• New Defects reported by Coverity Scan for Synchronet

    From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thu Aug 8 17:40:34 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 508260: Null pointer dereferences (FORWARD_NULL)


    ________________________________________________________________________________________________________
    *** CID 508260: Null pointer dereferences (FORWARD_NULL)
    /js_msgbase.c: 950 in parse_header_object()
    944 msg->hdr.priority=i32;
    945 }
    946
    947 if(JS_GetProperty(cx, hdr, "field_list", &val) && JSVAL_IS_OBJECT(val)) {
    948 array=JSVAL_TO_OBJECT(val);
    949 len=0;
    CID 508260: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "array" to "JS_GetArrayLength", which dereferences it.
    950 if(array == NULL && !JS_GetArrayLength(cx, array, &len)) {
    951 JS_ReportError(cx, "Invalid \"field_list\" array in header object");
    952 goto err;
    953 }
    954
    955 for(i=0;i<len;i++) {

    ** CID 508259: Control flow issues (DEADCODE)
    /js_internal.c: 491 in js_execfile()


    ________________________________________________________________________________________________________
    *** CID 508259: Control flow issues (DEADCODE)
    /js_internal.c: 491 in js_execfile()
    485 else {
    486 JS_ReportError(cx, "Unable to get parent js."JAVASCRIPT_LOAD_PATH_LIST" array.");
    487 return JS_FALSE;
    488 }
    489 }
    490 else {
    CID 508259: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "JS_ReportError(cx, "Unable ...".
    491 JS_ReportError(cx, "Unable to get parent js object"); 492 return JS_FALSE;
    493 }
    494
    495 js_script=JS_CompileFile(cx, js_scope, path);
    496


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D20ER_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZSUgE3dQnVG6wGylJBHlsQHMU-2FeSvlPG-2BveassRKfh2KZ3KQqZYMDLXz99-2FrWMwJQ1T1J2N-2BE4YP3SycyU5tkbW6rwM2zqlUIvWZrfgy3l7iQ0Im12Z6xa2F5EX6ZCGf29mh7eZnuIJTmQCiel8IOekKUKQgh0LXaZSb3gnPQHBw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sat Aug 10 17:40:35 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    6 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 6 of 6 defect(s)


    ** CID 508288: (STRING_NULL)
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()


    ________________________________________________________________________________________________________
    *** CID 508288: (STRING_NULL)
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
    381 l=K_CHAT;
    382 if(!(mode&TG_ECHO))
    383 l|=K_NOECHO;
    384 rd=getstr((char*)buf,sizeof(buf)-1,l);
    385 if(!rd)
    386 continue;
    CID 508288: (STRING_NULL)
    Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
    387 SAFECAT(buf,crlf);
    388 rd+=2;
    389 gotline=true;
    390 }
    391 if((mode&TG_CRLF) && buf[rd-1]=='\r') 392 buf[rd++]='\n';
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
    381 l=K_CHAT;
    382 if(!(mode&TG_ECHO))
    383 l|=K_NOECHO;
    384 rd=getstr((char*)buf,sizeof(buf)-1,l);
    385 if(!rd)
    386 continue;
    CID 508288: (STRING_NULL)
    Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
    387 SAFECAT(buf,crlf);
    388 rd+=2;
    389 gotline=true;
    390 }
    391 if((mode&TG_CRLF) && buf[rd-1]=='\r') 392 buf[rd++]='\n';

    ** CID 508287: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508287: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508287: Resource leaks (RESOURCE_LEAK)
    Variable "server_user_name" going out of scope leaks the storage it points to.
    3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }

    ** CID 508286: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508286: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508286: Resource leaks (RESOURCE_LEAK)
    Variable "addr" going out of scope leaks the storage it points to.
    3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }

    ** CID 508285: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508285: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508285: Resource leaks (RESOURCE_LEAK)
    Variable "term_type" going out of scope leaks the storage it points to. 3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }

    ** CID 508284: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3041 in js_telnet_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508284: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3041 in js_telnet_gate(JSContext *, unsigned int, unsigned long *)()
    3035 size_t tmplen = 0;
    3036 for(jsuint i = 0; i < count; ++i) {
    3037 jsval val;
    3038 if(!JS_GetElement(cx, array, i, &val)) 3039 break;
    3040 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508284: Resource leaks (RESOURCE_LEAK)
    Variable "addr" going out of scope leaks the storage it points to.
    3041 HANDLE_PENDING(cx, tmp);
    3042 strListPush(&send_strings, tmp);
    3043 }
    3044 free(tmp);
    3045 ++argn;
    3046 }

    ** CID 508283: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508283: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508283: Resource leaks (RESOURCE_LEAK)
    Variable "client_user_name" going out of scope leaks the storage it points to.
    3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Dbu0M_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZNG0uf3i6p71oTc15oH-2BfpO28bQfsz9QVBH3Gtyw7JI9gEMaDnmdnDolPrFN6u9WaZmPVFWjRjCPjNCgu0p853ViRUnY3jw7qF-2FmF-2FRD-2BDN3Me1aa8H00Bk6GPSZ1Hw1-2FmiCWeADspXOcpcxao-2F3gS8JgnOAEga0TIePnt023yjQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sat Sep 14 12:40:31 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    5 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 5 of 5 defect(s)


    ** CID 509555: Null pointer dereferences (FORWARD_NULL)
    /js_filebase.c: 1307 in js_update_file()


    ________________________________________________________________________________________________________
    *** CID 509555: Null pointer dereferences (FORWARD_NULL)
    /js_filebase.c: 1307 in js_update_file()
    1301 char* extdesc = NULL;
    1302 char* auxdata = NULL;
    1303 rc=JS_SUSPENDREQUEST(cx);
    1304 if(filename != NULL && fileobj != NULL
    1305 && (p->smb_result = smb_loadfile(&p->smb, filename, &file, file_detail_extdesc)) == SMB_SUCCESS) {
    1306 p->smb_result = parse_file_properties(cx, fileobj, &file, &extdesc, &auxdata);
    CID 509555: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "file.name" to "strcmp", which dereferences it. 1307 if(p->smb_result == SMB_SUCCESS
    1308 && strcmp(filename, file.name) != 0 && smb_findfile(&p->smb, file.name, NULL) == SMB_SUCCESS) {
    1309 JS_ReportError(cx, "file (%s) already exists in base", file.name);
    1310 p->smb_result = SMB_DUPE_MSG;
    1311 }
    1312 if(p->smb_result == SMB_SUCCESS

    ** CID 509554: Memory - illegal accesses (STRING_NULL)
    /smbutil.c: 633 in dumpindex()


    ________________________________________________________________________________________________________
    *** CID 509554: Memory - illegal accesses (STRING_NULL)
    /smbutil.c: 633 in dumpindex()
    627 ,xpDate_to_isoDateStr(time_to_xpDate(idx.time), "-", tmp, sizeof(tmp)));
    628 if(smb_msg_type(idx.attr) == SMB_MSG_TYPE_FILE && idxreclen == sizeof(fileidxrec_t)) {
    629 fileidxrec_t fidx;
    630 fseek(smb.sid_fp,((start-1L) + l) * idxreclen,SEEK_SET);
    631 if(!fread(&fidx,sizeof(fidx),1,smb.sid_fp))
    632 break;
    CID 509554: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "fidx.name" to "printf", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
    633 printf(" %02X %.*s", fidx.hash.flags, (int)sizeof(fidx.name), fidx.name);
    634 }
    635 printf("\n");
    636 l++;
    637 }
    638 }

    ** CID 509553: Control flow issues (NESTING_INDENT_MISMATCH)
    /js_filebase.c: 1335 in js_update_file()


    ________________________________________________________________________________________________________
    *** CID 509553: Control flow issues (NESTING_INDENT_MISMATCH)
    /js_filebase.c: 1335 in js_update_file()
    1329 } else {
    1330 if(file.extdesc != NULL)
    1331 truncsp(file.extdesc);
    1332 if(!readd_always && strcmp(extdesc ? extdesc : "", file.extdesc ? file.extdesc : "") == 0
    1333 && strcmp(auxdata ? auxdata : "", file.auxdata ? file.auxdata : "") == 0)
    1334 p->smb_result = smb_putfile(&p->smb, &file);
    CID 509553: Control flow issues (NESTING_INDENT_MISMATCH)
    This 'if' statement is indented to column 41, as if it were nested within the preceding parent statement, but it is not.
    1335 if(p->smb_result != SMB_SUCCESS)
    1336 JS_ReportError(cx, "%d writing '%s'", p->smb_result, file.name);
    1337 else {
    1338 if((p->smb_result = smb_removefile_by_name(&p->smb, filename)) == SMB_SUCCESS) {
    1339 if(readd_always)
    1340 file.hdr.when_imported.time = 0; // we want the file to appear as "new"

    ** CID 509552: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 244 in smb_findfile()


    ________________________________________________________________________________________________________
    *** CID 509552: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 244 in smb_findfile()
    238 if(smb_fread(smb, &fidx, sizeof(fidx), smb->sid_fp) != sizeof(fidx))
    239 break;
    240
    241 f->idx_offset = offset++;
    242
    243 if(filename != NULL) {
    CID 509552: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "fidx.name" to "strcasecmp", which expects a null-terminated string.
    244 if(stricmp(fidx.name, fname) != 0)
    245 continue;
    246 f->file_idx = fidx;
    247 return SMB_SUCCESS;
    248 }
    249

    ** CID 509551: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 441 in smb_removefile()


    ________________________________________________________________________________________________________
    *** CID 509551: Memory - illegal accesses (STRING_NULL) /tmp/sbbs-Sep-14-2024/src/smblib/smbfile.c: 441 in smb_removefile()
    435 free(fidx);
    436 smb_unlocksmbhdr(smb);
    437 return SMB_ERR_READ;
    438 }
    439 rewind(smb->sid_fp);
    440 for(uint32_t i = 0; i < smb->status.total_files; i++) { >>> CID 509551: Memory - illegal accesses (STRING_NULL)
    Passing unterminated string "fidx[i].name" to "strcasecmp", which expects a null-terminated string.
    441 if(stricmp(fidx[i].name, fname) == 0) {
    442 removed++;
    443 continue;
    444 }
    445 if(fwrite(fidx + i, sizeof(*fidx), 1, smb->sid_fp) != 1) {
    446 safe_snprintf(smb->last_error, sizeof(smb->last_error), "%s re-writing index"


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DpoPN_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZXJOgCi8IFr2wp43pRrORx9tzLYjX2Y-2FSYnzacVgdrC5ToyfEd02kRU0czfft4zgHvFTf4l2icBGvZtBDP8972Z-2BLrNSb7QqVDHjYiK23CNzZR9MLbzXh1WOITpsswqNS5z337vFuU-2BJOMvO3veuWFvtJ3Xwk9mN-2FsudyolEK5nw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sun Sep 22 12:43:45 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    17 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 509721: Resource leaks (RESOURCE_LEAK)
    /scfg/scfgmsg.c: 139 in import_msg_areas()


    ________________________________________________________________________________________________________
    *** CID 509721: Resource leaks (RESOURCE_LEAK)
    /scfg/scfgmsg.c: 139 in import_msg_areas()
    133 new_sub_misc = SUB_FIDO;
    134 ini = iniReadFile(stream);
    135 if(ini == NULL)
    136 return 0;
    137 list = iniGetSectionList(ini, /* prefix: */NULL);
    138 if(list == NULL)
    CID 509721: Resource leaks (RESOURCE_LEAK)
    Variable "ini" going out of scope leaks the storage it points to.
    139 return 0;
    140 break;
    141 default: // EchoLists (e.g. BACKBONE.NA, badareas.lst) and AREAS.BBS
    142 new_sub_misc = SUB_FIDO;
    143 break;
    144 }

    ** CID 509720: (RESOURCE_LEAK)
    /logon.cpp: 670 in sbbs_t::logonstats()()
    /logon.cpp: 676 in sbbs_t::logonstats()()
    /logon.cpp: 649 in sbbs_t::logonstats()()
    /logon.cpp: 673 in sbbs_t::logonstats()()
    /logon.cpp: 682 in sbbs_t::logonstats()()


