Subj : New Defects reported by Coverity Scan for Synchronet To : cov-scan@synchro.net From : scan-admin@coverity.com Date : Sun Mar 21 2021 12:58:50 Hi, Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan. 3 new defect(s) introduced to Synchronet found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 329620: Uninitialized variables (UNINIT) /tmp/sbbs-Mar-21-2021/src/xpdev/sockwrap.c: 556 in nonblocking_connect() ________________________________________________________________________________________________________ *** CID 329620: Uninitialized variables (UNINIT) /tmp/sbbs-Mar-21-2021/src/xpdev/sockwrap.c: 556 in nonblocking_connect() 550 result=ERROR_VALUE; 551 if(result==EWOULDBLOCK || result==EINPROGRESS) { 552 if (socket_writable(sock, timeout * 1000)) { 553 result = 0; 554 } 555 else { >>> CID 329620: Uninitialized variables (UNINIT) >>> Using uninitialized value "optlen" when calling "getsockopt". 556 if(getsockopt(sock, SOL_SOCKET, SO_ERROR, (void*)&result, &optlen)==SOCKET_ERROR) 557 result=ERROR_VALUE; 558 } 559 } 560 } 561 return result; ** CID 329619: (RESOURCE_LEAK) /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 382 in xpms_accept() /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 625 in xpms_accept() /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 384 in xpms_accept() /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 402 in xpms_accept() /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 566 in xpms_accept() ________________________________________________________________________________________________________ *** CID 329619: (RESOURCE_LEAK) /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 382 in xpms_accept() 376 poll_timeout = INT_MAX; 377 else 378 poll_timeout = timeout; 379 380 switch (poll(fds, scnt, timeout)) { 381 case 0: >>> CID 329619: (RESOURCE_LEAK) >>> Variable "fds" going out of scope leaks the storage it points to. 382 return INVALID_SOCKET; 383 case -1: 384 return SOCKET_ERROR; 385 default: 386 scnt = 0; 387 for(i=0; isock_count; i++) { /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 625 in xpms_accept() 619 return ret; 620 } 621 } 622 } 623 } 624 >>> CID 329619: (RESOURCE_LEAK) >>> Variable "fds" going out of scope leaks the storage it points to. 625 return INVALID_SOCKET; /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 384 in xpms_accept() 378 poll_timeout = timeout; 379 380 switch (poll(fds, scnt, timeout)) { 381 case 0: 382 return INVALID_SOCKET; 383 case -1: >>> CID 329619: (RESOURCE_LEAK) >>> Variable "fds" going out of scope leaks the storage it points to. 384 return SOCKET_ERROR; 385 default: 386 scnt = 0; 387 for(i=0; isock_count; i++) { 388 if(xpms_set->socks[i].sock == INVALID_SOCKET) 389 continue; /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 402 in xpms_accept() 396 else { 397 #endif 398 if(cb_data) 399 *cb_data=xpms_set->socks[i].cb_data; 400 ret = accept(xpms_set->socks[i].sock, &addr->addr, addrlen); 401 if (ret == INVALID_SOCKET) >>> CID 329619: (RESOURCE_LEAK) >>> Variable "fds" going out of scope leaks the storage it points to. 402 return ret; 403 404 // Set host_ip from haproxy protocol, if its used 405 // https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmFhfLHSS4WW27WEbAQ0FnW2DAsEL4QRepj-2FHt2fmG7L-2BnWOoJSnAMuZZVvs-2FTpt9KdaKEu5rXFXNd-2BvSGu5ZLas-3Dd_90_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBHl4bR3Ma1f60TFhv7T6ysQTqzEd9nvMDO73rOMH-2FoJ5nhN868MA2phqypJ2oV92b97jXxFmunct7Y4klqGur0z6R0WcReKRfq0D0HPM1tk6CAFrC65I3bitVBEnBiVT8QTt-2F7UTr2oUauVjXSlBWa0Bh93CLCT6FEG1AINFfOnaX7z7JDCirzBRH9jqSpkRA-3D 406 if (flags & XPMS_ACCEPT_FLAG_HAPROXY) { 407 memset(addr, 0, sizeof(*addr)); /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 566 in xpms_accept() 560 switch (l) { 561 // IPv4 - AF_INET 562 case HAPROXY_AFINET: 563 if (i != 12) { 564 xpms_set->lprintf(LOG_ERR,"%04d * HAPROXY Something went wrong - IPv4 address length is incorrect",ret); 565 closesocket(ret); >>> CID 329619: (RESOURCE_LEAK) >>> Variable "fds" going out of scope leaks the storage it points to. 566 return INVALID_SOCKET; 567 } 568 addr->in.sin_family = AF_INET; 569 if (read_socket(ret, hapstr, i, xpms_set->lprintf)==FALSE) { 570 xpms_set->lprintf(LOG_ERR,"%04d * HAPROXY looking for IPv4 address - failed",ret); 571 closesocket(ret); ** CID 329618: Null pointer dereferences (NULL_RETURNS) /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 368 in xpms_accept() ________________________________________________________________________________________________________ *** CID 329618: Null pointer dereferences (NULL_RETURNS) /tmp/sbbs-Mar-21-2021/src/xpdev/multisock.c: 368 in xpms_accept() 362 if(FD_ISSET(xpms_set->socks[i].sock, &read_fs)) { 363 #else 364 fds = calloc(xpms_set->sock_count, sizeof(*fds)); 365 for (i = 0; i < xpms_set->sock_count; i++) { 366 if (xpms_set->socks[i].sock == INVALID_SOCKET) 367 continue; >>> CID 329618: Null pointer dereferences (NULL_RETURNS) >>> Dereferencing "fds", which is known to be "NULL". 368 fds[scnt].fd = xpms_set->socks[i].sock; 369 fds[scnt].events = POLLIN; 370 scnt++; 371 } 372 373 if (timeout == XPMS_FOREVER) ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3DLHmn_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBHl4bR3Ma1f60TFhv7T6ysowkKJDrUA6C75fu3BRJq-2FUw5eN9b5XYSctzsJ98DPYfDP7j4AYhQkY30dnFu4TwCdwjnMT8mAI2-2Bg-2FqSBUEH44x5j1MZehgipi7vnrC2DB2OwTaDXMtI26MENFL9HDj08iR5XhCILdRMD4IRrtvokulJVT7mfhTDsxurasyCN6A-3D --- SBBSecho 3.14-Linux * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705) .