Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 497098: Resource leaks (RESOURCE_LEAK)
/js_filebase.c: 325 in parse_file_name()


________________________________________________________________________________________________________
*** CID 497098: Resource leaks (RESOURCE_LEAK)
/js_filebase.c: 325 in parse_file_name()
319 if(JS_GetProperty(cx, obj, prop_name, &val) && !JSVAL_NULL_OR_VOID(val)) {
320 JSVALUE_TO_MSTRING(cx, val, cp, NULL);
321 if(cp == NULL) {
322 JS_ReportError(cx, "Invalid '%s' string in file object", prop_name);
323 return NULL;
324 }

CID 497098: Resource leaks (RESOURCE_LEAK)
Variable "cp" going out of scope leaks the storage it points to.

325 return strdup(cp);
326 }
327 JS_ReportError(cx, "Missing '%s' string in file object", prop_name);
328 return NULL;
329 }
330


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DxkhG_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZZtSzYzfvQoBQM1WsYtjQc02R5bvuGDasDe1R1GX8VoPvtGi-2FoTZcq6T7jcTA9OlabmiybEJFFTwaaEcFcr7cqoyBFT0Xw3AZ-2Fgf8Xxa1nSM-2FLrkQMPM2ixtLH2vUsu17Tu25sW91h9WUpwNyEySd-2F9Tw4l4H0tRZM-2Bze1SwHZwg-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

2 new defect(s) introduced to Synchronet found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 508260: Null pointer dereferences (FORWARD_NULL)


________________________________________________________________________________________________________
*** CID 508260: Null pointer dereferences (FORWARD_NULL)
/js_msgbase.c: 950 in parse_header_object()
944 msg->hdr.priority=i32;
945 }
946
947 if(JS_GetProperty(cx, hdr, "field_list", &val) && JSVAL_IS_OBJECT(val)) {
948 array=JSVAL_TO_OBJECT(val);
949 len=0;

CID 508260: Null pointer dereferences (FORWARD_NULL)
Passing null pointer "array" to "JS_GetArrayLength", which dereferences it.

950 if(array == NULL && !JS_GetArrayLength(cx, array, &len)) {
951 JS_ReportError(cx, "Invalid \"field_list\" array in header object");
952 goto err;
953 }
954
955 for(i=0;i<len;i++) {

** CID 508259: Control flow issues (DEADCODE)
/js_internal.c: 491 in js_execfile()


________________________________________________________________________________________________________
*** CID 508259: Control flow issues (DEADCODE)
/js_internal.c: 491 in js_execfile()
485 else {
486 JS_ReportError(cx, "Unable to get parent js."JAVASCRIPT_LOAD_PATH_LIST" array.");
487 return JS_FALSE;
488 }
489 }
490 else {

CID 508259: Control flow issues (DEADCODE)
Execution cannot reach this statement: "JS_ReportError(cx, "Unable ...".

491 JS_ReportError(cx, "Unable to get parent js object"); 492 return JS_FALSE;
493 }
494
495 js_script=JS_CompileFile(cx, js_scope, path);
496


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D20ER_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZSUgE3dQnVG6wGylJBHlsQHMU-2FeSvlPG-2BveassRKfh2KZ3KQqZYMDLXz99-2FrWMwJQ1T1J2N-2BE4YP3SycyU5tkbW6rwM2zqlUIvWZrfgy3l7iQ0Im12Z6xa2F5EX6ZCGf29mh7eZnuIJTmQCiel8IOekKUKQgh0LXaZSb3gnPQHBw-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

6 new defect(s) introduced to Synchronet found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 6 of 6 defect(s)


** CID 508288: (STRING_NULL)
/telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
/telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()


________________________________________________________________________________________________________
*** CID 508288: (STRING_NULL)
/telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
381 l=K_CHAT;
382 if(!(mode&TG_ECHO))
383 l|=K_NOECHO;
384 rd=getstr((char*)buf,sizeof(buf)-1,l);
385 if(!rd)
386 continue;

CID 508288: (STRING_NULL)
Passing unterminated string "buf" to "strlen", which expects a null-terminated string.

387 SAFECAT(buf,crlf);
388 rd+=2;
389 gotline=true;
390 }
391 if((mode&TG_CRLF) && buf[rd-1]=='\r') 392 buf[rd++]='\n';
/telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
381 l=K_CHAT;
382 if(!(mode&TG_ECHO))
383 l|=K_NOECHO;
384 rd=getstr((char*)buf,sizeof(buf)-1,l);
385 if(!rd)
386 continue;

CID 508288: (STRING_NULL)
Passing unterminated string "buf" to "strlen", which expects a null-terminated string.

387 SAFECAT(buf,crlf);
388 rd+=2;
389 gotline=true;
390 }
391 if((mode&TG_CRLF) && buf[rd-1]=='\r') 392 buf[rd++]='\n';

** CID 508287: Resource leaks (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


________________________________________________________________________________________________________
*** CID 508287: Resource leaks (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
3121 size_t tmplen = 0;
3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
3124 if(!JS_GetElement(cx, array, i, &val))
3125 break;
3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);

CID 508287: Resource leaks (RESOURCE_LEAK)
Variable "server_user_name" going out of scope leaks the storage it points to.

3127 HANDLE_PENDING(cx, tmp);
3128 strListPush(&send_strings, tmp);
3129 }
3130 free(tmp);
3131 }
3132 }

** CID 508286: Resource leaks (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


________________________________________________________________________________________________________
*** CID 508286: Resource leaks (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
3121 size_t tmplen = 0;
3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
3124 if(!JS_GetElement(cx, array, i, &val))
3125 break;
3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);

CID 508286: Resource leaks (RESOURCE_LEAK)
Variable "addr" going out of scope leaks the storage it points to.

3127 HANDLE_PENDING(cx, tmp);
3128 strListPush(&send_strings, tmp);
3129 }
3130 free(tmp);
3131 }
3132 }

** CID 508285: Resource leaks (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


________________________________________________________________________________________________________
*** CID 508285: Resource leaks (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
3121 size_t tmplen = 0;
3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
3124 if(!JS_GetElement(cx, array, i, &val))
3125 break;
3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);

CID 508285: Resource leaks (RESOURCE_LEAK)
Variable "term_type" going out of scope leaks the storage it points to. 3127 HANDLE_PENDING(cx, tmp);

3128 strListPush(&send_strings, tmp);
3129 }
3130 free(tmp);
3131 }
3132 }

** CID 508284: Resource leaks (RESOURCE_LEAK)
/js_bbs.cpp: 3041 in js_telnet_gate(JSContext *, unsigned int, unsigned long *)()


________________________________________________________________________________________________________
*** CID 508284: Resource leaks (RESOURCE_LEAK)
/js_bbs.cpp: 3041 in js_telnet_gate(JSContext *, unsigned int, unsigned long *)()
3035 size_t tmplen = 0;
3036 for(jsuint i = 0; i < count; ++i) {
3037 jsval val;
3038 if(!JS_GetElement(cx, array, i, &val)) 3039 break;
3040 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);

CID 508284: Resource leaks (RESOURCE_LEAK)
Variable "addr" going out of scope leaks the storage it points to.

3041 HANDLE_PENDING(cx, tmp);
3042 strListPush(&send_strings, tmp);
3043 }
3044 free(tmp);
3045 ++argn;
3046 }

** CID 508283: Resource leaks (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


________________________________________________________________________________________________________
*** CID 508283: Resource leaks (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
3121 size_t tmplen = 0;
3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
3124 if(!JS_GetElement(cx, array, i, &val))
3125 break;
3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);

CID 508283: Resource leaks (RESOURCE_LEAK)
Variable "client_user_name" going out of scope leaks the storage it points to.

3127 HANDLE_PENDING(cx, tmp);
3128 strListPush(&send_strings, tmp);
3129 }
3130 free(tmp);
3131 }
3132 }


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Dbu0M_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZNG0uf3i6p71oTc15oH-2BfpO28bQfsz9QVBH3Gtyw7JI9gEMaDnmdnDolPrFN6u9WaZmPVFWjRjCPjNCgu0p853ViRUnY3jw7qF-2FmF-2FRD-2BDN3Me1aa8H00Bk6GPSZ1Hw1-2FmiCWeADspXOcpcxao-2F3gS8JgnOAEga0TIePnt023yjQ-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

5 new defect(s) introduced to Synchronet found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 509555: Null pointer dereferences (FORWARD_NULL)
/js_filebase.c: 1307 in js_update_file()


________________________________________________________________________________________________________
*** CID 509555: Null pointer dereferences (FORWARD_NULL)
/js_filebase.c: 1307 in js_update_file()
1301 char* extdesc = NULL;
1302 char* auxdata = NULL;
1303 rc=JS_SUSPENDREQUEST(cx);
1304 if(filename != NULL && fileobj != NULL
1305 && (p->smb_result = smb_loadfile(&p->smb, filename, &file, file_detail_extdesc)) == SMB_SUCCESS) {
1306 p->smb_result = parse_file_properties(cx, fileobj, &file, &extdesc, &auxdata);

CID 509555: Null pointer dereferences (FORWARD_NULL)
Passing null pointer "file.name" to "strcmp", which dereferences it. 1307 if(p->smb_result == SMB_SUCCESS

1308 && strcmp(filename, file.name) != 0 && smb_findfile(&p->smb, file.name, NULL) == SMB_SUCCESS) {
1309 JS_ReportError(cx, "file (%s) already exists in base", file.name);
1310 p->smb_result = SMB_DUPE_MSG;
1311 }
1312 if(p->smb_result == SMB_SUCCESS

** CID 509554: Memory - illegal accesses (STRING_NULL)
/smbutil.c: 633 in dumpindex()


________________________________________________________________________________________________________
*** CID 509554: Memory - illegal accesses (STRING_NULL)
/smbutil.c: 633 in dumpindex()
627 ,xpDate_to_isoDateStr(time_to_xpDate(idx.time), "-", tmp, sizeof(tmp)));
628 if(smb_msg_type(idx.attr) == SMB_MSG_TYPE_FILE && idxreclen == sizeof(fileidxrec_t)) {
629 fileidxrec_t fidx;
630 fseek(smb.sid_fp,((start-1L) + l) * idxreclen,SEEK_SET);
631 if(!fread(&fidx,sizeof(fidx),1,smb.sid_fp))
632 break;

CID 509554: Memory - illegal accesses (STRING_NULL)
Passing unterminated string "fidx.name" to "printf", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]

633 printf(" %02X %.*s", fidx.hash.flags, (int)sizeof(fidx.name), fidx.name);
634 }
635 printf("\n");
636 l++;
637 }
638 }

** CID 509553: Control flow issues (NESTING_INDENT_MISMATCH)
/js_filebase.c: 1335 in js_update_file()


________________________________________________________________________________________________________
*** CID 509553: Control flow issues (NESTING_INDENT_MISMATCH)
/js_filebase.c: 1335 in js_update_file()
1329 } else {
1330 if(file.extdesc != NULL)
1331 truncsp(file.extdesc);
1332 if(!readd_always && strcmp(extdesc ? extdesc : "", file.extdesc ? file.extdesc : "") == 0
1333 && strcmp(auxdata ? auxdata : "", file.auxdata ? file.auxdata : "") == 0)
1334 p->smb_result = smb_putfile(&p->smb, &file);

CID 509553: Control flow issues (NESTING_INDENT_MISMATCH)
This 'if' statement is indented to column 41, as if it were nested within the preceding parent statement, but it is not.

1335 if(p->smb_result != SMB_SUCCESS)
1336 JS_ReportError(cx, "%d writing '%s'", p->smb_result, file.name);
1337 else {
1338 if((p->smb_result = smb_removefile_by_name(&p->smb, filename)) == SMB_SUCCESS) {
1339 if(readd_always)
1340 file.hdr.when_imported.time = 0; // we want the file to appear as "new"

** CID 509552: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 244 in smb_findfile()


________________________________________________________________________________________________________
*** CID 509552: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 244 in smb_findfile()
238 if(smb_fread(smb, &fidx, sizeof(fidx), smb->sid_fp) != sizeof(fidx))
239 break;
240
241 f->idx_offset = offset++;
242
243 if(filename != NULL) {

CID 509552: Memory - illegal accesses (STRING_NULL)
Passing unterminated string "fidx.name" to "strcasecmp", which expects a null-terminated string.

244 if(stricmp(fidx.name, fname) != 0)
245 continue;
246 f->file_idx = fidx;
247 return SMB_SUCCESS;
248 }
249

** CID 509551: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 441 in smb_removefile()


________________________________________________________________________________________________________
*** CID 509551: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 441 in smb_removefile()
435 free(fidx);
436 smb_unlocksmbhdr(smb);
437 return SMB_ERR_READ;
438 }
439 rewind(smb->sid_fp);
440 for(uint32_t i = 0; i < smb->status.total_files; i++) { >>> CID 509551: Memory - illegal accesses (STRING_NULL)

Passing unterminated string "fidx[i].name" to "strcasecmp", which expects a null-terminated string.

