Mensajeria: Fercho BBS

New Defects reported by Coverity Scan for Synchronet

From scan-admin@coverity.com@1:103/705 to All on Tue Feb 17 13:48:48 2026

----==_mimepart_699471c04eaa2_41c9e2b0ff68619ac19769
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)

** CID 644193: Memory - corruptions (REVERSE_NEGATIVE)
/websrvr.cpp: 1186 in close_request(http_session_t *)()

_____________________________________________________________________________________________
*** CID 644193: Memory - corruptions (REVERSE_NEGATIVE)
/websrvr.cpp: 1186 in close_request(http_session_t *)()
1180 * This causes all active http_session_threads to terminate. 1181 */
1182 if ((!session->req.keep_alive) || terminate_server) {
1183 drain_outbuf(session);
1184 close_session_socket(session);
1185 }

CID 644193: Memory - corruptions (REVERSE_NEGATIVE)
You might be using variable "session->socket" before verifying that it is >= 0.

1186 if (session->socket == INVALID_SOCKET)
1187 session->finished = true;
1188
1189 if (session->js_cx != NULL && (session->req.dynamic == IS_SSJS)) {
1190 JS_BEGINREQUEST(session->js_cx);
1191 JS_GC(session->js_cx);

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview

----==_mimepart_699471c04eaa2_41c9e2b0ff68619ac19769
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>New Defects Reported - Synchronet</title>
<style>
body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
.button {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
font-size: 16px;
color: #fff !important;
background-color: #0056b3;
text-decoration: none;
border-radius: 5px;
}
pre {
background: #f8f9fa;
padding: 10px;
border-radius: 5px;
font-size: 14px;
overflow-x: auto;
}
</style>
</head>
<body>
<p>Hi,</p>

<p>
Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
found with Coverity Scan.
</p>

<ul>
<li><strong>New Defects Found:</strong> 1</li>
<li><strong>Defects Shown:</strong> Showing 1 of 1 defect(s)</li>
</ul>

<h3>Defect Details</h3>
<pre>
** CID 644193: Memory - corruptions (REVERSE_NEGATIVE)
/websrvr.cpp: 1186 in close_request(http_session_t *)()

_____________________________________________________________________________________________
*** CID 644193: Memory - corruptions (REVERSE_NEGATIVE)
/websrvr.cpp: 1186 in close_request(http_session_t *)()
1180 * This causes all active http_session_threads to terminate. 1181 */
1182 if ((!session->req.keep_alive) || terminate_server) {
1183 drain_outbuf(session);
1184 close_session_socket(session);
1185 }
>>> CID 644193: Memory - corruptions (REVERSE_NEGATIVE) >>> You might be using variable "session->socket" before verifying that it is >= 0.
1186 if (session->socket == INVALID_SOCKET)
1187 session->finished = true;
1188
1189 if (session->js_cx != NULL && (session->req.dynamic == IS_SSJS)) {
1190 JS_BEGINREQUEST(session->js_cx);
1191 JS_GC(session->js_cx);

</pre>

<p>
<a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
</p>

<p>Best regards,</p>
<p>The Coverity Scan Admin Team</p>
<img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_699471c04eaa2_41c9e2b0ff68619ac19769--

--- SBBSecho 3.37-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

From scan-admin@coverity.com@1:103/705 to All on Wed Feb 18 13:50:52 2026

----==_mimepart_6995c3bce9f7_51bf02b0ff68619ac19798
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

2 new defect(s) introduced to Synchronet found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)

** CID 644273: Resource leaks (RESOURCE_LEAK)
/js_console.cpp: 422 in js_console_set(JSContext *, JSObject *, long, int, unsigned long *)()

_____________________________________________________________________________________________
*** CID 644273: Resource leaks (RESOURCE_LEAK)
/js_console.cpp: 422 in js_console_set(JSContext *, JSObject *, long, int, unsigned long *)()
416 break;
417
418 default:
419 return JS_TRUE;
420 }
421

CID 644273: Resource leaks (RESOURCE_LEAK)
Variable "sval" going out of scope leaks the storage it points to.

