Subj : New Defects reported by Coverity Scan for Synchronet To : cov-scan@synchro.net From : scan-admin@coverity.com Date : Sun Dec 08 2024 13:41:14 Hi, Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan. 3 new defect(s) introduced to Synchronet found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 515715: Incorrect expression (SIZEOF_MISMATCH) /userdat.c: 1420 in node_vstatus() ________________________________________________________________________________________________________ *** CID 515715: Incorrect expression (SIZEOF_MISMATCH) /userdat.c: 1420 in node_vstatus() 1414 return cfg->text != NULL ? cfg->text[NodeStatusOffline] : "Offline"; 1415 case NODE_NETTING: /* Obsolete */ 1416 return "Networking"; 1417 case NODE_LOGON: 1418 return cfg->text != NULL ? cfg->text[NodeStatusLogon] : "At login prompt"; 1419 case NODE_LOGOUT: >>> CID 515715: Incorrect expression (SIZEOF_MISMATCH) >>> Passing argument "str" of type "char *" and argument "8UL /* sizeof (str) */" to function "safe_snprintf" is suspicious. 1420 snprintf(str, sizeof str, cfg->text != NULL ? cfg->text[NodeStatusLogout] : "Logging out %s", username(cfg,node->useron,tmp)); 1421 return str; 1422 case NODE_EVENT_WAITING: 1423 return cfg->text != NULL ? cfg->text[NodeStatusEventWaiting] : "Waiting for all nodes to become inactive"; 1424 case NODE_EVENT_LIMBO: 1425 snprintf(str, size, cfg->text != NULL ? cfg->text[NodeStatusEventLimbo] : "Waiting for node %d to finish external event" ** CID 515714: Uninitialized variables (UNINIT) ________________________________________________________________________________________________________ *** CID 515714: Uninitialized variables (UNINIT) /getnode.cpp: 289 in sbbs_t::getnodeext(unsigned int, char *)() 283 errormsg(WHERE,ERR_CHK,"node number",number); 284 return false; 285 } 286 287 if((node_ext=opennodeext(&cfg))==-1) { 288 memset(ext,0,128); >>> CID 515714: Uninitialized variables (UNINIT) >>> Using uninitialized value "*str" when calling "errormsg". 289 errormsg(WHERE,ERR_OPEN,str,O_RDONLY|O_DENYNONE); 290 return false; 291 } 292 293 number--; /* make zero based */ 294 for(count=0;counttext != NULL ? cfg->text[NodeActivityLoggingOn] : "logging on"; 1507 case NODE_LCHT: 1508 snprintf(str, size, cfg->text != NULL ? cfg->text[NodeActivityLocalChat] : "chatting with %s", cfg->sys_op); 1509 break; 1510 case NODE_MCHT: 1511 if(node->aux != 0) >>> CID 515713: Incorrect expression (SIZEOF_MISMATCH) >>> Passing argument "str" of type "char *" and argument "8UL /* sizeof (str) */" to function "safe_snprintf" is suspicious. 1512 snprintf(str, sizeof str 1513 ,cfg->text != NULL ? cfg->text[NodeActivityChatChannel] : "in multinode chat channel %d" 1514 ,node->aux & 0xff); 1515 else 1516 return cfg->text != NULL ? cfg->text[NodeActivityGlobalChat] : "in multinode global chat channel"; 1517 break; ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Drf1g_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQY9ty8xtnl2sw1SqlPRU2WILlz6B-2F41RYA0wpD7iGPK7iJJRJMlj06LpTw8H4oLu0ZD6NOR-2Fs4yPZ6xU2n8ZKWHL4-2F4cgQ0xljfi-2B5nJtvQuTTNG4kyAp2Ph0XvRGRr1KcMs8Gin6jWDWu2x-2Bkj9Q6Trx86Of-2BJRienYR-2Fbv9gQgw-3D-3D --- þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net .