1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • New Defects reported by Coverity Scan for Synchronet

    From scan-admin@coverity.com@VERT to All on Fri Apr 11 15:36:53 2025
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    2 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)


    ** CID 549016: Integer handling issues (INTEGER_OVERFLOW)
    /str.cpp: 1194 in sbbs_t::spy(unsigned int)()


    ________________________________________________________________________________________________________
    *** CID 549016: Integer handling issues (INTEGER_OVERFLOW)
    /str.cpp: 1194 in sbbs_t::spy(unsigned int)()
    1188 && !msgabort()) {
    1189 in = incom(1000);
    1190 if (in == NOINP) {
    1191 gettimeleft();
    1192 continue;
    1193 }
    CID 549016: Integer handling issues (INTEGER_OVERFLOW)
    Expression "ch", where "in" is known to be equal to 256, overflows the type of "ch", which is type "char".
    1194 ch = in;
    1195 if (ch == ESC) {
    1196 if (ansi_len)
    1197 ansi_len = 0;
    1198 else {
    1199 if ((in = incom(500)) != NOINP) {

    ** CID 549015: Uninitialized variables (UNINIT)


    ________________________________________________________________________________________________________
    *** CID 549015: Uninitialized variables (UNINIT)
    /js_system.c: 2089 in js_chkpassword()
    2083
    2084 js_system_private_t* sys;
    2085 if ((sys = (js_system_private_t*)js_GetClassPrivate(cx, obj, &js_system_class)) == NULL)
    2086 return JS_FALSE;
    2087
    2088 rc = JS_SUSPENDREQUEST(cx);
    CID 549015: Uninitialized variables (UNINIT)
    Using uninitialized value "*str" when calling "check_pass".
    2089 bool result = check_pass(sys->cfg, str, /* user: */NULL, /* unique: */false, /* reason: */NULL)
    2090 && !trashcan(sys->cfg, str, "password"); 2091 JS_SET_RVAL(cx, arglist, BOOLEAN_TO_JSVAL(result));
    2092 JS_RESUMEREQUEST(cx, rc);
    2093
    2094 return JS_TRUE;


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to All on Tue May 20 12:44:44 2025
    <!DOCTYPE html>
    <html>
    <head>
    <style>
    body {
    font-family: Arial, sans-serif;
    line-height: 1.6;
    }
    .button {
    display: inline-block;
    padding: 10px 20px;
    margin: 20px 0;
    font-size: 16px;
    color: #fff;
    background-color: #007bff;
    text-decoration: none;
    border-radius: 5px;
    }
    .button:hover {
    background-color: #0056b3;
    }
    </style>
    </head>
    <body>
    <p>Hi,</p>

    <p>
    Coverity Scan has identified new defect(s) in the project <strong>Synchronet</strong>.
    </p>

    <h3>Defect Summary:</h3>
    <ul>
    <li><strong>New Defects Found:</strong> 2</li>
    <li><strong>Defects Fixed:</strong> 1</li>
    <li><strong>Defects Displayed:</strong> Showing 2 of 2</li>
    </ul>

    <p>
    To view the full list of defects and take action, click the button below:
    </p>

    <p>
    <a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects</a>
    </p>

    <p>
    If you have any questions or need assistance, feel free to contact our support team.
    </p>


    <p>Best regards,</p>
    <p>The Coverity Scan Admin Team</p>
    <img class="logo" width="140" src="/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
    </body>
    </html>


    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net