422 return JS_TRUE;
423 }
424
425 #define CON_PROP_FLAGS JSPROP_ENUMERATE
426
427 static jsSyncPropertySpec js_console_properties[] = {

** CID 644272: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)

_____________________________________________________________________________________________
*** CID 644272: Performance inefficiencies (COPY_INSTEAD_OF_MOVE) /con_hi.cpp: 61 in sbbs_t::uselect(bool, unsigned int, const char *, const char *, const unsigned char *)()
55 if (add) {
56 if (name == nullptr)
57 return -1;
58 if (ar != nullptr && !chk_ar(ar, &useron, &client))
59 return 0;
60 uselect_item item = { name, num };

CID 644272: Performance inefficiencies (COPY_INSTEAD_OF_MOVE) >>> "item" is copied and then passed-by-reference as parameter to STL insertion function "std::vector<sbbs_t::uselect_item, std::allocator<sbbs_t::uselect_item> >::push_back(std::vector<sbbs_t::uselect_item, std::allocator<sbbs_t::uselect_item> >::value_type const &)", when it could be moved instead.

61 uselect_items.push_back(item);
62 return 0;
63 }
64
65 if (uselect_items.size() < 1)
66 return -1;

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview

----==_mimepart_6995c3bce9f7_51bf02b0ff68619ac19798
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>New Defects Reported - Synchronet</title>
<style>
body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
.button {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
font-size: 16px;
color: #fff !important;
background-color: #0056b3;
text-decoration: none;
border-radius: 5px;
}
pre {
background: #f8f9fa;
padding: 10px;
border-radius: 5px;
font-size: 14px;
overflow-x: auto;
}
</style>
</head>
<body>
<p>Hi,</p>

<p>
Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
found with Coverity Scan.
</p>

<ul>
<li><strong>New Defects Found:</strong> 2</li>
<li><strong>Defects Shown:</strong> Showing 2 of 2 defect(s)</li>
</ul>

<h3>Defect Details</h3>
<pre>
** CID 644273: Resource leaks (RESOURCE_LEAK)
/js_console.cpp: 422 in js_console_set(JSContext *, JSObject *, long, int, unsigned long *)()

_____________________________________________________________________________________________
*** CID 644273: Resource leaks (RESOURCE_LEAK)
/js_console.cpp: 422 in js_console_set(JSContext *, JSObject *, long, int, unsigned long *)()
416 break;
417
418 default:
419 return JS_TRUE;
420 }
421
>>> CID 644273: Resource leaks (RESOURCE_LEAK) >>> Variable "sval" going out of scope leaks the storage it points to.
422 return JS_TRUE;
423 }
424
425 #define CON_PROP_FLAGS JSPROP_ENUMERATE
426
427 static jsSyncPropertySpec js_console_properties[] = {

** CID 644272: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)

_____________________________________________________________________________________________
*** CID 644272: Performance inefficiencies (COPY_INSTEAD_OF_MOVE) /con_hi.cpp: 61 in sbbs_t::uselect(bool, unsigned int, const char *, const char *, const unsigned char *)()
55 if (add) {
56 if (name == nullptr)
57 return -1;
58 if (ar != nullptr && !chk_ar(ar, &useron, &client))
59 return 0;
60 uselect_item item = { name, num };
>>> CID 644272: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
>>> "item" is copied and then passed-by-reference as parameter to STL insertion function "std::vector<sbbs_t::uselect_item, std::allocator<sbbs_t::uselect_item> >::push_back(std::vector<sbbs_t::uselect_item, std::allocator<sbbs_t::uselect_item> >::value_type const &)", when it could be moved instead.
61 uselect_items.push_back(item);
62 return 0;
63 }
64
65 if (uselect_items.size() < 1)
66 return -1;

</pre>

<p>
<a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
</p>

<p>Best regards,</p>
<p>The Coverity Scan Admin Team</p>
<img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_6995c3bce9f7_51bf02b0ff68619ac19798--

--- SBBSecho 3.37-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

From scan-admin@coverity.com@1:103/705 to cov-scan@synchro.net on Wed Mar 11 13:28:10 2026

----==_mimepart_69b16de9aa4d8_348cc2d21c8bb79a4135f2
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)

** CID 644869: Code maintainability issues (UNUSED_VALUE)
/main.cpp: 5548 in bbs_thread()

_____________________________________________________________________________________________
*** CID 644869: Code maintainability issues (UNUSED_VALUE)
/main.cpp: 5548 in bbs_thread()
5542 client_socket = xpms_accept(ts_set, &client_addr
5543 , &client_addr_len, startup->sem_chk_freq * 1000, (startup->options & BBS_OPT_HAPROXY_PROTO) ? XPMS_ACCEPT_FLAG_HAPROXY : XPMS_FLAGS_NONE, &ts_cb);
5544
5545 if (terminate_server) { /* terminated */
5546 if (client_socket != INVALID_SOCKET) 5547 close_socket(client_socket); >>> CID 644869: Code maintainability issues (UNUSED_VALUE)

Assigning value "-1" to "client_socket" here, but that stored value is overwritten before it can be used.

