Subj : New Defects reported by Coverity Scan for Synchronet
To   : All
From : scan-admin@coverity.com
Date : Sat Feb 01 2025 13:42:14

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 532317:  Error handling issues  (CHECKED_RETURN)
/js_socket.c: 2380 in js_socket_set()


________________________________________________________________________________________________________
*** CID 532317:  Error handling issues  (CHECKED_RETURN)
/js_socket.c: 2380 in js_socket_set()
2374     											size_t key_sz;
2375     											JS_IdToValue(cx, ids->vector[k], &js_id);
2376     											id = NULL;
2377     											JSVALUE_TO_MSTRING(cx, js_id, id, &id_sz);
2378     											if (id != NULL) {
2379     												if (!JS_IsExceptionPending(cx)) {
>>>     CID 532317:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "JS_GetProperty" without checking return value (as is done elsewhere 196 out of 203 times).
2380     													JS_GetProperty(cx, p->tls_psk, id, &js_key);
2381     													JSVALUE_TO_MSTRING(cx, js_key, key, &key_sz);
2382     													if (key != NULL) {
2383     														if (!JS_IsExceptionPending(cx)) {
2384     															if (do_cryptAttributeString(p->session, CRYPT_SESSINFO_USERNAME, id, id_sz) == CRYPT_OK)
2385     																do_cryptAttributeString(p->session, CRYPT_SESSINFO_PASSWORD, key, key_sz);


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview



---
 þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

.