[dev] New Defects reported by Coverity Scan for freerangerouting/frr

scan-admin at coverity.com scan-admin at coverity.com
Sat Aug 19 07:51:13 EDT 2017 

Hi,

Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

1 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1454333:    (STRING_OVERFLOW)
/eigrpd/eigrp_packet.c: 618 in eigrp_read()
/eigrpd/eigrp_packet.c: 619 in eigrp_read()


________________________________________________________________________________________________________
*** CID 1454333:    (STRING_OVERFLOW)
/eigrpd/eigrp_packet.c: 618 in eigrp_read()
612     	   start of the eigrp TLVs */
613     	opcode = eigrph->opcode;
614     
615     	if (IS_DEBUG_EIGRP_TRANSMIT(0, RECV)) {
616     		char src[100], dst[100];
617     
>>>     CID 1454333:    (STRING_OVERFLOW)
>>>     You might overrun the 100-character fixed-size string "src" by copying the return value of "inet_ntoa" without checking the length.
618     		strcpy(src, inet_ntoa(iph->ip_src));
619     		strcpy(dst, inet_ntoa(iph->ip_dst));
620     		zlog_debug("Received [%s][%d/%d] length [%u] via [%s] src [%s] dst [%s]",
621     			   lookup_msg(eigrp_packet_type_str, opcode, NULL),
622     			   ntohl(eigrph->sequence), ntohl(eigrph->ack), length,
623     			   IF_NAME(ei), src, dst);
/eigrpd/eigrp_packet.c: 619 in eigrp_read()
613     	opcode = eigrph->opcode;
614     
615     	if (IS_DEBUG_EIGRP_TRANSMIT(0, RECV)) {
616     		char src[100], dst[100];
617     
618     		strcpy(src, inet_ntoa(iph->ip_src));
>>>     CID 1454333:    (STRING_OVERFLOW)
>>>     You might overrun the 100-character fixed-size string "dst" by copying the return value of "inet_ntoa" without checking the length.
619     		strcpy(dst, inet_ntoa(iph->ip_dst));
620     		zlog_debug("Received [%s][%d/%d] length [%u] via [%s] src [%s] dst [%s]",
621     			   lookup_msg(eigrp_packet_type_str, opcode, NULL),
622     			   ntohl(eigrph->sequence), ntohl(eigrph->ack), length,
623     			   IF_NAME(ei), src, dst);
624     	}


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJl5TsTc9P6rj9eqw3Z9hwZpJJfmWfgw9BgP3MMQbyrq3rafjgR2Qxw-2BaAP69PcFpG1UyC9NOoRm6FO-2Fqc82yPGTT21P3iKikiCqQ8BmaGEoRKQ1wvjspnhYA6IFwJulh-2BO-2BS4lPOSXBIo8P77doV0SEUseHdIg5pPNgiVPklBTp7g-3D-3D

To manage Coverity Scan email notifications for "frr at lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4lcTWm1Zma8LQDNpOYqrETKrqBiM18kcBcL8b08LzBPOYJYGySZ4Vv7d5QYcnSbGxl3QyORKgEmDxh-2BE2mj6dp1V4JSs2jbMZuLnEQJOW0Z0-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJl5TsTc9P6rj9eqw3Z9hwZpJUzubqdF8JQO-2F8ERhX-2FcFV-2BZLLZhyjT6u1iR7c7YvN6taelp3U3QlE3SpmWLCnutqVefZiD49LbAy48Frof6TH67-2Ff0Zptp6sxFhfYGh55OimPX6WK-2BwpyknPKHYAum8P7wmHu-2B-2F558aXBBv6W-2BDeQ-3D-3D

More information about the dev mailing list