Forum: Galaxy BBS

New Defects reported by Coverity Scan for Synchronet

From scan-admin@coverity.com@1:103/705 to All on Mon Jan 5 13:46:18 2026

----==_mimepart_695bc0a9c87c5_1d5c082c2daae1599845356
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

4 new defect(s) introduced to Synchronet found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)

** CID 640406: High impact quality (Y2K38_SAFETY)
/getstats.c: 127 in fread_dstats()

_____________________________________________________________________________________________
*** CID 640406: High impact quality (Y2K38_SAFETY)
/getstats.c: 127 in fread_dstats()
121 if (fp == NULL)
122 return false;
123
124 memset(stats, 0, sizeof(*stats));
125 if ((ini = iniReadFile(fp)) == NULL)
126 return false;

CID 640406: High impact quality (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "iniGetDateTime(ini, NULL, "Date", 0L)" is cast to "time32_t".

127 stats->date = (time32_t)iniGetDateTime(ini, NULL, strStatsDate, 0);
128 gettotals(ini, strStatsToday, &stats->today);
129 gettotals(ini, strStatsTotal, &stats->total);
130 iniFreeStringList(ini);
131 stats->last = time32(NULL);
132

** CID 640405: API usage errors (PW.PRINTF_ARG_MISMATCH)
/atcodes.cpp: 844 in ()

_____________________________________________________________________________________________
*** CID 640405: API usage errors (PW.PRINTF_ARG_MISMATCH) /atcodes.cpp: 844 in ()
838 if (strcmp(sp, "CLOCK") == 0) {
839 snprintf(str, maxlen, "%" PRIu64, xp_timer64());
840 return str;
841 }
842
843 if (strcmp(sp, "TIMER") == 0) {

CID 640405: API usage errors (PW.PRINTF_ARG_MISMATCH)
argument is incompatible with corresponding format string conversion (expected type "double" but argument has type "long double")

844 snprintf(str, maxlen, "%f", xp_timer());
845 return str;
846 }
847
848 if (strcmp(sp, "GENDERS") == 0)
849 return cfg.new_genders;

** CID 640404: API usage errors (PRINTF_ARGS)
/atcodes.cpp: 844 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, JSObject *)()

_____________________________________________________________________________________________
*** CID 640404: API usage errors (PRINTF_ARGS)
/atcodes.cpp: 844 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, JSObject *)()
838 if (strcmp(sp, "CLOCK") == 0) {
839 snprintf(str, maxlen, "%" PRIu64, xp_timer64());
840 return str;
841 }
842
843 if (strcmp(sp, "TIMER") == 0) {

CID 640404: API usage errors (PRINTF_ARGS)
Argument "xp_timer()" to format specifier "%f" was expected to have type "double" but has type "long double". [Note: The source code implementation of the function has been overridden by a builtin model.]

844 snprintf(str, maxlen, "%f", xp_timer());
845 return str;
846 }
847
848 if (strcmp(sp, "GENDERS") == 0)
849 return cfg.new_genders;

** CID 640403: Error handling issues (CHECKED_RETURN)
/js_system.cpp: 1351 in js_minutestr(JSContext *, unsigned int, unsigned long *)()

_____________________________________________________________________________________________
*** CID 640403: Error handling issues (CHECKED_RETURN)
/js_system.cpp: 1351 in js_minutestr(JSContext *, unsigned int, unsigned long *)()
1345 if (js_argvIsNullOrVoid(cx, argv, 0))
1346 return JS_FALSE;
1347
1348 if (argc > 1 && JSVAL_IS_BOOLEAN(argv[1]))
1349 estimate = JSVAL_TO_BOOLEAN(argv[1]);
1350

CID 640403: Error handling issues (CHECKED_RETURN)
Calling "JS_ValueToECMAUint32" without checking return value (as is done elsewhere 96 out of 102 times).

1351 JS_ValueToECMAUint32(cx, argv[0], &t);
1352 if ((js_str = JS_NewStringCopyZ(cx, minutes_to_str(t, str, sizeof str, estimate))) == NULL)
1353 return JS_FALSE;
1354
1355 JS_SET_RVAL(cx, arglist, STRING_TO_JSVAL(js_str));
1356 return JS_TRUE;

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview

----==_mimepart_695bc0a9c87c5_1d5c082c2daae1599845356
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>New Defects Reported - Synchronet</title>
<style>
body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
.button {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
font-size: 16px;
color: #fff !important;
background-color: #0056b3;
text-decoration: none;
border-radius: 5px;
}
pre {
background: #f8f9fa;
padding: 10px;
border-radius: 5px;
font-size: 14px;
overflow-x: auto;
}
</style>
</head>
<body>
<p>Hi,</p>

