Subj : New Defects reported by Coverity Scan for Synchronet
To   : cov-scan@synchro.net
From : scan-admin@coverity.com
Date : Fri Mar 05 2021 13:57:10

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

3 new defect(s) introduced to Synchronet found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 327965:  Error handling issues  (NEGATIVE_RETURNS)
/js_file.c: 417 in js_raw_read()


________________________________________________________________________________________________________
*** CID 327965:  Error handling issues  (NEGATIVE_RETURNS)
/js_file.c: 417 in js_raw_read()
411     	 * The only option bit is the fflush() on the stream, but it never hurts and is sometimes
412     	 * required by POSIX.
413     	 */
414     	fflush(p->fp);
415     	pos = ftell(p->fp);
416     	fd = fileno(p->fp);
>>>     CID 327965:  Error handling issues  (NEGATIVE_RETURNS)
>>>     "pos" is passed to a parameter that cannot be negative.
417     	lseek(fd, pos, SEEK_SET);
418     	len = read(fileno(p->fp),buf,len);
419     	fseek(p->fp, pos + (len >= 0 ? len : 0), SEEK_SET);
420     	dbprintf(FALSE, p, "read %u raw bytes",len);
421     	if(len<0)
422     		len=0;

** CID 327964:  Error handling issues  (CHECKED_RETURN)
/js_file.c: 419 in js_raw_read()


________________________________________________________________________________________________________
*** CID 327964:  Error handling issues  (CHECKED_RETURN)
/js_file.c: 419 in js_raw_read()
413     	 */
414     	fflush(p->fp);
415     	pos = ftell(p->fp);
416     	fd = fileno(p->fp);
417     	lseek(fd, pos, SEEK_SET);
418     	len = read(fileno(p->fp),buf,len);
>>>     CID 327964:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "fseek(p->fp, pos + ((len >= 0) ? len : 0), 0)" without checking return value. This library function may fail and return an error code.
419     	fseek(p->fp, pos + (len >= 0 ? len : 0), SEEK_SET);
420     	dbprintf(FALSE, p, "read %u raw bytes",len);
421     	if(len<0)
422     		len=0;
423
424     	JS_RESUMEREQUEST(cx, rc);

** CID 327963:  Error handling issues  (CHECKED_RETURN)
/js_file.c: 417 in js_raw_read()


________________________________________________________________________________________________________
*** CID 327963:  Error handling issues  (CHECKED_RETURN)
/js_file.c: 417 in js_raw_read()
411     	 * The only option bit is the fflush() on the stream, but it never hurts and is sometimes
412     	 * required by POSIX.
413     	 */
414     	fflush(p->fp);
415     	pos = ftell(p->fp);
416     	fd = fileno(p->fp);
>>>     CID 327963:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "lseek(fd, pos, 0)" without checking return value. This library function may fail and return an error code.
417     	lseek(fd, pos, SEEK_SET);
418     	len = read(fileno(p->fp),buf,len);
419     	fseek(p->fp, pos + (len >= 0 ? len : 0), SEEK_SET);
420     	dbprintf(FALSE, p, "read %u raw bytes",len);
421     	if(len<0)
422     		len=0;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3D_p2X_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrDy0FnBbq-2Fm93u7vA7CWW-2FDIcCWWSJ7c8n8ma0wI9nrXAM0rmu2WKRKamg79S0cwcvQZijOCkaXfhiqrcf11X2fxoyzccuy3-2BSoRLbQpzj-2B9htf4L24ypi98gpCO3iIwcHS0hb8b-2Fc-2BHjTiRNX0K47QJNHSl2g9Zn1weHkmTskRA2qmbeTTzYwfF1lTxvOzEdY-3D


--- SBBSecho 3.13-Linux
 * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

.