    ________________________________________________________________________________________________________
    *** CID 509720: (RESOURCE_LEAK)
    /logon.cpp: 670 in sbbs_t::logonstats()()
    664 }
    665 fclose_dstats(dsts);
    666 }
    667 }
    668
    669 if(cfg.node_num==0) /* called from event_thread() */
    CID 509720: (RESOURCE_LEAK)
    Variable "csts" going out of scope leaks the storage it points to.
    670 return(0);
    671
    672 if(thisnode.status==NODE_QUIET) /* Quiet users aren't counted */
    673 return(0);
    674
    675 if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
    /logon.cpp: 676 in sbbs_t::logonstats()()
    670 return(0);
    671
    672 if(thisnode.status==NODE_QUIET) /* Quiet users aren't counted */
    673 return(0);
    674
    675 if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
    CID 509720: (RESOURCE_LEAK)
    Variable "csts" going out of scope leaks the storage it points to.
    676 return(0);
    677
    678 for(i=0;i<2;i++) {
    679 FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */TRUE);
    680 if(fp == NULL) {
    681 errormsg(WHERE, ERR_OPEN, "dsts.ini", i); /logon.cpp: 649 in sbbs_t::logonstats()()
    643 node.misc|=NODE_EVENT;
    644 putnodedat(i,&node);
    645 }
    646 if((dsts = fopen_dstats(&cfg, i, /* for_write: */TRUE)) == NULL) /* doesn't have stats yet */
    647 continue;
    648
    CID 509720: (RESOURCE_LEAK)
    Overwriting "csts" in "csts = fopen_cstats(&this->cfg, i, true)" leaks the storage that "csts" points to.
    649 if((csts = fopen_cstats(&cfg, i, /* for_write: */TRUE)) == NULL) {
    650 fclose_dstats(dsts);
    651 errormsg(WHERE, ERR_OPEN, "csts.tab", i);
    652 continue;
    653 }
    654
    /logon.cpp: 673 in sbbs_t::logonstats()()
    667 }
    668
    669 if(cfg.node_num==0) /* called from event_thread() */
    670 return(0);
    671
    672 if(thisnode.status==NODE_QUIET) /* Quiet users aren't counted */
    CID 509720: (RESOURCE_LEAK)
    Variable "csts" going out of scope leaks the storage it points to.
    673 return(0);
    674
    675 if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
    676 return(0);
    677
    678 for(i=0;i<2;i++) {
    /logon.cpp: 682 in sbbs_t::logonstats()()
    676 return(0);
    677
    678 for(i=0;i<2;i++) {
    679 FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */TRUE);
    680 if(fp == NULL) {
    681 errormsg(WHERE, ERR_OPEN, "dsts.ini", i);
    CID 509720: (RESOURCE_LEAK)
    Variable "csts" going out of scope leaks the storage it points to.
    682 return(0L);
    683 }
    684 if(!fread_dstats(fp, &stats)) {
    685 errormsg(WHERE, ERR_READ, "dsts.ini", i);
    686 } else {
    687 stats.today.logons++;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D1BBg_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYPIsZP1mUIcYDXV-2BIKqJmrVInqiYU6VTjqKrshCKgIaqKtr35-2BruWgG1P-2Bg0yB-2BuAgsL8JZmDQBzw15bXNroJeqqVZoqg0VkgzqvypQVJBEoWQ3SQD0dE3jrBkw3Qa7Rc5CMTgkEjMauyB8RHdROWl9YGmjuyI0AjbW-2Fmd2yoJLA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sat Oct 12 12:41:05 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 510624: High impact quality (Y2K38_SAFETY)
    /upload.cpp: 361 in sbbs_t::upload(int, const char *)()


    ________________________________________________________________________________________________________
    *** CID 510624: High impact quality (Y2K38_SAFETY)
    /upload.cpp: 361 in sbbs_t::upload(int, const char *)()
    355 SAFEPRINTF(descbeg,text[Rated],toupper(ch));
    356 }
    357 if(cfg.dir[dirnum]->misc&DIR_ULDATE) {
    358 now=time(NULL);
    359 if(descbeg[0])
    360 strcat(descbeg," ");
    CID 510624: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "this->now" is cast to "time32_t".
    361 SAFEPRINTF(str,"%s ",unixtodstr(&cfg,(time32_t)now,tmp));
    362 strcat(descbeg,str);
    363 }
    364 if(cfg.dir[dirnum]->misc&DIR_MULT) {
    365 sync();
    366 if(!noyes(text[MultipleDiskQ])) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIddI_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYB81ZvyCqI0cAJ-2FU5ubhxKf4JbTpohfwGahN-2FqiJqEJS3JKhfKJrRClFb390j-2Bf3IyHjOgp4TSp0v4WjJhOyS2xAdq9DkOONT15FqaUuN3dwPvrgxJQAm5MhfGSzyQr2ebowkrz6Mx39u7LNSgoa0vxPkqTzBlpznq59pGc5zgjQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Mon Oct 28 12:49:24 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 511447: Control flow issues (DEADCODE)
    /js_bbs.cpp: 2334 in js_xfer_prot_menu(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 511447: Control flow issues (DEADCODE)
    /js_bbs.cpp: 2334 in js_xfer_prot_menu(JSContext *, unsigned int, unsigned long *)()
    2328 if((sbbs=js_GetPrivate(cx, JS_THIS_OBJECT(cx, arglist)))==NULL) 2329 return(JS_FALSE);
    2330
    2331 if(argc > 0 && argv[0] == JSVAL_TRUE)
    2332 xfer_type = XFER_BATCH_UPLOAD;
    2333 if(argc > 1 && argv[1] == JSVAL_TRUE)
    CID 511447: Control flow issues (DEADCODE)
    Execution cannot reach the expression "XFER_BATCH_UPLOAD" inside this statement: "xfer_type = ((xfer_type == ...".
    2334 xfer_type = (xfer_type == XFER_UPLOAD) ? XFER_BATCH_UPLOAD : XFER_BATCH_DOWNLOAD;
    2335
    2336 rc=JS_SUSPENDREQUEST(cx);
    2337 sbbs->xfer_prot_menu(xfer_type, &sbbs->useron, keys, sizeof keys);
    2338 JSString* js_str = JS_NewStringCopyZ(cx, keys);
    2339 if(js_str == nullptr)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DITFI_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQaq5jE-2BLt6d0xDUmd9IA4TiFW4D2c-2Fv2LVaAIklYCEHPyQvUq2Zlw7GDvJu3j8LRmS7SAP5K0MN-2FeHPuzVDlzgYGLGR7UoaRyivmdwaD-2F8GGj2SeuFl5CNmO4uJ75M69NpIJcEgiKbpoWpXeuJdzQYzNm1WuI45zNZnbxNBPzaHrg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tue Oct 29 12:40:42 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 511508: High impact quality (Y2K38_SAFETY)
    /date_str.c: 158 in datestr()


    ________________________________________________________________________________________________________
    *** CID 511508: High impact quality (Y2K38_SAFETY)
    /date_str.c: 158 in datestr()
    152 /****************************************************************************/
    153 char* datestr(scfg_t* cfg, time_t t, char* str)
    154 {
    155 if(t == 0)
    156 return "---------";
    157 if(!cfg->sys_date_verbal)
    CID 511508: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    158 return unixtodstr(cfg, (time32_t)t, str);
    159 struct tm tm = {0};
    160 if(localtime_r(&t, &tm) == NULL)
    161 return "!!!!!!!!!";
    162 char fmt[32] = "";
    163 switch(cfg->sys_date_fmt) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DeIbg_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZqqLX5nOyr0GCOMCsCoPlrYhtCBBDisrUKXmOFR94rfPCeqYsaUhoG3UZ-2FYUaiUYrgUIufMTzxsRzH7-2B7zAyM4HCi34k5-2FbdZ1Kp-2FDSG9A8IDyw-2BIsKQ-2B2fNzoCls7j0N-2B7Pb2XI8MB8f5lr-2BCPTiUaqWkDFwSWHqbm0IZWY1GZQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wed Oct 30 12:41:22 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 511621: High impact quality (Y2K38_SAFETY)
    /str.cpp: 990 in sbbs_t::unixtodstr(long, char *)()


    ________________________________________________________________________________________________________
    *** CID 511621: High impact quality (Y2K38_SAFETY)
    /str.cpp: 990 in sbbs_t::unixtodstr(long, char *)()
    984 }
    985
    986 char* sbbs_t::unixtodstr(time_t t, char* str)
    987 {
    988 if(str == nullptr)
    989 str = datestr_output;
    CID 511621: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    990 return ::unixtodstr(&cfg, t, str);
    991 }
    992
    993 void sbbs_t::sys_info()
    994 {
    995 char tmp[128];


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DFl35_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbldReasLeT64fJgl4QpY1aZbFANNQbDPFr-2BH2HYcH1IWW1-2FtRGPtb0gVjSH-2BBqjWAK7btzMhM331mrzEXRNmqAyTftaCh3YDujP4YB-2F7PQ4EGqELNq7SpMqQKEr5kiHI5KwG1KMczjzMucZ1MepWUctNMP3lW0eqjsOrH2fBSzrg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sat Nov 2 12:39:34 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 512127: (Y2K38_SAFETY)
    /scfg/scfgsys.c: 1367 in edit_sys_date_verbal()
    /scfg/scfgsys.c: 1368 in edit_sys_date_verbal()


    ________________________________________________________________________________________________________
    *** CID 512127: (Y2K38_SAFETY)
    /scfg/scfgsys.c: 1367 in edit_sys_date_verbal()
    1361
    1362 int edit_sys_date_verbal(int page, int total)
    1363 {
    1364 int mode = WIN_SAV | WIN_MID;
    1365 int i = cfg.sys_date_verbal;
    1366 time_t t = time(NULL);
    CID 512127: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    1367 snprintf(opt[0],MAX_OPLN,"Numeric (e.g. %s)", unixtodstr(&cfg, (time32_t)t, tmp));
    1368 snprintf(opt[1],MAX_OPLN,"Verbal (e.g. %s)", verbal_datestr(&cfg, (time32_t)t, tmp));
    1369 opt[2][0] = '\0';
    1370 uifc.helpbuf=
    1371 "`Short Date Display Format:`\n"
    1372 "\n"
    /scfg/scfgsys.c: 1368 in edit_sys_date_verbal()
    1362 int edit_sys_date_verbal(int page, int total)
    1363 {
    1364 int mode = WIN_SAV | WIN_MID;
    1365 int i = cfg.sys_date_verbal;
    1366 time_t t = time(NULL);
    1367 snprintf(opt[0],MAX_OPLN,"Numeric (e.g. %s)", unixtodstr(&cfg, (time32_t)t, tmp));
    CID 512127: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "t" is cast to "time32_t".
    1368 snprintf(opt[1],MAX_OPLN,"Verbal (e.g. %s)", verbal_datestr(&cfg, (time32_t)t, tmp));
    1369 opt[2][0] = '\0';
    1370 uifc.helpbuf=
    1371 "`Short Date Display Format:`\n"
    1372 "\n"
    1373 "If you would like short (8 character) dates to be displayed using verbal\n"


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIT5o_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQavH6tAPUwXIDKUPRKBZGiRgKLj76Ij0uFpD4UCNwTCVen1QmVBk6yGbzTBSC2-2BxBE0GJfAoW-2B-2BWaxWl51M-2B9mp1hicInwTEKrQ8chQM9yGDR81PWtwXM-2Bq2j5YCl48NKAoGGKYo0R42EciGZugnM0LqGuohrShDzTlibesBwTavw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sun Nov 3 13:41:00 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 514434: (NULL_RETURNS)
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 1001 in prestel_get_state()


    ________________________________________________________________________________________________________
    *** CID 514434: (NULL_RETURNS)
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 1001 in prestel_get_state()
    995 TERM_XY(&tx, &ty);
    996 line = malloc(sizeof(*line) * tx);
    997 prestel_new_line(cterm);
    998 if (tx > 1) {
    999 vmem_gettext(cterm->x, sy, cterm->x + tx - 2, sy, line);
    1000 for (int i = 0; i < (tx - 1); i++) {
    CID 514434: (NULL_RETURNS)
    Dereferencing "line", which is known to be "NULL".
    1001 uint8_t ch = line[i].ch;
    1002 if (line[i].fg & 0x7F000000) {
    1003 ch = (line[i].fg & 0x7F000000) >> 24; 1004 prestel_apply_ctrl(cterm, ch);
    1005 }
    1006 else {
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 999 in prestel_get_state()
    993
    994 SCR_XY(&sx, &sy);
    995 TERM_XY(&tx, &ty);
    996 line = malloc(sizeof(*line) * tx);
    997 prestel_new_line(cterm);
    998 if (tx > 1) {
    CID 514434: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_gettext".
    999 vmem_gettext(cterm->x, sy, cterm->x + tx - 2, sy, line);
    1000 for (int i = 0; i < (tx - 1); i++) {
    1001 uint8_t ch = line[i].ch;
    1002 if (line[i].fg & 0x7F000000) {
    1003 ch = (line[i].fg & 0x7F000000) >> 24; 1004 prestel_apply_ctrl(cterm, ch);