<p>
Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
found with Coverity Scan.
</p>

<ul>
<li><strong>New Defects Found:</strong> 4</li>
<li>
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
</li>
<li><strong>Defects Shown:</strong> Showing 4 of 4 defect(s)</li>
</ul>

<h3>Defect Details</h3>
<pre>
** CID 640406: High impact quality (Y2K38_SAFETY)
/getstats.c: 127 in fread_dstats()

_____________________________________________________________________________________________
*** CID 640406: High impact quality (Y2K38_SAFETY)
/getstats.c: 127 in fread_dstats()
121 if (fp == NULL)
122 return false;
123
124 memset(stats, 0, sizeof(*stats));
125 if ((ini = iniReadFile(fp)) == NULL)
126 return false;
>>> CID 640406: High impact quality (Y2K38_SAFETY) >>> A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "iniGetDateTime(ini, NULL, "Date", 0L)" is cast to "time32_t".
127 stats->date = (time32_t)iniGetDateTime(ini, NULL, strStatsDate, 0);
128 gettotals(ini, strStatsToday, &stats->today);
129 gettotals(ini, strStatsTotal, &stats->total);
130 iniFreeStringList(ini);
131 stats->last = time32(NULL);
132

** CID 640405: API usage errors (PW.PRINTF_ARG_MISMATCH)
/atcodes.cpp: 844 in ()

_____________________________________________________________________________________________
*** CID 640405: API usage errors (PW.PRINTF_ARG_MISMATCH) /atcodes.cpp: 844 in ()
838 if (strcmp(sp, "CLOCK") == 0) {
839 snprintf(str, maxlen, "%" PRIu64, xp_timer64());
840 return str;
841 }
842
843 if (strcmp(sp, "TIMER") == 0) {
>>> CID 640405: API usage errors (PW.PRINTF_ARG_MISMATCH) >>> argument is incompatible with corresponding format string conversion (expected type "double" but argument has type "long double")
844 snprintf(str, maxlen, "%f", xp_timer());
845 return str;
846 }
847
848 if (strcmp(sp, "GENDERS") == 0)
849 return cfg.new_genders;

** CID 640404: API usage errors (PRINTF_ARGS)
/atcodes.cpp: 844 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, JSObject *)()

_____________________________________________________________________________________________
*** CID 640404: API usage errors (PRINTF_ARGS)
/atcodes.cpp: 844 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, JSObject *)()
838 if (strcmp(sp, "CLOCK") == 0) {
839 snprintf(str, maxlen, "%" PRIu64, xp_timer64());
840 return str;
841 }
842
843 if (strcmp(sp, "TIMER") == 0) {
>>> CID 640404: API usage errors (PRINTF_ARGS) >>> Argument "xp_timer()" to format specifier "%f" was expected to have type "double" but has type "long double". [Note: The source code implementation of the function has been overridden by a builtin model.]
844 snprintf(str, maxlen, "%f", xp_timer());
845 return str;
846 }
847
848 if (strcmp(sp, "GENDERS") == 0)
849 return cfg.new_genders;

** CID 640403: Error handling issues (CHECKED_RETURN)
/js_system.cpp: 1351 in js_minutestr(JSContext *, unsigned int, unsigned long *)()

_____________________________________________________________________________________________
*** CID 640403: Error handling issues (CHECKED_RETURN)
/js_system.cpp: 1351 in js_minutestr(JSContext *, unsigned int, unsigned long *)()
1345 if (js_argvIsNullOrVoid(cx, argv, 0))
1346 return JS_FALSE;
1347
1348 if (argc > 1 && JSVAL_IS_BOOLEAN(argv[1]))
1349 estimate = JSVAL_TO_BOOLEAN(argv[1]);
1350
>>> CID 640403: Error handling issues (CHECKED_RETURN) >>> Calling "JS_ValueToECMAUint32" without checking return value (as is done elsewhere 96 out of 102 times).
1351 JS_ValueToECMAUint32(cx, argv[0], &t);
1352 if ((js_str = JS_NewStringCopyZ(cx, minutes_to_str(t, str, sizeof str, estimate))) == NULL)
1353 return JS_FALSE;
1354
1355 JS_SET_RVAL(cx, arglist, STRING_TO_JSVAL(js_str));
1356 return JS_TRUE;

</pre>

<p>
<a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
</p>

<p>Best regards,</p>
<p>The Coverity Scan Admin Team</p>
<img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_695bc0a9c87c5_1d5c082c2daae1599845356--

