Subj : New Defects reported by Coverity Scan for Synchronet
To   : All
From : scan-admin@coverity.com
Date : Sat Jan 10 2026 01:44 pm


----==_mimepart_696257d4e4005_22599f2afbc97ad9ac59824
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan.

1 new defect(s) introduced to Synchronet found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 640959:         (CHECKED_RETURN)
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 479           in add_suffix()
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 481           in add_suffix()
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 483           in add_suffix()
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 480           in add_suffix()


_____________________________________________________________________________________________
*** CID 640959:           (CHECKED_RETURN)
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 479             in add_suffix()
473     	char* p = strstr(str, ".0");
474     	if (p != NULL && *(p + 2) == '\0') // remove trailing ".0"
475     		*p = '\0';
476     	if (strcmp(str, "1") == 0)
477     		plural = "";
478     	if (is_word) {
>>>     CID 640959:           (CHECKED_RETURN)
>>>     Calling "strlcat" without checking return value (as is done elsewhere 29 out of 33 times).
479     		strlcat(str, " ", size);
480     		strlcat(str, suffix, size);
481     		strlcat(str, plural, size);
482     	} else
483     		strlcat(str, suffix, size);
484     }
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 481             in add_suffix()
475     		*p = '\0';
476     	if (strcmp(str, "1") == 0)
477     		plural = "";
478     	if (is_word) {
479     		strlcat(str, " ", size);
480     		strlcat(str, suffix, size);
>>>     CID 640959:           (CHECKED_RETURN)
>>>     Calling "strlcat" without checking return value (as is done elsewhere 29 out of 33 times).
481     		strlcat(str, plural, size);
482     	} else
483     		strlcat(str, suffix, size);
484     }
485
486     /* Convert a duration estimate (in seconds) to a string
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 483             in add_suffix()
477     		plural = "";
478     	if (is_word) {
479     		strlcat(str, " ", size);
480     		strlcat(str, suffix, size);
481     		strlcat(str, plural, size);
482     	} else
>>>     CID 640959:           (CHECKED_RETURN)
>>>     Calling "strlcat" without checking return value (as is done elsewhere 29 out of 33 times).
483     		strlcat(str, suffix, size);
484     }
485
486     /* Convert a duration estimate (in seconds) to a string
487      * with a single letter multiplier/suffix:
488      * (y)ears, (w)eeks, (d)ays, (h)ours, (m)inutes, or (s)econds
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 480             in add_suffix()
474     	if (p != NULL && *(p + 2) == '\0') // remove trailing ".0"
475     		*p = '\0';
476     	if (strcmp(str, "1") == 0)
477     		plural = "";
478     	if (is_word) {
479     		strlcat(str, " ", size);
>>>     CID 640959:           (CHECKED_RETURN)
>>>     Calling "strlcat" without checking return value (as is done elsewhere 29 out of 33 times).
480     		strlcat(str, suffix, size);
481     		strlcat(str, plural, size);
482     	} else
483     		strlcat(str, suffix, size);
484     }
485


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/synchronet?tab=overview


----==_mimepart_696257d4e4005_22599f2afbc97ad9ac59824
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html>
<html>
<head>
  <meta charset="UTF-8">
  <title>New Defects Reported - Synchronet</title>
  <style>
    body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
    .button {
      display: inline-block;
      padding: 10px 20px;
      margin: 20px 0;
      font-size: 16px;
      color: #fff !important;
      background-color: #0056b3;
      text-decoration: none;
      border-radius: 5px;
    }
    pre {
      background: #f8f9fa;
      padding: 10px;
      border-radius: 5px;
      font-size: 14px;
      overflow-x: auto;
    }
  </style>
</head>
<body>
  <p>Hi,</p>

  <p>
    Please find the latest report on new defect(s) introduced to <strong>Synchronet</strong>
     found with Coverity Scan.
  </p>

