Hi, Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan. 32 new defect(s) introduced to freerangerouting/frr found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 20 of 32 defect(s) ** CID 1433372: Resource leaks (RESOURCE_LEAK) /eigrpd/eigrp_interface.c: 339 in eigrp_if_up() ________________________________________________________________________________________________________ *** CID 1433372: Resource leaks (RESOURCE_LEAK) /eigrpd/eigrp_interface.c: 339 in eigrp_if_up() 333 } 334 } 335 336 pe->req_action &= ~EIGRP_FSM_NEED_UPDATE; 337 listnode_delete(eigrp->topology_changes_internalIPV4, pe); 338
CID 1433372: Resource leaks (RESOURCE_LEAK) Variable "dest_addr" going out of scope leaks the storage it points to.
339 return 1; 340 } 341 342 int 343 eigrp_if_down (struct eigrp_interface *ei) 344 {
** CID 1433371: Memory - illegal accesses (OVERRUN) /eigrpd/eigrp_dump.c: 356 in show_debugging_eigrp() ________________________________________________________________________________________________________ *** CID 1433371: Memory - illegal accesses (OVERRUN) /eigrpd/eigrp_dump.c: 356 in show_debugging_eigrp() 350 /* Show debug status for EIGRP Packets. */ 351 for (i = 0; i < 11 ; i++) 352 { 353 if (i == 8) 354 continue; 355
CID 1433371: Memory - illegal accesses (OVERRUN) Overrunning array "term_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
356 if (IS_DEBUG_EIGRP_PACKET (i, SEND) && IS_DEBUG_EIGRP_PACKET (i, RECV)) 357 { 358 vty_out (vty, " EIGRP packet %s%s debugging is on%s", 359 LOOKUP (eigrp_packet_type_str, i + 1), 360 IS_DEBUG_EIGRP_PACKET (i, PACKET_DETAIL) ? " detail" : "", 361 VTY_NEWLINE);
** CID 1433370: Resource leaks (RESOURCE_LEAK) /eigrpd/eigrp_query.c: 228 in eigrp_send_query() ________________________________________________________________________________________________________ *** CID 1433370: Resource leaks (RESOURCE_LEAK) /eigrpd/eigrp_query.c: 228 in eigrp_send_query() 222 if (nbr->retrans_queue->count == 1) 223 { 224 eigrp_send_packet_reliably(nbr); 225 } 226 } 227 }
CID 1433370: Resource leaks (RESOURCE_LEAK) Variable "ep" going out of scope leaks the storage it points to.
** CID 1433369: Resource leaks (RESOURCE_LEAK) /eigrpd/eigrp_reply.c: 249 in eigrp_reply_receive() ________________________________________________________________________________________________________ *** CID 1433369: Resource leaks (RESOURCE_LEAK) /eigrpd/eigrp_reply.c: 249 in eigrp_reply_receive() 243 msg->prefix = dest; 244 int event = eigrp_get_fsm_event(msg); 245 eigrp_fsm_event(msg, event); 246 247 248 eigrp_IPv4_InternalTLV_free (tlv);
CID 1433369: Resource leaks (RESOURCE_LEAK) Variable "dest_addr" going out of scope leaks the storage it points to.
249 } 250 } 251 eigrp_hello_send_ack(nbr);
** CID 1433368: Resource leaks (RESOURCE_LEAK) /eigrpd/eigrp_siaquery.c: 114 in eigrp_siaquery_receive() ________________________________________________________________________________________________________ *** CID 1433368: Resource leaks (RESOURCE_LEAK) /eigrpd/eigrp_siaquery.c: 114 in eigrp_siaquery_receive() 108 msg->entry = entry; 109 msg->prefix = dest; 110 int event = eigrp_get_fsm_event(msg); 111 eigrp_fsm_event(msg, event); 112 } 113 eigrp_IPv4_InternalTLV_free (tlv);
CID 1433368: Resource leaks (RESOURCE_LEAK) Variable "dest_addr" going out of scope leaks the storage it points to.
