Subj : New Defects reported by C
To   : cov-scan@synchro.net
From : scan-admin@coverity.com
Date : Sun Nov 03 2024 13:41:00

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

2 new defect(s) introduced to Synchronet found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 514434:    (NULL_RETURNS)
/tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 1001 in prestel_get_state()


________________________________________________________________________________________________________
*** CID 514434:    (NULL_RETURNS)
/tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 1001 in prestel_get_state()
995     	TERM_XY(&tx, &ty);
996     	line = malloc(sizeof(*line) * tx);
997     	prestel_new_line(cterm);
998     	if (tx > 1) {
999     		vmem_gettext(cterm->x, sy, cterm->x + tx - 2, sy, line);
1000     		for (int i = 0; i < (tx - 1); i++) {
>>>     CID 514434:    (NULL_RETURNS)
>>>     Dereferencing "line", which is known to be "NULL".
1001     			uint8_t ch = line[i].ch;
1002     			if (line[i].fg & 0x7F000000) {
1003     				ch = (line[i].fg & 0x7F000000) >> 24;
1004     				prestel_apply_ctrl(cterm, ch);
1005     			}
1006     			else {
/tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 999 in prestel_get_state()
993
994     	SCR_XY(&sx, &sy);
995     	TERM_XY(&tx, &ty);
996     	line = malloc(sizeof(*line) * tx);
997     	prestel_new_line(cterm);
998     	if (tx > 1) {
>>>     CID 514434:    (NULL_RETURNS)
>>>     Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_gettext".
999     		vmem_gettext(cterm->x, sy, cterm->x + tx - 2, sy, line);
1000     		for (int i = 0; i < (tx - 1); i++) {
1001     			uint8_t ch = line[i].ch;
1002     			if (line[i].fg & 0x7F000000) {
1003     				ch = (line[i].fg & 0x7F000000) >> 24;
1004     				prestel_apply_ctrl(cterm, ch);

** CID 514433:    (NULL_RETURNS)
/tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4990 in prestel_fix_line()


________________________________________________________________________________________________________
*** CID 514433:    (NULL_RETURNS)
/tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4985 in prestel_fix_line()
4979     	bool fixed = false;
4980     	bool fixedheight = false;
4981
4982     	coord_conv_xy(cterm, CTERM_COORD_TERM, CTERM_COORD_SCREEN, &sy, &sx);
4983     	ex = sx + TERM_MAXX - 1;
4984     	line = malloc(sizeof(*line) * (ex - sx + 1));
>>>     CID 514433:    (NULL_RETURNS)
>>>     Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_gettext".
4985     	vmem_gettext(sx, sy, ex, sy, line);
4986     	prestel_new_line(cterm);
4987     	for (int i = 0; i < TERM_MAXX; i++) {
4988     		uint8_t ch;
4989     		// Go through the line applying attributes, held mosaics, etc.
4990     		if (line[i].fg & 0x7F000000) {
/tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 5098 in prestel_fix_line()
5092     				line[i].ch += 64;
5093     				fixed = true;
5094     			}
5095     		}
5096     	}
5097     	if (force || fixed)
>>>     CID 514433:    (NULL_RETURNS)
>>>     Dereferencing a pointer that might be "NULL" "line" when calling "ciolib_vmem_puttext".
5098     		vmem_puttext(sx, sy, ex, sy, line);
5099     	free(line);
5100     	if (restore) {
5101     		cterm->extattr = extattr;
5102     		cterm->fg_color = fg_color;
5103     		cterm->bg_color = bg_color;
/tmp/sbbs-Nov-03-2024/src/conio/cterm.c: 4990 in prestel_fix_line()
4984     	line = malloc(sizeof(*line) * (ex - sx + 1));
4985     	vmem_gettext(sx, sy, ex, sy, line);
4986     	prestel_new_line(cterm);
4987     	for (int i = 0; i < TERM_MAXX; i++) {
4988     		uint8_t ch;
4989     		// Go through the line applying attributes, held mosaics, etc.
>>>     CID 514433:    (NULL_RETURNS)
>>>     Dereferencing "line", which is known to be "NULL".
4990     		if (line[i].fg & 0x7F000000) {
4991     			// This is a control character
4992     			ch = (line[i].fg & 0x7F000000) >> 24;
4993     			prestel_apply_ctrl_before(cterm, ch);
4994     			if ((cterm->extattr & CTERM_EXTATTR_PRESTEL_DOUBLE_HEIGHT) && ((line[i].bg & 0x01000000) == 0)) {
4995     				// Should be double-high


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DIdOQ_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQbN8RSzLdCZbSy14N5iWP9J-2FcpNjQ0eI2Oj6rPhHqZBQZA4UM9PchXs94tTdeyxdvCkcPzkWohEpzrEBvlrnd6-2FTfmIpMAsE2mi-2BdkX8vzesYff-2FsK9jSFcjEXcYS-2Fxznm-2FxoYdKxCkLPJPKyAUp9zwS3A1OhpfjMprQ34Tb-2BWdhw-3D-3D



---
 þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

.