Just a sample of the Echomail archive
[ << oldest | < older | list | newer > | newest >> ]
| Message 48697 |
| scan-admin@coverity.com to All |
| New Defects reported by Coverity Scan fo |
| 13 Jan 26 13:45:40 |
TZUTC: 0000
MSGID: 54128.syncprog@1:103/705 2dcc55f7
PID: Synchronet 3.21b-Linux master/f717faea9 Jan 12 2026 GCC 12.2.0
TID: SBBSecho 3.34-Linux master/f717faea9 Jan 12 2026 GCC 12.2.0
BBSID: VERT
CHRS: ASCII 1
FORMAT: flowed
----==_mimepart_69664c8455017_2561de2afbc97ad9ac598df
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hi,
Please find the latest report on new defect(s) introduced to Synchronet found
with Coverity Scan.
3 new defect(s) introduced to Synchronet found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 640989: (CONSTANT_EXPRESSION_RESULT)
/chk_ar.cpp: 752 in sbbs_t::ar_exp(const unsigned char **, user_t *,
client_t *)()
/chk_ar.cpp: 763 in sbbs_t::ar_exp(const unsigned char **, user_t *,
client_t *)()
________________________________________________________________
____________________________
*** CID 640989: (CONSTANT_EXPRESSION_RESULT)
/chk_ar.cpp: 752 in sbbs_t::ar_exp(const unsigned char **, user_t
*, client_t *)()
746 while (**ptrptr != '\0' && **ptrptr != ']' && i < sizeof(tmp) - 1)
747 tmp[i++] = *(*ptrptr)++;
748 tmp[i] = '\0';
749 if (**ptrptr == ']') {
750 (*ptrptr)++;
751 section = tmp;
>>> CID 640989: (CONSTANT_EXPRESSION_RESULT)
>>> "**ptrptr == CP437_NO_BREAK_SPACE" is always false regardless of the
values of its operands. This occurs as the logical second operand of "||".
752 SKIP_WHITESPACE(*ptrptr);
753 }
754 }
755 else if (strchr((char *)(*ptrptr), ':') != nullptr) { //
[section:]key
756 i = 0;
757 while (**ptrptr != '\0' && **ptrptr != ':' && i < sizeof(tmp) - 1)
/chk_ar.cpp: 763 in sbbs_t::ar_exp(const unsigned char **, user_t
*, client_t *)()
757 while (**ptrptr != '\0' && **ptrptr != ':' && i < sizeof(tmp) - 1)
758 tmp[i++] = *(*ptrptr)++;
759 tmp[i] = '\0';
760 if (**ptrptr != '\0') {
761 (*ptrptr)++;
762 section = tmp;
>>> CID 640989: (CONSTANT_EXPRESSION_RESULT)
>>> "**ptrptr == CP437_NO_BREAK_SPACE" is always false regardless of the
values of its operands. This occurs as the logical second operand of "||".
763 SKIP_WHITESPACE(*ptrptr);
764 }
765 }
766 SKIP_CHAR((*ptrptr), ':');
767 if (!user_get_bool_property(&cfg, user->number, section,
(char*)*ptrptr, false))
768 result = _not;
** CID 640988: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________
____________________________
*** CID 640988: Null pointer dereferences (FORWARD_NULL)
/userdat.c: 4877 in user_get_bool_property()
4871 c_unescape_printable((char*)section);
4872 }
4873 if (key != NULL) {
4874 key = strdup(key);
4875 c_unescape_printable((char*)key);
4876 }
>>> CID 640988: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "key" to "iniReadBool", which dereferences it.