--- SBBSecho 3.34-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

From scan-admin@coverity.com@1:103/705 to All on Mon Jan 12 13:47:57 2026

----==_mimepart_6964fb8d1cdba_2460bc2afbc97ad9ac59882
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

2 new defect(s) introduced to Synchronet found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)

** CID 640971: High impact quality (Y2K38_SAFETY)
/atcodes.cpp: 620 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, unsigned int, JSObject *)()

_____________________________________________________________________________________________
*** CID 640971: High impact quality (Y2K38_SAFETY)
/atcodes.cpp: 620 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, unsigned int, JSObject *)()
614
615 if (code_match(sp, "UPTIME", &param)) {
616 extern volatile time_t uptime;
617 time_t up = 0;
618 if (uptime != 0 && time(&now) >= uptime)
619 up = now - uptime;

CID 640971: High impact quality (Y2K38_SAFETY)
A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "up" is cast to "uint".

620 return duration((uint)up, str, maxlen, param, DURATION_MINIMAL_VERBAL);
621 }
622
623 if (!strcmp(sp, "SERVED")) {
624 extern volatile uint served;
625 safe_snprintf(str, maxlen, "%u", served);

** CID 640970: Insecure data handling (INTEGER_OVERFLOW)
/atcodes.cpp: 1695 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, unsigned int, JSObject *)()

_____________________________________________________________________________________________
*** CID 640970: Insecure data handling (INTEGER_OVERFLOW) /atcodes.cpp: 1695 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, unsigned int, JSObject *)()
1689 if (!strcmp(sp, "BYTESLEFT")) {
1690 safe_snprintf(str, maxlen, "%" PRIu64, user_available_credits(&useron));
1691 return str;
1692 }
1693
1694 if (code_match(sp, "CDTLEFT", &param))

CID 640970: Insecure data handling (INTEGER_OVERFLOW)
The cast of "user_available_credits(&this->useron)" to a signed type could result in a negative number.

1695 return byte_count(static_cast<int64_t>(user_available_credits(&useron)), str, maxlen, param, BYTE_COUNT_VERBAL);
1696
1697 if (code_match(sp, "CREDITS", &param))
1698 return byte_count(useron.cdt, str, maxlen, param, BYTE_COUNT_BYTES);
1699
1700 if (code_match(sp, "FREECDT", &param))

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview

----==_mimepart_6964fb8d1cdba_2460bc2afbc97ad9ac59882
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>New Defects Reported - Synchronet</title>
<style>
body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
.button {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
font-size: 16px;
color: #fff !important;
background-color: #0056b3;
text-decoration: none;
border-radius: 5px;
}
pre {
background: #f8f9fa;
padding: 10px;
border-radius: 5px;
font-size: 14px;
overflow-x: auto;
}
</style>
</head>
<body>
<p>Hi,</p>

<p>
Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
found with Coverity Scan.
</p>

<ul>
<li><strong>New Defects Found:</strong> 2</li>
<li>
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
</li>
<li><strong>Defects Shown:</strong> Showing 2 of 2 defect(s)</li>
</ul>

<h3>Defect Details</h3>
<pre>
** CID 640971: High impact quality (Y2K38_SAFETY)
/atcodes.cpp: 620 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, unsigned int, JSObject *)()

_____________________________________________________________________________________________
*** CID 640971: High impact quality (Y2K38_SAFETY)
/atcodes.cpp: 620 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, unsigned int, JSObject *)()
614
615 if (code_match(sp, "UPTIME", &param)) {
616 extern volatile time_t uptime;
617 time_t up = 0;
618 if (uptime != 0 && time(&now) >= uptime) 619 up = now - uptime;
>>> CID 640971: High impact quality (Y2K38_SAFETY) >>> A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "up" is cast to "uint".
620 return duration((uint)up, str, maxlen, param, DURATION_MINIMAL_VERBAL);
621 }
622
623 if (!strcmp(sp, "SERVED")) {
624 extern volatile uint served;
625 safe_snprintf(str, maxlen, "%u", served);

** CID 640970: Insecure data handling (INTEGER_OVERFLOW)
/atcodes.cpp: 1695 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, unsigned int, JSObject *)()