114 } 115 } 116 eigrp_hello_send_ack(nbr); 117 } 118 119 void
** CID 1433367: Memory - corruptions (OVERRUN) /eigrpd/eigrp_dump.c: 526 in debug_eigrp_packets() ________________________________________________________________________________________________________ *** CID 1433367: Memory - corruptions (OVERRUN) /eigrpd/eigrp_dump.c: 526 in debug_eigrp_packets() 520 flag |= EIGRP_DEBUG_PACKET_DETAIL; 521 522 for (i = 0; i < 11; i++) 523 if (type & (0x01 << i)) 524 { 525 if (vty->node == CONFIG_NODE)
CID 1433367: Memory - corruptions (OVERRUN) Overrunning array "term_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
526 DEBUG_PACKET_ON (i, flag); 527 else 528 TERM_DEBUG_PACKET_ON (i, flag); 529 } 530 531 return CMD_SUCCESS;
** CID 1433366: Memory - corruptions (OVERRUN) /eigrpd/eigrp_packet.c: 186 in eigrp_check_md5_digest() ________________________________________________________________________________________________________ *** CID 1433366: Memory - corruptions (OVERRUN) /eigrpd/eigrp_packet.c: 186 in eigrp_check_md5_digest() 180 } 181 182 eigrph = (struct eigrp_header *) s->data; 183 eigrph->checksum = 0; 184 185 auth_TLV =(struct TLV_MD5_Authentication_Type *) (s->data + EIGRP_HEADER_LEN);
CID 1433366: Memory - corruptions (OVERRUN) Overrunning array ""0"" of 2 bytes by passing it to a function which accesses it at byte offset 15 using argument "16UL".
186 memcpy(auth_TLV->digest, "0", sizeof(auth_TLV->digest)); 187 188 ibuf = s->data; 189 backup_end = s->endp; 190 191 keychain = keychain_lookup(IF_DEF_PARAMS (nbr->ei->ifp)->auth_keychain);
** CID 1433365: Memory - corruptions (OVERRUN) /eigrpd/eigrp_dump.c: 602 in no_debug_eigrp_packets() ________________________________________________________________________________________________________ *** CID 1433365: Memory - corruptions (OVERRUN) /eigrpd/eigrp_dump.c: 602 in no_debug_eigrp_packets() 596 flag |= EIGRP_DEBUG_PACKET_DETAIL; 597 598 for (i = 0; i < 11; i++) 599 if (type & (0x01 << i)) 600 { 601 if (vty->node == CONFIG_NODE)
CID 1433365: Memory - corruptions (OVERRUN) Overrunning array "conf_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
602 DEBUG_PACKET_OFF (i, flag); 603 else 604 TERM_DEBUG_PACKET_OFF (i, flag); 605 } 606 607 return CMD_SUCCESS;
** CID 1433364: Memory - corruptions (OVERRUN) /eigrpd/eigrp_dump.c: 602 in no_debug_eigrp_packets() ________________________________________________________________________________________________________ *** CID 1433364: Memory - corruptions (OVERRUN) /eigrpd/eigrp_dump.c: 602 in no_debug_eigrp_packets() 596 flag |= EIGRP_DEBUG_PACKET_DETAIL; 597 598 for (i = 0; i < 11; i++) 599 if (type & (0x01 << i)) 600 { 601 if (vty->node == CONFIG_NODE)
CID 1433364: Memory - corruptions (OVERRUN) Overrunning array "term_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
602 DEBUG_PACKET_OFF (i, flag); 603 else 604 TERM_DEBUG_PACKET_OFF (i, flag); 605 } 606 607 return CMD_SUCCESS;
** CID 1433363: Memory - corruptions (OVERRUN) /eigrpd/eigrp_dump.c: 526 in debug_eigrp_packets() ________________________________________________________________________________________________________ *** CID 1433363: Memory - corruptions (OVERRUN) /eigrpd/eigrp_dump.c: 526 in debug_eigrp_packets() 520 flag |= EIGRP_DEBUG_PACKET_DETAIL; 521 522 for (i = 0; i < 11; i++) 523 if (type & (0x01 << i)) 524 { 525 if (vty->node == CONFIG_NODE)
CID 1433363: Memory - corruptions (OVERRUN) Overrunning array "conf_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
526 DEBUG_PACKET_ON (i, flag); 527 else 528 TERM_DEBUG_PACKET_ON (i, flag); 529 } 530 531 return CMD_SUCCESS;
