diff options
-rw-r--r-- | src/src/readconf.c | 5 | ||||
-rw-r--r-- | src/src/transports/smtp.c | 7 |
2 files changed, 9 insertions, 3 deletions
diff --git a/src/src/readconf.c b/src/src/readconf.c index 5c0c22f53..a23a57ce8 100644 --- a/src/src/readconf.c +++ b/src/src/readconf.c @@ -2334,6 +2334,11 @@ switch (type) if (value < 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "integer \"%s\" is too large (overflow)", s); + /* We get a coverity error here for using count, as it derived + from the tainted buffer pointed to by s, as parsed by sscanf(). + By the definition of sscanf we must be aceessing between start + and end of s (assuming it is nul-terminated...) so ignore the error. */ + /* coverity[tainted_data] */ if (s[count] == '.') { int d = 100; diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index c64439786..278349b4a 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -1586,6 +1586,7 @@ lflags.dane_required = verify_check_given_host(&ob->hosts_require_dane, host) == *message_defer = FALSE; smtp_command = US"initial connection"; +buffer[0] = '\0'; if (max_rcpt == 0) max_rcpt = 999999; /* Set up the buffer for reading SMTP response packets. */ @@ -2171,10 +2172,10 @@ set it up. This cannot be done until the identify of the host is known. */ if (tblock->filter_command != NULL) { BOOL rc; - uschar buffer[64]; - sprintf(CS buffer, "%.50s transport", tblock->name); + uschar fbuf[64]; + sprintf(CS fbuf, "%.50s transport", tblock->name); rc = transport_set_up_command(&transport_filter_argv, tblock->filter_command, - TRUE, DEFER, addrlist, buffer, NULL); + TRUE, DEFER, addrlist, fbuf, NULL); transport_filter_timeout = tblock->filter_timeout; /* On failure, copy the error to all addresses, abandon the SMTP call, and |