Hi,
Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.
1 new defect(s) introduced to Synchronet found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 483188: Memory - corruptions (OVERRUN)
/ssl.c: 349 in internal_do_cryptInit()
________________________________________________________________________________________________________
*** CID 483188: Memory - corruptions (OVERRUN)
/ssl.c: 349 in internal_do_cryptInit()
343 cryptlib_initialized = false;
344 cryptEnd();
345 asprintf(&cryptfail, "Incorrect cryptlib version %d (expected %d)", tmp, CRYPTLIB_VERSION);
346 return;
347 }
348 ret = cryptGetAttributeString(CRYPT_UNUSED, CRYPT_OPTION_INFO_PATCHES, patches, &stp);
>>> CID 483188: Memory - corruptions (OVERRUN)
>>> Overrunning array """" of 1 bytes by passing it to a function which accesses it at byte offset 31 using argument "32UL".
349 if (cryptStatusError(ret) || stp != 32 || memcmp(patches, CRYPTLIB_PATCHES, 32) != 0) {
350 cryptInit_error = ret;
351 cryptlib_initialized = false;
352 cryptEnd();
353 asprintf(&cryptfail, "Incorrect cryptlib patch set %.32s (expected %s)", patches, CRYPTLIB_PATCHES);
354 return;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp-2FP9gGRhvFklLaQKuBylUrkMFB3WMR2p7qIYKYTZrh4E6fW2ok94RcmG1J20ETIf4-3DoE8P_g4j7BHlu96plUOfCQsO0yRjoWZCZl8YGnZ-2FUtT39hrCgaHhvhfxqmGN-2F2MOiNHiXAXmmE5-2BoMir72-2FKS-2B4CChPr-2B6DUEcHFnW2fJcB9K-2BLqjLkG6SOds2KKoiOogAgt4kivLp-2Bbv0MawXscaXZ6U3zKSU8zPaw8llzmAMgAx1EcIlUZ9-2Faak-2B54E1Z-2BGSHEscOAt6ClVWnKMr9zoYGJFvw-3D-3D
--- SBBSecho 3.20-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
|