Hi, Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan. 2 new defect(s) introduced to freerangerouting/frr found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s) ** CID 1505589: (USE_AFTER_FREE) /bgpd/bgp_updgrp_adv.c: 832 in subgroup_default_originate() /bgpd/bgp_updgrp_adv.c: 832 in subgroup_default_originate() ________________________________________________________________________________________________________ *** CID 1505589: (USE_AFTER_FREE) /bgpd/bgp_updgrp_adv.c: 832 in subgroup_default_originate() 826 pi = pi->next) { 827 struct attr tmp_attr; 828 struct bgp_path_info tmp_pi; 829 struct bgp_path_info_extra tmp_pie; 830 831 tmp_attr = *pi->attr;

...

...

CID 1505589: (USE_AFTER_FREE) Using freed pointer "attr.aspath".

832 tmp_attr.aspath = attr.aspath; 833 834 prep_for_rmap_apply(&tmp_pi, &tmp_pie, dest, pi, 835 pi->peer, &tmp_attr); 836 837 ret = route_map_apply( /bgpd/bgp_updgrp_adv.c: 832 in subgroup_default_originate() 826 pi = pi->next) { 827 struct attr tmp_attr; 828 struct bgp_path_info tmp_pi; 829 struct bgp_path_info_extra tmp_pie; 830 831 tmp_attr = *pi->attr;

...

CID 1505589: (USE_AFTER_FREE) Using freed pointer "attr.aspath".

832 tmp_attr.aspath = attr.aspath; 833 834 prep_for_rmap_apply(&tmp_pi, &tmp_pie, dest, pi, 835 pi->peer, &tmp_attr); 836 837 ret = route_map_apply(

** CID 1500587: Security best practices violations (DC.WEAK_CRYPTO) /pathd/pathd.c: 669 in srte_candidate_add() ________________________________________________________________________________________________________ *** CID 1500587: Security best practices violations (DC.WEAK_CRYPTO) /pathd/pathd.c: 669 in srte_candidate_add() 663 candidate = XCALLOC(MTYPE_PATH_SR_CANDIDATE, sizeof(*candidate)); 664 lsp = XCALLOC(MTYPE_PATH_SR_CANDIDATE, sizeof(*lsp)); 665 666 candidate->preference = preference; 667 candidate->policy = policy; 668 candidate->type = SRTE_CANDIDATE_TYPE_UNDEFINED;

...

...

CID 1500587: Security best practices violations (DC.WEAK_CRYPTO) "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.

669 candidate->discriminator = rand(); 670 candidate->protocol_origin = origin; 671 if (originator != NULL) { 672 strlcpy(candidate->originator, originator, 673 sizeof(candidate->originator)); 674 lsp->protocol_origin = origin;

________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0...