New Defects reported by Coverity Scan for freerangerouting/frr
Hi, Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan. 9 new defect(s) introduced to freerangerouting/frr found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 9 of 9 defect(s) ** CID 1453456: Error handling issues (CHECKED_RETURN) /lib/libfrr.c: 774 in frr_daemon_ctl() ________________________________________________________________________________________________________ *** CID 1453456: Error handling issues (CHECKED_RETURN) /lib/libfrr.c: 774 in frr_daemon_ctl() 768 if (nr <= 0) 769 return 0; 770 771 switch (buf[0]) { 772 case 'S': /* SIGTSTP */ 773 vty_stdio_suspend();
CID 1453456: Error handling issues (CHECKED_RETURN) Calling "send(daemon_ctl_sock, "s", 1UL, 0)" without checking return value. This library function may fail and return an error code.
774 send(daemon_ctl_sock, "s", 1, 0); 775 break; 776 case 'R': /* SIGTCNT [implicit] */ 777 vty_stdio_resume(); 778 break; 779 case 'I': /* SIGINT */
** CID 1453455: Null pointer dereferences (NULL_RETURNS) /bgpd/bgpd.c: 2585 in peer_group_bind() ________________________________________________________________________________________________________ *** CID 1453455: Null pointer dereferences (NULL_RETURNS) /bgpd/bgpd.c: 2585 in peer_group_bind() 2579 } 2580 2581 if (peer->group) { 2582 assert(group && peer->group == group); 2583 } else { 2584 struct listnode *pn;
CID 1453455: Null pointer dereferences (NULL_RETURNS) Assigning: "pn" = null return value from "listnode_lookup".
2585 pn = listnode_lookup(bgp->peer, peer); 2586 list_delete_node(bgp->peer, pn); 2587 peer->group = group; 2588 listnode_add_sort(bgp->peer, peer); 2589 2590 peer = peer_lock(peer); /* group->peer list reference */
** CID 1453454: (RESOURCE_LEAK) /zebra/zebra_vxlan.c: 1397 in zvni_gw_macip_del() /zebra/zebra_vxlan.c: 1407 in zvni_gw_macip_del() ________________________________________________________________________________________________________ *** CID 1453454: (RESOURCE_LEAK) /zebra/zebra_vxlan.c: 1397 in zvni_gw_macip_del() 1391 if (!n) 1392 return 0; 1393 1394 /* mac entry should be present */ 1395 mac = zvni_mac_lookup(zvni, &n->emac); 1396 if (!mac)
CID 1453454: (RESOURCE_LEAK) Failing to save or free storage allocated by "prefix_mac2str(&n->emac, NULL, 18)" leaks it.
1397 zlog_err("%u: MAC %s doesnt exsists for neigh %s on VNI %u", 1398 ifp->vrf_id, 1399 prefix_mac2str(&n->emac, NULL, ETHER_ADDR_STRLEN), 1400 ipaddr2str(ip, buf2, sizeof(buf2)), zvni->vni); 1401 1402 /* If the entry is not local nothing to do*/ /zebra/zebra_vxlan.c: 1407 in zvni_gw_macip_del() 1401 1402 /* If the entry is not local nothing to do*/ 1403 if (!CHECK_FLAG(n->flags, ZEBRA_NEIGH_LOCAL)) 1404 return -1; 1405 1406 if (IS_ZEBRA_DEBUG_VXLAN)
CID 1453454: (RESOURCE_LEAK) Failing to save or free storage allocated by "prefix_mac2str(&n->emac, NULL, 18)" leaks it.
1407 zlog_debug( 1408 "%u:SVI %s(%u) VNI %u, sending GW MAC %s IP %s del to BGP", 1409 ifp->vrf_id, ifp->name, ifp->ifindex, zvni->vni, 1410 prefix_mac2str(&(n->emac), NULL, ETHER_ADDR_STRLEN), 1411 ipaddr2str(ip, buf2, sizeof(buf2))); 1412
** CID 1453453: Null pointer dereferences (FORWARD_NULL) /zebra/zebra_vxlan.c: 1396 in zvni_gw_macip_del() ________________________________________________________________________________________________________ *** CID 1453453: Null pointer dereferences (FORWARD_NULL) /zebra/zebra_vxlan.c: 1396 in zvni_gw_macip_del() 1390 n = zvni_neigh_lookup(zvni, ip); 1391 if (!n) 1392 return 0; 1393 1394 /* mac entry should be present */ 1395 mac = zvni_mac_lookup(zvni, &n->emac);
CID 1453453: Null pointer dereferences (FORWARD_NULL) Comparing "mac" to null implies that "mac" might be null.
