Subj : New Defects reported by Coverity Scan for Synchronet
To   : cov-scan@synchro.net
From : scan-admin@coverity.com
Date : Thu Aug 08 2024 12:40:34

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

2 new defect(s) introduced to Synchronet found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 508260:  Null pointer dereferences  (FORWARD_NULL)


________________________________________________________________________________________________________
*** CID 508260:  Null pointer dereferences  (FORWARD_NULL)
/js_msgbase.c: 950 in parse_header_object()
944     		msg->hdr.priority=i32;
945     	}
946
947     	if(JS_GetProperty(cx, hdr, "field_list", &val) && JSVAL_IS_OBJECT(val)) {
948     		array=JSVAL_TO_OBJECT(val);
949     		len=0;
>>>     CID 508260:  Null pointer dereferences  (FORWARD_NULL)
>>>     Passing null pointer "array" to "JS_GetArrayLength", which dereferences it.
950     		if(array == NULL && !JS_GetArrayLength(cx, array, &len)) {
951     			JS_ReportError(cx, "Invalid \"field_list\" array in header object");
952     			goto err;
953     		}
954
955     		for(i=0;i<len;i++) {

** CID 508259:  Control flow issues  (DEADCODE)
/js_internal.c: 491 in js_execfile()


________________________________________________________________________________________________________
*** CID 508259:  Control flow issues  (DEADCODE)
/js_internal.c: 491 in js_execfile()
485     		else {
486     			JS_ReportError(cx, "Unable to get parent js."JAVASCRIPT_LOAD_PATH_LIST" array.");
487     			return JS_FALSE;
488     		}
489     	}
490     	else {
>>>     CID 508259:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "JS_ReportError(cx, "Unable ...".
491     		JS_ReportError(cx, "Unable to get parent js object");
492     		return JS_FALSE;
493     	}
494
495     	js_script=JS_CompileFile(cx, js_scope, path);
496


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D20ER_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZSUgE3dQnVG6wGylJBHlsQHMU-2FeSvlPG-2BveassRKfh2KZ3KQqZYMDLXz99-2FrWMwJQ1T1J2N-2BE4YP3SycyU5tkbW6rwM2zqlUIvWZrfgy3l7iQ0Im12Z6xa2F5EX6ZCGf29mh7eZnuIJTmQCiel8IOekKUKQgh0LXaZSb3gnPQHBw-3D-3D


--- SBBSecho 3.20-Linux
 * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

.