** CID 1433362: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /eigrpd/eigrp_topology.c: 467 in eigrp_topology_update_node_flags() ________________________________________________________________________________________________________ *** CID 1433362: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /eigrpd/eigrp_topology.c: 467 in eigrp_topology_update_node_flags() 461 struct listnode *node; 462 struct eigrp_neighbor_entry *entry; 463 struct eigrp * eigrp = eigrp_lookup(); 464 465 for (ALL_LIST_ELEMENTS_RO(dest->entries, node, entry)) 466 {
CID 1433362: Integer handling issues (OVERFLOW_BEFORE_WIDEN) Potentially overflowing expression "dest->distance * eigrp->variance" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
467 if ((entry->distance <= (uint64_t)(dest->distance*eigrp->variance)) && 468 entry->distance != EIGRP_MAX_METRIC) // is successor 469 { 470 entry->flags |= EIGRP_NEIGHBOR_ENTRY_SUCCESSOR_FLAG; 471 entry->flags &= ~EIGRP_NEIGHBOR_ENTRY_FSUCCESSOR_FLAG; 472 }
** CID 1433361: Null pointer dereferences (NULL_RETURNS) /eigrpd/eigrp_dump.c: 315 in show_ip_eigrp_prefix_entry() ________________________________________________________________________________________________________ *** CID 1433361: Null pointer dereferences (NULL_RETURNS) /eigrpd/eigrp_dump.c: 315 in show_ip_eigrp_prefix_entry() 309 310 void 311 show_ip_eigrp_prefix_entry (struct vty *vty, struct eigrp_prefix_entry *tn) 312 { 313 vty_out (vty, "%-3c",(tn->state > 0) ? 'A' : 'P'); 314 vty_out (vty, "%s/%u, ",inet_ntoa (tn->destination_ipv4->prefix),tn->destination_ipv4->prefixlen);
CID 1433361: Null pointer dereferences (NULL_RETURNS) Dereferencing a null pointer "eigrp_topology_get_successor(tn)".
315 vty_out (vty, "%u successors, ",eigrp_topology_get_successor(tn)->count); 316 vty_out (vty, "FD is %u, serno: %lu %s",tn->fdistance, tn->serno, VTY_NEWLINE); 317 } 318 319 void 320 show_ip_eigrp_neighbor_entry (struct vty *vty, struct eigrp *eigrp, struct eigrp_neighbor_entry *te)
** CID 1433360: Null pointer dereferences (NULL_RETURNS) /eigrpd/eigrp_packet.c: 276 in eigrp_make_sha256_digest() ________________________________________________________________________________________________________ *** CID 1433360: Null pointer dereferences (NULL_RETURNS) /eigrpd/eigrp_packet.c: 276 in eigrp_make_sha256_digest() 270 key = key_lookup_for_send(keychain); 271 272 // saved_len[index] = strnzcpyn(saved_key[index], key, 273 // PLAINTEXT_LENGTH + 1); 274 275 source_ip = calloc(16, sizeof(char));
CID 1433360: Null pointer dereferences (NULL_RETURNS) Dereferencing a pointer that might be null "source_ip" when calling "inet_ntop".
276 inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, 16); 277 278 memset(&ctx, 0, sizeof(ctx)); 279 buffer[0] = '\n'; 280 memcpy(buffer + 1, key, strlen (key->string)); 281 memcpy(buffer + 1 + strlen(key->string), source_ip, strlen(source_ip));
** CID 1433359: (FORWARD_NULL) /eigrpd/eigrp_filter.c: 219 in eigrp_distribute_update() /eigrpd/eigrp_filter.c: 222 in eigrp_distribute_update() /eigrpd/eigrp_filter.c: 226 in eigrp_distribute_update() ________________________________________________________________________________________________________ *** CID 1433359: (FORWARD_NULL) /eigrpd/eigrp_filter.c: 219 in eigrp_distribute_update() 213 /* Access-list for interface in */ 214 if (dist->list[DISTRIBUTE_V4_IN]) 215 { 216 zlog_info("<DEBUG ACL in"); 217 alist = access_list_lookup (AFI_IP, dist->list[DISTRIBUTE_V4_IN]); 218 if (alist){
CID 1433359: (FORWARD_NULL) Dereferencing null pointer "ei".