441 if(stricmp(fidx[i].name, fname) == 0) {
442 removed++;
443 continue;
444 }
445 if(fwrite(fidx + i, sizeof(*fidx), 1, smb->sid_fp) != 1) {
446 safe_snprintf(smb->last_error, sizeof(smb->last_error), "%s re-writing index"


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DpoPN_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZXJOgCi8IFr2wp43pRrORx9tzLYjX2Y-2FSYnzacVgdrC5ToyfEd02kRU0czfft4zgHvFTf4l2icBGvZtBDP8972Z-2BLrNSb7QqVDHjYiK23CNzZR9MLbzXh1WOITpsswqNS5z337vFuU-2BJOMvO3veuWFvtJ3Xwk9mN-2FsudyolEK5nw-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

2 new defect(s) introduced to Synchronet found with Coverity Scan.
17 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 509721: Resource leaks (RESOURCE_LEAK)
/scfg/scfgmsg.c: 139 in import_msg_areas()


________________________________________________________________________________________________________
*** CID 509721: Resource leaks (RESOURCE_LEAK)
/scfg/scfgmsg.c: 139 in import_msg_areas()
133 new_sub_misc = SUB_FIDO;
134 ini = iniReadFile(stream);
135 if(ini == NULL)
136 return 0;
137 list = iniGetSectionList(ini, /* prefix: */NULL);
138 if(list == NULL)

CID 509721: Resource leaks (RESOURCE_LEAK)
Variable "ini" going out of scope leaks the storage it points to.

139 return 0;
140 break;
141 default: // EchoLists (e.g. BACKBONE.NA, badareas.lst) and AREAS.BBS
142 new_sub_misc = SUB_FIDO;
143 break;
144 }

** CID 509720: (RESOURCE_LEAK)
/logon.cpp: 670 in sbbs_t::logonstats()()
/logon.cpp: 676 in sbbs_t::logonstats()()
/logon.cpp: 649 in sbbs_t::logonstats()()
/logon.cpp: 673 in sbbs_t::logonstats()()
/logon.cpp: 682 in sbbs_t::logonstats()()


________________________________________________________________________________________________________
*** CID 509720: (RESOURCE_LEAK)
/logon.cpp: 670 in sbbs_t::logonstats()()
664 }
665 fclose_dstats(dsts);
666 }
667 }
668
669 if(cfg.node_num==0) /* called from event_thread() */

CID 509720: (RESOURCE_LEAK)
Variable "csts" going out of scope leaks the storage it points to.

670 return(0);
671
672 if(thisnode.status==NODE_QUIET) /* Quiet users aren't counted */
673 return(0);
674
675 if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
/logon.cpp: 676 in sbbs_t::logonstats()()
670 return(0);
671
672 if(thisnode.status==NODE_QUIET) /* Quiet users aren't counted */
673 return(0);
674
675 if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))

CID 509720: (RESOURCE_LEAK)
Variable "csts" going out of scope leaks the storage it points to.

676 return(0);
677
678 for(i=0;i<2;i++) {
679 FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */TRUE);
680 if(fp == NULL) {
681 errormsg(WHERE, ERR_OPEN, "dsts.ini", i); /logon.cpp: 649 in sbbs_t::logonstats()()
643 node.misc|=NODE_EVENT;
644 putnodedat(i,&node);
645 }
646 if((dsts = fopen_dstats(&cfg, i, /* for_write: */TRUE)) == NULL) /* doesn't have stats yet */
647 continue;
648

CID 509720: (RESOURCE_LEAK)
Overwriting "csts" in "csts = fopen_cstats(&this->cfg, i, true)" leaks the storage that "csts" points to.

649 if((csts = fopen_cstats(&cfg, i, /* for_write: */TRUE)) == NULL) {
650 fclose_dstats(dsts);
651 errormsg(WHERE, ERR_OPEN, "csts.tab", i);
652 continue;
653 }
654
/logon.cpp: 673 in sbbs_t::logonstats()()
667 }
668
669 if(cfg.node_num==0) /* called from event_thread() */
670 return(0);
671
672 if(thisnode.status==NODE_QUIET) /* Quiet users aren't counted */

CID 509720: (RESOURCE_LEAK)
Variable "csts" going out of scope leaks the storage it points to.

673 return(0);
674
675 if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
676 return(0);
677
678 for(i=0;i<2;i++) {
/logon.cpp: 682 in sbbs_t::logonstats()()
676 return(0);
677
678 for(i=0;i<2;i++) {
679 FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */TRUE);
680 if(fp == NULL) {
681 errormsg(WHERE, ERR_OPEN, "dsts.ini", i);

CID 509720: (RESOURCE_LEAK)
Variable "csts" going out of scope leaks the storage it points to.

682 return(0L);
683 }
684 if(!fread_dstats(fp, &stats)) {
685 errormsg(WHERE, ERR_READ, "dsts.ini", i);
686 } else {
687 stats.today.logons++;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D1BBg_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYPIsZP1mUIcYDXV-2BIKqJmrVInqiYU6VTjqKrshCKgIaqKtr35-2BruWgG1P-2Bg0yB-2BuAgsL8JZmDQBzw15bXNroJeqqVZoqg0VkgzqvypQVJBEoWQ3SQD0dE3jrBkw3Qa7Rc5CMTgkEjMauyB8RHdROWl9YGmjuyI0AjbW-2Fmd2yoJLA-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 510624: High impact quality (Y2K38_SAFETY)
/upload.cpp: 361 in sbbs_t::upload(int, const char *)()


________________________________________________________________________________________________________
*** CID 510624: High impact quality (Y2K38_SAFETY)
/upload.cpp: 361 in sbbs_t::upload(int, const char *)()
355 SAFEPRINTF(descbeg,text[Rated],toupper(ch));
356 }
357 if(cfg.dir[dirnum]->misc&DIR_ULDATE) {
358 now=time(NULL);
359 if(descbeg[0])
360 strcat(descbeg," ");

CID 510624: High impact quality (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->now" is cast to "time32_t".

361 SAFEPRINTF(str,"%s ",unixtodstr(&cfg,(time32_t)now,tmp));
362 strcat(descbeg,str);
363 }
364 if(cfg.dir[dirnum]->misc&DIR_MULT) {
365 sync();
366 if(!noyes(text[MultipleDiskQ])) {


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIddI_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYB81ZvyCqI0cAJ-2FU5ubhxKf4JbTpohfwGahN-2FqiJqEJS3JKhfKJrRClFb390j-2Bf3IyHjOgp4TSp0v4WjJhOyS2xAdq9DkOONT15FqaUuN3dwPvrgxJQAm5MhfGSzyQr2ebowkrz6Mx39u7LNSgoa0vxPkqTzBlpznq59pGc5zgjQ-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 511447: Control flow issues (DEADCODE)
/js_bbs.cpp: 2334 in js_xfer_prot_menu(JSContext *, unsigned int, unsigned long *)()


________________________________________________________________________________________________________
*** CID 511447: Control flow issues (DEADCODE)
/js_bbs.cpp: 2334 in js_xfer_prot_menu(JSContext *, unsigned int, unsigned long *)()
2328 if((sbbs=js_GetPrivate(cx, JS_THIS_OBJECT(cx, arglist)))==NULL) 2329 return(JS_FALSE);
2330
2331 if(argc > 0 && argv[0] == JSVAL_TRUE)
2332 xfer_type = XFER_BATCH_UPLOAD;
2333 if(argc > 1 && argv[1] == JSVAL_TRUE)

CID 511447: Control flow issues (DEADCODE)
Execution cannot reach the expression "XFER_BATCH_UPLOAD" inside this statement: "xfer_type = ((xfer_type == ...".

2334 xfer_type = (xfer_type == XFER_UPLOAD) ? XFER_BATCH_UPLOAD : XFER_BATCH_DOWNLOAD;
2335
2336 rc=JS_SUSPENDREQUEST(cx);
2337 sbbs->xfer_prot_menu(xfer_type, &sbbs->useron, keys, sizeof keys);
2338 JSString* js_str = JS_NewStringCopyZ(cx, keys);
2339 if(js_str == nullptr)


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DITFI_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQaq5jE-2BLt6d0xDUmd9IA4TiFW4D2c-2Fv2LVaAIklYCEHPyQvUq2Zlw7GDvJu3j8LRmS7SAP5K0MN-2FeHPuzVDlzgYGLGR7UoaRyivmdwaD-2F8GGj2SeuFl5CNmO4uJ75M69NpIJcEgiKbpoWpXeuJdzQYzNm1WuI45zNZnbxNBPzaHrg-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 511508: High impact quality (Y2K38_SAFETY)
/date_str.c: 158 in datestr()


________________________________________________________________________________________________________
*** CID 511508: High impact quality (Y2K38_SAFETY)
/date_str.c: 158 in datestr()
152 /****************************************************************************/
153 char* datestr(scfg_t* cfg, time_t t, char* str)
154 {
155 if(t == 0)
156 return "---------";
157 if(!cfg->sys_date_verbal)

CID 511508: High impact quality (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".

158 return unixtodstr(cfg, (time32_t)t, str);
159 struct tm tm = {0};
160 if(localtime_r(&t, &tm) == NULL)
161 return "!!!!!!!!!";
162 char fmt[32] = "";
163 switch(cfg->sys_date_fmt) {


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DeIbg_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZqqLX5nOyr0GCOMCsCoPlrYhtCBBDisrUKXmOFR94rfPCeqYsaUhoG3UZ-2FYUaiUYrgUIufMTzxsRzH7-2B7zAyM4HCi34k5-2FbdZ1Kp-2FDSG9A8IDyw-2BIsKQ-2B2fNzoCls7j0N-2B7Pb2XI8MB8f5lr-2BCPTiUaqWkDFwSWHqbm0IZWY1GZQ-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 511621: High impact quality (Y2K38_SAFETY)
/str.cpp: 990 in sbbs_t::unixtodstr(long, char *)()


________________________________________________________________________________________________________
*** CID 511621: High impact quality (Y2K38_SAFETY)
/str.cpp: 990 in sbbs_t::unixtodstr(long, char *)()
984 }
985
986 char* sbbs_t::unixtodstr(time_t t, char* str)
987 {
988 if(str == nullptr)
989 str = datestr_output;

CID 511621: High impact quality (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".

990 return ::unixtodstr(&cfg, t, str);
991 }
992
993 void sbbs_t::sys_info()
994 {
995 char tmp[128];


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DFl35_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbldReasLeT64fJgl4QpY1aZbFANNQbDPFr-2BH2HYcH1IWW1-2FtRGPtb0gVjSH-2BBqjWAK7btzMhM331mrzEXRNmqAyTftaCh3YDujP4YB-2F7PQ4EGqELNq7SpMqQKEr5kiHI5KwG1KMczjzMucZ1MepWUctNMP3lW0eqjsOrH2fBSzrg-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 512127: (Y2K38_SAFETY)
/scfg/scfgsys.c: 1367 in edit_sys_date_verbal()
/scfg/scfgsys.c: 1368 in edit_sys_date_verbal()


________________________________________________________________________________________________________
*** CID 512127: (Y2K38_SAFETY)
/scfg/scfgsys.c: 1367 in edit_sys_date_verbal()
1361
1362 int edit_sys_date_verbal(int page, int total)
1363 {
1364 int mode = WIN_SAV | WIN_MID;
1365 int i = cfg.sys_date_verbal;
1366 time_t t = time(NULL);

CID 512127: (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".

1367 snprintf(opt[0],MAX_OPLN,"Numeric (e.g. %s)", unixtodstr(&cfg, (time32_t)t, tmp));
1368 snprintf(opt[1],MAX_OPLN,"Verbal (e.g. %s)", verbal_datestr(&cfg, (time32_t)t, tmp));
1369 opt[2][0] = '\0';
1370 uifc.helpbuf=
1371 "`Short Date Display Format:`\n"
1372 "\n"
/scfg/scfgsys.c: 1368 in edit_sys_date_verbal()
1362 int edit_sys_date_verbal(int page, int total)
1363 {
1364 int mode = WIN_SAV | WIN_MID;
1365 int i = cfg.sys_date_verbal;
1366 time_t t = time(NULL);
1367 snprintf(opt[0],MAX_OPLN,"Numeric (e.g. %s)", unixtodstr(&cfg, (time32_t)t, tmp));

CID 512127: (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".

