Subj : New Defects reported by Coverity Scan for Synchronet
To   : cov-scan@synchro.net
From : scan-admin@coverity.com
Date : Sat Aug 10 2024 12:40:35

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

6 new defect(s) introduced to Synchronet found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 6 of 6 defect(s)


** CID 508288:    (STRING_NULL)
/telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
/telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()


________________________________________________________________________________________________________
*** CID 508288:    (STRING_NULL)
/telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
381     					l=K_CHAT;
382     					if(!(mode&TG_ECHO))
383     						l|=K_NOECHO;
384     					rd=getstr((char*)buf,sizeof(buf)-1,l);
385     					if(!rd)
386     						continue;
>>>     CID 508288:    (STRING_NULL)
>>>     Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
387     					SAFECAT(buf,crlf);
388     					rd+=2;
389     					gotline=true;
390     				}
391     				if((mode&TG_CRLF) && buf[rd-1]=='\r')
392     					buf[rd++]='\n';
/telgate.cpp: 387 in sbbs_t::telnet_gate(char *, unsigned int, unsigned int, char **, char *, char *, char *)()
381     					l=K_CHAT;
382     					if(!(mode&TG_ECHO))
383     						l|=K_NOECHO;
384     					rd=getstr((char*)buf,sizeof(buf)-1,l);
385     					if(!rd)
386     						continue;
>>>     CID 508288:    (STRING_NULL)
>>>     Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
387     					SAFECAT(buf,crlf);
388     					rd+=2;
389     					gotline=true;
390     				}
391     				if((mode&TG_CRLF) && buf[rd-1]=='\r')
392     					buf[rd++]='\n';

** CID 508287:  Resource leaks  (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


________________________________________________________________________________________________________
*** CID 508287:  Resource leaks  (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
3121     				size_t tmplen = 0;
3122     				for(jsuint i = 0; i < count; ++i) {
3123     					jsval val;
3124     					if(!JS_GetElement(cx, array, i, &val))
3125     						break;
3126     					JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
>>>     CID 508287:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "server_user_name" going out of scope leaks the storage it points to.
3127     					HANDLE_PENDING(cx, tmp);
3128     					strListPush(&send_strings, tmp);
3129     				}
3130     				free(tmp);
3131     			}
3132     		}

** CID 508286:  Resource leaks  (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


________________________________________________________________________________________________________
*** CID 508286:  Resource leaks  (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
3121     				size_t tmplen = 0;
3122     				for(jsuint i = 0; i < count; ++i) {
3123     					jsval val;
3124     					if(!JS_GetElement(cx, array, i, &val))
3125     						break;
3126     					JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
>>>     CID 508286:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "addr" going out of scope leaks the storage it points to.
3127     					HANDLE_PENDING(cx, tmp);
3128     					strListPush(&send_strings, tmp);
3129     				}
3130     				free(tmp);
3131     			}
3132     		}

** CID 508285:  Resource leaks  (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


________________________________________________________________________________________________________
*** CID 508285:  Resource leaks  (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
3121     				size_t tmplen = 0;
3122     				for(jsuint i = 0; i < count; ++i) {
3123     					jsval val;
3124     					if(!JS_GetElement(cx, array, i, &val))
3125     						break;
3126     					JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
>>>     CID 508285:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "term_type" going out of scope leaks the storage it points to.
3127     					HANDLE_PENDING(cx, tmp);
3128     					strListPush(&send_strings, tmp);
3129     				}
3130     				free(tmp);
3131     			}
3132     		}

** CID 508284:  Resource leaks  (RESOURCE_LEAK)
/js_bbs.cpp: 3041 in js_telnet_gate(JSContext *, unsigned int, unsigned long *)()


________________________________________________________________________________________________________
*** CID 508284:  Resource leaks  (RESOURCE_LEAK)
/js_bbs.cpp: 3041 in js_telnet_gate(JSContext *, unsigned int, unsigned long *)()
3035     			size_t tmplen = 0;
3036     			for(jsuint i = 0; i < count; ++i) {
3037     				jsval val;
3038     				if(!JS_GetElement(cx, array, i, &val))
3039     					break;
3040     				JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
>>>     CID 508284:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "addr" going out of scope leaks the storage it points to.
3041     				HANDLE_PENDING(cx, tmp);
3042     				strListPush(&send_strings, tmp);
3043     			}
3044     			free(tmp);
3045     			++argn;
3046     		}

** CID 508283:  Resource leaks  (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()


________________________________________________________________________________________________________
*** CID 508283:  Resource leaks  (RESOURCE_LEAK)
/js_bbs.cpp: 3127 in js_rlogin_gate(JSContext *, unsigned int, unsigned long *)()
3121     				size_t tmplen = 0;
3122     				for(jsuint i = 0; i < count; ++i) {
3123     					jsval val;
3124     					if(!JS_GetElement(cx, array, i, &val))
3125     						break;
3126     					JSVALUE_TO_RASTRING(cx, val, tmp, &tmplen, NULL);
>>>     CID 508283:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "client_user_name" going out of scope leaks the storage it points to.
3127     					HANDLE_PENDING(cx, tmp);
3128     					strListPush(&send_strings, tmp);
3129     				}
3130     				free(tmp);
3131     			}
3132     		}


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3Dbu0M_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQZNG0uf3i6p71oTc15oH-2BfpO28bQfsz9QVBH3Gtyw7JI9gEMaDnmdnDolPrFN6u9WaZmPVFWjRjCPjNCgu0p853ViRUnY3jw7qF-2FmF-2FRD-2BDN3Me1aa8H00Bk6GPSZ1Hw1-2FmiCWeADspXOcpcxao-2F3gS8JgnOAEga0TIePnt023yjQ-3D-3D


--- SBBSecho 3.20-Linux
 * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

.