219 ei->list[EIGRP_FILTER_IN] = alist; 220 } 221 else 222 ei->list[EIGRP_FILTER_IN] = NULL; 223 } 224 else /eigrpd/eigrp_filter.c: 222 in eigrp_distribute_update() 216 zlog_info("<DEBUG ACL in"); 217 alist = access_list_lookup (AFI_IP, dist->list[DISTRIBUTE_V4_IN]); 218 if (alist){ 219 ei->list[EIGRP_FILTER_IN] = alist; 220 } 221 else
CID 1433359: (FORWARD_NULL) Dereferencing null pointer "ei".
222 ei->list[EIGRP_FILTER_IN] = NULL; 223 } 224 else 225 { 226 ei->list[EIGRP_FILTER_IN] = NULL; 227 } /eigrpd/eigrp_filter.c: 226 in eigrp_distribute_update() 220 } 221 else 222 ei->list[EIGRP_FILTER_IN] = NULL; 223 } 224 else 225 {
CID 1433359: (FORWARD_NULL) Dereferencing null pointer "ei".
226 ei->list[EIGRP_FILTER_IN] = NULL; 227 } 228 229 /* Access-list for interface in */ 230 if (dist->list[DISTRIBUTE_V4_OUT]) 231 {
** CID 1433358: Null pointer dereferences (FORWARD_NULL) /eigrpd/eigrp_interface.c: 301 in eigrp_if_up() ________________________________________________________________________________________________________ *** CID 1433358: Null pointer dereferences (FORWARD_NULL) /eigrpd/eigrp_interface.c: 301 in eigrp_if_up() 295 struct prefix_ipv4 *dest_addr = prefix_ipv4_new (); 296 297 dest_addr->family = AF_INET; 298 dest_addr->prefix = ei->connected->address->u.prefix4; 299 dest_addr->prefixlen = ei->connected->address->prefixlen; 300 apply_mask_ipv4 (dest_addr);
CID 1433358: Null pointer dereferences (FORWARD_NULL) Dereferencing null pointer "eigrp".
301 pe = eigrp_topology_table_lookup_ipv4 (eigrp->topology_table, dest_addr); 302 303 if (pe == NULL) 304 { 305 pe = eigrp_prefix_entry_new (); 306 pe->serno = eigrp->serno;
** CID 1433357: Null pointer dereferences (FORWARD_NULL) /eigrpd/eigrp_packet.c: 280 in eigrp_make_sha256_digest() ________________________________________________________________________________________________________ *** CID 1433357: Null pointer dereferences (FORWARD_NULL) /eigrpd/eigrp_packet.c: 280 in eigrp_make_sha256_digest() 274 275 source_ip = calloc(16, sizeof(char)); 276 inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, 16); 277 278 memset(&ctx, 0, sizeof(ctx)); 279 buffer[0] = '\n';
CID 1433357: Null pointer dereferences (FORWARD_NULL) Dereferencing null pointer "key".
280 memcpy(buffer + 1, key, strlen (key->string)); 281 memcpy(buffer + 1 + strlen(key->string), source_ip, strlen(source_ip)); 282 HMAC__SHA256_Init(&ctx, buffer, 1 + strlen (key->string) + strlen(source_ip)); 283 HMAC__SHA256_Update(&ctx, ibuf, strlen(ibuf)); 284 HMAC__SHA256_Final(digest, &ctx); 285
** CID 1433356: (FORWARD_NULL) /eigrpd/eigrp_packet.c: 202 in eigrp_check_md5_digest() /eigrpd/eigrp_packet.c: 213 in eigrp_check_md5_digest() ________________________________________________________________________________________________________ *** CID 1433356: (FORWARD_NULL) /eigrpd/eigrp_packet.c: 202 in eigrp_check_md5_digest() 196 MD5Init(&ctx); 197 198 /* Generate a digest. Each situation needs different handling */ 199 if(flags & EIGRP_AUTH_BASIC_HELLO_FLAG) 200 { 201 MD5Update(&ctx, ibuf, EIGRP_MD5_BASIC_COMPUTE);
CID 1433356: (FORWARD_NULL) Dereferencing null pointer "key".
