Subj : New Defects reported by Coverity Scan for Synchronet
To   : cov-scan@synchro.net
From : scan-admin@coverity.com
Date : Sun Sep 22 2024 12:43:45

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

2 new defect(s) introduced to Synchronet found with Coverity Scan.
17 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 509721:  Resource leaks  (RESOURCE_LEAK)
/scfg/scfgmsg.c: 139 in import_msg_areas()


________________________________________________________________________________________________________
*** CID 509721:  Resource leaks  (RESOURCE_LEAK)
/scfg/scfgmsg.c: 139 in import_msg_areas()
133     			new_sub_misc = SUB_FIDO;
134     			ini = iniReadFile(stream);
135     			if(ini == NULL)
136     				return 0;
137     			list = iniGetSectionList(ini, /* prefix: */NULL);
138     			if(list == NULL)
>>>     CID 509721:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "ini" going out of scope leaks the storage it points to.
139     				return 0;
140     			break;
141     		default: // EchoLists (e.g. BACKBONE.NA, badareas.lst) and AREAS.BBS
142     			new_sub_misc = SUB_FIDO;
143     			break;
144     	}

** CID 509720:    (RESOURCE_LEAK)
/logon.cpp: 670 in sbbs_t::logonstats()()
/logon.cpp: 676 in sbbs_t::logonstats()()
/logon.cpp: 649 in sbbs_t::logonstats()()
/logon.cpp: 673 in sbbs_t::logonstats()()
/logon.cpp: 682 in sbbs_t::logonstats()()


________________________________________________________________________________________________________
*** CID 509720:    (RESOURCE_LEAK)
/logon.cpp: 670 in sbbs_t::logonstats()()
664     			}
665     			fclose_dstats(dsts);
666     		}
667     	}
668
669     	if(cfg.node_num==0)	/* called from event_thread() */
>>>     CID 509720:    (RESOURCE_LEAK)
>>>     Variable "csts" going out of scope leaks the storage it points to.
670     		return(0);
671
672     	if(thisnode.status==NODE_QUIET)       /* Quiet users aren't counted */
673     		return(0);
674
675     	if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
/logon.cpp: 676 in sbbs_t::logonstats()()
670     		return(0);
671
672     	if(thisnode.status==NODE_QUIET)       /* Quiet users aren't counted */
673     		return(0);
674
675     	if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
>>>     CID 509720:    (RESOURCE_LEAK)
>>>     Variable "csts" going out of scope leaks the storage it points to.
676     		return(0);
677
678     	for(i=0;i<2;i++) {
679     		FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */TRUE);
680     		if(fp == NULL) {
681     			errormsg(WHERE, ERR_OPEN, "dsts.ini", i);
/logon.cpp: 649 in sbbs_t::logonstats()()
643     				node.misc|=NODE_EVENT;
644     				putnodedat(i,&node);
645     			}
646     			if((dsts = fopen_dstats(&cfg, i, /* for_write: */TRUE)) == NULL) /* doesn't have stats yet */
647     				continue;
648
>>>     CID 509720:    (RESOURCE_LEAK)
>>>     Overwriting "csts" in "csts = fopen_cstats(&this->cfg, i, true)" leaks the storage that "csts" points to.
649     			if((csts = fopen_cstats(&cfg, i, /* for_write: */TRUE)) == NULL) {
650     				fclose_dstats(dsts);
651     				errormsg(WHERE, ERR_OPEN, "csts.tab", i);
652     				continue;
653     			}
654
/logon.cpp: 673 in sbbs_t::logonstats()()
667     	}
668
669     	if(cfg.node_num==0)	/* called from event_thread() */
670     		return(0);
671
672     	if(thisnode.status==NODE_QUIET)       /* Quiet users aren't counted */
>>>     CID 509720:    (RESOURCE_LEAK)
>>>     Variable "csts" going out of scope leaks the storage it points to.
673     		return(0);
674
675     	if(REALSYSOP && !(cfg.sys_misc&SM_SYSSTAT))
676     		return(0);
677
678     	for(i=0;i<2;i++) {
/logon.cpp: 682 in sbbs_t::logonstats()()
676     		return(0);
677
678     	for(i=0;i<2;i++) {
679     		FILE* fp = fopen_dstats(&cfg, i ? 0 : cfg.node_num, /* for_write: */TRUE);
680     		if(fp == NULL) {
681     			errormsg(WHERE, ERR_OPEN, "dsts.ini", i);
>>>     CID 509720:    (RESOURCE_LEAK)
>>>     Variable "csts" going out of scope leaks the storage it points to.
682     			return(0L);
683     		}
684     		if(!fread_dstats(fp, &stats)) {
685     			errormsg(WHERE, ERR_READ, "dsts.ini", i);
686     		} else {
687     			stats.today.logons++;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3D1BBg_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYPIsZP1mUIcYDXV-2BIKqJmrVInqiYU6VTjqKrshCKgIaqKtr35-2BruWgG1P-2Bg0yB-2BuAgsL8JZmDQBzw15bXNroJeqqVZoqg0VkgzqvypQVJBEoWQ3SQD0dE3jrBkw3Qa7Rc5CMTgkEjMauyB8RHdROWl9YGmjuyI0AjbW-2Fmd2yoJLA-3D-3D


--- SBBSecho 3.20-Linux
 * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

.