1396 if (!mac) 1397 zlog_err("%u: MAC %s doesnt exsists for neigh %s on VNI %u", 1398 ifp->vrf_id, 1399 prefix_mac2str(&n->emac, NULL, ETHER_ADDR_STRLEN), 1400 ipaddr2str(ip, buf2, sizeof(buf2)), zvni->vni); 1401
** CID 1453452: Control flow issues (DEADCODE) /bgpd/bgp_route.c: 10267 in bgp_show_neighbor_route() ________________________________________________________________________________________________________ *** CID 1453452: Control flow issues (DEADCODE) /bgpd/bgp_route.c: 10267 in bgp_show_neighbor_route() 10261 vty_out(vty, "%% No such neighbor or address family\n"); 10262 return CMD_WARNING; 10263 } 10264 10265 /* labeled-unicast routes live in the unicast table */ 10266 if (safi == SAFI_LABELED_UNICAST)
CID 1453452: Control flow issues (DEADCODE) Execution cannot reach this statement: "safi = SAFI_UNICAST;".
10267 safi = SAFI_UNICAST; 10268 10269 return bgp_show(vty, peer->bgp, afi, safi, type, &peer->su, use_json); 10270 } 10271 10272 DEFUN (show_ip_bgp_neighbor_routes,
** CID 1453451: Error handling issues (NEGATIVE_RETURNS) /lib/libfrr.c: 752 in frr_terminal_close() ________________________________________________________________________________________________________ *** CID 1453451: Error handling issues (NEGATIVE_RETURNS) /lib/libfrr.c: 752 in frr_terminal_close() 746 } else { 747 printf("\n%s daemonizing\n", di->name); 748 fflush(stdout); 749 } 750 751 int nullfd = open("/dev/null", O_RDONLY | O_NOCTTY);
CID 1453451: Error handling issues (NEGATIVE_RETURNS) "nullfd" is passed to a parameter that cannot be negative.
752 dup2(nullfd, 0); 753 dup2(nullfd, 1); 754 dup2(nullfd, 2); 755 close(nullfd); 756 } 757
** CID 1453450: Resource leaks (RESOURCE_LEAK) /bgpd/bgp_routemap.c: 662 in route_match_vni_compile() ________________________________________________________________________________________________________ *** CID 1453450: Resource leaks (RESOURCE_LEAK) /bgpd/bgp_routemap.c: 662 in route_match_vni_compile() 656 vni = XMALLOC(MTYPE_ROUTE_MAP_COMPILED, sizeof(vni_t)); 657 if (!vni) 658 return NULL; 659 660 *vni = strtoul(arg, &end, 10); 661 if (*end != '\0')
CID 1453450: Resource leaks (RESOURCE_LEAK) Variable "vni" going out of scope leaks the storage it points to.
662 return NULL; 663 664 return vni; 665 } 666 667 /* Free route map's compiled `vni' value. */
** CID 1453449: Error handling issues (NEGATIVE_RETURNS) /lib/libfrr.c: 817 in frr_run() ________________________________________________________________________________________________________ *** CID 1453449: Error handling issues (NEGATIVE_RETURNS) /lib/libfrr.c: 817 in frr_run() 811 set_nonblocking(daemon_ctl_sock); 812 thread_add_read(master, frr_daemon_ctl, NULL, 813 daemon_ctl_sock, &daemon_ctl_thread); 814 } 815 } else { 816 int nullfd = open("/dev/null", O_RDONLY | O_NOCTTY);
CID 1453449: Error handling issues (NEGATIVE_RETURNS) "nullfd" is passed to a parameter that cannot be negative.
817 dup2(nullfd, 0); 818 dup2(nullfd, 1); 819 dup2(nullfd, 2); 820 close(nullfd); 821 822 if (daemon_ctl_sock != -1)
** CID 1453448: Resource leaks (RESOURCE_LEAK) /zebra/zebra_vxlan.c: 1362 in zvni_gw_macip_add() ________________________________________________________________________________________________________ *** CID 1453448: Resource leaks (RESOURCE_LEAK) /zebra/zebra_vxlan.c: 1362 in zvni_gw_macip_add() 1356 n->ifindex = ifp->ifindex; 1357 1358 /* We have a neigh associated to mac increment the refcnt*/ 1359 mac->neigh_refcnt++; 1360 1361 if (IS_ZEBRA_DEBUG_VXLAN)
CID 1453448: Resource leaks (RESOURCE_LEAK) Failing to save or free storage allocated by "prefix_mac2str(macaddr, NULL, 18)" leaks it.
1362 zlog_debug( 1363 "%u:SVI %s(%u) VNI %u, sending GW MAC %s IP %s add to BGP", 1364 ifp->vrf_id, ifp->name, ifp->ifindex, zvni->vni, 1365 prefix_mac2str(macaddr, NULL, ETHER_ADDR_STRLEN), 1366 ipaddr2str(ip, buf2, sizeof(buf2))); 1367
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05... To manage Coverity Scan email notifications for "frr@lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05...
participants (1)
-
scan-admin@coverity.com