[dev] New Defects reported by Coverity Scan for freerangerouting/frr

scan-admin at coverity.com scan-admin at coverity.com
Thu Dec 14 09:46:54 EST 2017


Hi,

Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

3 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1462961:  Memory - corruptions  (OVERRUN)


________________________________________________________________________________________________________
*** CID 1462961:  Memory - corruptions  (OVERRUN)
/bgpd/rfapi/rfapi_vty.c: 1532 in rfapiPrintRd()
1526     }
1527     
1528     void rfapiPrintRd(struct vty *vty, struct prefix_rd *prd)
1529     {
1530     	char buf[RD_ADDRSTRLEN];
1531     
>>>     CID 1462961:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array "buf" of 28 bytes by passing it to a function which accesses it at byte offset 8191 using argument "8192UL".
1532     	prefix_rd2str(prd, buf, BUFSIZ);
1533     	vty_out(vty, "%s", buf);
1534     }
1535     
1536     void rfapiPrintAdvertisedInfo(struct vty *vty, struct rfapi_descriptor *rfd,
1537     			      safi_t safi, struct prefix *p)

** CID 1462960:  Error handling issues  (CHECKED_RETURN)
/bgpd/rfapi/bgp_rfapi_cfg.c: 1629 in vnc_nve_group_export_no_prefixlist()


________________________________________________________________________________________________________
*** CID 1462960:  Error handling issues  (CHECKED_RETURN)
/bgpd/rfapi/bgp_rfapi_cfg.c: 1629 in vnc_nve_group_export_no_prefixlist()
1623     	if (!listnode_lookup(bgp->rfapi_cfg->nve_groups_sequential, rfg)) {
1624     		/* Not in list anymore */
1625     		vty_out(vty, "Current NVE group no longer exists\n");
1626     		return CMD_WARNING_CONFIG_FAILED;
1627     	}
1628     
>>>     CID 1462960:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "argv_find_and_parse_afi" without checking return value (as is done elsewhere 8 out of 10 times).
1629     	argv_find_and_parse_afi(argv, argc, &idx, &afi);
1630     	if (argv[idx-1]->text[0] == 'z')
1631     		is_bgp = 0;
1632     	idx += 2;		/* skip afi and keyword */
1633     
1634     	if (is_bgp) {

** CID 1462959:  Error handling issues  (CHECKED_RETURN)
/bgpd/rfapi/bgp_rfapi_cfg.c: 1694 in vnc_nve_group_export_prefixlist()


________________________________________________________________________________________________________
*** CID 1462959:  Error handling issues  (CHECKED_RETURN)
/bgpd/rfapi/bgp_rfapi_cfg.c: 1694 in vnc_nve_group_export_prefixlist()
1688     	if (!listnode_lookup(bgp->rfapi_cfg->nve_groups_sequential, rfg)) {
1689     		/* Not in list anymore */
1690     		vty_out(vty, "Current NVE group no longer exists\n");
1691     		return CMD_WARNING_CONFIG_FAILED;
1692     	}
1693     
>>>     CID 1462959:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "argv_find_and_parse_afi" without checking return value (as is done elsewhere 8 out of 10 times).
1694     	argv_find_and_parse_afi(argv, argc, &idx, &afi);
1695     	if (argv[idx-1]->text[0] == 'z')
1696     		is_bgp = 0;
1697     	idx = argc - 1;
1698     
1699     	if (is_bgp) {


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJlfk4r-2BYxl6FiysGu8nklbXfeNa2C-2B-2Fse6S1dLG0opSRQqEz6GQAYiKr-2B4uK4SgpSPgKUmk-2FVC6TYlSCmriuzyCSvfg6D-2B0g5kCUN2XHYgtCQZEpu4fGM2PKSMd3XnkfjwoICFS03ivg12op2VeQbUjZPDnQgEmx1gZoX60jLTXYw-3D-3D

To manage Coverity Scan email notifications for "frr at lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4lcTWm1Zma8LQDNpOYqrETKrqBiM18kcBcL8b08LzBPOYJYGySZ4Vv7d5QYcnSbGxl3QyORKgEmDxh-2BE2mj6dp1V4JSs2jbMZuLnEQJOW0Z0-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJlfk4r-2BYxl6FiysGu8nklbXjKbtd9W383-2FwgmbaDkmNQBScFch75zEReQuQgMTyDWggWUPMnBKtPH7TMs8oXuH-2F1FidDDnzOhkbXl2f4RouRvYMK51caI2n7wnop-2B0kcur7M119hyORIwm0Obas6OfBIJmMplPMadAUBwbKYRTDMw-3D-3D




More information about the dev mailing list