---------- Forwarded message ----------
From: <address@hidden>
Date: Wed, Nov 19, 2014 at 6:13 PM
Subject: New Defects reported by Coverity Scan for GNU Wget
To: address@hidden
Hi,
Please find the latest report on new defect(s) introduced to GNU Wget
found with Coverity Scan.
4 new defect(s) introduced to GNU Wget found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in
the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1230447: Don't call (DC.WEAK_CRYPTO)
/src/utils.c: 1890 in random_float()
** CID 1255317: Don't call (DC.WEAK_CRYPTO)
/src/utils.c: 1855 in random_number()
** CID 1255316: Logically dead code (DEADCODE)
/src/ftp-basic.c: 792 in ftp_epsv()
** CID 1255315: Logically dead code (DEADCODE)
/src/http.c: 3822 in digest_authentication_encode()
____________________________________________________________________________
____________________________ *** CID 1230447: Don't call (DC.WEAK_CRYPTO)
/src/utils.c: 1890 in random_float()
____________________________________________________________________________
____________________________ *** CID 1255317: Don't call (DC.WEAK_CRYPTO)
/src/utils.c: 1855 in random_number()
____________________________________________________________________________
____________________________ *** CID 1255316: Logically dead code
(DEADCODE)
/src/ftp-basic.c: 792 in ftp_epsv()
786 /* Finally, get the port number */
787 tport = 0;
788 for (i = 1; c_isdigit (*s); s++)
789 {
790 if (i > 5)
791 {
>>> CID 1255316: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement: "free(respline);".
792 xfree (respline);
793 return FTPINVPASV;
794 }
795 tport = (*s - '0') + 10 * tport;
796 }
797
____________________________________________________________________________
____________________________ *** CID 1255315: Logically dead code
(DEADCODE)
/src/http.c: 3822 in digest_authentication_encode()
3816 if (qop != NULL && strcmp(qop,"auth"))
3817 {
3818 logprintf (LOG_NOTQUIET, _("Unsupported quality of
protection '%s'.\n"), qop);
3819 xfree_null (qop); /* force freeing mem and return */
3820 qop = NULL;
3821 }
>>> CID 1255315: Logically dead code (DEADCODE)
>>> Execution cannot reach the expression "strcmp(algorithm, "MD5")"
>>> inside this statement: "if (algorithm != NULL && st...".
3822 else if (algorithm != NULL && strcmp (algorithm,"MD5") &&
strcmp (algorithm,"MD5-sess"))
3823 {
3824 logprintf (LOG_NOTQUIET, _("Unsupported algorithm
'%s'.\n"), algorithm);
3825 xfree_null (qop); /* force freeing mem and return */
3826 qop = NULL;
3827 }
____________________________________________________________________________
____________________________ To view the defects in Coverity Scan visit,
http://scan.coverity.com/projects/555?tab=overview
To unsubscribe from the email notification for new defects,
http://scan5.coverity.com/cgi-bin/unsubscribe.py