New Defects reported by Coverity Scan for freerangerouting/frr

19 Aug 2017

      Hi,

Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

1 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)

** CID 1454333:    (STRING_OVERFLOW)
/eigrpd/eigrp_packet.c: 618 in eigrp_read()
/eigrpd/eigrp_packet.c: 619 in eigrp_read()

________________________________________________________________________________________________________
*** CID 1454333:    (STRING_OVERFLOW)
/eigrpd/eigrp_packet.c: 618 in eigrp_read()
612     	   start of the eigrp TLVs */
613     	opcode = eigrph->opcode;
614     
615     	if (IS_DEBUG_EIGRP_TRANSMIT(0, RECV)) {
616     		char src[100], dst[100];
617
...
...
...
CID 1454333:    (STRING_OVERFLOW)
    You might overrun the 100-character fixed-size string "src" by copying the return value of "inet_ntoa" without checking the length.
618     		strcpy(src, inet_ntoa(iph->ip_src));
619     		strcpy(dst, inet_ntoa(iph->ip_dst));
620     		zlog_debug("Received [%s][%d/%d] length [%u] via [%s] src [%s] dst [%s]",
621     			   lookup_msg(eigrp_packet_type_str, opcode, NULL),
622     			   ntohl(eigrph->sequence), ntohl(eigrph->ack), length,
623     			   IF_NAME(ei), src, dst);
/eigrpd/eigrp_packet.c: 619 in eigrp_read()
613     	opcode = eigrph->opcode;
614     
615     	if (IS_DEBUG_EIGRP_TRANSMIT(0, RECV)) {
616     		char src[100], dst[100];
617     
618     		strcpy(src, inet_ntoa(iph->ip_src));
...
CID 1454333:    (STRING_OVERFLOW)
    You might overrun the 100-character fixed-size string "dst" by copying the return value of "inet_ntoa" without checking the length.
619     		strcpy(dst, inet_ntoa(iph->ip_dst));
620     		zlog_debug("Received [%s][%d/%d] length [%u] via [%s] src [%s] dst [%s]",
621     			   lookup_msg(eigrp_packet_type_str, opcode, NULL),
622     			   ntohl(eigrph->sequence), ntohl(eigrph->ack), length,
623     			   IF_NAME(ei), src, dst);
624     	}
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05...

To manage Coverity Scan email notifications for "frr@lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05...

scan-admin＠coverity.com

tags

participants (1)