Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

2 new defect(s) introduced to Synchronet found with Coverity Scan.
17 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 543172: Program hangs (SLEEP)


________________________________________________________________________________________________________
*** CID 543172: Program hangs (SLEEP)
/main.cpp: 3876 in sbbs_t::~sbbs_t()()
3870 fremove(WHERE, syspage_semfile);
3871
3872 /********************************/
3873 /* Free allocated class members */
3874 /********************************/
3875

CID 543172: Program hangs (SLEEP)
Call to "js_cleanup" might sleep while holding lock "this->nodefile_mutex".

3876 js_cleanup();
3877
3878 /* Reset text.dat */
3879
3880 for (i = 0; i < TOTAL_TEXT; i++)
3881 if (text[i] != text_sav[i]) {

** CID 543171: Null pointer dereferences (FORWARD_NULL)


________________________________________________________________________________________________________
*** CID 543171: Null pointer dereferences (FORWARD_NULL)
/main.cpp: 1528 in sbbs_t::js_create_user_objects(JSContext *, JSObject *)() 1522 bool sbbs_t::js_create_user_objects(JSContext* cx, JSObject* glob) 1523 {
1524 bool result = false;
1525 if (cx != NULL) {
1526 JS_BEGINREQUEST(cx);
1527 if (!js_CreateUserObjects(cx, glob, &cfg, &useron, &client, startup == NULL ? NULL :startup->web_file_vpath_prefix, subscan, mqtt))

CID 543171: Null pointer dereferences (FORWARD_NULL)
"errprintf" dereferences null "this->startup".

1528 errprintf(LOG_ERR, WHERE, "!JavaScript ERROR creating user objects");
1529 else
1530 result = true;
1531 JS_ENDREQUEST(cx);
1532 }
1533 return result;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 544155: Error handling issues (CHECKED_RETURN)
/ssl.c: 540 in get_ssl_cert()


________________________________________________________________________________________________________
*** CID 544155: Error handling issues (CHECKED_RETURN)
/ssl.c: 540 in get_ssl_cert()
534 size_t backoff_ms = 1;
535 unsigned loops = 0;
536 while (cert_entry->cert == -1) {
537 assert_pthread_mutex_lock(&get_ssl_cert_mutex);
538 /* Get the certificate... first try loading it from a file... */
539 if (cryptStatusOK(cryptKeysetOpen(&ssl_keyset, CRYPT_UNUSED, CRYPT_KEYSET_FILE, cert_path, CRYPT_KEYOPT_READONLY))) {

CID 544155: Error handling issues (CHECKED_RETURN)
Calling "log_cryptlib_error" without checking return value (as is done elsewhere 16 out of 17 times).

540 DO("getting private key", ssl_keyset, cryptGetPrivateKey(ssl_keyset, &cert_entry->cert, CRYPT_KEYID_NAME, "ssl_cert", cfg->sys_pass));
541 cryptKeysetClose(ssl_keyset);
542 }
543 if (cert_entry->cert == -1) {
544 lprintf(LOG_WARNING, "Failed to open/read TLS certificate: %s", cert_path);
545 if (cfg->create_self_signed_cert) {


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net