1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • New Defects reported by Coverity Scan for Synchronet

    From scan-admin@coverity.com@VERT to All on Tue Mar 17 12:54:04 2026
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    4 new defect(s) introduced to Synchronet found with Coverity Scan.


    New defect(s) Reported-by: Coverity Scan
    Showing 4 of 4 defect(s)


    ** CID 645010: Insecure data handling (INTEGER_OVERFLOW) /tmp/sbbs-Mar-17-2026/src/conio/wl_events.c: 1136 in ds_send()


    _____________________________________________________________________________________________
    *** CID 645010: Insecure data handling (INTEGER_OVERFLOW) /tmp/sbbs-Mar-17-2026/src/conio/wl_events.c: 1136 in ds_send()
    1130 {
    1131 assert_pthread_mutex_lock(&wl_copybuf_mutex);
    1132 if (wl_copybuf) {
    1133 size_t len = strlen(wl_copybuf);
    1134 size_t sent = 0;
    1135 while (sent < len) {
    CID 645010: Insecure data handling (INTEGER_OVERFLOW)
    "len - sent", which might have underflowed, is passed to "write(fd, wl_copybuf + sent, len - sent)".
    1136 ssize_t rv = write(fd, wl_copybuf + sent, len - sent);
    1137 if (rv <= 0)
    1138 break;
    1139 sent += rv;
    1140 }
    1141 }

    ** CID 645009: Insecure data handling (INTEGER_OVERFLOW) /tmp/sbbs-Mar-17-2026/src/conio/wl_events.c: 1459 in readev()


    _____________________________________________________________________________________________
    *** CID 645009: Insecure data handling (INTEGER_OVERFLOW) /tmp/sbbs-Mar-17-2026/src/conio/wl_events.c: 1459 in readev()
    1453 readev(struct wl_local_event *lev)
    1454 {
    1455 size_t got = 0;
    1456 char *buf = (char *)lev;
    1457
    1458 while (got < sizeof(*lev)) {
    CID 645009: Insecure data handling (INTEGER_OVERFLOW)
    "96UL - got", which might have underflowed, is passed to "read(wl_local_pipe[0], buf + got, 96UL - got)".
    1459 int rv = read(wl_local_pipe[0], buf + got, sizeof(*lev) - got);
    1460 if (rv > 0)
    1461 got += rv;
    1462 }
    1463 }
    1464

    ** CID 645008: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-17-2026/src/conio/wl_cio.c: 243 in wl_copytext()


    _____________________________________________________________________________________________
    *** CID 645008: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-17-2026/src/conio/wl_cio.c: 243 in wl_copytext()
    237
    238 assert_pthread_mutex_lock(&wl_copybuf_mutex);
    239 FREE_AND_NULL(wl_copybuf);
    240 wl_copybuf = strdup(text);
    241 assert_pthread_mutex_unlock(&wl_copybuf_mutex);
    242
    CID 645008: Concurrent data access violations (MISSING_LOCK) >>> Accessing "wl_copybuf" without holding lock "wl_copybuf_mutex". Elsewhere, "wl_copybuf" is written to with "wl_copybuf_mutex" held 2 out of 2 times.
    243 if (wl_copybuf) {
    244 ev.type = WL_LOCAL_COPY;
    245 write_event(&ev);
    246 }
    247 }
    248

    ** CID 645007: Program hangs (SLEEP)


    _____________________________________________________________________________________________
    *** CID 645007: Program hangs (SLEEP) /tmp/sbbs-Mar-17-2026/src/conio/ciolib.c: 2754 in ciolib_add_hyperlink()
    2748 }
    2749 }
    2750
    2751 /* Run GC if free list is empty */
    2752 if (hyperlink_free_head == 0)
    2753 hyperlink_gc();
    CID 645007: Program hangs (SLEEP)
    Call to "hyperlink_gc" might sleep while holding lock "hyperlink_mutex".
    2754
    2755 /* Still empty after GC table is full */
    2756 if (hyperlink_free_head == 0) {
    2757 pthread_mutex_unlock(&hyperlink_mutex);
    2758 return 0;
    2759 }


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview



    ---
    * Synchronet * Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From scan-admin@coverity.com@VERT to cov-scan@synchro.net on Wed Mar 18 13:09:05 2026
    Hi,

    Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

    1 new defect(s) introduced to Synchronet found with Coverity Scan.
    4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

    New defect(s) Reported-by: Coverity Scan
    Showing 1 of 1 defect(s)


    ** CID 645069: Control flow issues (DEADCODE) /tmp/sbbs-Mar-18-2026/src/conio/cterm.c: 2702 in sgr_diff()


    _____________________________________________________________________________________________
    *** CID 645069: Control flow issues (DEADCODE) /tmp/sbbs-Mar-18-2026/src/conio/cterm.c: 2702 in sgr_diff()
    2696 else {
    2697 int params = 0;
    2698 char sgrbuf[128];
    2699 sgrbuf[0] = '\0';
    2700
    2701 if ((na & 0x08) && !(pa & 0x08)) {
    CID 645069: Control flow issues (DEADCODE)
    Execution cannot reach the expression "";1"" inside this statement: "strcat(sgrbuf, (params++ ? ...".
    2702 strcat(sgrbuf, params++ ? ";1" : "1");
    2703 }
    2704 if ((na & 0x80) && !(pa & 0x80)) {
    2705 strcat(sgrbuf, params++ ? ";5" : "5");
    2706 }
    2707 if ((na & 0x07) != (pa & 0x07)) {


    ________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview



    ---
    * Synchronet * Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net