5548 client_socket = INVALID_SOCKET;
5549 break;
5550 }
5551
5552 if ((p = semfile_list_check(&initialized, clear_attempts_semfiles)) != NULL) {
5553 lprintf(LOG_INFO, "Clear Failed Login Attempts semaphore file (%s) detected", p);

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview

----==_mimepart_69b16de9aa4d8_348cc2d21c8bb79a4135f2
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>New Defects Reported - Synchronet</title>
<style>
body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
.button {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
font-size: 16px;
color: #fff !important;
background-color: #0056b3;
text-decoration: none;
border-radius: 5px;
}
pre {
background: #f8f9fa;
padding: 10px;
border-radius: 5px;
font-size: 14px;
overflow-x: auto;
}
</style>
</head>
<body>
<p>Hi,</p>

<p>
Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
found with Coverity Scan.
</p>

<ul>
<li><strong>New Defects Found:</strong> 1</li>
<li><strong>Defects Shown:</strong> Showing 1 of 1 defect(s)</li>
</ul>

<h3>Defect Details</h3>
<pre>
** CID 644869: Code maintainability issues (UNUSED_VALUE)
/main.cpp: 5548 in bbs_thread()

_____________________________________________________________________________________________
*** CID 644869: Code maintainability issues (UNUSED_VALUE)
/main.cpp: 5548 in bbs_thread()
5542 client_socket = xpms_accept(ts_set, &client_addr
5543 , &client_addr_len, startup->sem_chk_freq * 1000, (startup->options & BBS_OPT_HAPROXY_PROTO) ? XPMS_ACCEPT_FLAG_HAPROXY : XPMS_FLAGS_NONE, &ts_cb);
5544
5545 if (terminate_server) { /* terminated */
5546 if (client_socket != INVALID_SOCKET) 5547 close_socket(client_socket); >>> CID 644869: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value "-1" to "client_socket" here, but that stored value is overwritten before it can be used.
5548 client_socket = INVALID_SOCKET;
5549 break;
5550 }
5551
5552 if ((p = semfile_list_check(&initialized, clear_attempts_semfiles)) != NULL) {
5553 lprintf(LOG_INFO, "Clear Failed Login Attempts semaphore file (%s) detected", p);

</pre>

<p>
<a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
</p>

<p>Best regards,</p>
<p>The Coverity Scan Admin Team</p>
<img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_69b16de9aa4d8_348cc2d21c8bb79a4135f2--

--- SBBSecho 3.37-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

From scan-admin@coverity.com@1:103/705 to cov-scan@synchro.net on Fri Mar 13 13:00:05 2026

----==_mimepart_69b40a54bac6f_547832d21c8bb79a41355e
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)

** CID 644892: Resource leaks (RESOURCE_LEAK)
/smbutil.c: 836 in maint()

_____________________________________________________________________________________________
*** CID 644892: Resource leaks (RESOURCE_LEAK)
/smbutil.c: 836 in maint()
830 l = fread(idxbuf, idxreclen, smb.status.total_msgs, smb.sid_fp);
831
832 printf("\nDone.\n\n");
833 printf("Scanning for pre-flagged messages...\n");
834 for (m = 0; m < l; m++) {
835 if (terminated)

CID 644892: Resource leaks (RESOURCE_LEAK)
Variable "idxbuf" going out of scope leaks the storage it points to. 836 return;

837 idx = (idxrec_t*)(idxbuf + (m * idxreclen));
838 // printf("\r%2lu%%",m ? (long)(100.0/((float)l/m)) : 0); 839 if (idx->attr & MSG_DELETE)
840 flagged++;
841 }

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview

----==_mimepart_69b40a54bac6f_547832d21c8bb79a41355e
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>New Defects Reported - Synchronet</title>
<style>
body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
.button {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
font-size: 16px;
color: #fff !important;
background-color: #0056b3;
text-decoration: none;
border-radius: 5px;
}
pre {
background: #f8f9fa;
padding: 10px;
border-radius: 5px;
font-size: 14px;
overflow-x: auto;
}
</style>
</head>
<body>
<p>Hi,</p>

<p>
Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
found with Coverity Scan.
</p>

<ul>
<li><strong>New Defects Found:</strong> 1</li>
<li><strong>Defects Shown:</strong> Showing 1 of 1 defect(s)</li>
</ul>

