I have been analysed the coverity scan <http://scan.coverity.com/> of Fedora libotr-3.2.0-6 package and they have been found following problems:
/src/auth.c:385, 416, 523 - Constant expression result: "privkey->pubkey_type >> 16" is 0 regardless of the values of its operands /src/serial.h:67 - Suspicious implicit sign extension: "bufp[0]" with type "unsigned char" (8 bits, unsigned) is promoted in "(bufp[0] << 24) | (bufp[1] << 16) | (bufp[2] << 8) | bufp[3]" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "(bufp[0] << 24) | (bufp[1] << 16) | (bufp[2] << 8) | bufp[3]" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1. /toolkit/otr_readforge.c:112 - Allocating insufficient memory for the terminating null of the string. /src/proto.c:783 - Potential resource leak of variable newfrag in else statement. /src/context.c:322, /src/privkey.c:622 - Suspicious while condition. Please check mentioned issues and if you are interested on whole coverity scan report, it is possible to send it to you. Michal Luscon
_______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
