Fwd: New Defects reported by Coverity Scan for ntpsec
Mark Atwood
fallenpegasus at gmail.com
Mon Jun 27 00:55:13 UTC 2016
----- Original message -----
From: scan-admin at coverity.com
Subject: New Defects reported by Coverity Scan for ntpsec
Date: Sat, 25 Jun 2016 20:01:41 -0700
Hi,
Please find the latest report on new defect(s) introduced to ntpsec
found with Coverity Scan.
3 new defect(s) introduced to ntpsec found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the
recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 149750: Uninitialized variables (UNINIT)
/ntpd/ntp_intercept.c: 855 in intercept_replay()
________________________________________________________________________________________________________
*** CID 149750: Uninitialized variables (UNINIT)
/ntpd/ntp_intercept.c: 855 in intercept_replay()
849 * machine but by an initial association setup. No
way to check it,
850 * so skip it.
851 */
852 continue;
853 else if (strncmp(linebuf, "receive ", 8) == 0)
854 {
>>> CID 149750: Uninitialized variables (UNINIT)
>>> Declaring variable "rbuf" without initializer.
855 struct recvbuf rbuf;
856 struct pkt *pkt;
857 char recvbuf[BUFSIZ], srcbuf[BUFSIZ],
pktbuf[BUFSIZ], macbuf[BUFSIZ];
858
859 if (sscanf(linebuf, "receive %x %s %s %s %s",
860 &rbuf.cast_flags, recvbuf, srcbuf,
pktbuf, macbuf) != 5)
** CID 149749: (UNINIT)
/ntpq/ntpq-subs.c: 1751 in doprintpeers()
/ntpq/ntpq-subs.c: 1794 in doprintpeers()
________________________________________________________________________________________________________
*** CID 149749: (UNINIT)
/ntpq/ntpq-subs.c: 1751 in doprintpeers()
1745 type = 'M';
1746 else
1747 type = 'B';
1748 break;
1749
1750 case MODE_CLIENT:
>>> CID 149749: (UNINIT)
>>> Using uninitialized value "displayname".
1751 if (displayname[0])
1752 type = 'l'; /* local refclock*/
1753 else if (SOCK_UNSPEC(&srcadr))
1754 type = 'p'; /* pool */
1755 else if (IS_MCAST(&srcadr))
1756 type = 'a'; /* manycastclient */
/ntpq/ntpq-subs.c: 1794 in doprintpeers()
1788 else
1789 serverlocal = currenthost;
1790 }
1791 fprintf(fp, "%-*s ", (int)maxhostlen,
serverlocal);
1792 }
1793 if (AF_UNSPEC == af || AF(&srcadr) == af) {
>>> CID 149749: (UNINIT)
>>> Using uninitialized value "displayname".
1794 if (displayname[0])
1795 strlcpy(clock_name, displayname,
sizeof(clock_name));
1796 else if (!have_srchost)
1797 strlcpy(clock_name, nntohost(&srcadr),
1798 sizeof(clock_name));
1799 if (wideremote && 15 < strlen(clock_name))
** CID 149748: Null pointer dereferences (NULL_RETURNS)
/ntpd/refclock_jjy.c: 2374 in jjy_receive_seiko_tsys_tdc_300()
________________________________________________________________________________________________________
*** CID 149748: Null pointer dereferences (NULL_RETURNS)
/ntpd/refclock_jjy.c: 2374 in jjy_receive_seiko_tsys_tdc_300()
2368 /* Uncertainty date guard */
2369 return JJY_RECEIVE_WAIT ;
2370 }
2371
2372 time( &now ) ;
2373 pTime = localtime_r( &now, &tmbuf ) ;
>>> CID 149748: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing a null pointer "pTime".
2374 up->year = pTime->tm_year ;
2375 up->month = pTime->tm_mon + 1 ;
2376 up->day = pTime->tm_mday ;
2377
2378 break ;
2379
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://scan.coverity.com/projects/ntpsec?tab=overview
To manage Coverity Scan email notifications for "me at mark.atwood.name",
click
https://scan.coverity.com/subscriptions/edit?email=me%40mark.atwood.name&token=efedd5a9ff0a68cbe12873791e5829af
More information about the devel
mailing list