Hi, Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan. 6 new defect(s) introduced to freerangerouting/frr found with Coverity Scan. 3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 6 of 6 defect(s) ** CID 1450988: Error handling issues (CHECKED_RETURN) /bgpd/bgp_evpn.c: 2533 in bgp_evpn_derive_auto_rd() ________________________________________________________________________________________________________ *** CID 1450988: Error handling issues (CHECKED_RETURN) /bgpd/bgp_evpn.c: 2533 in bgp_evpn_derive_auto_rd() 2527 { 2528 char buf[100]; 2529 2530 vpn->prd.family = AF_UNSPEC; 2531 vpn->prd.prefixlen = 64; 2532 sprintf (buf, "%s:%hu", inet_ntoa (bgp->router_id), vpn->rd_id);
CID 1450988: Error handling issues (CHECKED_RETURN) Calling "str2prefix_rd" without checking return value (as is done elsewhere 15 out of 16 times).
2533 str2prefix_rd (buf, &vpn->prd); 2534 UNSET_FLAG (vpn->flags, VNI_FLAG_RD_CFGD); 2535 } 2536 2537 /* 2538 * Lookup VNI.
** CID 1450987: Null pointer dereferences (FORWARD_NULL) /bgpd/bgp_evpn.c: 509 in add_mac_mobility_to_attr() ________________________________________________________________________________________________________ *** CID 1450987: Null pointer dereferences (FORWARD_NULL) /bgpd/bgp_evpn.c: 509 in add_mac_mobility_to_attr() 503 /* Build MM */ 504 encode_mac_mobility_extcomm (0, seq_num, &eval); 505 506 /* Find current MM ecommunity */ 507 ecom_mm = NULL; 508
CID 1450987: Null pointer dereferences (FORWARD_NULL) Comparing "attr->ecommunity" to null implies that "attr->ecommunity" might be null.
509 if (attr->ecommunity) 510 { 511 for (i = 0; i < attr->ecommunity->size; i++) 512 { 513 pnt = attr->ecommunity->val + (i * 8); 514 type = *pnt++;
** CID 1450986: (RESOURCE_LEAK) /bgpd/bgp_mpath.c: 775 in bgp_info_mpath_aggregate_update() /bgpd/bgp_mpath.c: 775 in bgp_info_mpath_aggregate_update() ________________________________________________________________________________________________________ *** CID 1450986: (RESOURCE_LEAK) /bgpd/bgp_mpath.c: 775 in bgp_info_mpath_aggregate_update() 769 bgp_attr_unintern (&old_attr); 770 bgp_info_mpath_attr_set (new_best, new_attr); 771 SET_FLAG (new_best->flags, BGP_INFO_ATTR_CHANGED); 772 } 773 else 774 bgp_attr_unintern (&new_attr);
CID 1450986: (RESOURCE_LEAK) Variable "lcomm" going out of scope leaks the storage it points to.
/bgpd/bgp_mpath.c: 775 in bgp_info_mpath_aggregate_update() 769 bgp_attr_unintern (&old_attr); 770 bgp_info_mpath_attr_set (new_best, new_attr); 771 SET_FLAG (new_best->flags, BGP_INFO_ATTR_CHANGED); 772 } 773 else 774 bgp_attr_unintern (&new_attr);
CID 1450986: (RESOURCE_LEAK) Variable "lcomm" going out of scope leaks the storage it points to.
** CID 1450985: Null pointer dereferences (REVERSE_INULL) /zebra/zebra_vxlan.c: 841 in zvni_neigh_uninstall() ________________________________________________________________________________________________________ *** CID 1450985: Null pointer dereferences (REVERSE_INULL) /zebra/zebra_vxlan.c: 841 in zvni_neigh_uninstall() 835 836 if (!(n->flags & ZEBRA_NEIGH_REMOTE)) 837 return 0; 838 839 zvrf = vrf_info_lookup(zvni->vxlan_if->vrf_id); 840 assert(zvrf);
CID 1450985: Null pointer dereferences (REVERSE_INULL) Null-checking "zvni->vxlan_if" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
841 if (!zvni->vxlan_if) 842 { 843 zlog_err ("VNI %u hash %p couldn't be uninstalled - no intf", 844 zvni->vni, zvni); 845 return -1; 846 }
** CID 1450984: Null pointer dereferences (FORWARD_NULL) /bgpd/bgp_evpn.c: 279 in map_vni_to_rt() ________________________________________________________________________________________________________ *** CID 1450984: Null pointer dereferences (FORWARD_NULL) /bgpd/bgp_evpn.c: 279 in map_vni_to_rt() 273 */ 274 memcpy (&eval_tmp, eval, ECOMMUNITY_SIZE); 275 if (!is_import_rt_configured (vpn)) 276 mask_ecom_global_admin (&eval_tmp, eval); 277 278 irt = lookup_import_rt (bgp, &eval_tmp);
CID 1450984: Null pointer dereferences (FORWARD_NULL) Comparing "irt->vnis" to null implies that "irt->vnis" might be null.
279 if (irt && irt->vnis) 280 if (is_vni_present_in_irt_vnis (irt->vnis, vpn)) 281 /* Already mapped. */ 282 return; 283 284 if (!irt)
** CID 1450983: (CONSTANT_EXPRESSION_RESULT) /bgpd/bgp_evpn.c: 2089 in evpn_mpattr_encode_type5() /bgpd/bgp_evpn.c: 2099 in evpn_mpattr_encode_type5() ________________________________________________________________________________________________________ *** CID 1450983: (CONSTANT_EXPRESSION_RESULT) /bgpd/bgp_evpn.c: 2089 in evpn_mpattr_encode_type5() 2083 else 2084 len = 32; /* ipv6 */ 2085 stream_putc(s, BGP_EVPN_IP_PREFIX_ROUTE); 2086 /* Prefix contains RD, ESI, EthTag, IP length, IP, GWIP and VNI */ 2087 stream_putc(s, 8 + 10 + 4 + 1 + len + 3); 2088 stream_put(s, prd->val, 8);
CID 1450983: (CONSTANT_EXPRESSION_RESULT) The expression "attr && attr" does not accomplish anything because it evaluates to either of its identical operands, "attr".
2089 if (attr && attr) 2090 stream_put(s, &(attr->evpn_overlay.eth_s_id), 10); 2091 else 2092 stream_put(s, &temp, 10); 2093 stream_putl(s, p_evpn_p->eth_tag); 2094 stream_putc(s, p_evpn_p->ip_prefix_length); /bgpd/bgp_evpn.c: 2099 in evpn_mpattr_encode_type5() 2093 stream_putl(s, p_evpn_p->eth_tag); 2094 stream_putc(s, p_evpn_p->ip_prefix_length); 2095 if (IS_IPADDR_V4(&p_evpn_p->ip)) 2096 stream_put_ipv4(s, p_evpn_p->ip.ipaddr_v4.s_addr); 2097 else 2098 stream_put(s, &p_evpn_p->ip.ipaddr_v6, 16);
CID 1450983: (CONSTANT_EXPRESSION_RESULT) The expression "attr && attr" does not accomplish anything because it evaluates to either of its identical operands, "attr".
2099 if (attr && attr) 2100 { 2101 if (IS_IPADDR_V4(&p_evpn_p->ip)) 2102 stream_put_ipv4(s, attr->evpn_overlay.gw_ip.ipv4. s_addr); 2103 else 2104 stream_put(s, &(attr->evpn_overlay.gw_ip.ipv6), 16);
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05... To manage Coverity Scan email notifications for "frr@lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05...