_____________________________________________________________________________________________
*** CID 640970: Insecure data handling (INTEGER_OVERFLOW) /atcodes.cpp: 1695 in sbbs_t::atcode(const char *, char *, unsigned long, int *, bool, unsigned int, JSObject *)()
1689 if (!strcmp(sp, "BYTESLEFT")) {
1690 safe_snprintf(str, maxlen, "%" PRIu64, user_available_credits(&useron));
1691 return str;
1692 }
1693
1694 if (code_match(sp, "CDTLEFT", &param)) >>> CID 640970: Insecure data handling (INTEGER_OVERFLOW) >>> The cast of "user_available_credits(&this->useron)" to a signed type could result in a negative number.
1695 return byte_count(static_cast<int64_t>(user_available_credits(&useron)), str, maxlen, param, BYTE_COUNT_VERBAL);
1696
1697 if (code_match(sp, "CREDITS", &param))
1698 return byte_count(useron.cdt, str, maxlen, param, BYTE_COUNT_BYTES);
1699
1700 if (code_match(sp, "FREECDT", &param))

</pre>

<p>
<a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
</p>

<p>Best regards,</p>
<p>The Coverity Scan Admin Team</p>
<img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_6964fb8d1cdba_2460bc2afbc97ad9ac59882--

--- SBBSecho 3.34-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

From scan-admin@coverity.com@1:103/705 to All on Wed Feb 18 13:50:52 2026

----==_mimepart_6995c3bce9f7_51bf02b0ff68619ac19798
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

2 new defect(s) introduced to Synchronet found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)

** CID 644273: Resource leaks (RESOURCE_LEAK)
/js_console.cpp: 422 in js_console_set(JSContext *, JSObject *, long, int, unsigned long *)()

_____________________________________________________________________________________________
*** CID 644273: Resource leaks (RESOURCE_LEAK)
/js_console.cpp: 422 in js_console_set(JSContext *, JSObject *, long, int, unsigned long *)()
416 break;
417
418 default:
419 return JS_TRUE;
420 }
421

CID 644273: Resource leaks (RESOURCE_LEAK)
Variable "sval" going out of scope leaks the storage it points to.

422 return JS_TRUE;
423 }
424
425 #define CON_PROP_FLAGS JSPROP_ENUMERATE
426
427 static jsSyncPropertySpec js_console_properties[] = {

** CID 644272: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)

_____________________________________________________________________________________________
*** CID 644272: Performance inefficiencies (COPY_INSTEAD_OF_MOVE) /con_hi.cpp: 61 in sbbs_t::uselect(bool, unsigned int, const char *, const char *, const unsigned char *)()
55 if (add) {
56 if (name == nullptr)
57 return -1;
58 if (ar != nullptr && !chk_ar(ar, &useron, &client))
59 return 0;
60 uselect_item item = { name, num };

CID 644272: Performance inefficiencies (COPY_INSTEAD_OF_MOVE) >>> "item" is copied and then passed-by-reference as parameter to STL insertion function "std::vector<sbbs_t::uselect_item, std::allocator<sbbs_t::uselect_item> >::push_back(std::vector<sbbs_t::uselect_item, std::allocator<sbbs_t::uselect_item> >::value_type const &)", when it could be moved instead.

61 uselect_items.push_back(item);
62 return 0;
63 }
64
65 if (uselect_items.size() < 1)
66 return -1;

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview

----==_mimepart_6995c3bce9f7_51bf02b0ff68619ac19798
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>New Defects Reported - Synchronet</title>
<style>
body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
.button {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
font-size: 16px;
color: #fff !important;
background-color: #0056b3;
text-decoration: none;
border-radius: 5px;
}
pre {
background: #f8f9fa;
padding: 10px;
border-radius: 5px;
font-size: 14px;
overflow-x: auto;
}
</style>
</head>
<body>
<p>Hi,</p>

<p>
Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
found with Coverity Scan.
</p>

<ul>
<li><strong>New Defects Found:</strong> 2</li>
<li><strong>Defects Shown:</strong> Showing 2 of 2 defect(s)</li>
</ul>

<h3>Defect Details</h3>
<pre>
** CID 644273: Resource leaks (RESOURCE_LEAK)
/js_console.cpp: 422 in js_console_set(JSContext *, JSObject *, long, int, unsigned long *)()

_____________________________________________________________________________________________
*** CID 644273: Resource leaks (RESOURCE_LEAK)
/js_console.cpp: 422 in js_console_set(JSContext *, JSObject *, long, int, unsigned long *)()
416 break;
417
418 default:
419 return JS_TRUE;
420 }
421
>>> CID 644273: Resource leaks (RESOURCE_LEAK) >>> Variable "sval" going out of scope leaks the storage it points to.
422 return JS_TRUE;
423 }
424
425 #define CON_PROP_FLAGS JSPROP_ENUMERATE
426
427 static jsSyncPropertySpec js_console_properties[] = {

