New Defects reported by Coverity Scan for freerangerouting/frr
Hi, Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan. 12 new defect(s) introduced to freerangerouting/frr found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 12 of 12 defect(s) ** CID 1576456: Error handling issues (CHECKED_RETURN) /zebra/zebra_cli.c: 446 in link_params_admin_grp_magic() ________________________________________________________________________________________________________ *** CID 1576456: Error handling issues (CHECKED_RETURN) /zebra/zebra_cli.c: 446 in link_params_admin_grp_magic() 440 if (bitpattern[0] != '0' || bitpattern[1] != 'x' || 441 strlen(bitpattern) > 10) { 442 vty_out(vty, "Invalid bitpattern value\n"); 443 return CMD_WARNING_CONFIG_FAILED; 444 } 445
CID 1576456: Error handling issues (CHECKED_RETURN) Calling "sscanf" without checking return value (as is done elsewhere 46 out of 47 times).
446 sscanf(bitpattern, "%x", &value); 447 snprintf(value_str, sizeof(value_str), "%u", value); 448 449 nb_cli_enqueue_change(vty, "./legacy-admin-group", NB_OP_MODIFY, 450 value_str); 451 } else {
** CID 1576455: Null pointer dereferences (FORWARD_NULL) ________________________________________________________________________________________________________ *** CID 1576455: Null pointer dereferences (FORWARD_NULL) /zebra/zebra_cli_clippy.c: 941 in link_params_res_bw() 935 #if 0 /* anything that can fail? */ 936 if (_failcnt) 937 return CMD_WARNING; 938 #endif 939 #endif 940
CID 1576455: Null pointer dereferences (FORWARD_NULL) Passing null pointer "bandwidth" to "link_params_res_bw_magic", which dereferences it.
941 return link_params_res_bw_magic(self, vty, argc, argv, no, bandwidth); 942 } 943 944 /* link_params_ava_bw => "[no] ava-bw ![BANDWIDTH]" */ 945 DEFUN_CMD_FUNC_DECL(link_params_ava_bw) 946 #define funcdecl_link_params_ava_bw static int link_params_ava_bw_magic(\
** CID 1576454: Null pointer dereferences (FORWARD_NULL) ________________________________________________________________________________________________________ *** CID 1576454: Null pointer dereferences (FORWARD_NULL) /zebra/zebra_cli_clippy.c: 1039 in link_params_use_bw() 1033 #if 0 /* anything that can fail? */ 1034 if (_failcnt) 1035 return CMD_WARNING; 1036 #endif 1037 #endif 1038
CID 1576454: Null pointer dereferences (FORWARD_NULL) Passing null pointer "bandwidth" to "link_params_use_bw_magic", which dereferences it.
1039 return link_params_use_bw_magic(self, vty, argc, argv, no, bandwidth); 1040 } 1041 1042 /* link_params_affinity => "[no] affinity NAME..." */ 1043 DEFUN_CMD_FUNC_DECL(link_params_affinity) 1044 #define funcdecl_link_params_affinity static int link_params_affinity_magic(\
** CID 1576453: Null pointer dereferences (FORWARD_NULL) ________________________________________________________________________________________________________ *** CID 1576453: Null pointer dereferences (FORWARD_NULL) /zebra/zebra_cli_clippy.c: 990 in link_params_ava_bw() 984 #if 0 /* anything that can fail? */ 985 if (_failcnt) 986 return CMD_WARNING; 987 #endif 988 #endif 989
CID 1576453: Null pointer dereferences (FORWARD_NULL) Passing null pointer "bandwidth" to "link_params_ava_bw_magic", which dereferences it.
990 return link_params_ava_bw_magic(self, vty, argc, argv, no, bandwidth); 991 } 992 993 /* link_params_use_bw => "[no] use-bw ![BANDWIDTH]" */ 994 DEFUN_CMD_FUNC_DECL(link_params_use_bw) 995 #define funcdecl_link_params_use_bw static int link_params_use_bw_magic(\
** CID 1576452: Null pointer dereferences (FORWARD_NULL) ________________________________________________________________________________________________________ *** CID 1576452: Null pointer dereferences (FORWARD_NULL) /zebra/zebra_cli_clippy.c: 653 in link_params_admin_grp() 647 #if 0 /* anything that can fail? */ 648 if (_failcnt) 649 return CMD_WARNING; 650 #endif 651 #endif 652
CID 1576452: Null pointer dereferences (FORWARD_NULL) Passing null pointer "bitpattern" to "link_params_admin_grp_magic", which dereferences it.
653 return link_params_admin_grp_magic(self, vty, argc, argv, no, bitpattern); 654 } 655 656 /* link_params_inter_as => "[no] neighbor ![A.B.C.D$ip as (1-4294967295)$as]" */ 657 DEFUN_CMD_FUNC_DECL(link_params_inter_as) 658 #define funcdecl_link_params_inter_as static int link_params_inter_as_magic(\
** CID 1576451: Error handling issues (CHECKED_RETURN) /zebra/zebra_nb_config.c: 2223 in evpn_mh_dnode_to_esi() ________________________________________________________________________________________________________ *** CID 1576451: Error handling issues (CHECKED_RETURN) /zebra/zebra_nb_config.c: 2223 in evpn_mh_dnode_to_esi() 2217 return NB_OK; 2218 } 2219 2220 static bool evpn_mh_dnode_to_esi(const struct lyd_node *dnode, esi_t *esi) 2221 { 2222 if (yang_dnode_exists(dnode, "type-0/esi")) {
CID 1576451: Error handling issues (CHECKED_RETURN) Calling "str_to_esi" without checking return value (as is done elsewhere 8 out of 10 times).