1368 snprintf(opt[1],MAX_OPLN,"Verbal (e.g. %s)", verbal_datestr(&cfg, (time32_t)t, tmp));
1369 opt[2][0] = '\0';
1370 uifc.helpbuf=
1371 "`Short Date Display Format:`\n"
1372 "\n"
1373 "If you would like short (8 character) dates to be displayed using verbal\n"


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIT5o_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQavH6tAPUwXIDKUPRKBZGiRgKLj76Ij0uFpD4UCNwTCVen1QmVBk6yGbzTBSC2-2BxBE0GJfAoW-2B-2BWaxWl51M-2B9mp1hicInwTEKrQ8chQM9yGDR81PWtwXM-2Bq2j5YCl48NKAoGGKYo0R42EciGZugnM0LqGuohrShDzTlibesBwTavw-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

2 new defect(s) introduced to Synchronet found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 514434: (NULL_RETURNS)
/tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 1001 in prestel_get_state()


________________________________________________________________________________________________________
*** CID 514434: (NULL_RETURNS)
/tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 1001 in prestel_get_state()
995 TERM_XY(&tx, &ty);
996 line = malloc(sizeof(*line) * tx);
997 prestel_new_line(cterm);
998 if (tx > 1) {
999 vmem_gettext(cterm->x, sy, cterm->x + tx - 2, sy, line);
1000 for (int i = 0; i < (tx - 1); i++) {

CID 514434: (NULL_RETURNS)
Dereferencing "line", which is known to be "NULL".

1001 uint8_t ch = line[i].ch;
1002 if (line[i].fg & 0x7F000000) {
1003 ch = (line[i].fg & 0x7F000000) >> 24; 1004 prestel_apply_ctrl(cterm, ch);
1005 }
1006 else {
/tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 999 in prestel_get_state()
993
994 SCR_XY(&sx, &sy);
995 TERM_XY(&tx, &ty);
996 line = malloc(sizeof(*line) * tx);
997 prestel_new_line(cterm);
998 if (tx > 1) {

CID 514434: (NULL_RETURNS)
Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_gettext".

999 vmem_gettext(cterm->x, sy, cterm->x + tx - 2, sy, line);
1000 for (int i = 0; i < (tx - 1); i++) {
1001 uint8_t ch = line[i].ch;
1002 if (line[i].fg & 0x7F000000) {
1003 ch = (line[i].fg & 0x7F000000) >> 24; 1004 prestel_apply_ctrl(cterm, ch);

** CID 514433: (NULL_RETURNS)
/tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4990 in prestel_fix_line()


________________________________________________________________________________________________________
*** CID 514433: (NULL_RETURNS)
/tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4985 in prestel_fix_line()
4979 bool fixed = false;
4980 bool fixedheight = false;
4981
4982 coord_conv_xy(cterm, CTERM_COORD_TERM, CTERM_COORD_SCREEN, &sy, &sx);
4983 ex = sx + TERM_MAXX - 1;
4984 line = malloc(sizeof(*line) * (ex - sx + 1));

CID 514433: (NULL_RETURNS)
Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_gettext".

4985 vmem_gettext(sx, sy, ex, sy, line);
4986 prestel_new_line(cterm);
4987 for (int i = 0; i < TERM_MAXX; i++) {
4988 uint8_t ch;
4989 // Go through the line applying attributes, held mosaics, etc.
4990 if (line[i].fg & 0x7F000000) { /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 5098 in prestel_fix_line()
5092 line[i].ch += 64;
5093 fixed = true;
5094 }
5095 }
5096 }
5097 if (force || fixed)

CID 514433: (NULL_RETURNS)
Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_puttext".

5098 vmem_puttext(sx, sy, ex, sy, line);
5099 free(line);
5100 if (restore) {
5101 cterm->extattr = extattr;
5102 cterm->fg_color = fg_color;
5103 cterm->bg_color = bg_color; /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4990 in prestel_fix_line()
4984 line = malloc(sizeof(*line) * (ex - sx + 1));
4985 vmem_gettext(sx, sy, ex, sy, line);
4986 prestel_new_line(cterm);
4987 for (int i = 0; i < TERM_MAXX; i++) {
4988 uint8_t ch;
4989 // Go through the line applying attributes, held mosaics, etc.

CID 514433: (NULL_RETURNS)
Dereferencing "line", which is known to be "NULL".

4990 if (line[i].fg & 0x7F000000) {
4991 // This is a control character
4992 ch = (line[i].fg & 0x7F000000) >> 24;
4993 prestel_apply_ctrl_before(cterm, ch);
4994 if ((cterm->extattr & CTERM_EXTATTR_PRESTEL_DOUBLE_HEIGHT) && ((line[i].bg & 0x01000000) == 0)) {
4995 // Should be double-high


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIdOQ_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbN8RSzLdCZbSy14N5iWP9J-2FcpNjQ0eI2Oj6rPhHqZBQZA4UM9PchXs94tTdeyxdvCkcPzkWohEpzrEBvlrnd6-2FTfmIpMAsE2mi-2BdkX8vzesYff-2FsK9jSFcjEXcYS-2Fxznm-2FxoYdKxCkLPJPKyAUp9zwS3A1OhpfjMprQ34Tb-2BWdhw-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

2 new defect(s) introduced to Synchronet found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 514483: API usage errors (PRINTF_ARGS)


________________________________________________________________________________________________________
*** CID 514483: API usage errors (PRINTF_ARGS)
/websrvr.c: 1659 in http_logon()
1653 SAFECOPY(session->user.modem, session->client.protocol);
1654 SAFECOPY(session->user.comp, session->host_name);
1655 SAFECOPY(session->user.ipaddr, session->host_ip);
1656 session->user.logontime = (time32_t)session->logon_time;
1657 int result = putuserdat(&scfg, &session->user);
1658 if(result != 0)

CID 514483: API usage errors (PRINTF_ARGS)
No argument for format specifier "%d".

1659 lprintf(LOG_ERR, "%04d %s [%s] <%s> !Error %d writing user data for user #%d"
1660 ,session->socket, session->client.protocol, session->host_ip
1661 ,session->username, session->user.number);
1662
1663 }
1664 SAFECOPY(session->client.user, session->username);

** CID 514482: API usage errors (PW.TOO_FEW_PRINTF_ARGS)
/websrvr.c: 1661 in ()


________________________________________________________________________________________________________
*** CID 514482: API usage errors (PW.TOO_FEW_PRINTF_ARGS)
/websrvr.c: 1661 in ()
1655 SAFECOPY(session->user.ipaddr, session->host_ip);
1656 session->user.logontime = (time32_t)session->logon_time;
1657 int result = putuserdat(&scfg, &session->user);
1658 if(result != 0)
1659 lprintf(LOG_ERR, "%04d %s [%s] <%s> !Error %d writing user data for user #%d"
1660 ,session->socket, session->client.protocol, session->host_ip

CID 514482: API usage errors (PW.TOO_FEW_PRINTF_ARGS)
the format string requires additional arguments

1661 ,session->username, session->user.number);
1662
1663 }
1664 SAFECOPY(session->client.user, session->username);
1665 session->client.usernum = session->user.number;
1666 client_on(session->socket, &session->client, /* update existing client record? */true);


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DjGNe_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZrw1ACipL81Cfrev1KTkNSpg9ocZGsXxFU4AldvxV89V-2FFS8Im4F3ZlIWKiU1IgZ7U6FnHvW5nOIPElnOgDye48Et-2FcrMwNOZVyWRSzqRdvKvjv7tIxk-2BD72e1fmIEEOvn4SDov1pv-2FzEWSevpHegP3dEU8oXtKIA8RNAEjZ1XUg-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 514519: (LOCK)
/main.cpp: 4849 in sbbs_t::daily_maint()()
/main.cpp: 4849 in sbbs_t::daily_maint()()


________________________________________________________________________________________________________
*** CID 514519: (LOCK)
/main.cpp: 4849 in sbbs_t::daily_maint()()
4843 lprintf(result ? LOG_ERR : LOG_INFO, "Daily event: '%s' returned %d", cmd, result);
4844 }
4845 if((sys_status & SS_NEW_MONTH) && cfg.sys_monthly[0]) {
4846 lputs(LOG_INFO, "DAILY: Running monthly event");
4847 const char* cmd = cmdstr(cfg.sys_monthly,nulstr,nulstr,NULL);
4848 online = ON_LOCAL;

CID 514519: (LOCK)
"external" unlocks "this->input_thread_mutex" while it is unlocked. 4849 int result = external(cmd, EX_OFFLINE);

4850 online = false;
4851 lprintf(result ? LOG_ERR : LOG_INFO, "Monthly event: '%s' returned %d", cmd, result);
4852 }
4853 lputs(LOG_INFO, "DAILY: System maintenance ended");
4854 sys_status&=~SS_DAILY;
/main.cpp: 4849 in sbbs_t::daily_maint()()
4843 lprintf(result ? LOG_ERR : LOG_INFO, "Daily event: '%s' returned %d", cmd, result);
4844 }
4845 if((sys_status & SS_NEW_MONTH) && cfg.sys_monthly[0]) {
4846 lputs(LOG_INFO, "DAILY: Running monthly event");
4847 const char* cmd = cmdstr(cfg.sys_monthly,nulstr,nulstr,NULL);
4848 online = ON_LOCAL;

CID 514519: (LOCK)
"external" locks "this->input_thread_mutex" while it is locked.

4849 int result = external(cmd, EX_OFFLINE);
4850 online = false;
4851 lprintf(result ? LOG_ERR : LOG_INFO, "Monthly event: '%s' returned %d", cmd, result);
4852 }
4853 lputs(LOG_INFO, "DAILY: System maintenance ended");
4854 sys_status&=~SS_DAILY;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DmVJv_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZYt7Pe-2B8KlpNPxf3vYfbGXTetKrkOysaWsLoXwVVJy-2BlT3vWHLSa-2F-2BgpVoMRk-2FB9lZhpdNOATgKKch-2FKRWKdw7CGPsa8-2BoRGvrYP8DjPqUmQVJXsmXD2xm4gPlAPoQOpnW8tWCZcdj7lp745Fp7QOqFvNAcU4EQLHiapc9wQpj6A-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

2 new defect(s) introduced to Synchronet found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 514629: API usage errors (PW.PRINTF_ARG_MISMATCH) /tmp/sbbs-Nov-10-2024/src/smblib/smblib.c: 298 in ()


________________________________________________________________________________________________________
*** CID 514629: API usage errors (PW.PRINTF_ARG_MISMATCH) /tmp/sbbs-Nov-10-2024/src/smblib/smblib.c: 298 in ()
292 else
293 if(time(NULL)-start>=(time_t)smb->retry_time) 294 break;
295 ++count;
296 SLEEP((count / 10) * smb->retry_delay);
297 }

CID 514629: API usage errors (PW.PRINTF_ARG_MISMATCH)
argument is incompatible with corresponding format string conversion (expected type "int" but argument has type "long")

298 safe_snprintf(smb->last_error,sizeof(smb->last_error),"%s timeout locking message base after %d seconds", __FUNCTION__, time(NULL) - start);
299 return(SMB_ERR_TIMEOUT);
300 }
301
302 /****************************************************************************/
303 /* Read the SMB header from the header file and place into smb.status */

** CID 514628: API usage errors (PRINTF_ARGS)


________________________________________________________________________________________________________
*** CID 514628: API usage errors (PRINTF_ARGS) /tmp/sbbs-Nov-10-2024/src/smblib/smblib.c: 298 in smb_locksmbhdr()
292 else
293 if(time(NULL)-start>=(time_t)smb->retry_time) 294 break;
295 ++count;
296 SLEEP((count / 10) * smb->retry_delay);
297 }

CID 514628: API usage errors (PRINTF_ARGS)
Argument "time(NULL) - start" to format specifier "%d" was expected to have type "int" but has type "long".

298 safe_snprintf(smb->last_error,sizeof(smb->last_error),"%s timeout locking message base after %d seconds", __FUNCTION__, time(NULL) - start);
299 return(SMB_ERR_TIMEOUT);
300 }
301
302 /****************************************************************************/
303 /* Read the SMB header from the header file and place into smb.status */


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D04SY_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbRNqpwvGc4zcZ5uKeIndhuSqNnxi4ZbqnqhqxxcEUjkJJHGyGkBZt6V7UXUX2xnB2lvPBmqBCBxBghPzBYV7kJY89l3F0Je2EKuh7lbcH1Ki5248pEoplbC6UdQ14IH1AzZ-2BYu06Kjq-2F-2BS7xugvit0MheMfmyl63WZ-2BGQqWv04fA-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 514647: Resource leaks (RESOURCE_LEAK)
/userdat.c: 1397 in getnodeext()


________________________________________________________________________________________________________
*** CID 514647: Resource leaks (RESOURCE_LEAK)
/userdat.c: 1397 in getnodeext()
1391 {
1392 int f;
1393
1394 if(!VALID_CFG(cfg) || num < 1)
1395 return "";
1396 if((f = opennodeext(cfg)) < 1)

CID 514647: Resource leaks (RESOURCE_LEAK)
Handle variable "f" going out of scope leaks the handle.