<h3>Defect Details</h3>
<pre>
** CID 644892: Resource leaks (RESOURCE_LEAK)
/smbutil.c: 836 in maint()

_____________________________________________________________________________________________
*** CID 644892: Resource leaks (RESOURCE_LEAK)
/smbutil.c: 836 in maint()
830 l = fread(idxbuf, idxreclen, smb.status.total_msgs, smb.sid_fp);
831
832 printf("\nDone.\n\n");
833 printf("Scanning for pre-flagged messages...\n");
834 for (m = 0; m < l; m++) {
835 if (terminated)
>>> CID 644892: Resource leaks (RESOURCE_LEAK) >>> Variable "idxbuf" going out of scope leaks the storage it points to.
836 return;
837 idx = (idxrec_t*)(idxbuf + (m * idxreclen));
838 // printf("\r%2lu%%",m ? (long)(100.0/((float)l/m)) : 0);
839 if (idx->attr & MSG_DELETE)
840 flagged++;
841 }

</pre>

<p>
<a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
</p>

<p>Best regards,</p>
<p>The Coverity Scan Admin Team</p>
<img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_69b40a54bac6f_547832d21c8bb79a41355e--

--- SBBSecho 3.37-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

From scan-admin@coverity.com@1:103/705 to All on Sun Mar 15 14:04:34 2026

----==_mimepart_69b6bc717b0b5_74c3d2d21c8bb79a413531
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

3 new defect(s) introduced to Synchronet found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)

** CID 644904: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-15-2026/src/conio/bitmap_con.c: 1139 in blinker_thread()

_____________________________________________________________________________________________
*** CID 644904: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-15-2026/src/conio/bitmap_con.c: 1139 in blinker_thread()
1133 assert_pthread_mutex_unlock(&screenlock);
1134 assert_rwlock_unlock(&vstatlock);
1135 continue;
1136 }
1137 assert_pthread_mutex_unlock(&screenlock);
1138 if (curs_changed || blink_changed || lfc)

CID 644904: Concurrent data access violations (MISSING_LOCK) >>> Accessing "vstat.vmem->changed" without holding lock "vstat_chlock". Elsewhere, "vstat_vmem.changed" is written to with "vstat_chlock" held 7 out of 8 times (6 of these accesses strongly imply that it is necessary).

1139 vstat.vmem->changed = true;
1140 assert_rwlock_unlock(&vstatlock);
1141
1142 if (check_redraw()) {
1143 if (update_from_vmem(TRUE))
1144 request_redraw();

** CID 644903: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-15-2026/src/conio/bitmap_con.c: 861 in draw_char_row_slow()

_____________________________________________________________________________________________
*** CID 644903: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-15-2026/src/conio/bitmap_con.c: 861 in draw_char_row_slow()
855 ac = cs->bg;
856 bc = cs->bg;
857 }
858
859 if (screena.rect->data[pixeloffset] != ac) {
860 screena.rect->data[pixeloffset] = ac;

CID 644903: Concurrent data access violations (MISSING_LOCK) >>> Accessing "screena.update_pixels" without holding lock "screenlock". Elsewhere, "bitmap_screen.update_pixels" is written to with "screenlock" held 18 out of 24 times.

861 screena.update_pixels = 1;
862 }
863 if (screenb.rect->data[pixeloffset] != bc) {
864 screenb.rect->data[pixeloffset] = bc;
865 screenb.update_pixels = 1;
866 }

** CID 644905: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-15-2026/src/conio/bitmap_con.c: 988 in bitmap_draw_vmem_locked()

_____________________________________________________________________________________________
*** CID 644905: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-15-2026/src/conio/bitmap_con.c: 988 in bitmap_draw_vmem_locked()
982 bs.pixeloffset += rsz;
983 if (bs.pixeloffset >= bs.maxpix)
984 bs.pixeloffset -= bs.maxpix; 985 }
986 }
987 if (didfast) {

CID 644905: Concurrent data access violations (MISSING_LOCK) >>> Accessing "screena.update_pixels" without holding lock "screenlock". Elsewhere, "bitmap_screen.update_pixels" is written to with "screenlock" held 18 out of 24 times.

