----==_mimepart_68dd52075cd65_5ee032b4f2a4a99a44999
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hi,
Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.
9 new defect(s) introduced to Synchronet found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)
** CID 631076: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631076: Memory - corruptions (OVERRUN)
/sbbsecho.c: 314 in parse_echostat_msg()
308 {
309 char str[128];
310 char key[128];
311 echostat_msg_t msg = {{0}};
312
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
CID 631076: Memory - corruptions (OVERRUN)
Overrunning array "msg.from" of 36 bytes by passing it to a function which accesses it at byte offset 1023.
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
** CID 631075: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631075: Memory - corruptions (OVERRUN)
/sbbsecho.c: 319 in parse_echostat_msg()
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
CID 631075: Memory - corruptions (OVERRUN)
Overrunning array "msg.tid" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
322 snprintf(key, sizeof key, "%s.localtime", prefix), msg.localtime = iniGetDateTime(ini, section, key, 0);
323 snprintf(key, sizeof key, "%s.length", prefix), msg.length = (size_t)iniGetBytes(ini, section, key, 1, 0);
324 snprintf(key, sizeof key, "%s.origaddr", prefix), iniGetString(ini, section, key, NULL, str);
** CID 631074: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631074: Memory - corruptions (OVERRUN)
/sbbsecho.c: 317 in parse_echostat_msg()
311 echostat_msg_t msg = {{0}};
312
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
CID 631074: Memory - corruptions (OVERRUN)
Overrunning array "msg.reply_id" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
322 snprintf(key, sizeof key, "%s.localtime", prefix), msg.localtime = iniGetDateTime(ini, section, key, 0);
** CID 631073: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631073: Memory - corruptions (OVERRUN)
/sbbsecho.c: 316 in parse_echostat_msg()
310 char key[128];
311 echostat_msg_t msg = {{0}};
312
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
CID 631073: Memory - corruptions (OVERRUN)
Overrunning array "msg.msg_id" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
** CID 631072: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631072: Memory - corruptions (OVERRUN)
/sbbsecho.c: 313 in parse_echostat_msg()
307 echostat_msg_t parse_echostat_msg(str_list_t ini, const char* section, const char* prefix)
308 {
309 char str[128];
310 char key[128];
311 echostat_msg_t msg = {{0}};
312
CID 631072: Memory - corruptions (OVERRUN)
Overrunning array "msg.to" of 36 bytes by passing it to a function which accesses it at byte offset 1023.
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
** CID 631071: (OVERRUN)
_____________________________________________________________________________________________
*** CID 631071: (OVERRUN)
/sbbsecho.c: 327 in parse_echostat_msg()
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
322 snprintf(key, sizeof key, "%s.localtime", prefix), msg.localtime = iniGetDateTime(ini, section, key, 0);
323 snprintf(key, sizeof key, "%s.length", prefix), msg.length = (size_t)iniGetBytes(ini, section, key, 1, 0);
324 snprintf(key, sizeof key, "%s.origaddr", prefix), iniGetString(ini, section, key, NULL, str);
325 if (str[0])
326 msg.origaddr = atofaddr(str);
CID 631071: (OVERRUN)
Overrunning array "str" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
327 snprintf(key, sizeof key, "%s.pkt_orig", prefix), iniGetString(ini, section, key, NULL, str);
328 if (str[0])
329 msg.pkt_orig = atofaddr(str);
330
331 return msg;
332 }
/sbbsecho.c: 324 in parse_echostat_msg()
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
322 snprintf(key, sizeof key, "%s.localtime", prefix), msg.localtime = iniGetDateTime(ini, section, key, 0);
323 snprintf(key, sizeof key, "%s.length", prefix), msg.length = (size_t)iniGetBytes(ini, section, key, 1, 0);
CID 631071: (OVERRUN)
Overrunning array "str" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
324 snprintf(key, sizeof key, "%s.origaddr", prefix), iniGetString(ini, section, key, NULL, str);
325 if (str[0])
326 msg.origaddr = atofaddr(str);
327 snprintf(key, sizeof key, "%s.pkt_orig", prefix), iniGetString(ini, section, key, NULL, str);
328 if (str[0])
329 msg.pkt_orig = atofaddr(str);
** CID 631070: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631070: Memory - corruptions (OVERRUN)
/sbbsecho.c: 315 in parse_echostat_msg()
309 char str[128];
310 char key[128];
311 echostat_msg_t msg = {{0}};
312
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
CID 631070: Memory - corruptions (OVERRUN)
Overrunning array "msg.subj" of 72 bytes by passing it to a function which accesses it at byte offset 1023.