4877 bool result = iniReadBool(fp, section, key, deflt);
4878 iniCloseFile(fp);
4879 free((char*)section);
4880 free((char*)key);
4881 return result;
4882 }
** CID 640987: (CONSTANT_EXPRESSION_RESULT)
/userdat.c: 2740 in ar_exp()
/userdat.c: 2729 in ar_exp()
________________________________________________________________
____________________________
*** CID 640987: (CONSTANT_EXPRESSION_RESULT)
/userdat.c: 2740 in ar_exp()
2734 while (**ptrptr != '\0' && **ptrptr != ':' && i < sizeof(tmp) -
1)
2735 tmp[i++] = *(*ptrptr)++;
2736 tmp[i] = '\0';
2737 if (**ptrptr != '\0') {
2738 (*ptrptr)++;
2739 section = tmp;
>>> CID 640987: (CONSTANT_EXPRESSION_RESULT)
>>> "**ptrptr == CP437_NO_BREAK_SPACE" is always false regardless of the
values of its operands. This occurs as the logical second operand of "||".
2740 SKIP_WHITESPACE(*ptrptr);
2741 }
2742 }
2743 SKIP_CHAR((*ptrptr), ':');
2744 if (!user_get_bool_property(cfg, user->number, section,
(char*)*ptrptr, false))
2745 result = not;
/userdat.c: 2729 in ar_exp()
2723 while (**ptrptr != '\0' && **ptrptr != ']' && i < sizeof(tmp) -
1)
2724 tmp[i++] = *(*ptrptr)++;
2725 tmp[i] = '\0';
2726 if (**ptrptr == ']') {
2727 (*ptrptr)++;
2728 section = tmp;
>>> CID 640987: (CONSTANT_EXPRESSION_RESULT)
>>> "**ptrptr == CP437_NO_BREAK_SPACE" is always false regardless of the
values of its operands. This occurs as the logical second operand of "||".
2729 SKIP_WHITESPACE(*ptrptr);
2730 }
2731 }
2732 else if (strchr((char *)(*ptrptr), ':') != NULL) { //
[section:]key
2733 i = 0;
2734 while (**ptrptr != '\0' && **ptrptr != ':' && i < sizeof(tmp) -
1)
________________________________________________________________
_______________________________________
To view the defects in Coverity Scan visit, https://scan.coverit
.com/projects/synchronet?tab=overview
----==_mimepart_69664c8455017_2561de2afbc97ad9ac598df
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
Defect Details
** CID 640989: (CONSTANT_EXPRESSION_RESULT)
/chk_ar.cpp: 752 in sbbs_t::ar_exp(const unsigned char **, user_t *,
client_t *)()
/chk_ar.cpp: 763 in sbbs_t::ar_exp(const unsigned char **, user_t *,
client_t *)()
________________________________________________________________
____________________________
*** CID 640989: (CONSTANT_EXPRESSION_RESULT)
/chk_ar.cpp: 752 in sbbs_t::ar_exp(const unsigned char **, user_t
*, client_t *)()
746 while (**ptrptr != '\0' && **ptrptr !=
']' && i < sizeof(tmp) - 1)
747 tmp[i++] = *(*ptrptr)++;
748 tmp[i] = '\0';
749 if (**ptrptr == ']') {
750 (*ptrptr)++;
751 section = tmp;
>>> CID 640989: (CONSTANT_EXPRESSION_RESULT)
>>> "**ptrptr == CP437_NO_BREAK_SPACE" is always false
regardless of the values of its operands. This occurs as the logical second
operand of "||".
752 SKIP_WHITESPACE(*ptrptr);
753 }
754 }
755 else if (strchr((char *)(*ptrptr), ':') != nullptr) { //
[section:]key
756 i = 0;
757 while (**ptrptr != '\0' && **ptrptr !=
':' && i < sizeof(tmp) - 1)
/chk_ar.cpp: 763 in sbbs_t::ar_exp(const unsigned char **, user_t
*, client_t *)()
757 while (**ptrptr != '\0' && **ptrptr !=
':' && i < sizeof(tmp) - 1)
758 tmp[i++] = *(*ptrptr)++;
759 tmp[i] = '\0';
760 if (**ptrptr != '\0') {
761 (*ptrptr)++;
762 section = tmp;
>>> CID 640989: (CONSTANT_EXPRESSION_RESULT)
>>> "**ptrptr == CP437_NO_BREAK_SPACE" is always false
regardless of the values of its operands. This occurs as the logical second
operand of "||".