988 screena.update_pixels = true;
989 screenb.update_pixels = true;
990 }
991 }
992 }
993

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview

----==_mimepart_69b6bc717b0b5_74c3d2d21c8bb79a413531
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>New Defects Reported - Synchronet</title>
<style>
body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
.button {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
font-size: 16px;
color: #fff !important;
background-color: #0056b3;
text-decoration: none;
border-radius: 5px;
}
pre {
background: #f8f9fa;
padding: 10px;
border-radius: 5px;
font-size: 14px;
overflow-x: auto;
}
</style>
</head>
<body>
<p>Hi,</p>

<p>
Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
found with Coverity Scan.
</p>

<ul>
<li><strong>New Defects Found:</strong> 3</li>
<li><strong>Defects Shown:</strong> Showing 3 of 3 defect(s)</li>
</ul>

<h3>Defect Details</h3>
<pre>
** CID 644904: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-15-2026/src/conio/bitmap_con.c: 1139 in blinker_thread()

_____________________________________________________________________________________________
*** CID 644904: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-15-2026/src/conio/bitmap_con.c: 1139 in blinker_thread()
1133 assert_pthread_mutex_unlock(&screenlock); 1134 assert_rwlock_unlock(&vstatlock);
1135 continue;
1136 }
1137 assert_pthread_mutex_unlock(&screenlock);
1138 if (curs_changed || blink_changed || lfc)
>>> CID 644904: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "vstat.vmem->changed" without holding lock "vstat_chlock". Elsewhere, "vstat_vmem.changed" is written to with "vstat_chlock" held 7 out of 8 times (6 of these accesses strongly imply that it is necessary).
1139 vstat.vmem->changed = true;
1140 assert_rwlock_unlock(&vstatlock);
1141
1142 if (check_redraw()) {
1143 if (update_from_vmem(TRUE))
1144 request_redraw();

** CID 644903: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-15-2026/src/conio/bitmap_con.c: 861 in draw_char_row_slow()

_____________________________________________________________________________________________
*** CID 644903: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-15-2026/src/conio/bitmap_con.c: 861 in draw_char_row_slow()
855 ac = cs->bg;
856 bc = cs->bg;
857 }
858
859 if (screena.rect->data[pixeloffset] != ac) {
860 screena.rect->data[pixeloffset] = ac; >>> CID 644903: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "screena.update_pixels" without holding lock "screenlock". Elsewhere, "bitmap_screen.update_pixels" is written to with "screenlock" held 18 out of 24 times.
861 screena.update_pixels = 1;
862 }
863 if (screenb.rect->data[pixeloffset] != bc) {
864 screenb.rect->data[pixeloffset] = bc;
865 screenb.update_pixels = 1;
866 }

** CID 644905: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-15-2026/src/conio/bitmap_con.c: 988 in bitmap_draw_vmem_locked()

_____________________________________________________________________________________________
*** CID 644905: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-15-2026/src/conio/bitmap_con.c: 988 in bitmap_draw_vmem_locked()
982 bs.pixeloffset += rsz;
983 if (bs.pixeloffset >= bs.maxpix)
984 bs.pixeloffset -= bs.maxpix; 985 }
986 }
987 if (didfast) {
>>> CID 644905: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "screena.update_pixels" without holding lock "screenlock". Elsewhere, "bitmap_screen.update_pixels" is written to with "screenlock" held 18 out of 24 times.
988 screena.update_pixels = true;
989 screenb.update_pixels = true;
990 }
991 }
992 }
993

</pre>

<p>
<a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
</p>

<p>Best regards,</p>
<p>The Coverity Scan Admin Team</p>
<img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_69b6bc717b0b5_74c3d2d21c8bb79a413531--

--- SBBSecho 3.37-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

From scan-admin@coverity.com@1:103/705 to cov-scan@synchro.net on Mon Mar 16 15:28:31 2026

----==_mimepart_69b8219eb9694_8673c2d21c8bb79a4135e0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)

** CID 644927: (RESOURCE_LEAK)
/tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale() /tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale() /tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale() /tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale() /tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale()

_____________________________________________________________________________________________
*** CID 644927: (RESOURCE_LEAK) /tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale()
456 ctarget = ret2;
457 else
458 ctarget = ret1;
459 }
460
461 release_buffer(ctarget);

CID 644927: (RESOURCE_LEAK)
Variable "nt" going out of scope leaks the storage it points to.

462 return csrc;
463 }
464
465 static void
466 pointy_scale_odd(const uint32_t* src, uint32_t* dest, const int width, const int height, const int mult)
467 {
/tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale()
456 ctarget = ret2;
457 else
458 ctarget = ret1;
459 }
460
461 release_buffer(ctarget);

CID 644927: (RESOURCE_LEAK)
Variable "nt" going out of scope leaks the storage it points to.

