Hi, Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan. 5 new defect(s) introduced to freerangerouting/frr found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 5 of 5 defect(s) ** CID 1486648: Incorrect expression (CONSTANT_EXPRESSION_RESULT) /pbrd/pbr_nht.c: 713 in pbr_nht_individual_nexthop_gw_update() ________________________________________________________________________________________________________ *** CID 1486648: Incorrect expression (CONSTANT_EXPRESSION_RESULT) /pbrd/pbr_nht.c: 713 in pbr_nht_individual_nexthop_gw_update() 707 708 if (!pnhi->nhr->nexthop_num) { 709 is_valid = false; 710 goto done; 711 } 712
CID 1486648: Incorrect expression (CONSTANT_EXPRESSION_RESULT) The expression "pnhc->nexthop->type == NEXTHOP_TYPE_IPV4_IFINDEX || pnhc->nexthop->type == NEXTHOP_TYPE_IPV4_IFINDEX" does not accomplish anything because it evaluates to either of its identical operands, "pnhc->nexthop->type == NEXTHOP_TYPE_IPV4_IFINDEX".
713 if (pnhc->nexthop->type == NEXTHOP_TYPE_IPV4_IFINDEX 714 || pnhc->nexthop->type == NEXTHOP_TYPE_IPV4_IFINDEX) { 715 716 /* GATEWAY_IFINDEX type shouldn't resolve to group */ 717 if (pnhi->nhr->nexthop_num > 1) { 718 is_valid = false;
** CID 1486647: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /bgpd/bgp_routemap.c: 280 in route_match_peer() ________________________________________________________________________________________________________ *** CID 1486647: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /bgpd/bgp_routemap.c: 280 in route_match_peer() 274 */ 275 if (sockunion_same(su, &su_def)) { 276 int ret; 277 if (CHECK_FLAG(peer->rmap_type, PEER_RMAP_TYPE_NETWORK) 278 || CHECK_FLAG(peer->rmap_type, 279 PEER_RMAP_TYPE_REDISTRIBUTE)
CID 1486647: Integer handling issues (CONSTANT_EXPRESSION_RESULT) "peer->rmap_type & (256 /* 1 << 8 */)" is always 0 regardless of the values of its operands. This occurs as the logical second operand of "||".
280 || CHECK_FLAG(peer->rmap_type, 281 PEER_RMAP_TYPE_AGGREGATE) 282 || CHECK_FLAG(peer->rmap_type, 283 PEER_RMAP_TYPE_DEFAULT)) 284 ret = RMAP_MATCH; 285 else
** CID 1486646: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /bgpd/bgp_attr.c: 804 in bgp_attr_aggregate_intern() ________________________________________________________________________________________________________ *** CID 1486646: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /bgpd/bgp_attr.c: 804 in bgp_attr_aggregate_intern() 798 struct bgp_path_info rmap_path; 799 800 memset(&rmap_path, 0, sizeof(struct bgp_path_info)); 801 rmap_path.peer = bgp->peer_self; 802 rmap_path.attr = &attr_tmp; 803
CID 1486646: Integer handling issues (CONSTANT_EXPRESSION_RESULT) In "bgp->peer_self->rmap_type |= 256 /* 1 << 8 */", wider "256 /* 1 << 8 */" has high-order bits (0x100) that don't affect the narrower left-hand side.
804 SET_FLAG(bgp->peer_self->rmap_type, PEER_RMAP_TYPE_AGGREGATE); 805 806 ret = route_map_apply(aggregate->rmap.map, p, RMAP_BGP, 807 &rmap_path); 808 809 bgp->peer_self->rmap_type = 0;
** CID 1486645: Null pointer dereferences (REVERSE_INULL) /isisd/isis_te.c: 84 in isis_link_params_update() ________________________________________________________________________________________________________ *** CID 1486645: Null pointer dereferences (REVERSE_INULL) /isisd/isis_te.c: 84 in isis_link_params_update() 78 79 /* Check if TE is enable or not */ 80 if (!circuit->area || !IS_MPLS_TE(circuit->area->mta)) 81 return; 82 83 /* Sanity Check */
CID 1486645: Null pointer dereferences (REVERSE_INULL) Null-checking "circuit" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
84 if ((circuit == NULL) || (ifp == NULL) 85 || (circuit->state != C_STATE_UP)) 86 return; 87 88 zlog_debug("TE(%s): Update circuit parameters for interface %s", 89 circuit->area->area_tag, ifp->name);
** CID 1486644: Null pointer dereferences (NULL_RETURNS) /lib/if.c: 1511 in lib_interface_lookup_entry() ________________________________________________________________________________________________________ *** CID 1486644: Null pointer dereferences (NULL_RETURNS) /lib/if.c: 1511 in lib_interface_lookup_entry() 1505 const struct yang_list_keys *keys) 1506 { 1507 const char *ifname = keys->key[0]; 1508 const char *vrfname = keys->key[1]; 1509 struct vrf *vrf = vrf_lookup_by_name(vrfname); 1510
CID 1486644: Null pointer dereferences (NULL_RETURNS) Dereferencing "vrf", which is known to be "NULL".
1511 return if_lookup_by_name(ifname, vrf->vrf_id); 1512 } 1513 1514 /* 1515 * XPath: /frr-interface:lib/interface/description 1516 */
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05...