Some issues found by Claude - Historico da BBS TELESC.NET.BR

BBS:      TELESC.NET.BR
Assunto:  Some issues found by Claude
De:       Deuc¨
Data:     Fri, 17 Apr 2026 10:14:13 -0700
-----------------------------------------------------------
open https://gitlab.synchro.net/main/sbbs/-/issues/1127

```
  3. ini_file.c:443  iniRemoveValue: while (*vp != '\0' && isspace(*(vp-1))) --vp; dereferences *(vp-1) with no lower bound.
   Walks backward past '=' / key start if the value begins with whitespace. Buffer underread. Fix: pass a start pointer and
  guard vp > start.                                                                                                          
  4. ini_file.c:934  sprintf(value + strlen(value), "%u", val_list[i]) into char value[1024]. With enough list items (each
  up to 11 chars + sep) this overflows. Real overflow under pathological input. Fix: compute remaining space, use snprintf or
   SAFEPRINTF.
  5. ini_file.c:1012  same pattern; severity depends on caller's str size. Suspicious.                                      
  6. named_str_list.c:36  unchecked malloc (TODO comment admits it); leaves list with a NULL slot. No crash, but            
  inconsistent state. Fix: propagate error.                                                                                  
```
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]