[dev] New Defects reported by Coverity Scan for freerangerouting/frr
scan-admin at coverity.com
scan-admin at coverity.com
Wed Apr 26 17:27:07 EDT 2017
Hi,
Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
3 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1431868: Memory - corruptions (OVERRUN)
/zebra/zserv.c: 1602 in zread_ipv6_add()
________________________________________________________________________________________________________
*** CID 1431868: Memory - corruptions (OVERRUN)
/zebra/zserv.c: 1602 in zread_ipv6_add()
1596 /* For labeled-unicast, each nexthop is followed by label. */
1597 if (CHECK_FLAG (message, ZAPI_MESSAGE_LABEL))
1598 {
1599 label = (mpls_label_t)stream_getl (s);
1600 labels[nh_count++] = label;
1601 }
>>> CID 1431868: Memory - corruptions (OVERRUN)
>>> Overrunning array "nexthops" of 64 16-byte elements at element index 64 (byte offset 1024) using index "nh_count++" (which evaluates to 64).
1602 nexthops[nh_count++] = nhop_addr;
1603 }
1604 break;
1605 case NEXTHOP_TYPE_IFINDEX:
1606 if (if_count < multipath_num) {
1607 ifindices[if_count++] = stream_getl (s);
** CID 1431867: Null pointer dereferences (FORWARD_NULL)
/lib/nexthop.c: 108 in nexthop_labels_match()
________________________________________________________________________________________________________
*** CID 1431867: Null pointer dereferences (FORWARD_NULL)
/lib/nexthop.c: 108 in nexthop_labels_match()
102
103 nhl1 = nh1->nh_label;
104 nhl2 = nh2->nh_label;
105 if ((nhl1 && !nhl2) || (!nhl1 && nhl2))
106 return 0;
107
>>> CID 1431867: Null pointer dereferences (FORWARD_NULL)
>>> Dereferencing null pointer "nhl1".
108 if (nhl1->num_labels != nhl2->num_labels)
109 return 0;
110
111 if (memcmp (nhl1->label, nhl2->label, nhl1->num_labels))
112 return 0;
113
** CID 1431866: Error handling issues (CHECKED_RETURN)
/zebra/zebra_mpls.c: 922 in lsp_schedule()
________________________________________________________________________________________________________
*** CID 1431866: Error handling issues (CHECKED_RETURN)
/zebra/zebra_mpls.c: 922 in lsp_schedule()
916 static void
917 lsp_schedule (struct hash_backet *backet, void *ctxt)
918 {
919 zebra_lsp_t *lsp;
920
921 lsp = (zebra_lsp_t *) backet->data;
>>> CID 1431866: Error handling issues (CHECKED_RETURN)
>>> Calling "lsp_processq_add" without checking return value (as is done elsewhere 5 out of 6 times).
922 lsp_processq_add (lsp);
923 }
924
925 /*
926 * Process a LSP entry that is in the queue. Recalculate best NHLFE and
927 * any multipaths and update or delete from the kernel, as needed.
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJmk6pI6FysWQCcKtam1I77ReyOwiaUFhweuyC-2FDk-2BJMzJ4711kYS6yJ8PW-2F6tFbugm84FY3wHOwRDkF748d0HWv-2FhKLG2wugXL2OW0Oqps-2B8KhlQCUZiYGEYmmhP4Prp1ONWD0Pd9SRfLAiS9PiKQPlDwYGV3PEtxuezRhzVbbVaw-3D-3D
To manage Coverity Scan email notifications for "frr at lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4lcTWm1Zma8LQDNpOYqrETKrqBiM18kcBcL8b08LzBPOYJYGySZ4Vv7d5QYcnSbGxl3QyORKgEmDxh-2BE2mj6dp1V4JSs2jbMZuLnEQJOW0Z0-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJmk6pI6FysWQCcKtam1I77R2k-2FK7U8aPNIx9p-2BpmSZifbDRD9SpNqRNkNcXO-2BpCgg83FMeAcfbQzrYNHRusH7UduqfskMBBIQI8y3SxSUaUYKkgIBhWcQDuOTl4rUSGGPYD-2Bxavc-2BXXXw-2FFtmioLW2FAJ-2B1eeCCV3Zh8CflxhJYfg-3D-3D
More information about the dev
mailing list