2223 str_to_esi(yang_dnode_get_string(dnode, "type-0/esi"), esi); 2224 } else if (yang_dnode_exists(dnode, "type-3/system-mac") && 2225 yang_dnode_exists(dnode, "type-3/local-discriminator")) { 2226 struct ethaddr mac; 2227 uint32_t lid; 2228
** CID 1576450: Error handling issues (CHECKED_RETURN) /zebra/zebra_nb_config.c: 2304 in lib_interface_zebra_evpn_mh_type_0_esi_modify() ________________________________________________________________________________________________________ *** CID 1576450: Error handling issues (CHECKED_RETURN) /zebra/zebra_nb_config.c: 2304 in lib_interface_zebra_evpn_mh_type_0_esi_modify() 2298 break; 2299 case NB_EV_PREPARE: 2300 case NB_EV_ABORT: 2301 break; 2302 case NB_EV_APPLY: 2303 ifp = nb_running_get_entry(args->dnode, NULL, true);
CID 1576450: Error handling issues (CHECKED_RETURN) Calling "str_to_esi" without checking return value (as is done elsewhere 8 out of 10 times).
2304 str_to_esi(yang_dnode_get_string(args->dnode, NULL), &esi); 2305 zebra_evpn_es_type0_esi_update(ifp->info, &esi); 2306 break; 2307 } 2308 2309 return NB_OK;
** CID 1576449: Null pointer dereferences (NULL_RETURNS) /zebra/zebra_cli.c: 889 in ip_address_peer_magic() ________________________________________________________________________________________________________ *** CID 1576449: Null pointer dereferences (NULL_RETURNS) /zebra/zebra_cli.c: 889 in ip_address_peer_magic() 883 #endif 884 } 885 886 strlcpy(peer_ip, peer_str, sizeof(peer_ip)); 887 888 peer_mask = strchr(peer_ip, '/');
CID 1576449: Null pointer dereferences (NULL_RETURNS) Dereferencing "peer_mask", which is known to be "NULL".
889 *peer_mask = 0; 890 peer_mask++; 891 892 return nb_cli_apply_changes( 893 vty, 894 "./frr-zebra:zebra/ipv4-p2p-addrs[ip='%s'][peer-ip='%s'][peer-prefix-length='%s']",
** CID 1576448: Null pointer dereferences (NULL_RETURNS) /zebra/zebra_cli.c: 937 in ipv6_address_magic() ________________________________________________________________________________________________________ *** CID 1576448: Null pointer dereferences (NULL_RETURNS) /zebra/zebra_cli.c: 937 in ipv6_address_magic() 931 else 932 nb_cli_enqueue_change(vty, ".", NB_OP_CREATE, NULL); 933 934 strlcpy(ip, address_str, sizeof(ip)); 935 936 mask = strchr(ip, '/');
CID 1576448: Null pointer dereferences (NULL_RETURNS) Dereferencing "mask", which is known to be "NULL".
937 *mask = 0; 938 mask++; 939 940 return nb_cli_apply_changes(vty, 941 "./frr-zebra:zebra/ipv6-addrs[ip='%s'][prefix-length='%s']", 942 ip, mask);
** CID 1576447: Uninitialized variables (UNINIT) ________________________________________________________________________________________________________ *** CID 1576447: Uninitialized variables (UNINIT) /zebra/zebra_nb_config.c: 3049 in lib_interface_zebra_ipv6_router_advertisements_rdnss_rdnss_address_create() 3043 rdnss.lifetime = yang_dnode_get_uint32(args->dnode, "lifetime"); 3044 rdnss.lifetime_set = 1; 3045 } else { 3046 rdnss.lifetime_set = 0; 3047 } 3048
CID 1576447: Uninitialized variables (UNINIT) Using uninitialized value "rdnss". Field "rdnss.lifetime" is uninitialized when calling "rtadv_rdnss_set".
3049 p = rtadv_rdnss_set(ifp->info, &rdnss); 3050 nb_running_set_entry(args->dnode, p); 3051 3052 return NB_OK; 3053 } 3054
** CID 1576446: Uninitialized variables (UNINIT) ________________________________________________________________________________________________________ *** CID 1576446: Uninitialized variables (UNINIT) /zebra/zebra_nb_config.c: 3140 in lib_interface_zebra_ipv6_router_advertisements_dnssl_dnssl_domain_create() 3134 dnssl.lifetime = yang_dnode_get_uint32(args->dnode, "lifetime"); 3135 dnssl.lifetime_set = 1; 3136 } else { 3137 dnssl.lifetime_set = 0; 3138 } 3139
CID 1576446: Uninitialized variables (UNINIT) Using uninitialized value "dnssl". Field "dnssl.encoded_len" is uninitialized when calling "rtadv_dnssl_set".
3140 p = rtadv_dnssl_set(ifp->info, &dnssl); 3141 nb_running_set_entry(args->dnode, p); 3142 3143 return NB_OK; 3144 } 3145
** CID 1576445: Null pointer dereferences (NULL_RETURNS) /zebra/zebra_cli.c: 820 in ip_address_magic() ________________________________________________________________________________________________________ *** CID 1576445: Null pointer dereferences (NULL_RETURNS) /zebra/zebra_cli.c: 820 in ip_address_magic() 814 #endif 815 } 816 817 strlcpy(ip, address_str, sizeof(ip)); 818 819 mask = strchr(ip, '/');
CID 1576445: Null pointer dereferences (NULL_RETURNS) Dereferencing "mask", which is known to be "NULL".
820 *mask = 0; 821 mask++; 822 823 return nb_cli_apply_changes(vty, 824 "./frr-zebra:zebra/ipv4-addrs[ip='%s'][prefix-length='%s']", 825 ip, mask);
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0...
participants (1)
-
scan-admin@coverity.com