Subj : New Defects reported by Coverity Scan for Synchronet To : cov-scan@synchro.net From : scan-admin@coverity.com Date : Thu Mar 03 2022 13:54:50 Hi, Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan. 3 new defect(s) introduced to Synchronet found with Coverity Scan. 23 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 350413: Error handling issues (CHECKED_RETURN) /smbutil.c: 1208 in packmsgs() ________________________________________________________________________________________________________ *** CID 350413: Error handling issues (CHECKED_RETURN) /smbutil.c: 1208 in packmsgs() 1202 if(offset < 0) { 1203 fprintf(errfp,"\n%s!Data allocation failure: %ld\n", beep, (long)offset); 1204 continue; 1205 } 1206 datoffset[datoffsets].new = (uint32_t)offset; 1207 datoffsets++; >>> CID 350413: Error handling issues (CHECKED_RETURN) >>> Calling "fseeko(tmp_sdt, offset, 0)" without checking return value. This library function may fail and return an error code. 1208 fseeko(tmp_sdt, offset, SEEK_SET); 1209 } 1210 else { 1211 fseek(tmp_sdt,0L,SEEK_END); 1212 offset = ftello(tmp_sdt); 1213 if(offset < 0) { ** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() ________________________________________________________________________________________________________ *** CID 319807: Memory - illegal accesses (UNINIT) /tmp/sbbs-Mar-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext < 9241 int main() { 9242 struct utsname *res; char *domain; >>> CID 319807: Memory - illegal accesses (UNINIT) >>> Using uninitialized value "res" when calling "uname". 9243 (void)uname(res); if (res != 0) { domain = res->domainname; } 9244 ; return 0; } 9245 EOF 9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then 9247 rm -rf conftest* 9248 ac_cv_have_uname_domainname_field=true ** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() ________________________________________________________________________________________________________ *** CID 319786: Null pointer dereferences (REVERSE_INULL) /tmp/sbbs-Mar-03-2022/3rdp/src/mozjs/js-1.8.5/js/src/configure: 9243 in main() 9237 cat > conftest.$ac_ext < 9241 int main() { 9242 struct utsname *res; char *domain; >>> CID 319786: Null pointer dereferences (REVERSE_INULL) >>> Null-checking "res" suggests that it may be null, but it has already been dereferenced on all paths leading to the check. 9243 (void)uname(res); if (res != 0) { domain = res->domainname; } 9244 ; return 0; } 9245 EOF 9246 if { (eval echo configure:9247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then 9247 rm -rf conftest* 9248 ac_cv_have_uname_domainname_field=true ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DD47W_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCSrijcu7bXGqi81OTBzOPBjXC3lWUuu5-2BXvKRt4FwjyPDf0g9xky4HQ0WtVouLRWmck1Ycykgk-2FaRQTwHwDaWNmkgdjrEM471gEiGAjjmwUICC8KGfeOt7sKwnsIZs4JW6l0pvrNJkOCwyjTGMjbzCH-2Bi1uRDonCgn-2FyD3M7dqtA-3D-3D --- SBBSecho 3.15-Linux * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705) .