1397 return "";
1398 (void)lseek(f, (num-1) * 128, SEEK_SET);
1399 if(read(f, buf, 128) != 128)
1400 memset(buf, 0, 128);
1401 close(f);
1402 buf[127] = 0;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DNrRS_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZ3ELp6fsbhc-2FY9mD5Zp1-2FoSxtPMVY9W2gQFqb-2BWiMKBXb3R551uQj1an4L8jxHGCtVzJ8f8hTy9TuLVRQzLD3L1M-2FICoSbiZvQ-2FUBPSeV-2BCcsclK4jYNyukSMcGAKOr-2BtLQBr5jUdpUtVX-2FuxQBKwF4hNcUqyrDA8X7YI-2FfcIZtw-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

3 new defect(s) introduced to Synchronet found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 515048: Security best practices violations (SECURE_TEMP)
/sbbsecho.c: 1848 in add_areas_from_echolists()


________________________________________________________________________________________________________
*** CID 515048: Security best practices violations (SECURE_TEMP)
/sbbsecho.c: 1848 in add_areas_from_echolists()
1842 match=0;
1843 for(k=0; cfg.listcfg[j].keys[k] ;k++) {
1844 if(match) break;
1845 for(x=0; nodecfg->keys[x] ;x++) {
1846 if(!stricmp(cfg.listcfg[j].keys[k]
1847 ,nodecfg->keys[x])) {

CID 515048: Security best practices violations (SECURE_TEMP)
"tmpfile" creates files with predictable names, which is unsafe.

1848 if((fwdfile=tmpfile())==NULL) { 1849 lprintf(LOG_ERR,"ERROR line %d opening forward temp "
1850 "file",__LINE__);
1851 match=1;
1852 break;
1853 }

** CID 515047: Control flow issues (NO_EFFECT)
/sbbsecho.c: 1635 in alter_areas_ini()


________________________________________________________________________________________________________
*** CID 515047: Control flow issues (NO_EFFECT)
/sbbsecho.c: 1635 in alter_areas_ini()
1629 continue;
1630 }
1631 }
1632 if(add_area[0] != NULL) { /* Check for areas to add */
1633 bool add_all = (stricmp(add_area[0], "+ALL") == 0);
1634 j = strListFind(add_area, echotag, /* case-sensitive */false);

CID 515047: Control flow issues (NO_EFFECT)
This greater-than-or-equal-to-zero comparison of an unsigned value is always true. "j >= 0U".

1635 if(add_all || j >= 0) {
1636 if(j >= 0)
1637 add_area[j][0]=0; /* So we can check other lists */
1638 uint areanum = find_area(echotag);
1639 if(!area_is_valid(areanum)) {
1640 lprintf(LOG_ERR, "Invalid area num on line %d", __LINE__);

** CID 515046: Error handling issues (CHECKED_RETURN)
/sbbsecho.c: 1989 in alter_areas()


________________________________________________________________________________________________________
*** CID 515046: Error handling issues (CHECKED_RETURN)
/sbbsecho.c: 1989 in alter_areas()
1983 ,smb_faddrtoa(&addr,NULL), (ulong)added, cfg.areafile);
1984 if(deleted)
1985 lprintf(LOG_DEBUG, "AreaFix (for %s) Removed links to %lu areas in %s"
1986 ,smb_faddrtoa(&addr,NULL), (ulong)deleted, cfg.areafile);
1987 if(added || deleted) {
1988 if(stat(cfg.areafile, &st) == 0)

CID 515046: Error handling issues (CHECKED_RETURN)
Calling "chmod(outpath, st.st_mode)" without checking return value. This library function may fail and return an error code.

1989 chmod(outpath, st.st_mode);
1990 if(cfg.areafile_backups == 0 || !backup(cfg.areafile, cfg.areafile_backups, /* ren: */TRUE))
1991 delfile(cfg.areafile, __LINE__); /* Delete AREAS.BBS */
1992 if(rename(outpath,cfg.areafile)) /* Rename new AREAS.BBS file */
1993 lprintf(LOG_ERR,"ERROR line %d renaming %s to %s",__LINE__,outpath,cfg.areafile);
1994 }


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D1jSz_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbxEcP2FV-2FE8SZ4Zj-2B5i-2FvXMBc1u-2B9IyI73gYzjnV6pIIbqC2pGfKYB3KXIl7XZEKXLdLz8vi8-2BwsF6O91kuZqV1ShM13vaTkO37J3VV7GT6YwOX288v8WtwpdrdHMhRE2EqIozgp1HMSE07wuarfyxBLAND56oVPlNda7IFeLuFA-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 515063: Security best practices violations (SECURE_TEMP)
/sbbsecho.c: 2142 in areamgr_command()


________________________________________________________________________________________________________
*** CID 515063: Security best practices violations (SECURE_TEMP)
/sbbsecho.c: 2142 in areamgr_command()
2136 nodecfg->archive = SBBSECHO_ARCHIVE_NONE;
2137 else {
2138 for(u=0;u<cfg.arcdefs;u++)
2139 if(stricmp(p,cfg.arcdef[u].name) == 0) 2140 break;
2141 if(u==cfg.arcdefs) {

CID 515063: Security best practices violations (SECURE_TEMP)
"tmpfile" creates files with predictable names, which is unsafe.

2142 if((tmpf=tmpfile())==NULL) {
2143 lprintf(LOG_ERR,"ERROR line %d opening tmpfile()",__LINE__);
2144 return false;
2145 }
2146 SAFEPRINTF(str, "Compression type unavailable: %s", p);
2147 lprintf(LOG_INFO, "AreaMgr (for %s) %s", faddrtoa(&addr), str);


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DGoz1_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYHiJRuOAYx4mtSc3Rs7eY9P2HGERsO3Ui1TozxvEl3HSa54-2BxmZuyJa4rdPvK8KqeFliWPJD252StMkW9mo-2B6uT2KWq9YxJqegr2CCurq6i8coJamUQEMyVcyknmxOhR1KJArkVSLfkYq8-2BmPn9fVdieJLgwrSG692S4HB3dKfZQ-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 515130: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-24-2024/src/conio/sdl_con.c: 357 in sdl_get_bounds()


________________________________________________________________________________________________________
*** CID 515130: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-24-2024/src/conio/sdl_con.c: 357 in sdl_get_bounds()
351 SDL_Rect r;
352 int ABUw, ABUh;
353 int pixelw, pixelh;
354
355 if (sdl.GetDisplayUsableBounds(0, &r) != 0)
356 return false;

CID 515130: Concurrent data access violations (MISSING_LOCK)
Accessing "win" without holding lock "win_mutex". Elsewhere, "win" is written to with "win_mutex" held 1 out of 1 times.

357 sdl.GetWindowSize(win, &ABUw, &ABUh);
358 sdl.GetWindowSizeInPixels(win, &pixelw, &pixelh);
359 if (pixelw == 0 || pixelh == 0 || ABUw == 0 || ABUh == 0) {
360 *w = r.w;
361 *h = r.h;
362 return true;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D_t4Q_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYVVBXfFUuA-2FsWyQ5uMS5ufMK7jgOcJ6VIupDH54bwQZq7SuxKbKUjUqnKiK9OnXbOb5gfXyBtjeI0-2BrMXfePEiZJ6tllUVEkd4WCimYeBdVV8tZ-2FZWYZleIzw9Ex3-2BGpSI29JxK7ySTVVle557znXI2HDyHti8hj8D3RvYxamaIw-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

14 new defect(s) introduced to Synchronet found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 14 of 14 defect(s)


** CID 515601: Program hangs (LOCK)
/js_bbs.cpp: 3400 in js_get_node_message(JSContext *, unsigned int, unsigned long *)()


________________________________________________________________________________________________________
*** CID 515601: Program hangs (LOCK)
/js_bbs.cpp: 3400 in js_get_node_message(JSContext *, unsigned int, unsigned long *)()
3394 clearline = JSVAL_TO_BOOLEAN(argv[0]);
3395
3396 rc=JS_SUSPENDREQUEST(cx);
3397 sbbs->getnmsg(clearline ? true : false);
3398 JS_RESUMEREQUEST(cx, rc);
3399

CID 515601: Program hangs (LOCK)
Returning without unlocking "sbbs->nodefile_mutex".

3400 return(JS_TRUE);
3401 }
3402
3403 static JSBool
3404 js_put_node_message(JSContext *cx, uintN argc, jsval *arglist)
3405 {

** CID 515600: Error handling issues (CHECKED_RETURN)
/download.cpp: 367 in sbbs_t::seqwait(unsigned int)()


________________________________________________________________________________________________________
*** CID 515600: Error handling issues (CHECKED_RETURN)
/download.cpp: 367 in sbbs_t::seqwait(unsigned int)()
361
362 if(!devnum)
363 return;
364 for(start=now=time(NULL);online && now-start<90;now=time(NULL)) {
365 if(msgabort()) /* max wait ^^^^ sec */
366 break;

CID 515600: Error handling issues (CHECKED_RETURN)
Calling "getnodedat" without checking return value (as is done elsewhere 52 out of 59 times).

367 getnodedat(cfg.node_num,&thisnode,true); /* open and lock this record */
368 for(i=1;i<=cfg.sys_nodes;i++) {
369 if(i==cfg.node_num) continue;
370 if(getnodedat(i,&node, true)) {
371 if((node.status==NODE_INUSE || node.status==NODE_QUIET)
372 && node.action==NODE_RFSD && node.aux==devnum) {

** CID 515599: Concurrent data access violations (MISSING_LOCK)
/putnode.cpp: 108 in sbbs_t::unlocknodedat(unsigned int)()


________________________________________________________________________________________________________
*** CID 515599: Concurrent data access violations (MISSING_LOCK) /putnode.cpp: 108 in sbbs_t::unlocknodedat(unsigned int)()
102 errormsg(WHERE, ERR_CHK, "node number", number);
103 return false;
104 }
105 int result = unlock(nodefile, (number - 1) * sizeof(node_t), sizeof(node_t));
106 if(cfg.node_misc & NM_CLOSENODEDAB) {
107 close(nodefile);

CID 515599: Concurrent data access violations (MISSING_LOCK)
Accessing "this->nodefile" without holding lock "sbbs_t.nodefile_mutex". Elsewhere, "sbbs_t.nodefile" is written to with "sbbs_t.nodefile_mutex" held 4 out of 5 times.

108 nodefile = -1;
109 }
110 pthread_mutex_unlock(&nodefile_mutex);
111 return result == 0;
112 }
113

** CID 515598: (SLEEP)


________________________________________________________________________________________________________
*** CID 515598: (SLEEP)
/getnode.cpp: 268 in sbbs_t::getnmsg(bool)()
262 buf[length]=0;
263
264 if(clearline)
265 this->clearline();
266 else if(column)
267 CRLF;

CID 515598: (SLEEP)
Call to "putmsg" might sleep while holding lock "this->nodefile_mutex". 268 putmsg(buf,P_NOATCODES);

269 free(buf);
270
271 return retval == 0;
272 }
273
/getnode.cpp: 265 in sbbs_t::getnmsg(bool)()
259 }
260 int retval = chsize(file,0L);
261 close(file);
262 buf[length]=0;
263
264 if(clearline)

CID 515598: (SLEEP)
Call to "clearline" might sleep while holding lock "this->nodefile_mutex".

265 this->clearline();
266 else if(column)
267 CRLF;
268 putmsg(buf,P_NOATCODES);
269 free(buf);
270

** CID 515597: Program hangs (LOCK)
/main.cpp: 2243 in input_thread(void *)()


________________________________________________________________________________________________________
*** CID 515597: Program hangs (LOCK)
/main.cpp: 2243 in input_thread(void *)()
2237 }
2238 else
2239 #endif
2240 rd = recv(sock, (char*)inbuf, rd, 0);
2241
2242 if(pthread_mutex_unlock(&sbbs->input_thread_mutex)!=0) >>> CID 515597: Program hangs (LOCK)

"errormsg" locks "sbbs->nodefile_mutex" while it is locked.

