tidying

diff --git a/src/src/readconf.c b/src/src/readconf.c
index 5c0c22f53ea9c39f82ba7f48ab4b7c8520df0e71..a23a57ce86355a912c0e0e11b78fe15e003d4ba3 100644 (file)
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -2334,6 +2334,11 @@ switch (type)
   if (value < 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
     "integer \"%s\" is too large (overflow)", s);
 
+  /* We get a coverity error here for using count, as it derived
+  from the tainted buffer pointed to by s, as parsed by sscanf().
+  By the definition of sscanf we must be aceessing between start
+  and end of s (assuming it is nul-terminated...) so ignore the error.  */
+  /* coverity[tainted_data] */
   if (s[count] == '.')
     {
     int d = 100;

diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c
index c6443978630ffb4f8e1bcdc018de8d17e92f402e..278349b4a419460f3a5c01af2c7ffb98b8f88ab0 100644 (file)
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -1586,6 +1586,7 @@ lflags.dane_required = verify_check_given_host(&ob->hosts_require_dane, host) ==
 
 *message_defer = FALSE;
 smtp_command = US"initial connection";
+buffer[0] = '\0';
 if (max_rcpt == 0) max_rcpt = 999999;
 
 /* Set up the buffer for reading SMTP response packets. */
@@ -2171,10 +2172,10 @@ set it up. This cannot be done until the identify of the host is known. */
 if (tblock->filter_command != NULL)
   {
   BOOL rc;
-  uschar buffer[64];
-  sprintf(CS buffer, "%.50s transport", tblock->name);
+  uschar fbuf[64];
+  sprintf(CS fbuf, "%.50s transport", tblock->name);
   rc = transport_set_up_command(&transport_filter_argv, tblock->filter_command,
-    TRUE, DEFER, addrlist, buffer, NULL);
+    TRUE, DEFER, addrlist, fbuf, NULL);
   transport_filter_timeout = tblock->filter_timeout;
 
   /* On failure, copy the error to all addresses, abandon the SMTP call, and