763 SKIP_WHITESPACE(*ptrptr);
764 }
765 }
766 SKIP_CHAR((*ptrptr), ':');
767 if (!user_get_bool_property(&cfg, user->number, section,
(char*)*ptrptr, false))
768 result = _not;
** CID 640988: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________
____________________________
*** CID 640988: Null pointer dereferences (FORWARD_NULL)
/userdat.c: 4877 in user_get_bool_property()
4871 c_unescape_printable((char*)section);
4872 }
4873 if (key != NULL) {
4874 key = strdup(key);
4875 c_unescape_printable((char*)key);
4876 }
>>> CID 640988: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "key" to "i
iReadBool", which dereferences it.
4877 bool result = iniReadBool(fp, section, key, deflt);
4878 iniCloseFile(fp);
4879 free((char*)section);
4880 free((char*)key);
4881 return result;
4882 }
** CID 640987: (CONSTANT_EXPRESSION_RESULT)
/userdat.c: 2740 in ar_exp()
/userdat.c: 2729 in ar_exp()
________________________________________________________________
____________________________
*** CID 640987: (CONSTANT_EXPRESSION_RESULT)
/userdat.c: 2740 in ar_exp()
2734 while (**ptrptr != '\0' && **ptrptr !=
':' && i < sizeof(tmp) - 1)
2735 tmp[i++] = *(*ptrptr)++;
2736 tmp[i] = '\0';
2737 if (**ptrptr != '\0') {
2738 (*ptrptr)++;
2739 section = tmp;
>>> CID 640987: (CONSTANT_EXPRESSION_RESULT)
>>> "**ptrptr == CP437_NO_BREAK_SPACE" is always false
regardless of the values of its operands. This occurs as the logical second
operand of "||".
2740 SKIP_WHITESPACE(*ptrptr);
2741 }
2742 }
2743 SKIP_CHAR((*ptrptr), ':');
2744 if (!user_get_bool_property(cfg, user->number, section,
(char*)*ptrptr, false))
2745 result = not;
/userdat.c: 2729 in ar_exp()
2723 while (**ptrptr != '\0' && **ptrptr !=
']' && i < sizeof(tmp) - 1)
2724 tmp[i++] = *(*ptrptr)++;
2725 tmp[i] = '\0';
2726 if (**ptrptr == ']') {
2727 (*ptrptr)++;
2728 section = tmp;
>>> CID 640987: (CONSTANT_EXPRESSION_RESULT)
>>> "**ptrptr == CP437_NO_BREAK_SPACE" is always false
regardless of the values of its operands. This occurs as the logical second
operand of "||".
2729 SKIP_WHITESPACE(*ptrptr);
2730 }
2731 }
2732 else if (strchr((char *)(*ptrptr), ':') != NULL) { //
[section:]key
2733 i = 0;
2734 while (**ptrptr != '\0' && **ptrptr !=
':' && i < sizeof(tmp) - 1)
Best regards, The Coverity Scan Admin Team 
----==_mimepart_69664c8455017_2561de2afbc97ad9ac598df--
--- SBBSecho 3.34-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
SEEN-BY: 10/0 1 102/401 103/705 105/81 106/201 124/5016 128/187 129/14
SEEN-BY: 153/7715 154/110 214/22 218/0 1 215 700 810 226/30 227/114
SEEN-BY: 229/110 134 206 317 400 426 428 470 700 705 266/512 280/464
SEEN-BY: 291/111 301/1 320/219 322/757 342/200 396/45 460/58 633/280
SEEN-BY: 712/848 902/26 5075/35
PATH: 103/705 218/700 229/426
|
[ << oldest | < older | list | newer > | newest >> ]