2243 sbbs->errormsg(WHERE,ERR_UNLOCK,"input_thread_mutex",0);
2244
2245 if (rd == 0 && !socket_recvdone(sock, 0))
2246 continue;
2247
2248 if(rd == SOCKET_ERROR)

** CID 515596: Program hangs (LOCK)
/logfile.cpp: 331 in sbbs_t::errormsg(int, const char *, const char *, const char *, const char *, int, const char *)()


________________________________________________________________________________________________________
*** CID 515596: Program hangs (LOCK)
/logfile.cpp: 331 in sbbs_t::errormsg(int, const char *, const char *, const char *, const char *, int, const char *)()
325 fprintf(logfile_fp,"!! %s%s", str, log_line_ending); 326 logcol=1;
327 fflush(logfile_fp);
328 }
329
330 errormsg_inside=false;

CID 515596: Program hangs (LOCK)
Returning without unlocking "this->nodefile_mutex".

331 }
332
333 /****************************************************************************/
334 /* Open a log file for append, supporting log rotation based on size */
335 /****************************************************************************/
336 extern "C" FILE* fopenlog(scfg_t* cfg, const char* path)

** CID 515595: Program hangs (LOCK)
/main.cpp: 4335 in sbbs_t::logoffstats()()


________________________________________________________________________________________________________
*** CID 515595: Program hangs (LOCK)
/main.cpp: 4335 in sbbs_t::logoffstats()()
4329
4330 for(i=0;i<2;i++) {
4331 FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */true);
4332 if(fp == NULL)
4333 continue;
4334 if(!fread_dstats(fp, &stats)) {

CID 515595: Program hangs (LOCK)
"errormsg" locks "this->nodefile_mutex" while it is locked.

4335 errormsg(WHERE, ERR_READ, "dsts.ini", i);
4336 } else {
4337 stats.total.timeon += minutes_used;
4338 stats.today.timeon += minutes_used;
4339 if(!fwrite_dstats(fp, &stats, __FUNCTION__)) 4340 errormsg(WHERE, ERR_WRITE, "dsts.ini", i);

** CID 515594: (SLEEP)


________________________________________________________________________________________________________
*** CID 515594: (SLEEP)
/main.cpp: 4649 in sbbs_t::daily_maint()()
4643 backup(str,cfg.user_backup_level,false);
4644 }
4645
4646 if(cfg.mail_backup_level) {
4647 lputs(LOG_INFO,"DAILY: Backing-up mail data...");
4648 smb_t mail;

CID 515594: (SLEEP)
Call to "smb_open_sub" might sleep while holding lock "this->nodefile_mutex".

4649 int result = smb_open_sub(&cfg, &mail, INVALID_SUB); 4650 if(result != SMB_SUCCESS)
4651 lprintf(LOG_ERR, "ERROR %d (%s) opening mail base", result, mail.last_error);
4652 else {
4653 result = smb_lock(&mail);
4654 if(result != SMB_SUCCESS)
/main.cpp: 4778 in sbbs_t::daily_maint()()
4772 closeuserdat(userfile);
4773
4774 lputs(LOG_INFO,"DAILY: Purging deleted/expired e-mail");
4775 SAFEPRINTF(smb.file,"%smail",cfg.data_dir);
4776 smb.retry_time=cfg.smb_retry_time;
4777 smb.subnum=INVALID_SUB;

CID 515594: (SLEEP)
Call to "smb_open" might sleep while holding lock "this->nodefile_mutex".

4778 if((i=smb_open(&smb))!=0)
4779 errormsg(WHERE,ERR_OPEN,smb.file,i,smb.last_error); 4780 else {
4781 if(filelength(fileno(smb.shd_fp))>0) {
4782 if((i=smb_locksmbhdr(&smb))!=0)
4783 errormsg(WHERE,ERR_LOCK,smb.file,i,smb.last_error);

** CID 515593: (LOCK)
/getnode.cpp: 258 in sbbs_t::getnmsg(bool)()
/getnode.cpp: 252 in sbbs_t::getnmsg(bool)()
/getnode.cpp: 242 in sbbs_t::getnmsg(bool)()
/getnode.cpp: 271 in sbbs_t::getnmsg(bool)()
/getnode.cpp: 237 in sbbs_t::getnmsg(bool)()
/getnode.cpp: 247 in sbbs_t::getnmsg(bool)()


________________________________________________________________________________________________________
*** CID 515593: (LOCK)
/getnode.cpp: 258 in sbbs_t::getnmsg(bool)()
252 return false;
253 }
254 if(read(file,buf,length)!=length) {
255 close(file);
256 free(buf);
257 errormsg(WHERE,ERR_READ,str,length);

CID 515593: (LOCK)
Returning without unlocking "this->nodefile_mutex".

258 return false;
259 }
260 int retval = chsize(file,0L);
261 close(file);
262 buf[length]=0;
263
/getnode.cpp: 252 in sbbs_t::getnmsg(bool)()
246 close(file);
247 return true;
248 }
249 if((buf=(char *)malloc(length+1))==NULL) {
250 close(file);
251 errormsg(WHERE,ERR_ALLOC,str,length+1);

CID 515593: (LOCK)
Returning without unlocking "this->nodefile_mutex".

252 return false;
253 }
254 if(read(file,buf,length)!=length) {
255 close(file);
256 free(buf);
257 errormsg(WHERE,ERR_READ,str,length);
/getnode.cpp: 242 in sbbs_t::getnmsg(bool)()
236 if(flength(str)<1L)
237 return true;
238 if((file=nopen(str,O_RDWR))==-1) {
239 /**
240 errormsg(WHERE,ERR_OPEN,str,O_RDWR);
241 **/

CID 515593: (LOCK)
Returning without unlocking "this->nodefile_mutex".

242 return false;
243 }
244 length=(long)filelength(file);
245 if(length <= 0) {
246 close(file);
247 return true;
/getnode.cpp: 271 in sbbs_t::getnmsg(bool)()
265 this->clearline();
266 else if(column)
267 CRLF;
268 putmsg(buf,P_NOATCODES);
269 free(buf);
270

CID 515593: (LOCK)
Returning without unlocking "this->nodefile_mutex".

271 return retval == 0;
272 }
273
274 /****************************************************************************/
275 /* 'ext' must be at least 128 bytes! */
276 /****************************************************************************/
/getnode.cpp: 237 in sbbs_t::getnmsg(bool)()
231 thisnode.misc&=~NODE_NMSG; /* clear the NMSG flag */
232 putnodedat(cfg.node_num,&thisnode);
233 }
234
235 SAFEPRINTF2(str,"%smsgs/n%3.3u.msg",cfg.data_dir,cfg.node_num); 236 if(flength(str)<1L)

CID 515593: (LOCK)
Returning without unlocking "this->nodefile_mutex".

237 return true;
238 if((file=nopen(str,O_RDWR))==-1) {
239 /**
240 errormsg(WHERE,ERR_OPEN,str,O_RDWR);
241 **/
242 return false;
/getnode.cpp: 247 in sbbs_t::getnmsg(bool)()
241 **/
242 return false;
243 }
244 length=(long)filelength(file);
245 if(length <= 0) {
246 close(file);

CID 515593: (LOCK)
Returning without unlocking "this->nodefile_mutex".

247 return true;
248 }
249 if((buf=(char *)malloc(length+1))==NULL) {
250 close(file);
251 errormsg(WHERE,ERR_ALLOC,str,length+1);
252 return false;

** CID 515592: (SLEEP)


________________________________________________________________________________________________________
*** CID 515592: (SLEEP)
/getnode.cpp: 162 in sbbs_t::nodesync(bool)()
156 thisnode.misc&=~NODE_UDAT;
157 putnodedat(cfg.node_num,&thisnode);
158 }
159 }
160 if(!(sys_status&SS_MOFF)) {
161 if(thisnode.misc&NODE_MSGW)

CID 515592: (SLEEP)
Call to "getsmsg" might sleep while holding lock "this->nodefile_mutex".

162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */
163 if(thisnode.misc&NODE_NMSG)
164 getnmsg(clearline); /* getnmsg clears NMSG flag */
165 }
166 }
167
/getnode.cpp: 174 in sbbs_t::nodesync(bool)()
168 if(cfg.sync_mod[0])
169 exec_bin(cfg.sync_mod,&main_csi);
170
171 if(thisnode.misc&NODE_INTR) {
172 bputs(text[NodeLocked]);
173 logline(LOG_NOTICE,nulstr,"Interrupted");

CID 515592: (SLEEP)
Call to "hangup" might sleep while holding lock "this->nodefile_mutex". 174 hangup();

175 nodesync_inside=0;
176 return;
177 }
178
179 if(thisnode.misc&NODE_LCHAT) { // pulled into local chat with sysop
/getnode.cpp: 164 in sbbs_t::nodesync(bool)()
158 }
159 }
160 if(!(sys_status&SS_MOFF)) {
161 if(thisnode.misc&NODE_MSGW)
162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */
163 if(thisnode.misc&NODE_NMSG)

CID 515592: (SLEEP)
Call to "getnmsg" might sleep while holding lock "this->nodefile_mutex".

164 getnmsg(clearline); /* getnmsg clears NMSG flag */
165 }
166 }
167
168 if(cfg.sync_mod[0])
169 exec_bin(cfg.sync_mod,&main_csi);
/getnode.cpp: 211 in sbbs_t::nodesync(bool)()
205 }
206
207 if(sys_status&SS_USERON && online && (timeleft/60)<(5-timeleft_warn)
208 && !SYSOP) {
209 timeleft_warn=5-(timeleft/60);
210 if(!(sys_status&SS_MOFF)) {

CID 515592: (SLEEP)
Call to "attr" might sleep while holding lock "this->nodefile_mutex". 211 attr(LIGHTGRAY);

212 bprintf(text[OnlyXminutesLeft]
213 ,((ushort)timeleft/60)+1,(timeleft/60) ? "s" : nulstr);
214 }
215 }
216
/getnode.cpp: 217 in sbbs_t::nodesync(bool)()
211 attr(LIGHTGRAY);
212 bprintf(text[OnlyXminutesLeft]
213 ,((ushort)timeleft/60)+1,(timeleft/60) ? "s" : nulstr);
214 }
215 }
216

CID 515592: (SLEEP)
Call to "attr" might sleep while holding lock "this->nodefile_mutex". 217 attr(atr); /* replace original attributes */

218 nodesync_inside=0;
219 }
220
221 /****************************************************************************/
222 /* Prints short messages waiting for this node, if any... */
/getnode.cpp: 181 in sbbs_t::nodesync(bool)()
175 nodesync_inside=0;
176 return;
177 }
178
179 if(thisnode.misc&NODE_LCHAT) { // pulled into local chat with sysop
180 saveline();

CID 515592: (SLEEP)
Call to "privchat" might sleep while holding lock "this->nodefile_mutex".

181 privchat(true);
182 restoreline();
183 }
184
185 if(thisnode.misc&NODE_FCHAT) { // forced into private chat
186 int n = getpagingnode(&cfg);
/getnode.cpp: 182 in sbbs_t::nodesync(bool)()
176 return;
177 }
178
179 if(thisnode.misc&NODE_LCHAT) { // pulled into local chat with sysop
180 saveline();
181 privchat(true);

CID 515592: (SLEEP)
Call to "restoreline" might sleep while holding lock "this->nodefile_mutex".

182 restoreline();
183 }
184
185 if(thisnode.misc&NODE_FCHAT) { // forced into private chat
186 int n = getpagingnode(&cfg);
187 if(n) {
/getnode.cpp: 197 in sbbs_t::nodesync(bool)()
191 action = save_action;
192 restoreline();
193 }
194 if(getnodedat(cfg.node_num, &thisnode, true)) {
195 thisnode.action = action;
196 thisnode.misc &= ~NODE_FCHAT;

CID 515592: (SLEEP)
Call to "putnodedat" might sleep while holding lock "this->nodefile_mutex".

197 putnodedat(cfg.node_num, &thisnode);
198 }
199 }
200
201 if(sys_status&SS_USERON && memcmp(&nodesync_user,&useron,sizeof(user_t))) {
202 getusrdirs();

** CID 515591: (LOCK)
/getnode.cpp: 219 in sbbs_t::nodesync(bool)()
/getnode.cpp: 157 in sbbs_t::nodesync(bool)()


________________________________________________________________________________________________________
*** CID 515591: (LOCK)
/getnode.cpp: 219 in sbbs_t::nodesync(bool)()
213 ,((ushort)timeleft/60)+1,(timeleft/60) ? "s" : nulstr);
214 }
215 }
216
217 attr(atr); /* replace original attributes */
218 nodesync_inside=0;

CID 515591: (LOCK)
Returning without unlocking "this->nodefile_mutex".

219 }
220
221 /****************************************************************************/
222 /* Prints short messages waiting for this node, if any... */
223 /****************************************************************************/
224 bool sbbs_t::getnmsg(bool clearline)
/getnode.cpp: 164 in sbbs_t::nodesync(bool)()
158 }
159 }
160 if(!(sys_status&SS_MOFF)) {
161 if(thisnode.misc&NODE_MSGW)
162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */
163 if(thisnode.misc&NODE_NMSG)

CID 515591: (LOCK)
"getnmsg" locks "this->nodefile_mutex" while it is locked.