462 return csrc;
463 }
464
465 static void
466 pointy_scale_odd(const uint32_t* src, uint32_t* dest, const int width, const int height, const int mult)
467 {
/tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale()
456 ctarget = ret2;
457 else
458 ctarget = ret1;
459 }
460
461 release_buffer(ctarget);

CID 644927: (RESOURCE_LEAK)
Variable "nt" going out of scope leaks the storage it points to.

462 return csrc;
463 }
464
465 static void
466 pointy_scale_odd(const uint32_t* src, uint32_t* dest, const int width, const int height, const int mult)
467 {
/tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale()
456 ctarget = ret2;
457 else
458 ctarget = ret1;
459 }
460
461 release_buffer(ctarget);

CID 644927: (RESOURCE_LEAK)
Variable "nt" going out of scope leaks the storage it points to.

462 return csrc;
463 }
464
465 static void
466 pointy_scale_odd(const uint32_t* src, uint32_t* dest, const int width, const int height, const int mult)
467 {
/tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale()
456 ctarget = ret2;
457 else
458 ctarget = ret1;
459 }
460
461 release_buffer(ctarget);

CID 644927: (RESOURCE_LEAK)
Variable "nt" going out of scope leaks the storage it points to.

462 return csrc;
463 }
464
465 static void
466 pointy_scale_odd(const uint32_t* src, uint32_t* dest, const int width, const int height, const int mult)
467 {

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview

----==_mimepart_69b8219eb9694_8673c2d21c8bb79a4135e0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>New Defects Reported - Synchronet</title>
<style>
body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
.button {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
font-size: 16px;
color: #fff !important;
background-color: #0056b3;
text-decoration: none;
border-radius: 5px;
}
pre {
background: #f8f9fa;
padding: 10px;
border-radius: 5px;
font-size: 14px;
overflow-x: auto;
}
</style>
</head>
<body>
<p>Hi,</p>

<p>
Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
found with Coverity Scan.
</p>

<ul>
<li><strong>New Defects Found:</strong> 1</li>
<li><strong>Defects Shown:</strong> Showing 1 of 1 defect(s)</li>
</ul>

<h3>Defect Details</h3>
<pre>
** CID 644927: (RESOURCE_LEAK)
/tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale() /tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale() /tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale() /tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale() /tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale()

_____________________________________________________________________________________________
*** CID 644927: (RESOURCE_LEAK) /tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale()
456 ctarget = ret2;
457 else
458 ctarget = ret1;
459 }
460
461 release_buffer(ctarget);
>>> CID 644927: (RESOURCE_LEAK)
>>> Variable "nt" going out of scope leaks the storage it points to.
462 return csrc;
463 }
464
465 static void
466 pointy_scale_odd(const uint32_t* src, uint32_t* dest, const int width, const int height, const int mult)
467 {
/tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale()
456 ctarget = ret2;
457 else
458 ctarget = ret1;
459 }
460
461 release_buffer(ctarget);
>>> CID 644927: (RESOURCE_LEAK)
>>> Variable "nt" going out of scope leaks the storage it points to.
462 return csrc;
463 }
464
465 static void
466 pointy_scale_odd(const uint32_t* src, uint32_t* dest, const int width, const int height, const int mult)
467 {
/tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale()
456 ctarget = ret2;
457 else
458 ctarget = ret1;
459 }
460
461 release_buffer(ctarget);
>>> CID 644927: (RESOURCE_LEAK)
>>> Variable "nt" going out of scope leaks the storage it points to.
462 return csrc;
463 }
464
465 static void
466 pointy_scale_odd(const uint32_t* src, uint32_t* dest, const int width, const int height, const int mult)
467 {
/tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale()
456 ctarget = ret2;
457 else
458 ctarget = ret1;
459 }
460
461 release_buffer(ctarget);
>>> CID 644927: (RESOURCE_LEAK)
>>> Variable "nt" going out of scope leaks the storage it points to.
462 return csrc;
463 }
464
465 static void
466 pointy_scale_odd(const uint32_t* src, uint32_t* dest, const int width, const int height, const int mult)
467 {
/tmp/sbbs-Mar-16-2026/src/conio/scale.c: 462 in do_scale()
456 ctarget = ret2;
457 else
458 ctarget = ret1;
459 }
460
461 release_buffer(ctarget);
>>> CID 644927: (RESOURCE_LEAK)
>>> Variable "nt" going out of scope leaks the storage it points to.
462 return csrc;
463 }
464
465 static void
466 pointy_scale_odd(const uint32_t* src, uint32_t* dest, const int width, const int height, const int mult)
467 {