    ** CID 514433: (NULL_RETURNS)
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4990 in prestel_fix_line()


    ________________________________________________________________________________________________________
    *** CID 514433: (NULL_RETURNS)
    /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4985 in prestel_fix_line()
    4979 bool fixed = false;
    4980 bool fixedheight = false;
    4981
    4982 coord_conv_xy(cterm, CTERM_COORD_TERM, CTERM_COORD_SCREEN, &sy, &sx);
    4983 ex = sx + TERM_MAXX - 1;
    4984 line = malloc(sizeof(*line) * (ex - sx + 1));
    CID 514433: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_gettext".
    4985 vmem_gettext(sx, sy, ex, sy, line);
    4986 prestel_new_line(cterm);
    4987 for (int i = 0; i < TERM_MAXX; i++) {
    4988 uint8_t ch;
    4989 // Go through the line applying attributes, held mosaics, etc.
    4990 if (line[i].fg & 0x7F000000) { /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 5098 in prestel_fix_line()
    5092 line[i].ch += 64;
    5093 fixed = true;
    5094 }
    5095 }
    5096 }
    5097 if (force || fixed)
    CID 514433: (NULL_RETURNS)
    Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_puttext".
    5098 vmem_puttext(sx, sy, ex, sy, line);
    5099 free(line);
    5100 if (restore) {
    5101 cterm->extattr = extattr;
    5102 cterm->fg_color = fg_color;
    5103 cterm->bg_color = bg_color; /tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4990 in prestel_fix_line()
    4984 line = malloc(sizeof(*line) * (ex - sx + 1));
    4985 vmem_gettext(sx, sy, ex, sy, line);
    4986 prestel_new_line(cterm);
    4987 for (int i = 0; i < TERM_MAXX; i++) {
    4988 uint8_t ch;
    4989 // Go through the line applying attributes, held mosaics, etc.
    CID 514433: (NULL_RETURNS)
    Dereferencing "line", which is known to be "NULL".
    4990 if (line[i].fg & 0x7F000000) {
    4991 // This is a control character
    4992 ch = (line[i].fg & 0x7F000000) >> 24;
    4993 prestel_apply_ctrl_before(cterm, ch);
    4994 if ((cterm->extattr & CTERM_EXTATTR_PRESTEL_DOUBLE_HEIGHT) && ((line[i].bg & 0x01000000) == 0)) {
    4995 // Should be double-high


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIdOQ_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbN8RSzLdCZbSy14N5iWP9J-2FcpNjQ0eI2Oj6rPhHqZBQZA4UM9PchXs94tTdeyxdvCkcPzkWohEpzrEBvlrnd6-2FTfmIpMAsE2mi-2BdkX8vzesYff-2FsK9jSFcjEXcYS-2Fxznm-2FxoYdKxCkLPJPKyAUp9zwS3A1OhpfjMprQ34Tb-2BWdhw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Mon Nov 4 13:40:33 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 514483: API usage errors (PRINTF_ARGS)


    ________________________________________________________________________________________________________
    *** CID 514483: API usage errors (PRINTF_ARGS)
    /websrvr.c: 1659 in http_logon()
    1653 SAFECOPY(session->user.modem, session->client.protocol);
    1654 SAFECOPY(session->user.comp, session->host_name);
    1655 SAFECOPY(session->user.ipaddr, session->host_ip);
    1656 session->user.logontime = (time32_t)session->logon_time;
    1657 int result = putuserdat(&scfg, &session->user);
    1658 if(result != 0)
    CID 514483: API usage errors (PRINTF_ARGS)
    No argument for format specifier "%d".
    1659 lprintf(LOG_ERR, "%04d %s [%s] <%s> !Error %d writing user data for user #%d"
    1660 ,session->socket, session->client.protocol, session->host_ip
    1661 ,session->username, session->user.number);
    1662
    1663 }
    1664 SAFECOPY(session->client.user, session->username);

    ** CID 514482: API usage errors (PW.TOO_FEW_PRINTF_ARGS)
    /websrvr.c: 1661 in ()


    ________________________________________________________________________________________________________
    *** CID 514482: API usage errors (PW.TOO_FEW_PRINTF_ARGS)
    /websrvr.c: 1661 in ()
    1655 SAFECOPY(session->user.ipaddr, session->host_ip);
    1656 session->user.logontime = (time32_t)session->logon_time;
    1657 int result = putuserdat(&scfg, &session->user);
    1658 if(result != 0)
    1659 lprintf(LOG_ERR, "%04d %s [%s] <%s> !Error %d writing user data for user #%d"
    1660 ,session->socket, session->client.protocol, session->host_ip
    CID 514482: API usage errors (PW.TOO_FEW_PRINTF_ARGS)
    the format string requires additional arguments
    1661 ,session->username, session->user.number);
    1662
    1663 }
    1664 SAFECOPY(session->client.user, session->username);
    1665 session->client.usernum = session->user.number;
    1666 client_on(session->socket, &session->client, /* update existing client record? */true);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DjGNe_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZrw1ACipL81Cfrev1KTkNSpg9ocZGsXxFU4AldvxV89V-2FFS8Im4F3ZlIWKiU1IgZ7U6FnHvW5nOIPElnOgDye48Et-2FcrMwNOZVyWRSzqRdvKvjv7tIxk-2BD72e1fmIEEOvn4SDov1pv-2FzEWSevpHegP3dEU8oXtKIA8RNAEjZ1XUg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tue Nov 5 13:40:05 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 514519: (LOCK)
    /main.cpp: 4849 in sbbs_t::daily_maint()()
    /main.cpp: 4849 in sbbs_t::daily_maint()()


    ________________________________________________________________________________________________________
    *** CID 514519: (LOCK)
    /main.cpp: 4849 in sbbs_t::daily_maint()()
    4843 lprintf(result ? LOG_ERR : LOG_INFO, "Daily event: '%s' returned %d", cmd, result);
    4844 }
    4845 if((sys_status & SS_NEW_MONTH) && cfg.sys_monthly[0]) {
    4846 lputs(LOG_INFO, "DAILY: Running monthly event");
    4847 const char* cmd = cmdstr(cfg.sys_monthly,nulstr,nulstr,NULL);
    4848 online = ON_LOCAL;
    CID 514519: (LOCK)
    "external" unlocks "this->input_thread_mutex" while it is unlocked. 4849 int result = external(cmd, EX_OFFLINE);
    4850 online = false;
    4851 lprintf(result ? LOG_ERR : LOG_INFO, "Monthly event: '%s' returned %d", cmd, result);
    4852 }
    4853 lputs(LOG_INFO, "DAILY: System maintenance ended");
    4854 sys_status&=~SS_DAILY;
    /main.cpp: 4849 in sbbs_t::daily_maint()()
    4843 lprintf(result ? LOG_ERR : LOG_INFO, "Daily event: '%s' returned %d", cmd, result);
    4844 }
    4845 if((sys_status & SS_NEW_MONTH) && cfg.sys_monthly[0]) {
    4846 lputs(LOG_INFO, "DAILY: Running monthly event");
    4847 const char* cmd = cmdstr(cfg.sys_monthly,nulstr,nulstr,NULL);
    4848 online = ON_LOCAL;
    CID 514519: (LOCK)
    "external" locks "this->input_thread_mutex" while it is locked.
    4849 int result = external(cmd, EX_OFFLINE);
    4850 online = false;
    4851 lprintf(result ? LOG_ERR : LOG_INFO, "Monthly event: '%s' returned %d", cmd, result);
    4852 }
    4853 lputs(LOG_INFO, "DAILY: System maintenance ended");
    4854 sys_status&=~SS_DAILY;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DmVJv_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZYt7Pe-2B8KlpNPxf3vYfbGXTetKrkOysaWsLoXwVVJy-2BlT3vWHLSa-2F-2BgpVoMRk-2FB9lZhpdNOATgKKch-2FKRWKdw7CGPsa8-2BoRGvrYP8DjPqUmQVJXsmXD2xm4gPlAPoQOpnW8tWCZcdj7lp745Fp7QOqFvNAcU4EQLHiapc9wQpj6A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sun Nov 10 14:42:03 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 514629: API usage errors (PW.PRINTF_ARG_MISMATCH) /tmp/sbbs-Nov-10-2024/src/smblib/smblib.c: 298 in ()


    ________________________________________________________________________________________________________
    *** CID 514629: API usage errors (PW.PRINTF_ARG_MISMATCH) /tmp/sbbs-Nov-10-2024/src/smblib/smblib.c: 298 in ()
    292 else
    293 if(time(NULL)-start>=(time_t)smb->retry_time) 294 break;
    295 ++count;
    296 SLEEP((count / 10) * smb->retry_delay);
    297 }
    CID 514629: API usage errors (PW.PRINTF_ARG_MISMATCH)
    argument is incompatible with corresponding format string conversion (expected type "int" but argument has type "long")
    298 safe_snprintf(smb->last_error,sizeof(smb->last_error),"%s timeout locking message base after %d seconds", __FUNCTION__, time(NULL) - start);
    299 return(SMB_ERR_TIMEOUT);
    300 }
    301
    302 /****************************************************************************/
    303 /* Read the SMB header from the header file and place into smb.status */

    ** CID 514628: API usage errors (PRINTF_ARGS)


    ________________________________________________________________________________________________________
    *** CID 514628: API usage errors (PRINTF_ARGS) /tmp/sbbs-Nov-10-2024/src/smblib/smblib.c: 298 in smb_locksmbhdr()
    292 else
    293 if(time(NULL)-start>=(time_t)smb->retry_time) 294 break;
    295 ++count;
    296 SLEEP((count / 10) * smb->retry_delay);
    297 }
    CID 514628: API usage errors (PRINTF_ARGS)
    Argument "time(NULL) - start" to format specifier "%d" was expected to have type "int" but has type "long".
    298 safe_snprintf(smb->last_error,sizeof(smb->last_error),"%s timeout locking message base after %d seconds", __FUNCTION__, time(NULL) - start);
    299 return(SMB_ERR_TIMEOUT);
    300 }
    301
    302 /****************************************************************************/
    303 /* Read the SMB header from the header file and place into smb.status */


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D04SY_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbRNqpwvGc4zcZ5uKeIndhuSqNnxi4ZbqnqhqxxcEUjkJJHGyGkBZt6V7UXUX2xnB2lvPBmqBCBxBghPzBYV7kJY89l3F0Je2EKuh7lbcH1Ki5248pEoplbC6UdQ14IH1AzZ-2BYu06Kjq-2F-2BS7xugvit0MheMfmyl63WZ-2BGQqWv04fA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Mon Nov 11 14:28:43 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 514647: Resource leaks (RESOURCE_LEAK)
    /userdat.c: 1397 in getnodeext()


    ________________________________________________________________________________________________________
    *** CID 514647: Resource leaks (RESOURCE_LEAK)
    /userdat.c: 1397 in getnodeext()
    1391 {
    1392 int f;
    1393
    1394 if(!VALID_CFG(cfg) || num < 1)
    1395 return "";
    1396 if((f = opennodeext(cfg)) < 1)
    CID 514647: Resource leaks (RESOURCE_LEAK)
    Handle variable "f" going out of scope leaks the handle.
    1397 return "";
    1398 (void)lseek(f, (num-1) * 128, SEEK_SET);
    1399 if(read(f, buf, 128) != 128)
    1400 memset(buf, 0, 128);
    1401 close(f);
    1402 buf[127] = 0;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DNrRS_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZ3ELp6fsbhc-2FY9mD5Zp1-2FoSxtPMVY9W2gQFqb-2BWiMKBXb3R551uQj1an4L8jxHGCtVzJ8f8hTy9TuLVRQzLD3L1M-2FICoSbiZvQ-2FUBPSeV-2BCcsclK4jYNyukSMcGAKOr-2BtLQBr5jUdpUtVX-2FuxQBKwF4hNcUqyrDA8X7YI-2FfcIZtw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tue Nov 19 13:40:34 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 515048: Security best practices violations (SECURE_TEMP)
    /sbbsecho.c: 1848 in add_areas_from_echolists()


    ________________________________________________________________________________________________________
    *** CID 515048: Security best practices violations (SECURE_TEMP)
    /sbbsecho.c: 1848 in add_areas_from_echolists()
    1842 match=0;
    1843 for(k=0; cfg.listcfg[j].keys[k] ;k++) {
    1844 if(match) break;
    1845 for(x=0; nodecfg->keys[x] ;x++) {
    1846 if(!stricmp(cfg.listcfg[j].keys[k]
    1847 ,nodecfg->keys[x])) {
    CID 515048: Security best practices violations (SECURE_TEMP)
    "tmpfile" creates files with predictable names, which is unsafe.
    1848 if((fwdfile=tmpfile())==NULL) { 1849 lprintf(LOG_ERR,"ERROR line %d opening forward temp "
    1850 "file",__LINE__);
    1851 match=1;
    1852 break;
    1853 }

    ** CID 515047: Control flow issues (NO_EFFECT)
    /sbbsecho.c: 1635 in alter_areas_ini()


    ________________________________________________________________________________________________________
    *** CID 515047: Control flow issues (NO_EFFECT)
    /sbbsecho.c: 1635 in alter_areas_ini()
    1629 continue;
    1630 }
    1631 }
    1632 if(add_area[0] != NULL) { /* Check for areas to add */
    1633 bool add_all = (stricmp(add_area[0], "+ALL") == 0);
    1634 j = strListFind(add_area, echotag, /* case-sensitive */false);
    CID 515047: Control flow issues (NO_EFFECT)
    This greater-than-or-equal-to-zero comparison of an unsigned value is always true. "j >= 0U".
    1635 if(add_all || j >= 0) {
    1636 if(j >= 0)
    1637 add_area[j][0]=0; /* So we can check other lists */
    1638 uint areanum = find_area(echotag);
    1639 if(!area_is_valid(areanum)) {
    1640 lprintf(LOG_ERR, "Invalid area num on line %d", __LINE__);

