Fix DKIM verify when used with CHUNKING. Bug 2016

[exim.git] / src / src / malware.c

diff --git a/src/src/malware.c b/src/src/malware.c
index a5944cafb6aa650d4a907b00ef8c32a49de96274..e1eff16cf9df4c0ae1a0c60048e5d8f6bf10f821 100644 (file)
--- a/src/src/malware.c
+++ b/src/src/malware.c
@@ -630,7 +630,7 @@ if (!malware_ok)
            sock);
          }
 
-       if (!(drweb_fbuf = (uschar *) malloc (fsize_uint)))
+       if (!(drweb_fbuf = US malloc(fsize_uint)))
          {
          (void)close(drweb_fd);
          return m_errlog_defer_3(scanent, NULL,
@@ -966,7 +966,7 @@ if (!malware_ok)
                US"reported 'kavdaemon damaged' (code 7).", sock);
       }
 
-      /* code 8 is not handled, since it is ambigous. It appears mostly on
+      /* code 8 is not handled, since it is ambiguous. It appears mostly on
       bounces where part of a file has been cut off */
 
       /* "virus found" return codes (2-4) */
@@ -1003,7 +1003,9 @@ if (!malware_ok)
              kav_re = kav_re_inf;
              }
 
-           /* read report, linewise */
+           /* read report, linewise.  Using size from stream to read amount of data
+           from same stream is safe enough. */
+           /* coverity[tainted_data] */
            while (kav_reportlen > 0)
              {
              if ((bread = recv_line(sock, tmpbuf, sizeof(tmpbuf), tmo)) < 0)
@@ -1486,7 +1488,7 @@ if (!malware_ok)
          }
        lseek(clam_fd, 0, SEEK_SET);
 
-       if (!(clamav_fbuf = (uschar *) malloc (fsize_uint)))
+       if (!(clamav_fbuf = US malloc(fsize_uint)))
          {
          CLOSE_SOCKDATA; (void)close(clam_fd);
          return m_errlog_defer_3(scanent, NULL,