164 getnmsg(clearline); /* getnmsg clears NMSG flag */
165 }
166 }
167
168 if(cfg.sync_mod[0])
169 exec_bin(cfg.sync_mod,&main_csi);
/getnode.cpp: 197 in sbbs_t::nodesync(bool)()
191 action = save_action;
192 restoreline();
193 }
194 if(getnodedat(cfg.node_num, &thisnode, true)) {
195 thisnode.action = action;
196 thisnode.misc &= ~NODE_FCHAT;

CID 515591: (LOCK)
"putnodedat" locks "this->nodefile_mutex" while it is locked.

197 putnodedat(cfg.node_num, &thisnode);
198 }
199 }
200
201 if(sys_status&SS_USERON && memcmp(&nodesync_user,&useron,sizeof(user_t))) {
202 getusrdirs();
/getnode.cpp: 157 in sbbs_t::nodesync(bool)()
151 }
152 }
153 if(thisnode.misc&NODE_UDAT && !(useron.rest&FLAG('G'))) { /* not guest */
154 getuserdat(&cfg, &useron);
155 if(getnodedat(cfg.node_num,&thisnode, true)) { 156 thisnode.misc&=~NODE_UDAT;

CID 515591: (LOCK)
"putnodedat" locks "this->nodefile_mutex" while it is locked.

157 putnodedat(cfg.node_num,&thisnode);
158 }
159 }
160 if(!(sys_status&SS_MOFF)) {
161 if(thisnode.misc&NODE_MSGW)
162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */

** CID 515590: (LOCK)
/un_qwk.cpp: 94 in sbbs_t::unpack_qwk(char *, unsigned int)()
/un_qwk.cpp: 123 in sbbs_t::unpack_qwk(char *, unsigned int)()


________________________________________________________________________________________________________
*** CID 515590: (LOCK)
/un_qwk.cpp: 94 in sbbs_t::unpack_qwk(char *, unsigned int)()
88 lprintf(LOG_ERR, "libarchive error %ld (%s) extracting %s", file_count, error, packet);
89 if(*cfg.qhub[hubnum]->unpack == '\0')
90 return false;
91 i=external(cmdstr(cfg.qhub[hubnum]->unpack,packet,ALLFILES,NULL),EX_OFFLINE);
92 if(i) {
93 errormsg(WHERE,ERR_EXEC,cmdstr(cfg.qhub[hubnum]->unpack,packet,ALLFILES,NULL),i);

CID 515590: (LOCK)
Returning without unlocking "this->input_thread_mutex".

94 return(false);
95 }
96 }
97 SAFEPRINTF(str,"%sMESSAGES.DAT",cfg.temp_dir);
98 if(!fexistcase(str)) {
99 lprintf(LOG_WARNING,"%s doesn't contain MESSAGES.DAT (%s)",packet,str);
/un_qwk.cpp: 123 in sbbs_t::unpack_qwk(char *, unsigned int)()
117 remove(fname);
118 }
119 SAFEPRINTF(fname, "%sVOTING.DAT", cfg.temp_dir);
120 if(fexistcase(fname)) {
121 lprintf(LOG_DEBUG, "Reading %s", fname);
122 if((fp=fopen(fname,"r")) == NULL)

CID 515590: (LOCK)
"errormsg" locks "this->nodefile_mutex" while it is locked.

123 errormsg(WHERE,ERR_OPEN,fname,O_RDONLY);
124 else {
125 voting=iniReadFile(fp);
126 fclose(fp);
127 }
128 remove(fname);

** CID 515589: Error handling issues (CHECKED_RETURN)
/logon.cpp: 124 in sbbs_t::logon()()


________________________________________________________________________________________________________
*** CID 515589: Error handling issues (CHECKED_RETURN)
/logon.cpp: 124 in sbbs_t::logon()()
118 ,useron.number,useron.alias);
119 logline(LOG_NOTICE,"+!",str);
120 hangup();
121 return(false);
122 }
123 if(yesno(text[RemoveNodeLockQ])) {

CID 515589: Error handling issues (CHECKED_RETURN)
Calling "getnodedat" without checking return value (as is done elsewhere 52 out of 59 times).

124 getnodedat(cfg.node_num,&thisnode, true);
125 logline("S-","Removed Node Lock");
126 thisnode.misc&=~NODE_LOCK;
127 }
128 else
129 getnodedat(cfg.node_num,&thisnode, true);

** CID 515588: (SLEEP)
/main.cpp: 3450 in event_thread(void *)()
/main.cpp: 3272 in event_thread(void *)()


________________________________________________________________________________________________________
*** CID 515588: (SLEEP)
/main.cpp: 3277 in event_thread(void *)()
3271 while(!sbbs->terminated) {
3272 mswait(1000); 3273 now=time(NULL); 3274 if(now-start>10 && now-lastnodechk<10)
3275 continue;
3276 for(j=first_node;j<=last_node;j++) {

CID 515588: (SLEEP)
Call to "getnodedat" might sleep while holding lock "sbbs->nodefile_mutex".

3277 if(!sbbs->getnodedat(j,&node, true))
3278 continue;
3279 if(node.status==NODE_WFC)
3280 node.status=NODE_EVENT_LIMBO;
3281 node.aux=sbbs->cfg.event[i]->node;
3282 sbbs->putnodedat(j,&node);
/main.cpp: 3450 in event_thread(void *)()
3444 }
3445 }
3446 }
3447 }
3448 }
3449 sbbs->event_code = nulstr;

CID 515588: (SLEEP)
Call to "nanosleep" might sleep while holding lock "sbbs->nodefile_mutex".

3450 mswait(1000);
3451 }
3452 sbbs->cfg.node_num=0;
3453 sbbs->useron.number = 0;
3454 sbbs->js_cleanup();
3455
/main.cpp: 3373 in event_thread(void *)()
3367 && (sbbs->cfg.event[i]->node<first_node || sbbs->cfg.event[i]->node>last_node)) {
3368 sbbs->lprintf(LOG_NOTICE,"Changing node status for nodes %d through %d to WFC"
3369 ,first_node,last_node); 3370 sbbs->cfg.event[i]->last=(time32_t)now;
3371 for(j=first_node;j<=last_node;j++) {
3372 node.status=NODE_INVALID_STATUS;

CID 515588: (SLEEP)
Call to "getnodedat" might sleep while holding lock "sbbs->nodefile_mutex".

3373 if(!sbbs->getnodedat(j,&node, true))
3374 continue;
3375 node.status=NODE_WFC; 3376 sbbs->putnodedat(j,&node);
3377 }
3378 }
/main.cpp: 3413 in event_thread(void *)()
3407 cmd = sbbs->cmdstr(cmd, nulstr, sbbs->cfg.event[i]->dir, NULL);
3408 sbbs->lprintf(LOG_INFO,"Running %s%stimed event: %s"
3409 ,native_executable(&sbbs->cfg, cmd, ex_mode) ? "native ":"16-bit DOS "
3410 ,(ex_mode&EX_BG) ? "background ":""
3411 ,cmd);
3412 {

CID 515588: (SLEEP)
Call to "external" might sleep while holding lock "sbbs->nodefile_mutex".

3413 int result = sbbs->external(cmd, ex_mode, sbbs->cfg.event[i]->dir);
3414 if(!(ex_mode&EX_BG)) 3415 sbbs->lprintf(result ? sbbs->cfg.event[i]->errlevel : LOG_INFO, "Timed event: '%s' returned %d", cmd, result);
3416 else
3417 sbbs->lprintf(LOG_DEBUG, "Background timed event spawned: %s", cmd);
3418 }
/main.cpp: 3277 in event_thread(void *)()
3271 while(!sbbs->terminated) {
3272 mswait(1000); 3273 now=time(NULL); 3274 if(now-start>10 && now-lastnodechk<10)
3275 continue;
3276 for(j=first_node;j<=last_node;j++) {

CID 515588: (SLEEP)
Call to "getnodedat" might sleep while holding lock "sbbs->nodefile_mutex".

3277 if(!sbbs->getnodedat(j,&node, true))
3278 continue;
3279 if(node.status==NODE_WFC)
3280 node.status=NODE_EVENT_LIMBO;
3281 node.aux=sbbs->cfg.event[i]->node;
3282 sbbs->putnodedat(j,&node);
/main.cpp: 2986 in event_thread(void *)()
2980 if(!fexist(fname))
2981 continue;
2982 sbbs->useron.number = 0;
2983 sbbs->lprintf(LOG_INFO, "QWK pack semaphore signaled: %s", fname);
2984 int usernum = atoi(fname+offset);
2985 sbbs->useron.number = usernum;

CID 515588: (SLEEP)
Call to "getuserdat" might sleep while holding lock "sbbs->nodefile_mutex".

2986 int retval = getuserdat(&sbbs->cfg,&sbbs->useron);
2987 if(retval != 0) {
2988 sbbs->lprintf(LOG_WARNING, "ERROR %d reading user data for user #%d", retval, usernum);
2989 sbbs->fremove(WHERE, fname, /* log-all-errors: */true);
2990 continue;
2991 }
/main.cpp: 3272 in event_thread(void *)()
3266 sbbs->lprintf(LOG_DEBUG,"event last run: %s (0x%08x)"
3267 ,sbbs->timestr(sbbs->cfg.event[i]->last)
3268 ,sbbs->cfg.event[i]->last);
3269 lastnodechk=0; /* really last event time check */
3270 start=time(NULL);
3271 while(!sbbs->terminated) {

CID 515588: (SLEEP)
Call to "nanosleep" might sleep while holding lock "sbbs->nodefile_mutex".

3272 mswait(1000); 3273 now=time(NULL); 3274 if(now-start>10 && now-lastnodechk<10)
3275 continue;
3276 for(j=first_node;j<=last_node;j++) {
3277 if(!sbbs->getnodedat(j,&node, true))


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D0VuE_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZXtRHBZwsv7Kfty0nOtNaK0UAFlR-2FrVR2f6CKktOSW3KEH5A-2BAGbll45RILco6MRWsB-2BPA-2F5LbzoDmAwnm2EdPSGWu8DKQDA8ovxbR0nzs0zWwn4zpQwqZ0g5MQ5Uxv60wCv-2BEyap91XzPuWSQ2OUE7j0iN0wndXT1J2mredhBFg-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

3 new defect(s) introduced to Synchronet found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 515659: Resource leaks (RESOURCE_LEAK)
/readmail.cpp: 814 in sbbs_t::readmail(unsigned int, int, int)()


________________________________________________________________________________________________________
*** CID 515659: Resource leaks (RESOURCE_LEAK)
/readmail.cpp: 814 in sbbs_t::readmail(unsigned int, int, int)()
808 }
809
810 smb_close(&smb);
811 smb_stack(&smb,SMB_STACK_POP);
812 current_msg=NULL;
813

CID 515659: Resource leaks (RESOURCE_LEAK)
Variable "mail" going out of scope leaks the storage it points to.

814 return lm_mode;
815 }
816
817 int sbbs_t::searchmail(mail_t *mail, int start, int msgs, int which, const char *search, const char* order)
818 {
819 char* buf;

** CID 515658: Error handling issues (CHECKED_RETURN)


________________________________________________________________________________________________________
*** CID 515658: Error handling issues (CHECKED_RETURN)
/dupefind.c: 75 in display_filename()
69 char *display_filename(scfg_t *cfg, uint dirnum, uint32_t fil_off)
70 {
71 static char str[256];
72 static smb_t smb;
73 if(smb_open_dir(cfg, &smb, dirnum) != SMB_SUCCESS)
74 return smb.last_error;

CID 515658: Error handling issues (CHECKED_RETURN)
Calling "smb_fseek(smb.sid_fp, (fil_off - 1U) * 128UL, 0)" without checking return value. It wraps a library function that may fail and return an error code.

75 smb_fseek(smb.sid_fp, (fil_off - 1) * sizeof(fileidxrec_t), SEEK_SET); 76 fileidxrec_t idx;
77 if(smb_fread(&smb, &idx, sizeof(idx), smb.sid_fp) != sizeof(idx)) {
78 smb_close(&smb);
79 return smb.last_error;
80 }

** CID 515657: Error handling issues (CHECKED_RETURN)
/load_cfg.c: 627 in smb_open_dir()


________________________________________________________________________________________________________
*** CID 515657: Error handling issues (CHECKED_RETURN)
/load_cfg.c: 627 in smb_open_dir()
621 if(filelength(fileno(smb->shd_fp)) < 1) {
622 smb->status.max_files = cfg->dir[dirnum]->maxfiles; 623 smb->status.max_age = cfg->dir[dirnum]->maxage;
624 smb->status.attr = SMB_FILE_DIRECTORY; 625 if(cfg->dir[dirnum]->misc & DIR_NOHASH)
626 smb->status.attr |= SMB_NOHASH;

CID 515657: Error handling issues (CHECKED_RETURN)
Calling "smb_create" without checking return value (as is done elsewhere 16 out of 17 times).