202 MD5Update(&ctx, key->string, strlen(key->string)); 203 if(strlen(key->string) < 16) 204 MD5Update(&ctx, zeropad, 16 - strlen(key->string)); 205 } 206 else if(flags & EIGRP_AUTH_UPDATE_INIT_FLAG) 207 { /eigrpd/eigrp_packet.c: 213 in eigrp_check_md5_digest() 207 { 208 MD5Update(&ctx, ibuf, EIGRP_MD5_UPDATE_INIT_COMPUTE); 209 } 210 else if(flags & EIGRP_AUTH_UPDATE_FLAG) 211 { 212 MD5Update(&ctx, ibuf, EIGRP_MD5_BASIC_COMPUTE);
CID 1433356: (FORWARD_NULL) Dereferencing null pointer "key".
213 MD5Update(&ctx, key->string, strlen(key->string)); 214 if(strlen(key->string) < 16) 215 MD5Update(&ctx, zeropad, 16 - strlen(key->string)); 216 if(backup_end > (EIGRP_HEADER_LEN + EIGRP_AUTH_MD5_TLV_SIZE)) 217 { 218 MD5Update(&ctx, ibuf + (EIGRP_HEADER_LEN + EIGRP_AUTH_MD5_TLV_SIZE),
** CID 1433355: Error handling issues (CHECKED_RETURN) /eigrpd/eigrpd.c: 190 in eigrp_new() ________________________________________________________________________________________________________ *** CID 1433355: Error handling issues (CHECKED_RETURN) /eigrpd/eigrpd.c: 190 in eigrp_new() 184 eigrp->t_read = thread_add_read(master, eigrp_read, eigrp, eigrp->fd); 185 eigrp->oi_write_q = list_new(); 186 187 eigrp->topology_table = eigrp_topology_new(); 188 189 eigrp->neighbor_self = eigrp_nbr_new(NULL);
CID 1433355: Error handling issues (CHECKED_RETURN) Calling "inet_aton" without checking return value (as is done elsewhere 72 out of 79 times).
190 inet_aton("127.0.0.1", &eigrp->neighbor_self->src); 191 192 eigrp->variance = EIGRP_VARIANCE_DEFAULT; 193 eigrp->max_paths = EIGRP_MAX_PATHS_DEFAULT; 194 195 eigrp->serno = 0;
** CID 1433386: (USE_AFTER_FREE) /eigrpd/eigrp_hello.c: 395 in eigrp_hello_receive() ________________________________________________________________________________________________________ *** CID 1433386: (USE_AFTER_FREE) /eigrpd/eigrp_hello.c: 351 in eigrp_hello_receive() 345 zlog_debug(" General TLV(%s)", LOOKUP(eigrp_general_tlv_type_str, type)); 346 347 // determine what General TLV is being processed 348 switch (type) 349 { 350 case EIGRP_TLV_PARAMETER:
CID 1433386: (USE_AFTER_FREE) Calling "eigrp_hello_parameter_decode" dereferences freed pointer "nbr".
351 eigrp_hello_parameter_decode(nbr, tlv_header); 352 break; 353 case EIGRP_TLV_AUTH: 354 { 355 if(eigrp_hello_authentication_decode(s,tlv_header,nbr) == 0) 356 return; /eigrpd/eigrp_hello.c: 369 in eigrp_hello_receive() 363 case EIGRP_TLV_SW_VERSION: 364 eigrp_sw_version_decode(nbr, tlv_header); 365 break; 366 case EIGRP_TLV_NEXT_MCAST_SEQ: 367 break; 368 case EIGRP_TLV_PEER_TERMINATION:
CID 1433386: (USE_AFTER_FREE) Calling "eigrp_peer_termination_decode" dereferences freed pointer "nbr".
