Hi, Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan. 3 new defect(s) introduced to freerangerouting/frr found with Coverity Scan. 2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 1424372: Security best practices violations (STRING_OVERFLOW) /zebra/if_netlink.c: 315 in get_iflink_speed() ________________________________________________________________________________________________________ *** CID 1424372: Security best practices violations (STRING_OVERFLOW) /zebra/if_netlink.c: 315 in get_iflink_speed() 309 int rc; 310 311 /* initialize struct */ 312 memset(&ifdata, 0, sizeof(ifdata)); 313 314 /* set interface name */

...

...

CID 1424372: Security best practices violations (STRING_OVERFLOW) Note: This defect has an elevated risk because the source argument is a parameter of the current function.

315 strcpy(ifdata.ifr_name, ifname); 316 317 /* initialize ethtool interface */ 318 memset(&ecmd, 0, sizeof(ecmd)); 319 ecmd.cmd = ETHTOOL_GSET; /* ETHTOOL_GLINK */ 320 ifdata.ifr_data = (__caddr_t) &ecmd;

** CID 1424371: (DEADCODE) /bgpd/bgpd.c: 7389 in bgp_config_write() /bgpd/bgpd.c: 7409 in bgp_config_write() /bgpd/bgpd.c: 7456 in bgp_config_write() /bgpd/bgpd.c: 7536 in bgp_config_write() ________________________________________________________________________________________________________ *** CID 1424371: (DEADCODE) /bgpd/bgpd.c: 7389 in bgp_config_write() 7383 vty_out (vty, " bgp router-id %s%s", 7384 inet_ntoa (bgp->router_id_static), VTY_NEWLINE); 7385 7386 /* BGP log-neighbor-changes. */ 7387 if (!!bgp_flag_check (bgp, BGP_FLAG_LOG_NEIGHBOR_CHANGES) 7388 != DFLT_BGP_LOG_NEIGHBOR_CHANGES)

...

...

CID 1424371: (DEADCODE) Execution cannot reach the expression ""no "" inside this statement: "vty_out(vty, " %sbgp log-ne...".

7389 vty_out (vty, " %sbgp log-neighbor-changes%s", 7390 bgp_flag_check (bgp, BGP_FLAG_LOG_NEIGHBOR_CHANGES) ? "" : "no ", 7391 VTY_NEWLINE); 7392 7393 /* BGP configuration. */ 7394 if (bgp_flag_check (bgp, BGP_FLAG_ALWAYS_COMPARE_MED)) /bgpd/bgpd.c: 7409 in bgp_config_write() 7403 vty_out (vty, " bgp default local-preference %d%s", 7404 bgp->default_local_pref, VTY_NEWLINE); 7405 7406 /* BGP default show-hostname */ 7407 if (!!bgp_flag_check(bgp, BGP_FLAG_SHOW_HOSTNAME) 7408 != DFLT_BGP_SHOW_HOSTNAME)

...

CID 1424371: (DEADCODE) Execution cannot reach the expression ""no "" inside this statement: "vty_out(vty, " %sbgp defaul...".

7409 vty_out (vty, " %sbgp default show-hostname%s", 7410 bgp_flag_check (bgp, BGP_FLAG_SHOW_HOSTNAME) ? "" : "no ", 7411 VTY_NEWLINE); 7412 7413 /* BGP default subgroup-pkt-queue-max. */ 7414 if (bgp->default_subgroup_pkt_queue_max != BGP_DEFAULT_SUBGROUP_PKT_QUEUE_MAX) /bgpd/bgpd.c: 7456 in bgp_config_write() 7450 if (bgp_flag_check (bgp, BGP_FLAG_ENFORCE_FIRST_AS)) 7451 vty_out (vty, " bgp enforce-first-as%s", VTY_NEWLINE); 7452 7453 /* BGP deterministic-med. */ 7454 if (!!bgp_flag_check (bgp, BGP_FLAG_DETERMINISTIC_MED) 7455 != DFLT_BGP_DETERMINISTIC_MED)

...

CID 1424371: (DEADCODE) Execution cannot reach the expression ""no "" inside this statement: "vty_out(vty, " %sbgp determ...".

7456 vty_out (vty, " %sbgp deterministic-med%s", 7457 bgp_flag_check (bgp, BGP_FLAG_DETERMINISTIC_MED) ? "" : "no ", 7458 VTY_NEWLINE); 7459 7460 /* BGP update-delay. */ 7461 bgp_config_write_update_delay (vty, bgp); /bgpd/bgpd.c: 7536 in bgp_config_write() 7530 vty_out (vty, "%s", VTY_NEWLINE); 7531 } 7532 7533 /* BGP network import check. */ 7534 if (!!bgp_flag_check (bgp, BGP_FLAG_IMPORT_CHECK) 7535 != DFLT_BGP_IMPORT_CHECK)

...

CID 1424371: (DEADCODE) Execution cannot reach the expression ""no "" inside this statement: "vty_out(vty, " %sbgp networ...".

7536 vty_out (vty, " %sbgp network import-check%s", 7537 bgp_flag_check (bgp, BGP_FLAG_IMPORT_CHECK) ? "" : "no ", 7538 VTY_NEWLINE); 7539 7540 /* BGP flag dampening. */ 7541 if (CHECK_FLAG (bgp->af_flags[AFI_IP][SAFI_UNICAST],

** CID 1424370: Error handling issues (CHECKED_RETURN) ________________________________________________________________________________________________________ *** CID 1424370: Error handling issues (CHECKED_RETURN) /isisd/isis_pfpacket.c: 329 in isis_recv_pdu_p2p() 323 struct sockaddr_ll s_addr; 324 325 memset (&s_addr, 0, sizeof (struct sockaddr_ll)); 326 addr_len = sizeof (s_addr); 327 328 /* we can read directly to the stream */

...

...

CID 1424370: Error handling issues (CHECKED_RETURN) Calling "stream_recvfrom(circuit->rcv_stream, circuit->fd, circuit->interface->mtu, 0, (struct sockaddr *)&s_addr, (socklen_t *)&addr_len)" without checking return value. It wraps a library function that may fail and return an error code.

329 stream_recvfrom (circuit->rcv_stream, circuit->fd, 330 circuit->interface->mtu, 0, 331 (struct sockaddr *) &s_addr, 332 (socklen_t *) &addr_len); 333 334 if (s_addr.sll_pkttype == PACKET_OUTGOING)

________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05... To manage Coverity Scan email notifications for "frr@lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05...