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
** CID 631069: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631069: Memory - corruptions (OVERRUN)
/sbbsecho.c: 318 in parse_echostat_msg()
312
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
CID 631069: Memory - corruptions (OVERRUN)
Overrunning array "msg.pid" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
322 snprintf(key, sizeof key, "%s.localtime", prefix), msg.localtime = iniGetDateTime(ini, section, key, 0);
323 snprintf(key, sizeof key, "%s.length", prefix), msg.length = (size_t)iniGetBytes(ini, section, key, 1, 0);
** CID 631068: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631068: Memory - corruptions (OVERRUN)
/sbbsecho.c: 320 in parse_echostat_msg()
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
CID 631068: Memory - corruptions (OVERRUN)
Overrunning array "msg.msg_tz" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
322 snprintf(key, sizeof key, "%s.localtime", prefix), msg.localtime = iniGetDateTime(ini, section, key, 0);
323 snprintf(key, sizeof key, "%s.length", prefix), msg.length = (size_t)iniGetBytes(ini, section, key, 1, 0);
324 snprintf(key, sizeof key, "%s.origaddr", prefix), iniGetString(ini, section, key, NULL, str);
325 if (str[0])
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://scan.coverity.com/projects/synchronet?tab=overview
----==_mimepart_68dd52075cd65_5ee032b4f2a4a99a44999
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>New Defects Reported - Synchronet</title>
<style>
body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
.button {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
font-size: 16px;
color: #fff !important;
background-color: #0056b3;
text-decoration: none;
border-radius: 5px;
}
pre {
background: #f8f9fa;
padding: 10px;
border-radius: 5px;
font-size: 14px;
overflow-x: auto;
}
</style>
</head>
<body>
<p>Hi,</p>
<p>
Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
found with Coverity Scan.
</p>
<ul>
<li><strong>New Defects Found:</strong> 9</li>
<li>
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
</li>
<li><strong>Defects Shown:</strong> Showing 9 of 9 defect(s)</li>
</ul>
<h3>Defect Details</h3>
<pre>
** CID 631076: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631076: Memory - corruptions (OVERRUN)
/sbbsecho.c: 314 in parse_echostat_msg()
308 {
309 char str[128];
310 char key[128];
311 echostat_msg_t msg = {{0}};
312
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
>>> CID 631076: Memory - corruptions (OVERRUN) >>> Overrunning array "msg.from" of 36 bytes by passing it to a function which accesses it at byte offset 1023.
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
** CID 631075: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631075: Memory - corruptions (OVERRUN)
/sbbsecho.c: 319 in parse_echostat_msg()
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
>>> CID 631075: Memory - corruptions (OVERRUN) >>> Overrunning array "msg.tid" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
322 snprintf(key, sizeof key, "%s.localtime", prefix), msg.localtime = iniGetDateTime(ini, section, key, 0);
323 snprintf(key, sizeof key, "%s.length", prefix), msg.length = (size_t)iniGetBytes(ini, section, key, 1, 0);
324 snprintf(key, sizeof key, "%s.origaddr", prefix), iniGetString(ini, section, key, NULL, str);
** CID 631074: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631074: Memory - corruptions (OVERRUN)
/sbbsecho.c: 317 in parse_echostat_msg()
311 echostat_msg_t msg = {{0}};
312
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
>>> CID 631074: Memory - corruptions (OVERRUN) >>> Overrunning array "msg.reply_id" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
322 snprintf(key, sizeof key, "%s.localtime", prefix), msg.localtime = iniGetDateTime(ini, section, key, 0);
** CID 631073: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631073: Memory - corruptions (OVERRUN)
/sbbsecho.c: 316 in parse_echostat_msg()
310 char key[128];
311 echostat_msg_t msg = {{0}};
312
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
>>> CID 631073: Memory - corruptions (OVERRUN) >>> Overrunning array "msg.msg_id" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
** CID 631072: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631072: Memory - corruptions (OVERRUN)
/sbbsecho.c: 313 in parse_echostat_msg()
307 echostat_msg_t parse_echostat_msg(str_list_t ini, const char* section, const char* prefix)
308 {
309 char str[128];
310 char key[128];
311 echostat_msg_t msg = {{0}};
312
>>> CID 631072: Memory - corruptions (OVERRUN) >>> Overrunning array "msg.to" of 36 bytes by passing it to a function which accesses it at byte offset 1023.