** CID 644272: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)

_____________________________________________________________________________________________
*** CID 644272: Performance inefficiencies (COPY_INSTEAD_OF_MOVE) /con_hi.cpp: 61 in sbbs_t::uselect(bool, unsigned int, const char *, const char *, const unsigned char *)()
55 if (add) {
56 if (name == nullptr)
57 return -1;
58 if (ar != nullptr && !chk_ar(ar, &useron, &client))
59 return 0;
60 uselect_item item = { name, num };
>>> CID 644272: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
>>> "item" is copied and then passed-by-reference as parameter to STL insertion function "std::vector<sbbs_t::uselect_item, std::allocator<sbbs_t::uselect_item> >::push_back(std::vector<sbbs_t::uselect_item, std::allocator<sbbs_t::uselect_item> >::value_type const &)", when it could be moved instead.
61 uselect_items.push_back(item);
62 return 0;
63 }
64
65 if (uselect_items.size() < 1)
66 return -1;

</pre>

<p>
<a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
</p>

<p>Best regards,</p>
<p>The Coverity Scan Admin Team</p>
<img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_6995c3bce9f7_51bf02b0ff68619ac19798--

--- SBBSecho 3.37-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

From scan-admin@coverity.com@1:103/705 to All on Tue Feb 17 13:48:48 2026

----==_mimepart_699471c04eaa2_41c9e2b0ff68619ac19769
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)

** CID 644193: Memory - corruptions (REVERSE_NEGATIVE)
/websrvr.cpp: 1186 in close_request(http_session_t *)()

_____________________________________________________________________________________________
*** CID 644193: Memory - corruptions (REVERSE_NEGATIVE)
/websrvr.cpp: 1186 in close_request(http_session_t *)()
1180 * This causes all active http_session_threads to terminate. 1181 */
1182 if ((!session->req.keep_alive) || terminate_server) {
1183 drain_outbuf(session);
1184 close_session_socket(session);
1185 }

CID 644193: Memory - corruptions (REVERSE_NEGATIVE)
You might be using variable "session->socket" before verifying that it is >= 0.

1186 if (session->socket == INVALID_SOCKET)
1187 session->finished = true;
1188
1189 if (session->js_cx != NULL && (session->req.dynamic == IS_SSJS)) {
1190 JS_BEGINREQUEST(session->js_cx);
1191 JS_GC(session->js_cx);

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview

----==_mimepart_699471c04eaa2_41c9e2b0ff68619ac19769
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>New Defects Reported - Synchronet</title>
<style>
body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
.button {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
font-size: 16px;
color: #fff !important;
background-color: #0056b3;
text-decoration: none;
border-radius: 5px;
}
pre {
background: #f8f9fa;
padding: 10px;
border-radius: 5px;
font-size: 14px;
overflow-x: auto;
}
</style>
</head>
<body>
<p>Hi,</p>

<p>
Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
found with Coverity Scan.
</p>

<ul>
<li><strong>New Defects Found:</strong> 1</li>
<li><strong>Defects Shown:</strong> Showing 1 of 1 defect(s)</li>
</ul>

<h3>Defect Details</h3>
<pre>
** CID 644193: Memory - corruptions (REVERSE_NEGATIVE)
/websrvr.cpp: 1186 in close_request(http_session_t *)()

_____________________________________________________________________________________________
*** CID 644193: Memory - corruptions (REVERSE_NEGATIVE)
/websrvr.cpp: 1186 in close_request(http_session_t *)()
1180 * This causes all active http_session_threads to terminate. 1181 */
1182 if ((!session->req.keep_alive) || terminate_server) {
1183 drain_outbuf(session);
1184 close_session_socket(session);
1185 }
>>> CID 644193: Memory - corruptions (REVERSE_NEGATIVE) >>> You might be using variable "session->socket" before verifying that it is >= 0.
1186 if (session->socket == INVALID_SOCKET)
1187 session->finished = true;
1188
1189 if (session->js_cx != NULL && (session->req.dynamic == IS_SSJS)) {
1190 JS_BEGINREQUEST(session->js_cx);
1191 JS_GC(session->js_cx);

</pre>

<p>
<a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
</p>

<p>Best regards,</p>
<p>The Coverity Scan Admin Team</p>
<img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_699471c04eaa2_41c9e2b0ff68619ac19769--

--- SBBSecho 3.37-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Sysop:	Drillsar
Location:	Livingston, NJ
Users:	5
Nodes:	10 (0 / 10)
Uptime:	114:14:35
Calls:	16
Messages:	15,287

New Defects reported by Coverity Scan for Synchronet

Who's Online

Recent Visitors

System Info