    ** CID 515046: Error handling issues (CHECKED_RETURN)
    /sbbsecho.c: 1989 in alter_areas()


    ________________________________________________________________________________________________________
    *** CID 515046: Error handling issues (CHECKED_RETURN)
    /sbbsecho.c: 1989 in alter_areas()
    1983 ,smb_faddrtoa(&addr,NULL), (ulong)added, cfg.areafile);
    1984 if(deleted)
    1985 lprintf(LOG_DEBUG, "AreaFix (for %s) Removed links to %lu areas in %s"
    1986 ,smb_faddrtoa(&addr,NULL), (ulong)deleted, cfg.areafile);
    1987 if(added || deleted) {
    1988 if(stat(cfg.areafile, &st) == 0)
    CID 515046: Error handling issues (CHECKED_RETURN)
    Calling "chmod(outpath, st.st_mode)" without checking return value. This library function may fail and return an error code.
    1989 chmod(outpath, st.st_mode);
    1990 if(cfg.areafile_backups == 0 || !backup(cfg.areafile, cfg.areafile_backups, /* ren: */TRUE))
    1991 delfile(cfg.areafile, __LINE__); /* Delete AREAS.BBS */
    1992 if(rename(outpath,cfg.areafile)) /* Rename new AREAS.BBS file */
    1993 lprintf(LOG_ERR,"ERROR line %d renaming %s to %s",__LINE__,outpath,cfg.areafile);
    1994 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D1jSz_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbxEcP2FV-2FE8SZ4Zj-2B5i-2FvXMBc1u-2B9IyI73gYzjnV6pIIbqC2pGfKYB3KXIl7XZEKXLdLz8vi8-2BwsF6O91kuZqV1ShM13vaTkO37J3VV7GT6YwOX288v8WtwpdrdHMhRE2EqIozgp1HMSE07wuarfyxBLAND56oVPlNda7IFeLuFA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thu Nov 21 13:54:30 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 515063: Security best practices violations (SECURE_TEMP)
    /sbbsecho.c: 2142 in areamgr_command()


    ________________________________________________________________________________________________________
    *** CID 515063: Security best practices violations (SECURE_TEMP)
    /sbbsecho.c: 2142 in areamgr_command()
    2136 nodecfg->archive = SBBSECHO_ARCHIVE_NONE;
    2137 else {
    2138 for(u=0;u<cfg.arcdefs;u++)
    2139 if(stricmp(p,cfg.arcdef[u].name) == 0) 2140 break;
    2141 if(u==cfg.arcdefs) {
    CID 515063: Security best practices violations (SECURE_TEMP)
    "tmpfile" creates files with predictable names, which is unsafe.
    2142 if((tmpf=tmpfile())==NULL) {
    2143 lprintf(LOG_ERR,"ERROR line %d opening tmpfile()",__LINE__);
    2144 return false;
    2145 }
    2146 SAFEPRINTF(str, "Compression type unavailable: %s", p);
    2147 lprintf(LOG_INFO, "AreaMgr (for %s) %s", faddrtoa(&addr), str);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DGoz1_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYHiJRuOAYx4mtSc3Rs7eY9P2HGERsO3Ui1TozxvEl3HSa54-2BxmZuyJa4rdPvK8KqeFliWPJD252StMkW9mo-2B6uT2KWq9YxJqegr2CCurq6i8coJamUQEMyVcyknmxOhR1KJArkVSLfkYq8-2BmPn9fVdieJLgwrSG692S4HB3dKfZQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sun Nov 24 15:11:51 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 515130: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-24-2024/src/conio/sdl_con.c: 357 in sdl_get_bounds()


    ________________________________________________________________________________________________________
    *** CID 515130: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Nov-24-2024/src/conio/sdl_con.c: 357 in sdl_get_bounds()
    351 SDL_Rect r;
    352 int ABUw, ABUh;
    353 int pixelw, pixelh;
    354
    355 if (sdl.GetDisplayUsableBounds(0, &r) != 0)
    356 return false;
    CID 515130: Concurrent data access violations (MISSING_LOCK)
    Accessing "win" without holding lock "win_mutex". Elsewhere, "win" is written to with "win_mutex" held 1 out of 1 times.
    357 sdl.GetWindowSize(win, &ABUw, &ABUh);
    358 sdl.GetWindowSizeInPixels(win, &pixelw, &pixelh);
    359 if (pixelw == 0 || pixelh == 0 || ABUw == 0 || ABUh == 0) {
    360 *w = r.w;
    361 *h = r.h;
    362 return true;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D_t4Q_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYVVBXfFUuA-2FsWyQ5uMS5ufMK7jgOcJ6VIupDH54bwQZq7SuxKbKUjUqnKiK9OnXbOb5gfXyBtjeI0-2BrMXfePEiZJ6tllUVEkd4WCimYeBdVV8tZ-2FZWYZleIzw9Ex3-2BGpSI29JxK7ySTVVle557znXI2HDyHti8hj8D3RvYxamaIw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Mon Dec 2 13:42:27 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    14 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 14 of 14 defect(s)


    ** CID 515601: Program hangs (LOCK)
    /js_bbs.cpp: 3400 in js_get_node_message(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 515601: Program hangs (LOCK)
    /js_bbs.cpp: 3400 in js_get_node_message(JSContext *, unsigned int, unsigned long *)()
    3394 clearline = JSVAL_TO_BOOLEAN(argv[0]);
    3395
    3396 rc=JS_SUSPENDREQUEST(cx);
    3397 sbbs->getnmsg(clearline ? true : false);
    3398 JS_RESUMEREQUEST(cx, rc);
    3399
    CID 515601: Program hangs (LOCK)
    Returning without unlocking "sbbs->nodefile_mutex".
    3400 return(JS_TRUE);
    3401 }
    3402
    3403 static JSBool
    3404 js_put_node_message(JSContext *cx, uintN argc, jsval *arglist)
    3405 {

    ** CID 515600: Error handling issues (CHECKED_RETURN)
    /download.cpp: 367 in sbbs_t::seqwait(unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 515600: Error handling issues (CHECKED_RETURN)
    /download.cpp: 367 in sbbs_t::seqwait(unsigned int)()
    361
    362 if(!devnum)
    363 return;
    364 for(start=now=time(NULL);online && now-start<90;now=time(NULL)) {
    365 if(msgabort()) /* max wait ^^^^ sec */
    366 break;
    CID 515600: Error handling issues (CHECKED_RETURN)
    Calling "getnodedat" without checking return value (as is done elsewhere 52 out of 59 times).
    367 getnodedat(cfg.node_num,&thisnode,true); /* open and lock this record */
    368 for(i=1;i<=cfg.sys_nodes;i++) {
    369 if(i==cfg.node_num) continue;
    370 if(getnodedat(i,&node, true)) {
    371 if((node.status==NODE_INUSE || node.status==NODE_QUIET)
    372 && node.action==NODE_RFSD && node.aux==devnum) {

    ** CID 515599: Concurrent data access violations (MISSING_LOCK)
    /putnode.cpp: 108 in sbbs_t::unlocknodedat(unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 515599: Concurrent data access violations (MISSING_LOCK) /putnode.cpp: 108 in sbbs_t::unlocknodedat(unsigned int)()
    102 errormsg(WHERE, ERR_CHK, "node number", number);
    103 return false;
    104 }
    105 int result = unlock(nodefile, (number - 1) * sizeof(node_t), sizeof(node_t));
    106 if(cfg.node_misc & NM_CLOSENODEDAB) {
    107 close(nodefile);
    CID 515599: Concurrent data access violations (MISSING_LOCK)
    Accessing "this->nodefile" without holding lock "sbbs_t.nodefile_mutex". Elsewhere, "sbbs_t.nodefile" is written to with "sbbs_t.nodefile_mutex" held 4 out of 5 times.
    108 nodefile = -1;
    109 }
    110 pthread_mutex_unlock(&nodefile_mutex);
    111 return result == 0;
    112 }
    113

    ** CID 515598: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 515598: (SLEEP)
    /getnode.cpp: 268 in sbbs_t::getnmsg(bool)()
    262 buf[length]=0;
    263
    264 if(clearline)
    265 this->clearline();
    266 else if(column)
    267 CRLF;
    CID 515598: (SLEEP)
    Call to "putmsg" might sleep while holding lock "this->nodefile_mutex". 268 putmsg(buf,P_NOATCODES);
    269 free(buf);
    270
    271 return retval == 0;
    272 }
    273
    /getnode.cpp: 265 in sbbs_t::getnmsg(bool)()
    259 }
    260 int retval = chsize(file,0L);
    261 close(file);
    262 buf[length]=0;
    263
    264 if(clearline)
    CID 515598: (SLEEP)
    Call to "clearline" might sleep while holding lock "this->nodefile_mutex".
    265 this->clearline();
    266 else if(column)
    267 CRLF;
    268 putmsg(buf,P_NOATCODES);
    269 free(buf);
    270

    ** CID 515597: Program hangs (LOCK)
    /main.cpp: 2243 in input_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 515597: Program hangs (LOCK)
    /main.cpp: 2243 in input_thread(void *)()
    2237 }
    2238 else
    2239 #endif
    2240 rd = recv(sock, (char*)inbuf, rd, 0);
    2241
    2242 if(pthread_mutex_unlock(&sbbs->input_thread_mutex)!=0) >>> CID 515597: Program hangs (LOCK)
    "errormsg" locks "sbbs->nodefile_mutex" while it is locked.
    2243 sbbs->errormsg(WHERE,ERR_UNLOCK,"input_thread_mutex",0);
    2244
    2245 if (rd == 0 && !socket_recvdone(sock, 0))
    2246 continue;
    2247
    2248 if(rd == SOCKET_ERROR)

    ** CID 515596: Program hangs (LOCK)
    /logfile.cpp: 331 in sbbs_t::errormsg(int, const char *, const char *, const char *, const char *, int, const char *)()


    ________________________________________________________________________________________________________
    *** CID 515596: Program hangs (LOCK)
    /logfile.cpp: 331 in sbbs_t::errormsg(int, const char *, const char *, const char *, const char *, int, const char *)()
    325 fprintf(logfile_fp,"!! %s%s", str, log_line_ending); 326 logcol=1;
    327 fflush(logfile_fp);
    328 }
    329
    330 errormsg_inside=false;
    CID 515596: Program hangs (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    331 }
    332
    333 /****************************************************************************/
    334 /* Open a log file for append, supporting log rotation based on size */
    335 /****************************************************************************/
    336 extern "C" FILE* fopenlog(scfg_t* cfg, const char* path)

    ** CID 515595: Program hangs (LOCK)
    /main.cpp: 4335 in sbbs_t::logoffstats()()


    ________________________________________________________________________________________________________
    *** CID 515595: Program hangs (LOCK)
    /main.cpp: 4335 in sbbs_t::logoffstats()()
    4329
    4330 for(i=0;i<2;i++) {
    4331 FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */true);
    4332 if(fp == NULL)
    4333 continue;
    4334 if(!fread_dstats(fp, &stats)) {
    CID 515595: Program hangs (LOCK)
    "errormsg" locks "this->nodefile_mutex" while it is locked.
    4335 errormsg(WHERE, ERR_READ, "dsts.ini", i);
    4336 } else {
    4337 stats.total.timeon += minutes_used;
    4338 stats.today.timeon += minutes_used;
    4339 if(!fwrite_dstats(fp, &stats, __FUNCTION__)) 4340 errormsg(WHERE, ERR_WRITE, "dsts.ini", i);

    ** CID 515594: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 515594: (SLEEP)
    /main.cpp: 4649 in sbbs_t::daily_maint()()
    4643 backup(str,cfg.user_backup_level,false);
    4644 }
    4645
    4646 if(cfg.mail_backup_level) {
    4647 lputs(LOG_INFO,"DAILY: Backing-up mail data...");
    4648 smb_t mail;
    CID 515594: (SLEEP)
    Call to "smb_open_sub" might sleep while holding lock "this->nodefile_mutex".
    4649 int result = smb_open_sub(&cfg, &mail, INVALID_SUB); 4650 if(result != SMB_SUCCESS)
    4651 lprintf(LOG_ERR, "ERROR %d (%s) opening mail base", result, mail.last_error);
    4652 else {
    4653 result = smb_lock(&mail);
    4654 if(result != SMB_SUCCESS)
    /main.cpp: 4778 in sbbs_t::daily_maint()()
    4772 closeuserdat(userfile);
    4773
    4774 lputs(LOG_INFO,"DAILY: Purging deleted/expired e-mail");
    4775 SAFEPRINTF(smb.file,"%smail",cfg.data_dir);
    4776 smb.retry_time=cfg.smb_retry_time;
    4777 smb.subnum=INVALID_SUB;
    CID 515594: (SLEEP)
    Call to "smb_open" might sleep while holding lock "this->nodefile_mutex".
    4778 if((i=smb_open(&smb))!=0)
    4779 errormsg(WHERE,ERR_OPEN,smb.file,i,smb.last_error); 4780 else {
    4781 if(filelength(fileno(smb.shd_fp))>0) {
    4782 if((i=smb_locksmbhdr(&smb))!=0)
    4783 errormsg(WHERE,ERR_LOCK,smb.file,i,smb.last_error);