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
** CID 631071: (OVERRUN)
_____________________________________________________________________________________________
*** CID 631071: (OVERRUN)
/sbbsecho.c: 327 in parse_echostat_msg()
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
322 snprintf(key, sizeof key, "%s.localtime", prefix), msg.localtime = iniGetDateTime(ini, section, key, 0);
323 snprintf(key, sizeof key, "%s.length", prefix), msg.length = (size_t)iniGetBytes(ini, section, key, 1, 0);
324 snprintf(key, sizeof key, "%s.origaddr", prefix), iniGetString(ini, section, key, NULL, str);
325 if (str[0])
326 msg.origaddr = atofaddr(str);
>>> CID 631071: (OVERRUN)
>>> Overrunning array "str" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
327 snprintf(key, sizeof key, "%s.pkt_orig", prefix), iniGetString(ini, section, key, NULL, str);
328 if (str[0])
329 msg.pkt_orig = atofaddr(str);
330
331 return msg;
332 }
/sbbsecho.c: 324 in parse_echostat_msg()
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
322 snprintf(key, sizeof key, "%s.localtime", prefix), msg.localtime = iniGetDateTime(ini, section, key, 0);
323 snprintf(key, sizeof key, "%s.length", prefix), msg.length = (size_t)iniGetBytes(ini, section, key, 1, 0);
>>> CID 631071: (OVERRUN)
>>> Overrunning array "str" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
324 snprintf(key, sizeof key, "%s.origaddr", prefix), iniGetString(ini, section, key, NULL, str);
325 if (str[0])
326 msg.origaddr = atofaddr(str);
327 snprintf(key, sizeof key, "%s.pkt_orig", prefix), iniGetString(ini, section, key, NULL, str);
328 if (str[0])
329 msg.pkt_orig = atofaddr(str);
** CID 631070: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631070: Memory - corruptions (OVERRUN)
/sbbsecho.c: 315 in parse_echostat_msg()
309 char str[128];
310 char key[128];
311 echostat_msg_t msg = {{0}};
312
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
>>> CID 631070: Memory - corruptions (OVERRUN) >>> Overrunning array "msg.subj" of 72 bytes by passing it to a function which accesses it at byte offset 1023.
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
** CID 631069: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631069: Memory - corruptions (OVERRUN)
/sbbsecho.c: 318 in parse_echostat_msg()
312
313 snprintf(key, sizeof key, "%s.to", prefix), iniGetString(ini, section, key, NULL, msg.to);
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
>>> CID 631069: Memory - corruptions (OVERRUN) >>> Overrunning array "msg.pid" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
322 snprintf(key, sizeof key, "%s.localtime", prefix), msg.localtime = iniGetDateTime(ini, section, key, 0);
323 snprintf(key, sizeof key, "%s.length", prefix), msg.length = (size_t)iniGetBytes(ini, section, key, 1, 0);
** CID 631068: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________
*** CID 631068: Memory - corruptions (OVERRUN)
/sbbsecho.c: 320 in parse_echostat_msg()
314 snprintf(key, sizeof key, "%s.from", prefix), iniGetString(ini, section, key, NULL, msg.from);
315 snprintf(key, sizeof key, "%s.subj", prefix), iniGetString(ini, section, key, NULL, msg.subj);
316 snprintf(key, sizeof key, "%s.msg_id", prefix), iniGetString(ini, section, key, NULL, msg.msg_id);
317 snprintf(key, sizeof key, "%s.reply_id", prefix), iniGetString(ini, section, key, NULL, msg.reply_id);
318 snprintf(key, sizeof key, "%s.pid", prefix), iniGetString(ini, section, key, NULL, msg.pid);
319 snprintf(key, sizeof key, "%s.tid", prefix), iniGetString(ini, section, key, NULL, msg.tid);
>>> CID 631068: Memory - corruptions (OVERRUN) >>> Overrunning array "msg.msg_tz" of 128 bytes by passing it to a function which accesses it at byte offset 1023.
320 snprintf(key, sizeof key, "%s.msg_tz", prefix), iniGetString(ini, section, key, NULL, msg.msg_tz);
321 snprintf(key, sizeof key, "%s.msg_time", prefix), msg.msg_time = iniGetDateTime(ini, section, key, 0);
322 snprintf(key, sizeof key, "%s.localtime", prefix), msg.localtime = iniGetDateTime(ini, section, key, 0);
323 snprintf(key, sizeof key, "%s.length", prefix), msg.length = (size_t)iniGetBytes(ini, section, key, 1, 0);
324 snprintf(key, sizeof key, "%s.origaddr", prefix), iniGetString(ini, section, key, NULL, str);
325 if (str[0])
</pre>
<p>
<a href="
https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
</p>
<p>Best regards,</p>
<p>The Coverity Scan Admin Team</p>
<img class="logo" width="140" src="
https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_68dd52075cd65_5ee032b4f2a4a99a44999--
--- SBBSecho 3.30-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)