627 smb_create(smb);
628 }
629 return SMB_SUCCESS;
630 }
631
632 int get_lang_count(scfg_t* cfg)


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DArCi_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZBUi-2F07t06F46PFVW9NK8AEOuHmZrMv6aNSdOw0AIeo4ogvPzV8VRWZ8jRTfiHC12zKsA4sipybJiH6RgyZ0m7AfiNQvXpSFbavk3k9Q6PyWgsjGH13ueAcyWa7DsklJg0kfAfT7EZWBHjtJZZ7z9FYBEIQ4aPAWfq3llNwIH-2F5w-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.
8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 515673: Code maintainability issues (SIZEOF_MISMATCH)
/sbbsecho.c: 1309 in link_area()


________________________________________________________________________________________________________
*** CID 515673: Code maintainability issues (SIZEOF_MISMATCH)
/sbbsecho.c: 1309 in link_area()
1303 return false;
1304 }
1305
1306 void link_area(unsigned area_num, const fidoaddr_t* addr)
1307 {
1308 area_t* area = &cfg.area[area_num];

CID 515673: Code maintainability issues (SIZEOF_MISMATCH)
Passing argument "area->link" of type "fidoaddr_t const *" and argument "8UL /* sizeof (addr) */ * (area->links + 1)" to function "realloc_or_free" is suspicious. In this case, "sizeof (fidoaddr_t const *)" is equal to "sizeof (fidoaddr_t const)", but this is not a portable assumption.

1309 if((area->link = realloc_or_free(area->link, (sizeof addr) * (area->links + 1))) == NULL) {
1310 lprintf(LOG_ERR,"ERROR line %d allocating memory for area "
1311 "#%u links.",__LINE__, area_num + 1);
1312 bail(1);
1313 return;
1314 }


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DjswB_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZTIkIcVsFEubRKPyVR-2BCuKY5oHLU9ayFn6T1x6if3eS0nVM4zzDglf0kSu84NvdLQvLmLpVUMBWFTCqIbKw97TOhNhU4Up-2FQ0gGVaItXyTTfc3Uu2zZfP2qWOCQU0YU4SaCyb8-2B3kJNnxUzaATxOedk4YqKEgN0RG-2F7ZgTWOZJ5A-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

3 new defect(s) introduced to Synchronet found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 515715: Incorrect expression (SIZEOF_MISMATCH)
/userdat.c: 1420 in node_vstatus()


________________________________________________________________________________________________________
*** CID 515715: Incorrect expression (SIZEOF_MISMATCH)
/userdat.c: 1420 in node_vstatus()
1414 return cfg->text != NULL ? cfg->text[NodeStatusOffline] : "Offline";
1415 case NODE_NETTING: /* Obsolete */
1416 return "Networking";
1417 case NODE_LOGON:
1418 return cfg->text != NULL ? cfg->text[NodeStatusLogon] : "At login prompt";
1419 case NODE_LOGOUT:

CID 515715: Incorrect expression (SIZEOF_MISMATCH)
Passing argument "str" of type "char *" and argument "8UL /* sizeof (str) */" to function "safe_snprintf" is suspicious.

1420 snprintf(str, sizeof str, cfg->text != NULL ? cfg->text[NodeStatusLogout] : "Logging out %s", username(cfg,node->useron,tmp));
1421 return str;
1422 case NODE_EVENT_WAITING:
1423 return cfg->text != NULL ? cfg->text[NodeStatusEventWaiting] : "Waiting for all nodes to become inactive";
1424 case NODE_EVENT_LIMBO:
1425 snprintf(str, size, cfg->text != NULL ? cfg->text[NodeStatusEventLimbo] : "Waiting for node %d to finish external event"

** CID 515714: Uninitialized variables (UNINIT)


________________________________________________________________________________________________________
*** CID 515714: Uninitialized variables (UNINIT)
/getnode.cpp: 289 in sbbs_t::getnodeext(unsigned int, char *)()
283 errormsg(WHERE,ERR_CHK,"node number",number);
284 return false;
285 }
286
287 if((node_ext=opennodeext(&cfg))==-1) {
288 memset(ext,0,128);

CID 515714: Uninitialized variables (UNINIT)
Using uninitialized value "*str" when calling "errormsg".

289 errormsg(WHERE,ERR_OPEN,str,O_RDONLY|O_DENYNONE);
290 return false;
291 }
292
293 number--; /* make zero based */
294 for(count=0;count<LOOP_NODEDAB;count++) {

** CID 515713: Incorrect expression (SIZEOF_MISMATCH)
/userdat.c: 1512 in node_activity()


________________________________________________________________________________________________________
*** CID 515713: Incorrect expression (SIZEOF_MISMATCH)
/userdat.c: 1512 in node_activity()
1506 return cfg->text != NULL ? cfg->text[NodeActivityLoggingOn] : "logging on";
1507 case NODE_LCHT:
1508 snprintf(str, size, cfg->text != NULL ? cfg->text[NodeActivityLocalChat] : "chatting with %s", cfg->sys_op);
1509 break;
1510 case NODE_MCHT:
1511 if(node->aux != 0)

CID 515713: Incorrect expression (SIZEOF_MISMATCH)
Passing argument "str" of type "char *" and argument "8UL /* sizeof (str) */" to function "safe_snprintf" is suspicious.

1512 snprintf(str, sizeof str
1513 ,cfg->text != NULL ? cfg->text[NodeActivityChatChannel] : "in multinode chat channel %d"
1514 ,node->aux & 0xff);
1515 else
1516 return cfg->text != NULL ? cfg->text[NodeActivityGlobalChat] : "in multinode global chat channel";
1517 break;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Drf1g_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQY9ty8xtnl2sw1SqlPRU2WILlz6B-2F41RYA0wpD7iGPK7iJJRJMlj06LpTw8H4oLu0ZD6NOR-2Fs4yPZ6xU2n8ZKWHL4-2F4cgQ0xljfi-2B5nJtvQuTTNG4kyAp2Ph0XvRGRr1KcMs8Gin6jWDWu2x-2Bkj9Q6Trx86Of-2BJRienYR-2Fbv9gQgw-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 516068: Null pointer dereferences (FORWARD_NULL)
/websrvr.c: 5419 in js_ErrorReporter()


________________________________________________________________________________________________________
*** CID 516068: Null pointer dereferences (FORWARD_NULL)
/websrvr.c: 5419 in js_ErrorReporter()
5413 pthread_mutex_lock(&mutex);
5414 if(lastline == report->lineno && report->filename != NULL && strcmp(lastfile, report->filename) == 0)
5415 log_level = LOG_WARNING;
5416 else
5417 log_level = LOG_ERR;
5418 lastline = report->lineno;

CID 516068: Null pointer dereferences (FORWARD_NULL)
Passing null pointer "report->filename" to "strlcpy", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]

5419 SAFECOPY(lastfile, report->filename);
5420 pthread_mutex_unlock(&mutex);
5421 warning="";
5422 }
5423
5424 lprintf(log_level,"%04d !JavaScript %s%s%s: %s, Request: %s"


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DwGMb_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYoPlNm5BibC088PrWc35An4cdaeXCJhAHOfo6MdQKpuyixiVEFSUvV84YSqGOWCuXdzqHO6D3vFmsefEKTNsriv31FvxSemaYCwQ1e-2F5VqBGX6SKqkk-2F5GGTcyG8HHnvAZdIDYA7eRF8DYP-2F3cg26HCdIpmNxtLPnr6lFDWLJb2Q-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

9 new defect(s) introduced to Synchronet found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)


** CID 516415: Error handling issues (CHECKED_RETURN)
/userdat.c: 1472 in node_activity()


________________________________________________________________________________________________________
*** CID 516415: Error handling issues (CHECKED_RETURN)
/userdat.c: 1472 in node_activity()
1466 case NODE_AMSG:
1467 return cfg->text != NULL ? cfg->text[NodeActivityAutoMsg] : "posting auto-message";
1468 case NODE_XTRN:
1469 if(node->aux == 0)
1470 return cfg->text != NULL ? cfg->text[NodeActivityXtrnMenu] : "at external program menu";
1471 user.number = node->useron;

CID 516415: Error handling issues (CHECKED_RETURN)
Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).

1472 getuserdat(cfg, &user);
1473 xtrnnum = getxtrnnum(cfg, user.curxtrn);
1474 if(is_valid_xtrnnum(cfg, xtrnnum))
1475 snprintf(str, size, "%s %s"
1476 ,cfg->text != NULL ? cfg->text[NodeActivityRunningXtrn] : "running"
1477 ,cfg->xtrn[xtrnnum]->name);

** CID 516414: Error handling issues (CHECKED_RETURN)
/useredit.cpp: 65 in sbbs_t::useredit(int)()


________________________________________________________________________________________________________
*** CID 516414: Error handling issues (CHECKED_RETURN)
/useredit.cpp: 65 in sbbs_t::useredit(int)()
59 if(sys_status&SS_INUEDIT)
60 return;
61 sys_status|=SS_INUEDIT;
62 while(online) {
63 CLS;
64 attr(LIGHTGRAY);

CID 516414: Error handling issues (CHECKED_RETURN)
Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).

65 getuserdat(&cfg,&user);
66 if(!user.number) {
67 user.number=1;
68 getuserdat(&cfg,&user);
69 if(!user.number) {
70 bputs(text[NoUserData]);

** CID 516413: Error handling issues (CHECKED_RETURN)
/answer.cpp: 168 in sbbs_t::answer()()


________________________________________________________________________________________________________
*** CID 516413: Error handling issues (CHECKED_RETURN)
/answer.cpp: 168 in sbbs_t::answer()()
162 (but keep full terminal type/speed string in rlogin_term): */
163 truncstr(terminal,"/");
164 useron.number = 0;
165 if(rlogin_name[0])
166 useron.number = find_login_id(&cfg, rlogin_name);
167 if(useron.number) {

CID 516413: Error handling issues (CHECKED_RETURN)
Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).

168 getuserdat(&cfg,&useron);
169 SAFEPRINTF(path,"%srlogin.cfg",cfg.ctrl_dir);
170 if(!findstr(client.addr,path)) {
171 SAFECOPY(tmp, rlogin_pass);
172 for(i=0;i<3 && online;i++) { 173 if(stricmp(tmp,useron.pass)) {

** CID 516412: Error handling issues (CHECKED_RETURN)
/login.cpp: 51 in sbbs_t::login(const char *, const char *, const char *, const char *)()


________________________________________________________________________________________________________
*** CID 516412: Error handling issues (CHECKED_RETURN)
/login.cpp: 51 in sbbs_t::login(const char *, const char *, const char *, const char *)()
45 long useron_misc=useron.misc;
46
47 username = parse_login(username);
48
49 useron.number = find_login_id(&cfg, username);
50 if(useron.number) {

CID 516412: Error handling issues (CHECKED_RETURN)
Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).

51 getuserdat(&cfg,&useron);
52 if(useron.number && useron.misc&(DELETED|INACTIVE))
53 useron.number=0;
54 }
55
56 if(!useron.number) {

** CID 516411: (CHECKED_RETURN)
/useredit.cpp: 733 in sbbs_t::maindflts(user_t *)()
/useredit.cpp: 738 in sbbs_t::maindflts(user_t *)()


________________________________________________________________________________________________________
*** CID 516411: (CHECKED_RETURN)
/useredit.cpp: 733 in sbbs_t::maindflts(user_t *)()
727
728 action=NODE_DFLT;
729 if (cfg.usercfg_mod[0]) {
730 char cmdline[256];
731 snprintf(cmdline, sizeof(cmdline), "%s %u", cfg.usercfg_mod, user->number);
732 exec_bin(cmdline, &main_csi);

CID 516411: (CHECKED_RETURN)
Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).

733 getuserdat(&cfg, user);
734 return;
735 }
736 while(online) {
737 CLS;
738 getuserdat(&cfg,user);
/useredit.cpp: 738 in sbbs_t::maindflts(user_t *)()
732 exec_bin(cmdline, &main_csi);
733 getuserdat(&cfg, user);
734 return;
735 }
736 while(online) {
737 CLS;

CID 516411: (CHECKED_RETURN)
Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).

