• New Defects reported by C

    From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Thursday, August 08, 2024 12:40:00
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 508260: Null pointer dereferences (FORWARD_NULL)


    ________________________________________________________________________________________________________
    *** CID 508260: Null pointer dereferences (FORWARD_NULL)
    /js_msgbase.c: 950 in parse_header_object()
    944 msg->hdr.priority=i32;
    945 }
    946
    947 if(JS_GetProperty(cx, hdr, "field_list", &val) && JSVAL_IS_OBJECT(val)) {
    948 array=JSVAL_TO_OBJECT(val);
    949 len=0;
    CID 508260: Null pointer dereferences (FORWARD_NULL)
    Passing null pointer "array" to "JS_GetArrayLength", which dereferences it.
    950 if(array == NULL && !JS_GetArrayLength(cx, array, &len)) {
    951 JS_ReportError(cx, "Invalid \"field_list\" array in header object");
    952 goto err;
    953 }
    954
    955 for(i=0;i<len;i++) {

    ** CID 508259: Control flow issues (DEADCODE)
    /js_internal.c: 491 in js_execfile()


    ________________________________________________________________________________________________________
    *** CID 508259: Control flow issues (DEADCODE)
    /js_internal.c: 491 in js_execfile()
    485 else {
    486 JS_ReportError(cx, "Unable to get parent js."JAVASCRIPT_LOAD_PATH_LIST" array.");
    487 return JS_FALSE;
    488 }
    489 }
    490 else {
    CID 508259: Control flow issues (DEADCODE)
    Execution cannot reach this statement: "JS_ReportError(cx, "Unable ...".
    491 JS_ReportError(cx, "Unable to get parent js object"); 492 return JS_FALSE;
    493 }
    494
    495 js_script=JS_CompileFile(cx, js_scope, path);
    496


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D20ER_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZSUgE3dQnVG6wGylJBHlsQHMU-2FeSvlPG-2BveassRKfh2KZ3KQqZYMDLXz99-2FrWMwJQ1T1J2N-2BE4YP3SycyU5tkbW6rwM2zqlUIvWZrfgy3l7iQ0Im12Z6xa2F5EX6ZCGf29mh7eZnuIJTmQCiel8IOekKUKQgh0LXaZSb3gnPQHBw-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Saturday, August 10, 2024 12:40:00
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    6 new defect(s) introduced to Synchronet found with Coverity Scan.
    3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 6 of 6 defect(s)


    ** CID 508288: (STRING_NULL)
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()


    ________________________________________________________________________________________________________
    *** CID 508288: (STRING_NULL)
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
    381 l=K_CHAT;
    382 if(!(mode&TG_ECHO))
    383 l|=K_NOECHO;
    384 rd=getstr((char*)buf,sizeof(buf)-1,l);
    385 if(!rd)
    386 continue;
    CID 508288: (STRING_NULL)
    Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
    387 SAFECAT(buf,crlf);
    388 rd+=2;
    389 gotline=true;
    390 }
    391 if((mode&TG_CRLF) && buf[rd-1]=='\r') 392 buf[rd++]='\n';
    /telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
    381 l=K_CHAT;
    382 if(!(mode&TG_ECHO))
    383 l|=K_NOECHO;
    384 rd=getstr((char*)buf,sizeof(buf)-1,l);
    385 if(!rd)
    386 continue;
    CID 508288: (STRING_NULL)
    Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
    387 SAFECAT(buf,crlf);
    388 rd+=2;
    389 gotline=true;
    390 }
    391 if((mode&TG_CRLF) && buf[rd-1]=='\r') 392 buf[rd++]='\n';

    ** CID 508287: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508287: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508287: Resource leaks (RESOURCE_LEAK)
    Variable "server_user_name" going out of scope leaks the storage it points to.
    3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }

    ** CID 508286: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508286: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508286: Resource leaks (RESOURCE_LEAK)
    Variable "addr" going out of scope leaks the storage it points to.
    3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }

    ** CID 508285: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508285: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508285: Resource leaks (RESOURCE_LEAK)
    Variable "term_type" going out of scope leaks the storage it points to. 3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }

    ** CID 508284: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3041 in js_telnet_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508284: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3041 in js_telnet_gate(JSContext *, unsigned int, unsigned long *)()
    3035 size_t tmplen = 0;
    3036 for(jsuint i = 0; i < count; ++i) {
    3037 jsval val;
    3038 if(!JS_GetElement(cx, array, i, &val)) 3039 break;
    3040 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508284: Resource leaks (RESOURCE_LEAK)
    Variable "addr" going out of scope leaks the storage it points to.
    3041 HANDLE_PENDING(cx, tmp);
    3042 strListPush(&send_strings, tmp);
    3043 }
    3044 free(tmp);
    3045 ++argn;
    3046 }

    ** CID 508283: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


    ________________________________________________________________________________________________________
    *** CID 508283: Resource leaks (RESOURCE_LEAK)
    /js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
    3121 size_t tmplen = 0;
    3122 for(jsuint i = 0; i < count; ++i) { 3123 jsval val;
    3124 if(!JS_GetElement(cx, array, i, &val))
    3125 break;
    3126 JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
    CID 508283: Resource leaks (RESOURCE_LEAK)
    Variable "client_user_name" going out of scope leaks the storage it points to.
    3127 HANDLE_PENDING(cx, tmp);
    3128 strListPush(&send_strings, tmp);
    3129 }
    3130 free(tmp);
    3131 }
    3132 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Dbu0M_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZNG0uf3i6p71oTc15oH-2BfpO28bQfsz9QVBH3Gtyw7JI9gEMaDnmdnDolPrFN6u9WaZmPVFWjRjCPjNCgu0p853ViRUnY3jw7qF-2FmF-2FRD-2BDN3Me1aa8H00Bk6GPSZ1Hw1-2FmiCWeADspXOcpcxao-2F3gS8JgnOAEga0TIePnt023yjQ-3D-3D



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net