    ** CID 515593: (LOCK)
    /getnode.cpp: 258 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 252 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 242 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 271 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 237 in sbbs_t::getnmsg(bool)()
    /getnode.cpp: 247 in sbbs_t::getnmsg(bool)()


    ________________________________________________________________________________________________________
    *** CID 515593: (LOCK)
    /getnode.cpp: 258 in sbbs_t::getnmsg(bool)()
    252 return false;
    253 }
    254 if(read(file,buf,length)!=length) {
    255 close(file);
    256 free(buf);
    257 errormsg(WHERE,ERR_READ,str,length);
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    258 return false;
    259 }
    260 int retval = chsize(file,0L);
    261 close(file);
    262 buf[length]=0;
    263
    /getnode.cpp: 252 in sbbs_t::getnmsg(bool)()
    246 close(file);
    247 return true;
    248 }
    249 if((buf=(char *)malloc(length+1))==NULL) {
    250 close(file);
    251 errormsg(WHERE,ERR_ALLOC,str,length+1);
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    252 return false;
    253 }
    254 if(read(file,buf,length)!=length) {
    255 close(file);
    256 free(buf);
    257 errormsg(WHERE,ERR_READ,str,length);
    /getnode.cpp: 242 in sbbs_t::getnmsg(bool)()
    236 if(flength(str)<1L)
    237 return true;
    238 if((file=nopen(str,O_RDWR))==-1) {
    239 /**
    240 errormsg(WHERE,ERR_OPEN,str,O_RDWR);
    241 **/
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    242 return false;
    243 }
    244 length=(long)filelength(file);
    245 if(length <= 0) {
    246 close(file);
    247 return true;
    /getnode.cpp: 271 in sbbs_t::getnmsg(bool)()
    265 this->clearline();
    266 else if(column)
    267 CRLF;
    268 putmsg(buf,P_NOATCODES);
    269 free(buf);
    270
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    271 return retval == 0;
    272 }
    273
    274 /****************************************************************************/
    275 /* 'ext' must be at least 128 bytes! */
    276 /****************************************************************************/
    /getnode.cpp: 237 in sbbs_t::getnmsg(bool)()
    231 thisnode.misc&=~NODE_NMSG; /* clear the NMSG flag */
    232 putnodedat(cfg.node_num,&thisnode);
    233 }
    234
    235 SAFEPRINTF2(str,"%smsgs/n%3.3u.msg",cfg.data_dir,cfg.node_num); 236 if(flength(str)<1L)
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    237 return true;
    238 if((file=nopen(str,O_RDWR))==-1) {
    239 /**
    240 errormsg(WHERE,ERR_OPEN,str,O_RDWR);
    241 **/
    242 return false;
    /getnode.cpp: 247 in sbbs_t::getnmsg(bool)()
    241 **/
    242 return false;
    243 }
    244 length=(long)filelength(file);
    245 if(length <= 0) {
    246 close(file);
    CID 515593: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    247 return true;
    248 }
    249 if((buf=(char *)malloc(length+1))==NULL) {
    250 close(file);
    251 errormsg(WHERE,ERR_ALLOC,str,length+1);
    252 return false;

    ** CID 515592: (SLEEP)


    ________________________________________________________________________________________________________
    *** CID 515592: (SLEEP)
    /getnode.cpp: 162 in sbbs_t::nodesync(bool)()
    156 thisnode.misc&=~NODE_UDAT;
    157 putnodedat(cfg.node_num,&thisnode);
    158 }
    159 }
    160 if(!(sys_status&SS_MOFF)) {
    161 if(thisnode.misc&NODE_MSGW)
    CID 515592: (SLEEP)
    Call to "getsmsg" might sleep while holding lock "this->nodefile_mutex".
    162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */
    163 if(thisnode.misc&NODE_NMSG)
    164 getnmsg(clearline); /* getnmsg clears NMSG flag */
    165 }
    166 }
    167
    /getnode.cpp: 174 in sbbs_t::nodesync(bool)()
    168 if(cfg.sync_mod[0])
    169 exec_bin(cfg.sync_mod,&main_csi);
    170
    171 if(thisnode.misc&NODE_INTR) {
    172 bputs(text[NodeLocked]);
    173 logline(LOG_NOTICE,nulstr,"Interrupted");
    CID 515592: (SLEEP)
    Call to "hangup" might sleep while holding lock "this->nodefile_mutex". 174 hangup();
    175 nodesync_inside=0;
    176 return;
    177 }
    178
    179 if(thisnode.misc&NODE_LCHAT) { // pulled into local chat with sysop
    /getnode.cpp: 164 in sbbs_t::nodesync(bool)()
    158 }
    159 }
    160 if(!(sys_status&SS_MOFF)) {
    161 if(thisnode.misc&NODE_MSGW)
    162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */
    163 if(thisnode.misc&NODE_NMSG)
    CID 515592: (SLEEP)
    Call to "getnmsg" might sleep while holding lock "this->nodefile_mutex".
    164 getnmsg(clearline); /* getnmsg clears NMSG flag */
    165 }
    166 }
    167
    168 if(cfg.sync_mod[0])
    169 exec_bin(cfg.sync_mod,&main_csi);
    /getnode.cpp: 211 in sbbs_t::nodesync(bool)()
    205 }
    206
    207 if(sys_status&SS_USERON && online && (timeleft/60)<(5-timeleft_warn)
    208 && !SYSOP) {
    209 timeleft_warn=5-(timeleft/60);
    210 if(!(sys_status&SS_MOFF)) {
    CID 515592: (SLEEP)
    Call to "attr" might sleep while holding lock "this->nodefile_mutex". 211 attr(LIGHTGRAY);
    212 bprintf(text[OnlyXminutesLeft]
    213 ,((ushort)timeleft/60)+1,(timeleft/60) ? "s" : nulstr);
    214 }
    215 }
    216
    /getnode.cpp: 217 in sbbs_t::nodesync(bool)()
    211 attr(LIGHTGRAY);
    212 bprintf(text[OnlyXminutesLeft]
    213 ,((ushort)timeleft/60)+1,(timeleft/60) ? "s" : nulstr);
    214 }
    215 }
    216
    CID 515592: (SLEEP)
    Call to "attr" might sleep while holding lock "this->nodefile_mutex". 217 attr(atr); /* replace original attributes */
    218 nodesync_inside=0;
    219 }
    220
    221 /****************************************************************************/
    222 /* Prints short messages waiting for this node, if any... */
    /getnode.cpp: 181 in sbbs_t::nodesync(bool)()
    175 nodesync_inside=0;
    176 return;
    177 }
    178
    179 if(thisnode.misc&NODE_LCHAT) { // pulled into local chat with sysop
    180 saveline();
    CID 515592: (SLEEP)
    Call to "privchat" might sleep while holding lock "this->nodefile_mutex".
    181 privchat(true);
    182 restoreline();
    183 }
    184
    185 if(thisnode.misc&NODE_FCHAT) { // forced into private chat
    186 int n = getpagingnode(&cfg);
    /getnode.cpp: 182 in sbbs_t::nodesync(bool)()
    176 return;
    177 }
    178
    179 if(thisnode.misc&NODE_LCHAT) { // pulled into local chat with sysop
    180 saveline();
    181 privchat(true);
    CID 515592: (SLEEP)
    Call to "restoreline" might sleep while holding lock "this->nodefile_mutex".
    182 restoreline();
    183 }
    184
    185 if(thisnode.misc&NODE_FCHAT) { // forced into private chat
    186 int n = getpagingnode(&cfg);
    187 if(n) {
    /getnode.cpp: 197 in sbbs_t::nodesync(bool)()
    191 action = save_action;
    192 restoreline();
    193 }
    194 if(getnodedat(cfg.node_num, &thisnode, true)) {
    195 thisnode.action = action;
    196 thisnode.misc &= ~NODE_FCHAT;
    CID 515592: (SLEEP)
    Call to "putnodedat" might sleep while holding lock "this->nodefile_mutex".
    197 putnodedat(cfg.node_num, &thisnode);
    198 }
    199 }
    200
    201 if(sys_status&SS_USERON && memcmp(&nodesync_user,&useron,sizeof(user_t))) {
    202 getusrdirs();

    ** CID 515591: (LOCK)
    /getnode.cpp: 219 in sbbs_t::nodesync(bool)()
    /getnode.cpp: 157 in sbbs_t::nodesync(bool)()


    ________________________________________________________________________________________________________
    *** CID 515591: (LOCK)
    /getnode.cpp: 219 in sbbs_t::nodesync(bool)()
    213 ,((ushort)timeleft/60)+1,(timeleft/60) ? "s" : nulstr);
    214 }
    215 }
    216
    217 attr(atr); /* replace original attributes */
    218 nodesync_inside=0;
    CID 515591: (LOCK)
    Returning without unlocking "this->nodefile_mutex".
    219 }
    220
    221 /****************************************************************************/
    222 /* Prints short messages waiting for this node, if any... */
    223 /****************************************************************************/
    224 bool sbbs_t::getnmsg(bool clearline)
    /getnode.cpp: 164 in sbbs_t::nodesync(bool)()
    158 }
    159 }
    160 if(!(sys_status&SS_MOFF)) {
    161 if(thisnode.misc&NODE_MSGW)
    162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */
    163 if(thisnode.misc&NODE_NMSG)
    CID 515591: (LOCK)
    "getnmsg" locks "this->nodefile_mutex" while it is locked.
    164 getnmsg(clearline); /* getnmsg clears NMSG flag */
    165 }
    166 }
    167
    168 if(cfg.sync_mod[0])
    169 exec_bin(cfg.sync_mod,&main_csi);
    /getnode.cpp: 197 in sbbs_t::nodesync(bool)()
    191 action = save_action;
    192 restoreline();
    193 }
    194 if(getnodedat(cfg.node_num, &thisnode, true)) {
    195 thisnode.action = action;
    196 thisnode.misc &= ~NODE_FCHAT;
    CID 515591: (LOCK)
    "putnodedat" locks "this->nodefile_mutex" while it is locked.
    197 putnodedat(cfg.node_num, &thisnode);
    198 }
    199 }
    200
    201 if(sys_status&SS_USERON && memcmp(&nodesync_user,&useron,sizeof(user_t))) {
    202 getusrdirs();
    /getnode.cpp: 157 in sbbs_t::nodesync(bool)()
    151 }
    152 }
    153 if(thisnode.misc&NODE_UDAT && !(useron.rest&FLAG('G'))) { /* not guest */
    154 getuserdat(&cfg, &useron);
    155 if(getnodedat(cfg.node_num,&thisnode, true)) { 156 thisnode.misc&=~NODE_UDAT;
    CID 515591: (LOCK)
    "putnodedat" locks "this->nodefile_mutex" while it is locked.
    157 putnodedat(cfg.node_num,&thisnode);
    158 }
    159 }
    160 if(!(sys_status&SS_MOFF)) {
    161 if(thisnode.misc&NODE_MSGW)
    162 getsmsg(useron.number, clearline); /* getsmsg clears MSGW flag */

    ** CID 515590: (LOCK)
    /un_qwk.cpp: 94 in sbbs_t::unpack_qwk(char *, unsigned int)()
    /un_qwk.cpp: 123 in sbbs_t::unpack_qwk(char *, unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 515590: (LOCK)
    /un_qwk.cpp: 94 in sbbs_t::unpack_qwk(char *, unsigned int)()
    88 lprintf(LOG_ERR, "libarchive error %ld (%s) extracting %s", file_count, error, packet);
    89 if(*cfg.qhub[hubnum]->unpack == '\0')
    90 return false;
    91 i=external(cmdstr(cfg.qhub[hubnum]->unpack,packet,ALLFILES,NULL),EX_OFFLINE);
    92 if(i) {
    93 errormsg(WHERE,ERR_EXEC,cmdstr(cfg.qhub[hubnum]->unpack,packet,ALLFILES,NULL),i);
    CID 515590: (LOCK)
    Returning without unlocking "this->input_thread_mutex".
    94 return(false);
    95 }
    96 }
    97 SAFEPRINTF(str,"%sMESSAGES.DAT",cfg.temp_dir);
    98 if(!fexistcase(str)) {
    99 lprintf(LOG_WARNING,"%s doesn't contain MESSAGES.DAT (%s)",packet,str);
    /un_qwk.cpp: 123 in sbbs_t::unpack_qwk(char *, unsigned int)()
    117 remove(fname);
    118 }
    119 SAFEPRINTF(fname, "%sVOTING.DAT", cfg.temp_dir);
    120 if(fexistcase(fname)) {
    121 lprintf(LOG_DEBUG, "Reading %s", fname);
    122 if((fp=fopen(fname,"r")) == NULL)
    CID 515590: (LOCK)
    "errormsg" locks "this->nodefile_mutex" while it is locked.
    123 errormsg(WHERE,ERR_OPEN,fname,O_RDONLY);
    124 else {
    125 voting=iniReadFile(fp);
    126 fclose(fp);
    127 }
    128 remove(fname);