738 getuserdat(&cfg,user);
739 bprintf(text[UserDefaultsHdr],user->alias,user->number);
740 if(user == &useron) {
741 update_nodeterm();
742 load_user_text();
743 }

** CID 516410: Error handling issues (CHECKED_RETURN)
/websrvr.c: 1662 in http_logon()


________________________________________________________________________________________________________
*** CID 516410: Error handling issues (CHECKED_RETURN)
/websrvr.c: 1662 in http_logon()
1656 session->req.finished=true;
1657 }
1658
1659 void http_logon(http_session_t * session, user_t *usr)
1660 {
1661 if(usr==NULL)

CID 516410: Error handling issues (CHECKED_RETURN)
Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).

1662 getuserdat(&scfg, &session->user);
1663 else
1664 session->user=*usr;
1665
1666 if(session->user.number==session->last_user_num)
1667 return;

** CID 516409: Error handling issues (CHECKED_RETURN)
/str.cpp: 1388 in sbbs_t::change_user()()


________________________________________________________________________________________________________
*** CID 516409: Error handling issues (CHECKED_RETURN)
/str.cpp: 1388 in sbbs_t::change_user()()
1382 putmsgptrs();
1383 putuserstr(useron.number, USER_CURSUB
1384 ,cfg.sub[usrsub[curgrp][cursub[curgrp]]]->code);
1385 putuserstr(useron.number, USER_CURDIR
1386 ,cfg.dir[usrdir[curlib][curdir[curlib]]]->code);
1387 useron.number=i;

CID 516409: Error handling issues (CHECKED_RETURN)
Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).

1388 getuserdat(&cfg,&useron);
1389 if(getnodedat(cfg.node_num,&thisnode, true)) {
1390 thisnode.useron=useron.number;
1391 putnodedat(cfg.node_num,&thisnode);
1392 }
1393 getmsgptrs();

** CID 516408: Error handling issues (CHECKED_RETURN)
/useredit.cpp: 1166 in sbbs_t::purgeuser(int)()


________________________________________________________________________________________________________
*** CID 516408: Error handling issues (CHECKED_RETURN)
/useredit.cpp: 1166 in sbbs_t::purgeuser(int)()
1160
1161 void sbbs_t::purgeuser(int usernumber)
1162 { char str[128];
1163 user_t user;
1164
1165 user.number=usernumber;

CID 516408: Error handling issues (CHECKED_RETURN)
Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).

1166 getuserdat(&cfg,&user);
1167 SAFEPRINTF2(str,"Purged %s #%u",user.alias,usernumber);
1168 logentry("!*",str);
1169 delallmail(usernumber, MAIL_ANY);
1170 putusername(&cfg,usernumber,nulstr);
1171 putusermisc(usernumber, user.misc | DELETED);

** CID 516407: Error handling issues (CHECKED_RETURN)
/websrvr.c: 2037 in check_ars()


________________________________________________________________________________________________________
*** CID 516407: Error handling issues (CHECKED_RETURN)
/websrvr.c: 2037 in check_ars()
2031 else
2032 lprintf(LOG_NOTICE,"%04d !UNKNOWN USER: '%s'" 2033 ,session->socket,session->req.auth.username);
2034 return(false);
2035 }
2036 thisuser.number=i;

CID 516407: Error handling issues (CHECKED_RETURN)
Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).

2037 getuserdat(&scfg, &thisuser);
2038 switch(session->req.auth.type) {
2039 case AUTHENTICATION_TLS_PSK:
2040 if((auth_allowed & (1<<AUTHENTICATION_TLS_PSK))==0)
2041 return(false);
2042 if(session->last_user_num!=0) {


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DQyWe_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZaRdcpKH1DbVbWKil-2BYXbuPo6Nlz2IWCRH2bHbIl-2BZWutyiZLTcraL5FS1iiZSM0cIaa70yw-2BvQnYvTFtY90cnRY6AunfTZ3TOchBhkmrNG5r6R9YGJilsgu5Suh4msrRA-2BqV-2BHoo-2B29c88W6IVBSZdgQoHyw-2Bn9zmKTgeEHvaqQ-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 516431: Incorrect expression (EVALUATION_ORDER)
/scfg/scfgsys.c: 1740 in sys_cfg()


________________________________________________________________________________________________________
*** CID 516431: Incorrect expression (EVALUATION_ORDER)
/scfg/scfgsys.c: 1740 in sys_cfg()
1734 char sys_pass[sizeof(cfg.sys_pass)];
1735 SAFECOPY(sys_pass, cfg.sys_pass);
1736 while(1) {
1737 i=0;
1738 snprintf(opt[i++],MAX_OPLN,"%-20s%s","BBS Name",cfg.sys_name);
1739 snprintf(opt[i++],MAX_OPLN,"%-20s%s","Location",cfg.sys_location);

CID 516431: Incorrect expression (EVALUATION_ORDER)
In argument #6 of "safe_snprintf(opt[i++], 75UL, "%-20s%s%s %s", "Local Time Zone", ((cfg.sys_timezone == -1) ? "Auto: " : ""), smb_zonestr(sys_timezone(&cfg), NULL), ((!(cfg.sys_timezone <= 1000 && cfg.sys_timezone >= -1000) && (cfg.sys_timezone & 0xc000 || cfg.sys_timezone == 4096 || cfg.sys_timezone == 4156 || cfg.sys_timezone == 4216 || cfg.sys_timezone == 4816 || cfg.sys_timezone == 4696 || cfg.sys_timezone == 4666) && cfg.sys_misc & 0x4000U) ? "(Auto-DST)" : ""))", a call is made to "sys_timezone(&cfg)". In argument #1 of this function, the object "cfg.sys_timezone" is modified. This object is also used in "(cfg.sys_timezone == -1) ? "Auto: " : """, the argument #5 of the outer function call. The order in which these arguments are evaluated is not specified, and will vary between platforms.

1740 snprintf(opt[i++],MAX_OPLN,"%-20s%s%s %s","Local Time Zone"
1741 ,cfg.sys_timezone == SYS_TIMEZONE_AUTO ? "Auto: " : ""
1742 ,smb_zonestr(sys_timezone(&cfg),NULL)
1743 ,SMB_TZ_HAS_DST(cfg.sys_timezone) && cfg.sys_misc&SM_AUTO_DST ? "(Auto-DST)" : "");
1744 snprintf(opt[i++],MAX_OPLN,"%-20s%s (e.g. %s)","Short Date Format"
1745 ,date_format(&cfg, str, sizeof str)


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Du0AK_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZX-2BkC2-2BAZJhPPYfXPDeIQ-2B4YvLEfkbd-2Bd6D-2Bq6Hgb3A8yT9nXPdJTazBcJukBEh03pJKxvVooRsB2exFituB7-2FZiW-2B-2FFf3SbStI-2Fat2UXSZKXBODkmruS46NddedKGixq1GgfIg-2BgPQfkssXqpoMR-2BzxwZcTjLKvzCO0Vk2ny9Gw-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

3 new defect(s) introduced to Synchronet found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 516448: High impact quality (Y2K38_SAFETY)
/js_msgbase.c: 1441 in js_get_msg_header_resolve()


________________________________________________________________________________________________________
*** CID 516448: High impact quality (Y2K38_SAFETY)
/js_msgbase.c: 1441 in js_get_msg_header_resolve()
1435 /* Fixed length portion of msg header */
1436 LAZY_UINTEGER("type", p->msg.hdr.type, JSPROP_ENUMERATE);
1437 LAZY_UINTEGER("version", p->msg.hdr.version, JSPROP_ENUMERATE); 1438 LAZY_UINTEGER("attr", p->msg.hdr.attr, JSPROP_ENUMERATE);
1439 LAZY_UINTEGER("auxattr", p->msg.hdr.auxattr, JSPROP_ENUMERATE); 1440 LAZY_UINTEGER("netattr", p->msg.hdr.netattr, JSPROP_ENUMERATE); >>> CID 516448: High impact quality (Y2K38_SAFETY)

A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(p->msg.hdr.when_written)" is cast to "uint32".

1441 LAZY_UINTEGER("when_written_time", smb_time(p->msg.hdr.when_written), JSPROP_ENUMERATE);
1442 LAZY_INTEGER("when_written_zone", p->msg.hdr.when_written.zone, JSPROP_ENUMERATE);
1443 LAZY_INTEGER("when_written_zone_offset", smb_tzutc(p->msg.hdr.when_written.zone), JSPROP_ENUMERATE|JSPROP_READONLY);
1444 LAZY_UINTEGER("when_imported_time", p->msg.hdr.when_imported.time, JSPROP_ENUMERATE);
1445 LAZY_INTEGER("when_imported_zone", p->msg.hdr.when_imported.zone, JSPROP_ENUMERATE);
1446 LAZY_INTEGER("when_imported_zone_offset", smb_tzutc(p->msg.hdr.when_imported.zone), JSPROP_ENUMERATE|JSPROP_READONLY);

** CID 516447: High impact quality (Y2K38_SAFETY)
/postmsg.cpp: 625 in votemsg()


________________________________________________________________________________________________________
*** CID 516447: High impact quality (Y2K38_SAFETY)
/postmsg.cpp: 625 in votemsg()
619 }
620 answers++;
621 }
622 }
623 }
624 safe_snprintf(smsg, sizeof(smsg), smsgfmt

CID 516447: High impact quality (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg->hdr.when_written)" is cast to "time32_t".

625 ,timestr(cfg, (time32_t)smb_time(msg->hdr.when_written), tstr)
626 ,cfg->grp[cfg->sub[smb->subnum]->grp]->sname
627 ,cfg->sub[smb->subnum]->sname
628 ,from
629 ,remsg.subj);
630 SAFECAT(smsg, votes);

** CID 516446: (Y2K38_SAFETY)
/qwknodes.c: 366 in main()
/qwknodes.c: 392 in main()
/qwknodes.c: 361 in main()
/qwknodes.c: 384 in main()
/qwknodes.c: 333 in main()
/qwknodes.c: 343 in main()


________________________________________________________________________________________________________
*** CID 516446: (Y2K38_SAFETY)
/qwknodes.c: 366 in main()
360 ,msg.from,p+1
361 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
362 ,str); 363 else
364 fprintf(users,"%-25.25s %-8.8s %s\r\n"
365 ,msg.from,str

CID 516446: (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".

366 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp));
367 }
368 if(cmd&NODES && msg.from_net.type==NET_QWK) {
369 if(mode&TAGS)
370 gettag(&msg,tag);
371 if(mode&FEED) /qwknodes.c: 392 in main()
386 }
387 else
388 fprintf(nodes,"%-8.8s %s\r\n"
389 ,str 390 ,mode&TAGS
391 ? tag >>> CID 516446: (Y2K38_SAFETY)

A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".

392 : unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp));
393 }
394 }
395 }
396 smb_freemsgmem(&msg);
397 }
/qwknodes.c: 361 in main()
355 else
356 strcpy(str,msg.from_net.addr);
357 p=strrchr(str,'/');
358 if(p)
359 fprintf(users,"%-25.25s %-8.8s %s (%s)\r\n"
360 ,msg.from,p+1

CID 516446: (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".

361 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
362 ,str); 363 else
364 fprintf(users,"%-25.25s %-8.8s %s\r\n"
365 ,msg.from,str
366 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp));
/qwknodes.c: 384 in main()
378 fprintf(nodes,"%-8.8s %s\r\n"
379 ,p+1
380 ,tag);
381 else
382 fprintf(nodes,"%-8.8s %s (%s)\r\n"
383 ,p+1

CID 516446: (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".

384 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
385 ,str);
386 }
387 else
388 fprintf(nodes,"%-8.8s %s\r\n"
389 ,str /qwknodes.c: 333 in main()
327 p=strrchr(addr,'/');
328 if(!p)
329 p=addr; 330 else
331 *(p++)=0;
332 safe_snprintf(str, sizeof(str), "%s %s:%s%c%s"

CID 516446: (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".

333 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
334 ,p,cfg.sys_id,p==addr ? 0 : '/'
335 ,addr); 336 fprintf(route,"%s\r\n",str);
337 }
338 else {
/qwknodes.c: 343 in main()
337 }
338 else {
339 p=strrchr(addr,'/');
340 if(p) {
341 *(p++)=0;
342 fprintf(route,"%s %s:%.*s\r\n"

CID 516446: (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".

343 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),str)
344 ,p
345 ,(uint)(p-addr)
346 ,addr); 347 }
348 }


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DNGSj_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYgWGJ9BYEIxvdbhMAIayAni-2FuUZOlays8-2BQNW1Qj2YoLcEBScLdhHrJ52SvmolJ5itsnLRiKIwdue9DQ-2F9PO-2FUFGY-2Fa0jLnspeSlF2FiQB80TbxuUTyDk42cNSQCBuIqgPC4jh5ZIq8dm-2B49xrAWdl9U3UIFg1xXJFs0kJktVUnA-3D-3D



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net