</pre>

<p>
<a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
</p>

<p>Best regards,</p>
<p>The Coverity Scan Admin Team</p>
<img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_69b8219eb9694_8673c2d21c8bb79a4135e0--

--- SBBSecho 3.37-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

From scan-admin@coverity.com@1:103/705 to All on Tue Mar 17 12:54:04 2026

----==_mimepart_69b94eebf2ddc_969e92cf51abf19a41186d
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

4 new defect(s) introduced to Synchronet found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)

** CID 645010: Insecure data handling (INTEGER_OVERFLOW) /tmp/sbbs-Mar-17-2026/src/conio/wl_events.c: 1136 in ds_send()

_____________________________________________________________________________________________
*** CID 645010: Insecure data handling (INTEGER_OVERFLOW) /tmp/sbbs-Mar-17-2026/src/conio/wl_events.c: 1136 in ds_send()
1130 {
1131 assert_pthread_mutex_lock(&wl_copybuf_mutex);
1132 if (wl_copybuf) {
1133 size_t len = strlen(wl_copybuf);
1134 size_t sent = 0;
1135 while (sent < len) {

CID 645010: Insecure data handling (INTEGER_OVERFLOW)
"len - sent", which might have underflowed, is passed to "write(fd, wl_copybuf + sent, len - sent)".

1136 ssize_t rv = write(fd, wl_copybuf + sent, len - sent);
1137 if (rv <= 0)
1138 break;
1139 sent += rv;
1140 }
1141 }

** CID 645009: Insecure data handling (INTEGER_OVERFLOW) /tmp/sbbs-Mar-17-2026/src/conio/wl_events.c: 1459 in readev()

_____________________________________________________________________________________________
*** CID 645009: Insecure data handling (INTEGER_OVERFLOW) /tmp/sbbs-Mar-17-2026/src/conio/wl_events.c: 1459 in readev()
1453 readev(struct wl_local_event *lev)
1454 {
1455 size_t got = 0;
1456 char *buf = (char *)lev;
1457
1458 while (got < sizeof(*lev)) {

CID 645009: Insecure data handling (INTEGER_OVERFLOW)
"96UL - got", which might have underflowed, is passed to "read(wl_local_pipe[0], buf + got, 96UL - got)".

1459 int rv = read(wl_local_pipe[0], buf + got, sizeof(*lev) - got);
1460 if (rv > 0)
1461 got += rv;
1462 }
1463 }
1464

** CID 645008: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-17-2026/src/conio/wl_cio.c: 243 in wl_copytext()

_____________________________________________________________________________________________
*** CID 645008: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-17-2026/src/conio/wl_cio.c: 243 in wl_copytext()
237
238 assert_pthread_mutex_lock(&wl_copybuf_mutex);
239 FREE_AND_NULL(wl_copybuf);
240 wl_copybuf = strdup(text);
241 assert_pthread_mutex_unlock(&wl_copybuf_mutex);
242

CID 645008: Concurrent data access violations (MISSING_LOCK) >>> Accessing "wl_copybuf" without holding lock "wl_copybuf_mutex". Elsewhere, "wl_copybuf" is written to with "wl_copybuf_mutex" held 2 out of 2 times.

243 if (wl_copybuf) {
244 ev.type = WL_LOCAL_COPY;
245 write_event(&ev);
246 }
247 }
248

** CID 645007: Program hangs (SLEEP)

_____________________________________________________________________________________________
*** CID 645007: Program hangs (SLEEP) /tmp/sbbs-Mar-17-2026/src/conio/ciolib.c: 2754 in ciolib_add_hyperlink()
2748 }
2749 }
2750
2751 /* Run GC if free list is empty */
2752 if (hyperlink_free_head == 0)
2753 hyperlink_gc();

CID 645007: Program hangs (SLEEP)
Call to "hyperlink_gc" might sleep while holding lock "hyperlink_mutex".

2754
2755 /* Still empty after GC table is full */
2756 if (hyperlink_free_head == 0) {
2757 pthread_mutex_unlock(&hyperlink_mutex);
2758 return 0;
2759 }

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview

----==_mimepart_69b94eebf2ddc_969e92cf51abf19a41186d
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>New Defects Reported - Synchronet</title>
<style>
body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
.button {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
font-size: 16px;
color: #fff !important;
background-color: #0056b3;
text-decoration: none;
border-radius: 5px;
}
pre {
background: #f8f9fa;
padding: 10px;
border-radius: 5px;
font-size: 14px;
overflow-x: auto;
}
</style>
</head>
<body>
<p>Hi,</p>

