Hi, Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan. 3 new defect(s) introduced to freerangerouting/frr found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 1431868: Memory - corruptions (OVERRUN) /zebra/zserv.c: 1602 in zread_ipv6_add() ________________________________________________________________________________________________________ *** CID 1431868: Memory - corruptions (OVERRUN) /zebra/zserv.c: 1602 in zread_ipv6_add() 1596 /* For labeled-unicast, each nexthop is followed by label. */ 1597 if (CHECK_FLAG (message, ZAPI_MESSAGE_LABEL)) 1598 { 1599 label = (mpls_label_t)stream_getl (s); 1600 labels[nh_count++] = label; 1601 }

...

...

CID 1431868: Memory - corruptions (OVERRUN) Overrunning array "nexthops" of 64 16-byte elements at element index 64 (byte offset 1024) using index "nh_count++" (which evaluates to 64).

1602 nexthops[nh_count++] = nhop_addr; 1603 } 1604 break; 1605 case NEXTHOP_TYPE_IFINDEX: 1606 if (if_count < multipath_num) { 1607 ifindices[if_count++] = stream_getl (s);

** CID 1431867: Null pointer dereferences (FORWARD_NULL) /lib/nexthop.c: 108 in nexthop_labels_match() ________________________________________________________________________________________________________ *** CID 1431867: Null pointer dereferences (FORWARD_NULL) /lib/nexthop.c: 108 in nexthop_labels_match() 102 103 nhl1 = nh1->nh_label; 104 nhl2 = nh2->nh_label; 105 if ((nhl1 && !nhl2) || (!nhl1 && nhl2)) 106 return 0; 107

...

...

CID 1431867: Null pointer dereferences (FORWARD_NULL) Dereferencing null pointer "nhl1".

108 if (nhl1->num_labels != nhl2->num_labels) 109 return 0; 110 111 if (memcmp (nhl1->label, nhl2->label, nhl1->num_labels)) 112 return 0; 113

** CID 1431866: Error handling issues (CHECKED_RETURN) /zebra/zebra_mpls.c: 922 in lsp_schedule() ________________________________________________________________________________________________________ *** CID 1431866: Error handling issues (CHECKED_RETURN) /zebra/zebra_mpls.c: 922 in lsp_schedule() 916 static void 917 lsp_schedule (struct hash_backet *backet, void *ctxt) 918 { 919 zebra_lsp_t *lsp; 920 921 lsp = (zebra_lsp_t *) backet->data;

...

...

CID 1431866: Error handling issues (CHECKED_RETURN) Calling "lsp_processq_add" without checking return value (as is done elsewhere 5 out of 6 times).

922 lsp_processq_add (lsp); 923 } 924 925 /* 926 * Process a LSP entry that is in the queue. Recalculate best NHLFE and 927 * any multipaths and update or delete from the kernel, as needed.

________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05... To manage Coverity Scan email notifications for "frr@lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05...