BBS:      TELESC.NET.BR
Assunto:  src/sbbs3/ssl.c
De:       Rob Swindell (on Debian Linux)
Data:     Wed, 6 May 2026 19:41:53 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/c34274cdbba23fb7f5bcba2a
Modified Files:
	src/sbbs3/ssl.c
Log Message:
ssl: suppress destroy_session false positives (CIDs 479100, 530506)

  CID 530506 (psess->next MISSING_LOCK): Coverity confused the two
  distinct list mutexes. sess_list nodes (and their next fields) are
  protected by ssl_sess_list_mutex, which IS held at the flagged write.
  The cert_list (separate list, separate mutex) shares the cert_list
  struct type but has no overlap  a node lives in exactly one list at
  a time.

  CID 479100 (sess ATOMICITY across two locked sections): After sess is
  removed from sess_list under ssl_sess_list_mutex, no other thread can
  reach it via either list. It's thread-local until appended to
  cert_list under ssl_cert_list_mutex. The "second locked section" only
  touches a pointer this thread exclusively owns.

Add SUPPRESS comments documenting both invariants.

Co-Authored-By: Claude Opus 4.7 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]