  <ul>
    <li><strong>New Defects Found:</strong> 1</li>
    <li><strong>Defects Shown:</strong> Showing 1 of 1 defect(s)</li>
  </ul>

  <h3>Defect Details</h3>
  <pre>
** CID 640959:         (CHECKED_RETURN)
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 479           in add_suffix()
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 481           in add_suffix()
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 483           in add_suffix()
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 480           in add_suffix()


_____________________________________________________________________________________________
*** CID 640959:           (CHECKED_RETURN)
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 479             in add_suffix()
473     	char* p = strstr(str, &quot;.0&quot;);
474     	if (p != NULL &amp;&amp; *(p + 2) == &#39;\0&#39;) // remove trailing &quot;.0&quot;
475     		*p = &#39;\0&#39;;
476     	if (strcmp(str, &quot;1&quot;) == 0)
477     		plural = &quot;&quot;;
478     	if (is_word) {
&gt;&gt;&gt;     CID 640959:           (CHECKED_RETURN)
&gt;&gt;&gt;     Calling &quot;strlcat&quot; without checking return value (as is done elsewhere 29 out of 33 times).
479     		strlcat(str, &quot; &quot;, size);
480     		strlcat(str, suffix, size);
481     		strlcat(str, plural, size);
482     	} else
483     		strlcat(str, suffix, size);
484     }
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 481             in add_suffix()
475     		*p = &#39;\0&#39;;
476     	if (strcmp(str, &quot;1&quot;) == 0)
477     		plural = &quot;&quot;;
478     	if (is_word) {
479     		strlcat(str, &quot; &quot;, size);
480     		strlcat(str, suffix, size);
&gt;&gt;&gt;     CID 640959:           (CHECKED_RETURN)
&gt;&gt;&gt;     Calling &quot;strlcat&quot; without checking return value (as is done elsewhere 29 out of 33 times).
481     		strlcat(str, plural, size);
482     	} else
483     		strlcat(str, suffix, size);
484     }
485
486     /* Convert a duration estimate (in seconds) to a string
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 483             in add_suffix()
477     		plural = &quot;&quot;;
478     	if (is_word) {
479     		strlcat(str, &quot; &quot;, size);
480     		strlcat(str, suffix, size);
481     		strlcat(str, plural, size);
482     	} else
&gt;&gt;&gt;     CID 640959:           (CHECKED_RETURN)
&gt;&gt;&gt;     Calling &quot;strlcat&quot; without checking return value (as is done elsewhere 29 out of 33 times).
483     		strlcat(str, suffix, size);
484     }
485
486     /* Convert a duration estimate (in seconds) to a string
487      * with a single letter multiplier/suffix:
488      * (y)ears, (w)eeks, (d)ays, (h)ours, (m)inutes, or (s)econds
/tmp/sbbs-Jan-10-2026/src/xpdev/genwrap.c: 480             in add_suffix()
474     	if (p != NULL &amp;&amp; *(p + 2) == &#39;\0&#39;) // remove trailing &quot;.0&quot;
475     		*p = &#39;\0&#39;;
476     	if (strcmp(str, &quot;1&quot;) == 0)
477     		plural = &quot;&quot;;
478     	if (is_word) {
479     		strlcat(str, &quot; &quot;, size);
&gt;&gt;&gt;     CID 640959:           (CHECKED_RETURN)
&gt;&gt;&gt;     Calling &quot;strlcat&quot; without checking return value (as is done elsewhere 29 out of 33 times).
480     		strlcat(str, suffix, size);
481     		strlcat(str, plural, size);
482     	} else
483     		strlcat(str, suffix, size);
484     }
485

  </pre>

  <p>
    <a href="https://scan.coverity.com/projects/synchronet?tab=overview" class="button">View Defects in Coverity Scan</a>
  </p>

  <p>Best regards,</p>
  <p>The Coverity Scan Admin Team</p>
  <img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>
----==_mimepart_696257d4e4005_22599f2afbc97ad9ac59824--


.