Subj : New Defects reported by Coverity Scan for Synchronet To : cov-scan@synchro.net From : scan-admin@coverity.com Date : Fri Apr 15 2022 12:57 pm Hi, Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan. 3 new defect(s) introduced to Synchronet found with Coverity Scan. 5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 351999: Insecure data handling (TAINTED_SCALAR) ________________________________________________________________________________________________________ *** CID 351999: Insecure data handling (TAINTED_SCALAR) /chat.cpp: 582 in sbbs_t::guru_page()() 576 return(false); 577 } 578 if(read(file,gurubuf,length) != length) 579 errormsg(WHERE, ERR_READ, path, length); 580 gurubuf[length]=0; 581 close(file); >>> CID 351999: Insecure data handling (TAINTED_SCALAR) >>> Passing tainted expression "*gurubuf" to "localguru", which uses it as a loop boundary. 582 localguru(gurubuf,i); 583 free(gurubuf); 584 return(true); 585 } 586 587 /****************************************************************************/ ** CID 351998: API usage errors (PRINTF_ARGS) ________________________________________________________________________________________________________ *** CID 351998: API usage errors (PRINTF_ARGS) /scfg/scfgsys.c: 1396 in sys_cfg() 1390 if(cfg.mail_backup_level) 1391 sprintf(str,"%hu",cfg.mail_backup_level); 1392 else 1393 strcpy(str,"None"); 1394 sprintf(opt[i++],"%-27.27s%s","Mail Database Backups",str); 1395 if(cfg.max_log_size && cfg.max_logs_kept) { >>> CID 351998: API usage errors (PRINTF_ARGS) >>> Argument "cfg.max_logs_kept" to format specifier "%lu" was expected to have type "unsigned long" but has type "unsigned short". 1396 SAFEPRINTF2(str, "%s bytes, keep %lu" 1397 ,byte_count_to_str(cfg.max_log_size, tmp, sizeof(tmp)) 1398 ,cfg.max_logs_kept); 1399 } else { 1400 SAFECOPY(str, "Unlimited"); 1401 } ** CID 351997: API usage errors (PW.PRINTF_ARG_MISMATCH) /scfg/scfgsys.c: 1396 in () ________________________________________________________________________________________________________ *** CID 351997: API usage errors (PW.PRINTF_ARG_MISMATCH) /scfg/scfgsys.c: 1396 in () 1390 if(cfg.mail_backup_level) 1391 sprintf(str,"%hu",cfg.mail_backup_level); 1392 else 1393 strcpy(str,"None"); 1394 sprintf(opt[i++],"%-27.27s%s","Mail Database Backups",str); 1395 if(cfg.max_log_size && cfg.max_logs_kept) { >>> CID 351997: API usage errors (PW.PRINTF_ARG_MISMATCH) >>> argument is incompatible with corresponding format string conversion 1396 SAFEPRINTF2(str, "%s bytes, keep %lu" 1397 ,byte_count_to_str(cfg.max_log_size, tmp, sizeof(tmp)) 1398 ,cfg.max_logs_kept); 1399 } else { 1400 SAFECOPY(str, "Unlimited"); 1401 } ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4BbWTBf-2B-2Fi5ZUVF-2Fo-2B6flxo-3Dv98d_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrBQXq292UPSsYZB6Gh6KX7L3zQbhWOMu2Kkl4RkAFINrQC8BTQdoE8XeU2exLHjLVO2Cd4WbDBwt1lJWKsV7Yp8MRspW6dXps6YMEsM6ouXTLQbVrkmrc-2BuX7I2UmXPApyFOHO9YNWJ2sKXqPlIwYNDDJHauBS22j9Bg-2FopOXF8-2FQ-3D-3D .