[dev] New Defects reported by Coverity Scan for freerangerouting/frr

Thu Aug 3 18:08:39 EDT 2017

Hi,

Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

2 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)

** CID 1452539:  Memory - corruptions  (ARRAY_VS_SINGLETON)
/lib/sbuf.c: 72 in sbuf_push()

________________________________________________________________________________________________________
*** CID 1452539:  Memory - corruptions  (ARRAY_VS_SINGLETON)
/lib/sbuf.c: 72 in sbuf_push()
66     		char dummy;
67     		int written1, written2;
68     		size_t new_size;
69     
70     		written1 = snprintf(&dummy, 0, "%*s", indent, "");
71     		va_start(args, format);
>>>     CID 1452539:  Memory - corruptions  (ARRAY_VS_SINGLETON)
>>>     Passing "&dummy" to function "vsnprintf" which uses it as an array. This might corrupt or misinterpret adjacent memory locations.
72     		written2 = vsnprintf(&dummy, 0, format, args);
73     		va_end(args);
74     
75     		new_size = buf->size;
76     		if (written1 >= 0 && written2 >= 0) {
77     			while (buf->pos + written1 + written2 >= new_size)

** CID 1452538:  Resource leaks  (RESOURCE_LEAK)
/isisd/isis_pdu.c: 1534 in send_hello()

________________________________________________________________________________________________________
*** CID 1452538:  Resource leaks  (RESOURCE_LEAK)
/isisd/isis_pdu.c: 1534 in send_hello()
1528     
1529     	struct isis_tlvs *tlvs = isis_alloc_tlvs();
1530     
1531     	isis_tlvs_add_auth(tlvs, &circuit->passwd);
1532     
1533     	if (!listcount(circuit->area->area_addrs))
>>>     CID 1452538:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "tlvs" going out of scope leaks the storage it points to.
1534     		return ISIS_WARNING;
1535     	isis_tlvs_add_area_addresses(tlvs, circuit->area->area_addrs);
1536     
1537     	if (circuit->circ_type == CIRCUIT_T_BROADCAST)
1538     		isis_tlvs_add_lan_neighbors(
1539     			tlvs, circuit->u.bc.lan_neighs[level - 1]);

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJm2goVHzygjagxBtbdVdSzClWw-2FUpEOjaBIeG7L5XAxNQqNwf6uT8GE8H1YToXFZXGtWuRzengIL2xlHEWmeh4FivKZAnJHkahtSncg3dkxqX7FsO977U1J73DOBYdkCIl4bzw3Hw3tk4Ob1T27KvwTS-2B3BNypTPV28p7afY-2BxIGA-3D-3D

To manage Coverity Scan email notifications for "frr at lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4lcTWm1Zma8LQDNpOYqrETKrqBiM18kcBcL8b08LzBPOYJYGySZ4Vv7d5QYcnSbGxl3QyORKgEmDxh-2BE2mj6dp1V4JSs2jbMZuLnEQJOW0Z0-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJm2goVHzygjagxBtbdVdSzCGLtSInIUQpCKDqV8mtmDQcjey04YMVQvzc35vGYqGYSfXMWcSVfTIZMDIogMLxjjj0RugkEXAJmf7e60r1k4xxT8S602aDQLKtg5SgeeqzxXGqVxNyEe91N6RB-2BBhE8wz0lodIE7nu9JZKvceBaVNQ-3D-3D