369 eigrp_peer_termination_decode(nbr, tlv_header); 370 break; 371 case EIGRP_TLV_PEER_MTRLIST: 372 case EIGRP_TLV_PEER_TIDLIST: 373 break; 374 default: /eigrpd/eigrp_hello.c: 390 in eigrp_hello_receive() 384 385 /*If received packet is hello with Parameter TLV*/ 386 if (ntohl(eigrph->ack) == 0) 387 { 388 /* increment statistics. */ 389 ei->hello_in++;
CID 1433386: (USE_AFTER_FREE) Calling "eigrp_nbr_state_update" dereferences freed pointer "nbr".
390 eigrp_nbr_state_update(nbr); 391 392 } 393 394 if (IS_DEBUG_EIGRP_PACKET(0, RECV)) 395 zlog_debug("Hello Packet received from %s", inet_ntoa(nbr->src)); /eigrpd/eigrp_hello.c: 395 in eigrp_hello_receive() 389 ei->hello_in++; 390 eigrp_nbr_state_update(nbr); 391 392 } 393 394 if (IS_DEBUG_EIGRP_PACKET(0, RECV))
CID 1433386: (USE_AFTER_FREE) Dereferencing freed pointer "nbr".
395 zlog_debug("Hello Packet received from %s", inet_ntoa(nbr->src)); 396 } 397 398 /** 399 * @fn eigrp_sw_version_encode 400 * /eigrpd/eigrp_hello.c: 369 in eigrp_hello_receive() 363 case EIGRP_TLV_SW_VERSION: 364 eigrp_sw_version_decode(nbr, tlv_header); 365 break; 366 case EIGRP_TLV_NEXT_MCAST_SEQ: 367 break; 368 case EIGRP_TLV_PEER_TERMINATION:
CID 1433386: (USE_AFTER_FREE) Calling "eigrp_peer_termination_decode" dereferences freed pointer "nbr".
369 eigrp_peer_termination_decode(nbr, tlv_header); 370 break; 371 case EIGRP_TLV_PEER_MTRLIST: 372 case EIGRP_TLV_PEER_TIDLIST: 373 break; 374 default: /eigrpd/eigrp_hello.c: 390 in eigrp_hello_receive() 384 385 /*If received packet is hello with Parameter TLV*/ 386 if (ntohl(eigrph->ack) == 0) 387 { 388 /* increment statistics. */ 389 ei->hello_in++;
CID 1433386: (USE_AFTER_FREE) Calling "eigrp_nbr_state_update" dereferences freed pointer "nbr".
390 eigrp_nbr_state_update(nbr); 391 392 } 393 394 if (IS_DEBUG_EIGRP_PACKET(0, RECV)) 395 zlog_debug("Hello Packet received from %s", inet_ntoa(nbr->src));
** CID 1433385: Code maintainability issues (UNUSED_VALUE) /eigrpd/eigrp_packet.c: 641 in eigrp_read() ________________________________________________________________________________________________________ *** CID 1433385: Code maintainability issues (UNUSED_VALUE) /eigrpd/eigrp_packet.c: 641 in eigrp_read() 635 eigrp_nbr_state_set(nbr, EIGRP_NEIGHBOR_UP); 636 zlog_info("Neighbor adjacency became full"); 637 nbr->init_sequence_number = 0; 638 nbr->recv_sequence_number = ntohl(eigrph->sequence); 639 eigrp_update_send_EOT(nbr); 640 }
CID 1433385: Code maintainability issues (UNUSED_VALUE) Assigning value from "eigrp_fifo_pop_tail(nbr->retrans_queue)" to "ep" here, but that stored value is overwritten before it can be used.
641 ep = eigrp_fifo_pop_tail(nbr->retrans_queue); 642 /*eigrp_packet_free(ep);*/ 643 if (nbr->retrans_queue->count > 0) 644 { 645 eigrp_send_packet_reliably(nbr); 646 }
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05... To manage Coverity Scan email notifications for "frr@lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05...