    ** CID 515589: Error handling issues (CHECKED_RETURN)
    /logon.cpp: 124 in sbbs_t::logon()()


    ________________________________________________________________________________________________________
    *** CID 515589: Error handling issues (CHECKED_RETURN)
    /logon.cpp: 124 in sbbs_t::logon()()
    118 ,useron.number,useron.alias);
    119 logline(LOG_NOTICE,"+!",str);
    120 hangup();
    121 return(false);
    122 }
    123 if(yesno(text[RemoveNodeLockQ])) {
    CID 515589: Error handling issues (CHECKED_RETURN)
    Calling "getnodedat" without checking return value (as is done elsewhere 52 out of 59 times).
    124 getnodedat(cfg.node_num,&thisnode, true);
    125 logline("S-","Removed Node Lock");
    126 thisnode.misc&=~NODE_LOCK;
    127 }
    128 else
    129 getnodedat(cfg.node_num,&thisnode, true);

    ** CID 515588: (SLEEP)
    /main.cpp: 3450 in event_thread(void *)()
    /main.cpp: 3272 in event_thread(void *)()


    ________________________________________________________________________________________________________
    *** CID 515588: (SLEEP)
    /main.cpp: 3277 in event_thread(void *)()
    3271 while(!sbbs->terminated) {
    3272 mswait(1000); 3273 now=time(NULL); 3274 if(now-start>10 && now-lastnodechk<10)
    3275 continue;
    3276 for(j=first_node;j<=last_node;j++) {
    CID 515588: (SLEEP)
    Call to "getnodedat" might sleep while holding lock "sbbs->nodefile_mutex".
    3277 if(!sbbs->getnodedat(j,&node, true))
    3278 continue;
    3279 if(node.status==NODE_WFC)
    3280 node.status=NODE_EVENT_LIMBO;
    3281 node.aux=sbbs->cfg.event[i]->node;
    3282 sbbs->putnodedat(j,&node);
    /main.cpp: 3450 in event_thread(void *)()
    3444 }
    3445 }
    3446 }
    3447 }
    3448 }
    3449 sbbs->event_code = nulstr;
    CID 515588: (SLEEP)
    Call to "nanosleep" might sleep while holding lock "sbbs->nodefile_mutex".
    3450 mswait(1000);
    3451 }
    3452 sbbs->cfg.node_num=0;
    3453 sbbs->useron.number = 0;
    3454 sbbs->js_cleanup();
    3455
    /main.cpp: 3373 in event_thread(void *)()
    3367 && (sbbs->cfg.event[i]->node<first_node || sbbs->cfg.event[i]->node>last_node)) {
    3368 sbbs->lprintf(LOG_NOTICE,"Changing node status for nodes %d through %d to WFC"
    3369 ,first_node,last_node); 3370 sbbs->cfg.event[i]->last=(time32_t)now;
    3371 for(j=first_node;j<=last_node;j++) {
    3372 node.status=NODE_INVALID_STATUS;
    CID 515588: (SLEEP)
    Call to "getnodedat" might sleep while holding lock "sbbs->nodefile_mutex".
    3373 if(!sbbs->getnodedat(j,&node, true))
    3374 continue;
    3375 node.status=NODE_WFC; 3376 sbbs->putnodedat(j,&node);
    3377 }
    3378 }
    /main.cpp: 3413 in event_thread(void *)()
    3407 cmd = sbbs->cmdstr(cmd, nulstr, sbbs->cfg.event[i]->dir, NULL);
    3408 sbbs->lprintf(LOG_INFO,"Running %s%stimed event: %s"
    3409 ,native_executable(&sbbs->cfg, cmd, ex_mode) ? "native ":"16-bit DOS "
    3410 ,(ex_mode&EX_BG) ? "background ":""
    3411 ,cmd);
    3412 {
    CID 515588: (SLEEP)
    Call to "external" might sleep while holding lock "sbbs->nodefile_mutex".
    3413 int result = sbbs->external(cmd, ex_mode, sbbs->cfg.event[i]->dir);
    3414 if(!(ex_mode&EX_BG)) 3415 sbbs->lprintf(result ? sbbs->cfg.event[i]->errlevel : LOG_INFO, "Timed event: '%s' returned %d", cmd, result);
    3416 else
    3417 sbbs->lprintf(LOG_DEBUG, "Background timed event spawned: %s", cmd);
    3418 }
    /main.cpp: 3277 in event_thread(void *)()
    3271 while(!sbbs->terminated) {
    3272 mswait(1000); 3273 now=time(NULL); 3274 if(now-start>10 && now-lastnodechk<10)
    3275 continue;
    3276 for(j=first_node;j<=last_node;j++) {
    CID 515588: (SLEEP)
    Call to "getnodedat" might sleep while holding lock "sbbs->nodefile_mutex".
    3277 if(!sbbs->getnodedat(j,&node, true))
    3278 continue;
    3279 if(node.status==NODE_WFC)
    3280 node.status=NODE_EVENT_LIMBO;
    3281 node.aux=sbbs->cfg.event[i]->node;
    3282 sbbs->putnodedat(j,&node);
    /main.cpp: 2986 in event_thread(void *)()
    2980 if(!fexist(fname))
    2981 continue;
    2982 sbbs->useron.number = 0;
    2983 sbbs->lprintf(LOG_INFO, "QWK pack semaphore signaled: %s", fname);
    2984 int usernum = atoi(fname+offset);
    2985 sbbs->useron.number = usernum;
    CID 515588: (SLEEP)
    Call to "getuserdat" might sleep while holding lock "sbbs->nodefile_mutex".
    2986 int retval = getuserdat(&sbbs->cfg,&sbbs->useron);
    2987 if(retval != 0) {
    2988 sbbs->lprintf(LOG_WARNING, "ERROR %d reading user data for user #%d", retval, usernum);
    2989 sbbs->fremove(WHERE, fname, /* log-all-errors: */true);
    2990 continue;
    2991 }
    /main.cpp: 3272 in event_thread(void *)()
    3266 sbbs->lprintf(LOG_DEBUG,"event last run: %s (0x%08x)"
    3267 ,sbbs->timestr(sbbs->cfg.event[i]->last)
    3268 ,sbbs->cfg.event[i]->last);
    3269 lastnodechk=0; /* really last event time check */
    3270 start=time(NULL);
    3271 while(!sbbs->terminated) {
    CID 515588: (SLEEP)
    Call to "nanosleep" might sleep while holding lock "sbbs->nodefile_mutex".
    3272 mswait(1000); 3273 now=time(NULL); 3274 if(now-start>10 && now-lastnodechk<10)
    3275 continue;
    3276 for(j=first_node;j<=last_node;j++) {
    3277 if(!sbbs->getnodedat(j,&node, true))


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D0VuE_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZXtRHBZwsv7Kfty0nOtNaK0UAFlR-2FrVR2f6CKktOSW3KEH5A-2BAGbll45RILco6MRWsB-2BPA-2F5LbzoDmAwnm2EdPSGWu8DKQDA8ovxbR0nzs0zWwn4zpQwqZ0g5MQ5Uxv60wCv-2BEyap91XzPuWSQ2OUE7j0iN0wndXT1J2mredhBFg-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Fri Dec 6 13:41:13 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 515659: Resource leaks (RESOURCE_LEAK)
    /readmail.cpp: 814 in sbbs_t::readmail(unsigned int, int, int)()


    ________________________________________________________________________________________________________
    *** CID 515659: Resource leaks (RESOURCE_LEAK)
    /readmail.cpp: 814 in sbbs_t::readmail(unsigned int, int, int)()
    808 }
    809
    810 smb_close(&smb);
    811 smb_stack(&smb,SMB_STACK_POP);
    812 current_msg=NULL;
    813
    CID 515659: Resource leaks (RESOURCE_LEAK)
    Variable "mail" going out of scope leaks the storage it points to.
    814 return lm_mode;
    815 }
    816
    817 int sbbs_t::searchmail(mail_t *mail, int start, int msgs, int which, const char *search, const char* order)
    818 {
    819 char* buf;

    ** CID 515658: Error handling issues (CHECKED_RETURN)


    ________________________________________________________________________________________________________
    *** CID 515658: Error handling issues (CHECKED_RETURN)
    /dupefind.c: 75 in display_filename()
    69 char *display_filename(scfg_t *cfg, uint dirnum, uint32_t fil_off)
    70 {
    71 static char str[256];
    72 static smb_t smb;
    73 if(smb_open_dir(cfg, &smb, dirnum) != SMB_SUCCESS)
    74 return smb.last_error;
    CID 515658: Error handling issues (CHECKED_RETURN)
    Calling "smb_fseek(smb.sid_fp, (fil_off - 1U) * 128UL, 0)" without checking return value. It wraps a library function that may fail and return an error code.
    75 smb_fseek(smb.sid_fp, (fil_off - 1) * sizeof(fileidxrec_t), SEEK_SET); 76 fileidxrec_t idx;
    77 if(smb_fread(&smb, &idx, sizeof(idx), smb.sid_fp) != sizeof(idx)) {
    78 smb_close(&smb);
    79 return smb.last_error;
    80 }

    ** CID 515657: Error handling issues (CHECKED_RETURN)
    /load_cfg.c: 627 in smb_open_dir()


    ________________________________________________________________________________________________________
    *** CID 515657: Error handling issues (CHECKED_RETURN)
    /load_cfg.c: 627 in smb_open_dir()
    621 if(filelength(fileno(smb->shd_fp)) < 1) {
    622 smb->status.max_files = cfg->dir[dirnum]->maxfiles; 623 smb->status.max_age = cfg->dir[dirnum]->maxage;
    624 smb->status.attr = SMB_FILE_DIRECTORY; 625 if(cfg->dir[dirnum]->misc & DIR_NOHASH)
    626 smb->status.attr |= SMB_NOHASH;
    CID 515657: Error handling issues (CHECKED_RETURN)
    Calling "smb_create" without checking return value (as is done elsewhere 16 out of 17 times).
    627 smb_create(smb);
    628 }
    629 return SMB_SUCCESS;
    630 }
    631
    632 int get_lang_count(scfg_t* cfg)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DArCi_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZBUi-2F07t06F46PFVW9NK8AEOuHmZrMv6aNSdOw0AIeo4ogvPzV8VRWZ8jRTfiHC12zKsA4sipybJiH6RgyZ0m7AfiNQvXpSFbavk3k9Q6PyWgsjGH13ueAcyWa7DsklJg0kfAfT7EZWBHjtJZZ7z9FYBEIQ4aPAWfq3llNwIH-2F5w-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sat Dec 7 13:42:14 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 515673: Code maintainability issues (SIZEOF_MISMATCH)
    /sbbsecho.c: 1309 in link_area()


    ________________________________________________________________________________________________________
    *** CID 515673: Code maintainability issues (SIZEOF_MISMATCH)
    /sbbsecho.c: 1309 in link_area()
    1303 return false;
    1304 }
    1305
    1306 void link_area(unsigned area_num, const fidoaddr_t* addr)
    1307 {
    1308 area_t* area = &cfg.area[area_num];
    CID 515673: Code maintainability issues (SIZEOF_MISMATCH)
    Passing argument "area->link" of type "fidoaddr_t const *" and argument "8UL /* sizeof (addr) */ * (area->links + 1)" to function "realloc_or_free" is suspicious. In this case, "sizeof (fidoaddr_t const *)" is equal to "sizeof (fidoaddr_t const)", but this is not a portable assumption.
    1309 if((area->link = realloc_or_free(area->link, (sizeof addr) * (area->links + 1))) == NULL) {
    1310 lprintf(LOG_ERR,"ERROR line %d allocating memory for area "
    1311 "#%u links.",__LINE__, area_num + 1);
    1312 bail(1);
    1313 return;
    1314 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DjswB_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZTIkIcVsFEubRKPyVR-2BCuKY5oHLU9ayFn6T1x6if3eS0nVM4zzDglf0kSu84NvdLQvLmLpVUMBWFTCqIbKw97TOhNhU4Up-2FQ0gGVaItXyTTfc3Uu2zZfP2qWOCQU0YU4SaCyb8-2B3kJNnxUzaATxOedk4YqKEgN0RG-2F7ZgTWOZJ5A-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sun Dec 8 13:41:14 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 515715: Incorrect expression (SIZEOF_MISMATCH)
    /userdat.c: 1420 in node_vstatus()