<p>
Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
found with Coverity Scan.
</p>

<ul>
<li><strong>New Defects Found:</strong> 4</li>
<li><strong>Defects Shown:</strong> Showing 4 of 4 defect(s)</li>
</ul>

<h3>Defect Details</h3>
<pre>
** CID 645010: Insecure data handling (INTEGER_OVERFLOW) /tmp/sbbs-Mar-17-2026/src/conio/wl_events.c: 1136 in ds_send()

_____________________________________________________________________________________________
*** CID 645010: Insecure data handling (INTEGER_OVERFLOW) /tmp/sbbs-Mar-17-2026/src/conio/wl_events.c: 1136 in ds_send()
1130 {
1131 assert_pthread_mutex_lock(&wl_copybuf_mutex);
1132 if (wl_copybuf) {
1133 size_t len = strlen(wl_copybuf);
1134 size_t sent = 0;
1135 while (sent < len) {
>>> CID 645010: Insecure data handling (INTEGER_OVERFLOW) >>> "len - sent", which might have underflowed, is passed to "write(fd, wl_copybuf + sent, len - sent)".
1136 ssize_t rv = write(fd, wl_copybuf + sent, len - sent);
1137 if (rv <= 0)
1138 break;
1139 sent += rv;
1140 }
1141 }

** CID 645009: Insecure data handling (INTEGER_OVERFLOW) /tmp/sbbs-Mar-17-2026/src/conio/wl_events.c: 1459 in readev()

_____________________________________________________________________________________________
*** CID 645009: Insecure data handling (INTEGER_OVERFLOW) /tmp/sbbs-Mar-17-2026/src/conio/wl_events.c: 1459 in readev()
1453 readev(struct wl_local_event *lev)
1454 {
1455 size_t got = 0;
1456 char *buf = (char *)lev;
1457
1458 while (got < sizeof(*lev)) {
>>> CID 645009: Insecure data handling (INTEGER_OVERFLOW) >>> "96UL - got", which might have underflowed, is passed to "read(wl_local_pipe[0], buf + got, 96UL - got)".
1459 int rv = read(wl_local_pipe[0], buf + got, sizeof(*lev) - got);
1460 if (rv > 0)
1461 got += rv;
1462 }
1463 }
1464

** CID 645008: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-17-2026/src/conio/wl_cio.c: 243 in wl_copytext()

_____________________________________________________________________________________________
*** CID 645008: Concurrent data access violations (MISSING_LOCK) /tmp/sbbs-Mar-17-2026/src/conio/wl_cio.c: 243 in wl_copytext()
237
238 assert_pthread_mutex_lock(&wl_copybuf_mutex);
239 FREE_AND_NULL(wl_copybuf);
240 wl_copybuf = strdup(text);
241 assert_pthread_mutex_unlock(&wl_copybuf_mutex);
242
>>> CID 645008: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "wl_copybuf" without holding lock "wl_copybuf_mutex". Elsewhere, "wl_copybuf" is written to with "wl_copybuf_mutex" held 2 out of 2 times.
243 if (wl_copybuf) {
244 ev.type = WL_LOCAL_COPY;
245 write_event(&ev);
246 }
247 }
248

** CID 645007: Program hangs (SLEEP)

_____________________________________________________________________________________________
*** CID 645007: Program hangs (SLEEP) /tmp/sbbs-Mar-17-2026/src/conio/ciolib.c: 2754 in ciolib_add_hyperlink()
2748 }
2749 }
2750
2751 /* Run GC if free list is empty */
2752 if (hyperlink_free_head == 0)
2753 hyperlink_gc();
>>> CID 645007: Program hangs (SLEEP)
>>> Call to "hyperlink_gc" might sleep while holding lock "hyperlink_mutex".
2754
2755 /* Still empty after GC table is full */
2756 if (hyperlink_free_head == 0) {
2757 pthread_mutex_unlock(&hyperlink_mutex);
2758 return 0;
2759 }

</pre>

<p>
<a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
</p>

<p>Best regards,</p>
<p>The Coverity Scan Admin Team</p>
<img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_69b94eebf2ddc_969e92cf51abf19a41186d--

--- SBBSecho 3.37-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Sysop:	Fercho
Lugar:	La Plata, Buenos Aires
Usuarios:	24
Nodos:	10 (0 / 10)
Uptime:	192:58:47
Llamadas:	131
Archivoss:	15,915
Mensajes:	40,701

New Defects reported by Coverity Scan for Synchronet

Quien está en Línea

Visitas Recientes

System Info