Build: disable OCSP, AUTH_TLS and EXPERIMENTAL_CERTNAMES if SUPPORT_TLS is not enabled

[users/jgh/exim.git] / src / src / malware.c

diff --git a/src/src/malware.c b/src/src/malware.c
index a5944cafb6aa650d4a907b00ef8c32a49de96274..b36bf0d6442e09cfc004b606936fc0ec67b8d956 100644 (file)
--- a/src/src/malware.c
+++ b/src/src/malware.c
@@ -630,7 +630,7 @@ if (!malware_ok)
            sock);
          }
 
-       if (!(drweb_fbuf = (uschar *) malloc (fsize_uint)))
+       if (!(drweb_fbuf = US malloc(fsize_uint)))
          {
          (void)close(drweb_fd);
          return m_errlog_defer_3(scanent, NULL,
@@ -1003,7 +1003,9 @@ if (!malware_ok)
              kav_re = kav_re_inf;
              }
 
-           /* read report, linewise */
+           /* read report, linewise.  Using size from stream to read amount of data
+           from same stream is safe enough. */
+           /* coverity[tainted_data] */
            while (kav_reportlen > 0)
              {
              if ((bread = recv_line(sock, tmpbuf, sizeof(tmpbuf), tmo)) < 0)
@@ -1486,7 +1488,7 @@ if (!malware_ok)
          }
        lseek(clam_fd, 0, SEEK_SET);
 
-       if (!(clamav_fbuf = (uschar *) malloc (fsize_uint)))
+       if (!(clamav_fbuf = US malloc(fsize_uint)))
          {
          CLOSE_SOCKDATA; (void)close(clam_fd);
          return m_errlog_defer_3(scanent, NULL,