    ________________________________________________________________________________________________________
    *** CID 515715: Incorrect expression (SIZEOF_MISMATCH)
    /userdat.c: 1420 in node_vstatus()
    1414 return cfg->text != NULL ? cfg->text[NodeStatusOffline] : "Offline";
    1415 case NODE_NETTING: /* Obsolete */
    1416 return "Networking";
    1417 case NODE_LOGON:
    1418 return cfg->text != NULL ? cfg->text[NodeStatusLogon] : "At login prompt";
    1419 case NODE_LOGOUT:
    CID 515715: Incorrect expression (SIZEOF_MISMATCH)
    Passing argument "str" of type "char *" and argument "8UL /* sizeof (str) */" to function "safe_snprintf" is suspicious.
    1420 snprintf(str, sizeof str, cfg->text != NULL ? cfg->text[NodeStatusLogout] : "Logging out %s", username(cfg,node->useron,tmp));
    1421 return str;
    1422 case NODE_EVENT_WAITING:
    1423 return cfg->text != NULL ? cfg->text[NodeStatusEventWaiting] : "Waiting for all nodes to become inactive";
    1424 case NODE_EVENT_LIMBO:
    1425 snprintf(str, size, cfg->text != NULL ? cfg->text[NodeStatusEventLimbo] : "Waiting for node %d to finish external event"

    ** CID 515714: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 515714: Uninitialized variables (UNINIT)
    /getnode.cpp: 289 in sbbs_t::getnodeext(unsigned int, char *)()
    283 errormsg(WHERE,ERR_CHK,"node number",number);
    284 return false;
    285 }
    286
    287 if((node_ext=opennodeext(&cfg))==-1) {
    288 memset(ext,0,128);
    CID 515714: Uninitialized variables (UNINIT)
    Using uninitialized value "*str" when calling "errormsg".
    289 errormsg(WHERE,ERR_OPEN,str,O_RDONLY|O_DENYNONE);
    290 return false;
    291 }
    292
    293 number--; /* make zero based */
    294 for(count=0;count<LOOP_NODEDAB;count++) {

    ** CID 515713: Incorrect expression (SIZEOF_MISMATCH)
    /userdat.c: 1512 in node_activity()


    ________________________________________________________________________________________________________
    *** CID 515713: Incorrect expression (SIZEOF_MISMATCH)
    /userdat.c: 1512 in node_activity()
    1506 return cfg->text != NULL ? cfg->text[NodeActivityLoggingOn] : "logging on";
    1507 case NODE_LCHT:
    1508 snprintf(str, size, cfg->text != NULL ? cfg->text[NodeActivityLocalChat] : "chatting with %s", cfg->sys_op);
    1509 break;
    1510 case NODE_MCHT:
    1511 if(node->aux != 0)
    CID 515713: Incorrect expression (SIZEOF_MISMATCH)
    Passing argument "str" of type "char *" and argument "8UL /* sizeof (str) */" to function "safe_snprintf" is suspicious.
    1512 snprintf(str, sizeof str
    1513 ,cfg->text != NULL ? cfg->text[NodeActivityChatChannel] : "in multinode chat channel %d"
    1514 ,node->aux & 0xff);
    1515 else
    1516 return cfg->text != NULL ? cfg->text[NodeActivityGlobalChat] : "in multinode global chat channel";
    1517 break;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Drf1g_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQY9ty8xtnl2sw1SqlPRU2WILlz6B-2F41RYA0wpD7iGPK7iJJRJMlj06LpTw8H4oLu0ZD6NOR-2Fs4yPZ6xU2n8ZKWHL4-2F4cgQ0xljfi-2B5nJtvQuTTNG4kyAp2Ph0XvRGRr1KcMs8Gin6jWDWu2x-2Bkj9Q6Trx86Of-2BJRienYR-2Fbv9gQgw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sun Dec 15 13:49:15 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 516068: Null pointer dereferences (FORWARD_NULL)
    /websrvr.c: 5419 in js_ErrorReporter()


    ________________________________________________________________________________________________________
    *** CID 516068: Null pointer dereferences (FORWARD_NULL)
    /websrvr.c: 5419 in js_ErrorReporter()
    5413 pthread_mutex_lock(&mutex);
    5414 if(lastline == report->lineno && report->filename != NULL && strcmp(lastfile, report->filename) == 0)
    5415 log_level = LOG_WARNING;
    5416 else
    5417 log_level = LOG_ERR;
    5418 lastline = report->lineno;
    CID 516068: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "report->filename" to "strlcpy", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
    5419 SAFECOPY(lastfile, report->filename);
    5420 pthread_mutex_unlock(&mutex);
    5421 warning="";
    5422 }
    5423
    5424 lprintf(log_level,"%04d !JavaScript %s%s%s: %s, Request: %s"


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DwGMb_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYoPlNm5BibC088PrWc35An4cdaeXCJhAHOfo6MdQKpuyixiVEFSUvV84YSqGOWCuXdzqHO6D3vFmsefEKTNsriv31FvxSemaYCwQ1e-2F5VqBGX6SKqkk-2F5GGTcyG8HHnvAZdIDYA7eRF8DYP-2F3cg26HCdIpmNxtLPnr6lFDWLJb2Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tue Dec 17 13:48:21 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    9 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 9 of 9 defect(s)


    ** CID 516415: Error handling issues (CHECKED_RETURN)
    /userdat.c: 1472 in node_activity()


    ________________________________________________________________________________________________________
    *** CID 516415: Error handling issues (CHECKED_RETURN)
    /userdat.c: 1472 in node_activity()
    1466 case NODE_AMSG:
    1467 return cfg->text != NULL ? cfg->text[NodeActivityAutoMsg] : "posting auto-message";
    1468 case NODE_XTRN:
    1469 if(node->aux == 0)
    1470 return cfg->text != NULL ? cfg->text[NodeActivityXtrnMenu] : "at external program menu";
    1471 user.number = node->useron;
    CID 516415: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    1472 getuserdat(cfg, &user);
    1473 xtrnnum = getxtrnnum(cfg, user.curxtrn);
    1474 if(is_valid_xtrnnum(cfg, xtrnnum))
    1475 snprintf(str, size, "%s %s"
    1476 ,cfg->text != NULL ? cfg->text[NodeActivityRunningXtrn] : "running"
    1477 ,cfg->xtrn[xtrnnum]->name);

    ** CID 516414: Error handling issues (CHECKED_RETURN)
    /useredit.cpp: 65 in sbbs_t::useredit(int)()


    ________________________________________________________________________________________________________
    *** CID 516414: Error handling issues (CHECKED_RETURN)
    /useredit.cpp: 65 in sbbs_t::useredit(int)()
    59 if(sys_status&SS_INUEDIT)
    60 return;
    61 sys_status|=SS_INUEDIT;
    62 while(online) {
    63 CLS;
    64 attr(LIGHTGRAY);
    CID 516414: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    65 getuserdat(&cfg,&user);
    66 if(!user.number) {
    67 user.number=1;
    68 getuserdat(&cfg,&user);
    69 if(!user.number) {
    70 bputs(text[NoUserData]);

    ** CID 516413: Error handling issues (CHECKED_RETURN)
    /answer.cpp: 168 in sbbs_t::answer()()


    ________________________________________________________________________________________________________
    *** CID 516413: Error handling issues (CHECKED_RETURN)
    /answer.cpp: 168 in sbbs_t::answer()()
    162 (but keep full terminal type/speed string in rlogin_term): */
    163 truncstr(terminal,"/");
    164 useron.number = 0;
    165 if(rlogin_name[0])
    166 useron.number = find_login_id(&cfg, rlogin_name);
    167 if(useron.number) {
    CID 516413: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    168 getuserdat(&cfg,&useron);
    169 SAFEPRINTF(path,"%srlogin.cfg",cfg.ctrl_dir);
    170 if(!findstr(client.addr,path)) {
    171 SAFECOPY(tmp, rlogin_pass);
    172 for(i=0;i<3 && online;i++) { 173 if(stricmp(tmp,useron.pass)) {

    ** CID 516412: Error handling issues (CHECKED_RETURN)
    /login.cpp: 51 in sbbs_t::login(const char *, const char *, const char *, const char *)()


    ________________________________________________________________________________________________________
    *** CID 516412: Error handling issues (CHECKED_RETURN)
    /login.cpp: 51 in sbbs_t::login(const char *, const char *, const char *, const char *)()
    45 long useron_misc=useron.misc;
    46
    47 username = parse_login(username);
    48
    49 useron.number = find_login_id(&cfg, username);
    50 if(useron.number) {
    CID 516412: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    51 getuserdat(&cfg,&useron);
    52 if(useron.number && useron.misc&(DELETED|INACTIVE))
    53 useron.number=0;
    54 }
    55
    56 if(!useron.number) {

    ** CID 516411: (CHECKED_RETURN)
    /useredit.cpp: 733 in sbbs_t::maindflts(user_t *)()
    /useredit.cpp: 738 in sbbs_t::maindflts(user_t *)()


    ________________________________________________________________________________________________________
    *** CID 516411: (CHECKED_RETURN)
    /useredit.cpp: 733 in sbbs_t::maindflts(user_t *)()
    727
    728 action=NODE_DFLT;
    729 if (cfg.usercfg_mod[0]) {
    730 char cmdline[256];
    731 snprintf(cmdline, sizeof(cmdline), "%s %u", cfg.usercfg_mod, user->number);
    732 exec_bin(cmdline, &main_csi);
    CID 516411: (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    733 getuserdat(&cfg, user);
    734 return;
    735 }
    736 while(online) {
    737 CLS;
    738 getuserdat(&cfg,user);
    /useredit.cpp: 738 in sbbs_t::maindflts(user_t *)()
    732 exec_bin(cmdline, &main_csi);
    733 getuserdat(&cfg, user);
    734 return;
    735 }
    736 while(online) {
    737 CLS;
    CID 516411: (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    738 getuserdat(&cfg,user);
    739 bprintf(text[UserDefaultsHdr],user->alias,user->number);
    740 if(user == &useron) {
    741 update_nodeterm();
    742 load_user_text();
    743 }

    ** CID 516410: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 1662 in http_logon()


    ________________________________________________________________________________________________________
    *** CID 516410: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 1662 in http_logon()
    1656 session->req.finished=true;
    1657 }
    1658
    1659 void http_logon(http_session_t * session, user_t *usr)
    1660 {
    1661 if(usr==NULL)
    CID 516410: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    1662 getuserdat(&scfg, &session->user);
    1663 else
    1664 session->user=*usr;
    1665
    1666 if(session->user.number==session->last_user_num)
    1667 return;

    ** CID 516409: Error handling issues (CHECKED_RETURN)
    /str.cpp: 1388 in sbbs_t::change_user()()


    ________________________________________________________________________________________________________
    *** CID 516409: Error handling issues (CHECKED_RETURN)
    /str.cpp: 1388 in sbbs_t::change_user()()
    1382 putmsgptrs();
    1383 putuserstr(useron.number, USER_CURSUB
    1384 ,cfg.sub[usrsub[curgrp][cursub[curgrp]]]->code);
    1385 putuserstr(useron.number, USER_CURDIR
    1386 ,cfg.dir[usrdir[curlib][curdir[curlib]]]->code);
    1387 useron.number=i;
    CID 516409: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    1388 getuserdat(&cfg,&useron);
    1389 if(getnodedat(cfg.node_num,&thisnode, true)) {
    1390 thisnode.useron=useron.number;
    1391 putnodedat(cfg.node_num,&thisnode);
    1392 }
    1393 getmsgptrs();

    ** CID 516408: Error handling issues (CHECKED_RETURN)
    /useredit.cpp: 1166 in sbbs_t::purgeuser(int)()


    ________________________________________________________________________________________________________
    *** CID 516408: Error handling issues (CHECKED_RETURN)
    /useredit.cpp: 1166 in sbbs_t::purgeuser(int)()
    1160
    1161 void sbbs_t::purgeuser(int usernumber)
    1162 { char str[128];
    1163 user_t user;
    1164
    1165 user.number=usernumber;
    CID 516408: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    1166 getuserdat(&cfg,&user);
    1167 SAFEPRINTF2(str,"Purged %s #%u",user.alias,usernumber);
    1168 logentry("!*",str);
    1169 delallmail(usernumber, MAIL_ANY);
    1170 putusername(&cfg,usernumber,nulstr);
    1171 putusermisc(usernumber, user.misc | DELETED);

    ** CID 516407: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 2037 in check_ars()


    ________________________________________________________________________________________________________
    *** CID 516407: Error handling issues (CHECKED_RETURN)
    /websrvr.c: 2037 in check_ars()
    2031 else
    2032 lprintf(LOG_NOTICE,"%04d !UNKNOWN USER: '%s'" 2033 ,session->socket,session->req.auth.username);
    2034 return(false);
    2035 }
    2036 thisuser.number=i;
    CID 516407: Error handling issues (CHECKED_RETURN)
    Calling "getuserdat" without checking return value (as is done elsewhere 83 out of 98 times).
    2037 getuserdat(&scfg, &thisuser);
    2038 switch(session->req.auth.type) {
    2039 case AUTHENTICATION_TLS_PSK:
    2040 if((auth_allowed & (1<<AUTHENTICATION_TLS_PSK))==0)
    2041 return(false);
    2042 if(session->last_user_num!=0) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DQyWe_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZaRdcpKH1DbVbWKil-2BYXbuPo6Nlz2IWCRH2bHbIl-2BZWutyiZLTcraL5FS1iiZSM0cIaa70yw-2BvQnYvTFtY90cnRY6AunfTZ3TOchBhkmrNG5r6R9YGJilsgu5Suh4msrRA-2BqV-2BHoo-2B29c88W6IVBSZdgQoHyw-2Bn9zmKTgeEHvaqQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Fri Dec 20 13:38:55 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 516431: Incorrect expression (EVALUATION_ORDER)
    /scfg/scfgsys.c: 1740 in sys_cfg()


