[dev] New Defects reported by Coverity Scan for freerangerouting/frr
scan-admin at coverity.com
scan-admin at coverity.com
Thu Aug 31 12:50:04 EDT 2017
Hi,
Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
2 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
78 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1455230: Resource leaks (RESOURCE_LEAK)
/eigrpd/eigrp_packet.c: 275 in eigrp_make_sha256_digest()
________________________________________________________________________________________________________
*** CID 1455230: Resource leaks (RESOURCE_LEAK)
/eigrpd/eigrp_packet.c: 275 in eigrp_make_sha256_digest()
269 if (keychain)
270 key = key_lookup_for_send(keychain);
271
272 if (!key) {
273 zlog_warn("Interface %s: Expected key value not found in config",
274 ei->ifp->name);
>>> CID 1455230: Resource leaks (RESOURCE_LEAK)
>>> Variable "auth_TLV" going out of scope leaks the storage it points to.
275 return 0;
276 }
277
278 inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, PREFIX_STRLEN);
279
280 memset(&ctx, 0, sizeof(ctx));
** CID 1455229: (BUFFER_SIZE_WARNING)
/eigrpd/eigrp_packet.c: 625 in eigrp_read()
/eigrpd/eigrp_packet.c: 626 in eigrp_read()
________________________________________________________________________________________________________
*** CID 1455229: (BUFFER_SIZE_WARNING)
/eigrpd/eigrp_packet.c: 625 in eigrp_read()
619 start of the eigrp TLVs */
620 opcode = eigrph->opcode;
621
622 if (IS_DEBUG_EIGRP_TRANSMIT(0, RECV)) {
623 char src[PREFIX_STRLEN], dst[PREFIX_STRLEN];
624
>>> CID 1455229: (BUFFER_SIZE_WARNING)
>>> Calling strncpy with a maximum size argument of 51 bytes on destination array "src" of size 51 bytes might leave the destination string unterminated.
625 strncpy(src, inet_ntoa(iph->ip_src), PREFIX_STRLEN);
626 strncpy(dst, inet_ntoa(iph->ip_dst), PREFIX_STRLEN);
627 zlog_debug("Received [%s][%d/%d] length [%u] via [%s] src [%s] dst [%s]",
628 lookup_msg(eigrp_packet_type_str, opcode, NULL),
629 ntohl(eigrph->sequence), ntohl(eigrph->ack), length,
630 IF_NAME(ei), src, dst);
/eigrpd/eigrp_packet.c: 626 in eigrp_read()
620 opcode = eigrph->opcode;
621
622 if (IS_DEBUG_EIGRP_TRANSMIT(0, RECV)) {
623 char src[PREFIX_STRLEN], dst[PREFIX_STRLEN];
624
625 strncpy(src, inet_ntoa(iph->ip_src), PREFIX_STRLEN);
>>> CID 1455229: (BUFFER_SIZE_WARNING)
>>> Calling strncpy with a maximum size argument of 51 bytes on destination array "dst" of size 51 bytes might leave the destination string unterminated.
626 strncpy(dst, inet_ntoa(iph->ip_dst), PREFIX_STRLEN);
627 zlog_debug("Received [%s][%d/%d] length [%u] via [%s] src [%s] dst [%s]",
628 lookup_msg(eigrp_packet_type_str, opcode, NULL),
629 ntohl(eigrph->sequence), ntohl(eigrph->ack), length,
630 IF_NAME(ei), src, dst);
631 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJkltBqZaZytv-2Bi-2BmtyZ8kzo06AJChS7QAL-2FK5J1y4yGhwNs-2FruwbTq6h3LwA9TVVM0dO2r7z4-2Fns4XrvMGZ1KeZcNg6dFb3B1jXgpCjBbA8-2Fcwvu3QNWd3Z3-2Fq3ldOVFlWwFYBXqC9sRyxpUFDp7V0Xns1hxF4k1nhHE5-2BfRs6Zhg-3D-3D
To manage Coverity Scan email notifications for "frr at lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4lcTWm1Zma8LQDNpOYqrETKrqBiM18kcBcL8b08LzBPOYJYGySZ4Vv7d5QYcnSbGxl3QyORKgEmDxh-2BE2mj6dp1V4JSs2jbMZuLnEQJOW0Z0-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJkltBqZaZytv-2Bi-2BmtyZ8kzoQoCg0yt9KUYRJvtUl-2Bq5EL0fx4HNFCF8-2BLDVfSkJ8pbhtYrFtO2gy1Y-2B-2FHgf-2F8M5WZ6CGmeV5j0hkwUdRfDcvfnMHk8PqNk1rXCPR1zovxnRAgSCUODfJilsofZNNsD-2BOfivbkbltKy2FIt1kIdizw-3D-3D
More information about the dev
mailing list