control flow issues (DEADCODE) /tmp/sbbs-Jan-12-2025/src/xpdev/xpsem.c: 62 in xp_sem_init()


    ________________________________________________________________________________________________________
    *** CID 530500: Control flow issues (DEADCODE) /tmp/sbbs-Jan-12-2025/src/xpdev/xpsem.c: 62 in xp_sem_init()
    56 errno = EPERM;
    57 retval = -1;
    58 goto RETURN;
    59 }
    60
    61 if (value > XP_SEM_VALUE_MAX) {
    CID 530500: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "*__errno_location() = 22;".
    62 errno = EINVAL;
    63 retval = -1;
    64 goto RETURN;
    65 }
    66
    67 *sem = (xp_sem_t)malloc(sizeof(struct xp_sem));

    ** CID 530498: Resource leaks (RESOURCE_LEAK)
    /js_socket.c: 3413 in js_listening_socket_constructor()


    ________________________________________________________________________________________________________
    *** CID 530498: Resource leaks (RESOURCE_LEAK)
    /js_socket.c: 3413 in js_listening_socket_constructor()
    3407 return(JS_FALSE);
    3408 }
    3409
    3410 if(!js_DefineSocketOptionsArray(cx, obj, type)) {
    3411 free(p);
    3412 free(set);
    CID 530498: Resource leaks (RESOURCE_LEAK)
    Variable "protocol" going out of scope leaks the storage it points to. 3413 return(JS_FALSE);
    3414 }
    3415
    3416 #ifdef BUILD_JSDOCS
    3417 js_DescribeSyncObject(cx,obj,"Class used for incoming TCP/IP socket communications",317);
    3418 js_DescribeSyncConstructor(cx,obj,"To create a new ListeningSocket object: "


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net