    ________________________________________________________________________________________________________
    *** CID 516431: Incorrect expression (EVALUATION_ORDER)
    /scfg/scfgsys.c: 1740 in sys_cfg()
    1734 char sys_pass[sizeof(cfg.sys_pass)];
    1735 SAFECOPY(sys_pass, cfg.sys_pass);
    1736 while(1) {
    1737 i=0;
    1738 snprintf(opt[i++],MAX_OPLN,"%-20s%s","BBS Name",cfg.sys_name);
    1739 snprintf(opt[i++],MAX_OPLN,"%-20s%s","Location",cfg.sys_location);
    CID 516431: Incorrect expression (EVALUATION_ORDER)
    In argument #6 of "safe_snprintf(opt[i++], 75UL, "%-20s%s%s %s", "Local Time Zone", ((cfg.sys_timezone == -1) ? "Auto: " : ""), smb_zonestr(sys_timezone(&cfg), NULL), ((!(cfg.sys_timezone <= 1000 && cfg.sys_timezone >= -1000) && (cfg.sys_timezone & 0xc000 || cfg.sys_timezone == 4096 || cfg.sys_timezone == 4156 || cfg.sys_timezone == 4216 || cfg.sys_timezone == 4816 || cfg.sys_timezone == 4696 || cfg.sys_timezone == 4666) && cfg.sys_misc & 0x4000U) ? "(Auto-DST)" : ""))", a call is made to "sys_timezone(&cfg)". In argument #1 of this function, the object "cfg.sys_timezone" is modified. This object is also used in "(cfg.sys_timezone == -1) ? "Auto: " : """, the argument #5 of the outer function call. The order in which these arguments are evaluated is not specified, and will vary between platforms.
    1740 snprintf(opt[i++],MAX_OPLN,"%-20s%s%s %s","Local Time Zone"
    1741 ,cfg.sys_timezone == SYS_TIMEZONE_AUTO ? "Auto: " : ""
    1742 ,smb_zonestr(sys_timezone(&cfg),NULL)
    1743 ,SMB_TZ_HAS_DST(cfg.sys_timezone) && cfg.sys_misc&SM_AUTO_DST ? "(Auto-DST)" : "");
    1744 snprintf(opt[i++],MAX_OPLN,"%-20s%s (e.g. %s)","Short Date Format"
    1745 ,date_format(&cfg, str, sizeof str)


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Du0AK_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZX-2BkC2-2BAZJhPPYfXPDeIQ-2B4YvLEfkbd-2Bd6D-2Bq6Hgb3A8yT9nXPdJTazBcJukBEh03pJKxvVooRsB2exFituB7-2FZiW-2B-2FFf3SbStI-2Fat2UXSZKXBODkmruS46NddedKGixq1GgfIg-2BgPQfkssXqpoMR-2BzxwZcTjLKvzCO0Vk2ny9Gw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Sat Dec 21 13:40:03 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 516448: High impact quality (Y2K38_SAFETY)
    /js_msgbase.c: 1441 in js_get_msg_header_resolve()


    ________________________________________________________________________________________________________
    *** CID 516448: High impact quality (Y2K38_SAFETY)
    /js_msgbase.c: 1441 in js_get_msg_header_resolve()
    1435 /* Fixed length portion of msg header */
    1436 LAZY_UINTEGER("type", p->msg.hdr.type, JSPROP_ENUMERATE);
    1437 LAZY_UINTEGER("version", p->msg.hdr.version, JSPROP_ENUMERATE); 1438 LAZY_UINTEGER("attr", p->msg.hdr.attr, JSPROP_ENUMERATE);
    1439 LAZY_UINTEGER("auxattr", p->msg.hdr.auxattr, JSPROP_ENUMERATE); 1440 LAZY_UINTEGER("netattr", p->msg.hdr.netattr, JSPROP_ENUMERATE); >>> CID 516448: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(p->msg.hdr.when_written)" is cast to "uint32".
    1441 LAZY_UINTEGER("when_written_time", smb_time(p->msg.hdr.when_written), JSPROP_ENUMERATE);
    1442 LAZY_INTEGER("when_written_zone", p->msg.hdr.when_written.zone, JSPROP_ENUMERATE);
    1443 LAZY_INTEGER("when_written_zone_offset", smb_tzutc(p->msg.hdr.when_written.zone), JSPROP_ENUMERATE|JSPROP_READONLY);
    1444 LAZY_UINTEGER("when_imported_time", p->msg.hdr.when_imported.time, JSPROP_ENUMERATE);
    1445 LAZY_INTEGER("when_imported_zone", p->msg.hdr.when_imported.zone, JSPROP_ENUMERATE);
    1446 LAZY_INTEGER("when_imported_zone_offset", smb_tzutc(p->msg.hdr.when_imported.zone), JSPROP_ENUMERATE|JSPROP_READONLY);

    ** CID 516447: High impact quality (Y2K38_SAFETY)
    /postmsg.cpp: 625 in votemsg()


    ________________________________________________________________________________________________________
    *** CID 516447: High impact quality (Y2K38_SAFETY)
    /postmsg.cpp: 625 in votemsg()
    619 }
    620 answers++;
    621 }
    622 }
    623 }
    624 safe_snprintf(smsg, sizeof(smsg), smsgfmt
    CID 516447: High impact quality (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg->hdr.when_written)" is cast to "time32_t".
    625 ,timestr(cfg, (time32_t)smb_time(msg->hdr.when_written), tstr)
    626 ,cfg->grp[cfg->sub[smb->subnum]->grp]->sname
    627 ,cfg->sub[smb->subnum]->sname
    628 ,from
    629 ,remsg.subj);
    630 SAFECAT(smsg, votes);

    ** CID 516446: (Y2K38_SAFETY)
    /qwknodes.c: 366 in main()
    /qwknodes.c: 392 in main()
    /qwknodes.c: 361 in main()
    /qwknodes.c: 384 in main()
    /qwknodes.c: 333 in main()
    /qwknodes.c: 343 in main()


    ________________________________________________________________________________________________________
    *** CID 516446: (Y2K38_SAFETY)
    /qwknodes.c: 366 in main()
    360 ,msg.from,p+1
    361 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
    362 ,str); 363 else
    364 fprintf(users,"%-25.25s %-8.8s %s\r\n"
    365 ,msg.from,str
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    366 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp));
    367 }
    368 if(cmd&NODES && msg.from_net.type==NET_QWK) {
    369 if(mode&TAGS)
    370 gettag(&msg,tag);
    371 if(mode&FEED) /qwknodes.c: 392 in main()
    386 }
    387 else
    388 fprintf(nodes,"%-8.8s %s\r\n"
    389 ,str 390 ,mode&TAGS
    391 ? tag >>> CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    392 : unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp));
    393 }
    394 }
    395 }
    396 smb_freemsgmem(&msg);
    397 }
    /qwknodes.c: 361 in main()
    355 else
    356 strcpy(str,msg.from_net.addr);
    357 p=strrchr(str,'/');
    358 if(p)
    359 fprintf(users,"%-25.25s %-8.8s %s (%s)\r\n"
    360 ,msg.from,p+1
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    361 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
    362 ,str); 363 else
    364 fprintf(users,"%-25.25s %-8.8s %s\r\n"
    365 ,msg.from,str
    366 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp));
    /qwknodes.c: 384 in main()
    378 fprintf(nodes,"%-8.8s %s\r\n"
    379 ,p+1
    380 ,tag);
    381 else
    382 fprintf(nodes,"%-8.8s %s (%s)\r\n"
    383 ,p+1
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    384 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
    385 ,str);
    386 }
    387 else
    388 fprintf(nodes,"%-8.8s %s\r\n"
    389 ,str /qwknodes.c: 333 in main()
    327 p=strrchr(addr,'/');
    328 if(!p)
    329 p=addr; 330 else
    331 *(p++)=0;
    332 safe_snprintf(str, sizeof(str), "%s %s:%s%c%s"
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    333 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),tmp)
    334 ,p,cfg.sys_id,p==addr ? 0 : '/'
    335 ,addr); 336 fprintf(route,"%s\r\n",str);
    337 }
    338 else {
    /qwknodes.c: 343 in main()
    337 }
    338 else {
    339 p=strrchr(addr,'/');
    340 if(p) {
    341 *(p++)=0;
    342 fprintf(route,"%s %s:%.*s\r\n"
    CID 516446: (Y2K38_SAFETY)
    A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "smb_time(msg.hdr.when_written)" is cast to "time32_t".
    343 ,unixtodstr(&cfg,smb_time(msg.hdr.when_written),str)
    344 ,p
    345 ,(uint)(p-addr)
    346 ,addr); 347 }
    348 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DNGSj_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYgWGJ9BYEIxvdbhMAIayAni-2FuUZOlays8-2BQNW1Qj2YoLcEBScLdhHrJ52SvmolJ5itsnLRiKIwdue9DQ-2F9PO-2FUFGY-2Fa0jLnspeSlF2FiQB80TbxuUTyDk42cNSQCBuIqgPC4jh5ZIq8dm-2B49xrAWdl9U3UIFg1xXJFs0kJktVUnA-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Tue Dec 24 13:46:54 2024
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    3 new defect(s) introduced to Synchronet found with Coverity Scan.
    7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)


    ** CID 516462: Resource leaks (RESOURCE_LEAK)
    /str.cpp: 277 in sbbs_t::sif(char *, char *, int)()


    ________________________________________________________________________________________________________
    *** CID 516462: Resource leaks (RESOURCE_LEAK)
    /str.cpp: 277 in sbbs_t::sif(char *, char *, int)()
    271 errormsg(WHERE,ERR_OPEN,str,O_RDONLY);
    272 return;
    273 }
    274 length=(int)filelength(file);
    275 if(length < 0) {
    276 errormsg(WHERE, ERR_CHK, str, length);
    CID 516462: Resource leaks (RESOURCE_LEAK)
    Handle variable "file" going out of scope leaks the handle.
    277 return;
    278 }
    279 if((buf=(char *)calloc(length + 1, 1))==0) {
    280 close(file);
    281 errormsg(WHERE,ERR_ALLOC,str,length);
    282 return;

    ** CID 516461: Resource leaks (RESOURCE_LEAK)
    /writemsg.cpp: 678 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()


    ________________________________________________________________________________________________________
    *** CID 516461: Resource leaks (RESOURCE_LEAK)
    /writemsg.cpp: 678 in sbbs_t::writemsg(const char *, const char *, char *, int, int, const char *, const char *, const char **, const char **)()
    672 return(false);
    673 }
    674 length=(long)filelength(file);
    675 if(length < 0) {
    676 errormsg(WHERE, ERR_LEN, msgtmp, length);
    677 free(buf);
    CID 516461: Resource leaks (RESOURCE_LEAK)
    Handle variable "file" going out of scope leaks the handle.
    678 return false;
    679 }
    680 l=strlen((char *)buf); /* reserve space for top and terminating null */
    681 /* truncate if too big */
    682 if(length>(long)((cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1))) {
    683 length=(cfg.level_linespermsg[useron_level]*MAX_LINE_LEN)-(l+1);

    ** CID 516460: Error handling issues (CHECKED_RETURN)
    /chat.cpp: 254 in sbbs_t::multinodechat(int)()


    ________________________________________________________________________________________________________
    *** CID 516460: Error handling issues (CHECKED_RETURN)
    /chat.cpp: 254 in sbbs_t::multinodechat(int)()
    248 if(getstr(str,8,K_UPPER|K_ALPHA|K_LINE)) {
    249 getnodedat(cfg.node_num,&thisnode,true);
    250 thisnode.aux=channel;
    251 packchatpass(str,&thisnode);
    252 }
    253 else {
    CID 516460: Error handling issues (CHECKED_RETURN)
    Calling "getnodedat" without checking return value (as is done elsewhere 54 out of 58 times).
    254 getnodedat(cfg.node_num,&thisnode,true);
    255 thisnode.aux=channel;
    256 }
    257 }
    258 else {
    259 getnodedat(cfg.node_num,&thisnode,true);


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DT8kj_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZ0FBX-2BUT7uzaWITu7U3dUMhdetuA-2BXV7YO8edQOGefnmNi1UdppKCC6vLOx06Y8sPuw5srJbsIYFYToJzSPdHxTD057AtOipCaMaoVsZPXJm19KDepDOzvHsB8koLerJtFoWwn5Qu57g8OiPy6q-2FxqWajzzHkfT1WyGUJ-2Bbs009Q-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net