[dev] New Defects reported by Coverity Scan for freerangerouting/frr
scan-admin at coverity.com
scan-admin at coverity.com
Fri Jun 30 01:17:16 EDT 2017
Hi,
Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
8 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)
** CID 1448810: Memory - corruptions (ARRAY_VS_SINGLETON)
/lib/prefix.c: 311 in prefix_match_network_statement()
________________________________________________________________________________________________________
*** CID 1448810: Memory - corruptions (ARRAY_VS_SINGLETON)
/lib/prefix.c: 311 in prefix_match_network_statement()
305 pp = (const u_char *)&p->u.prefix;
306
307 offset = n->prefixlen / PNBBY;
308 shift = n->prefixlen % PNBBY;
309
310 if (shift)
>>> CID 1448810: Memory - corruptions (ARRAY_VS_SINGLETON)
>>> Using "pp" as an array. This might corrupt or misinterpret adjacent memory locations.
311 if (maskbit[shift] & (np[offset] ^ pp[offset]))
312 return 0;
313
314 while (offset--)
315 if (np[offset] != pp[offset])
316 return 0;
** CID 1448809: Error handling issues (CHECKED_RETURN)
/ospfd/ospf_vty.c: 2430 in ospf_neighbor_poll_interval()
________________________________________________________________________________________________________
*** CID 1448809: Error handling issues (CHECKED_RETURN)
/ospfd/ospf_vty.c: 2430 in ospf_neighbor_poll_interval()
2424 int idx_poll = 3;
2425 int idx_pri = 5;
2426 struct in_addr nbr_addr;
2427 unsigned int priority = OSPF_NEIGHBOR_PRIORITY_DEFAULT;
2428 unsigned int interval = OSPF_POLL_INTERVAL_DEFAULT;
2429
>>> CID 1448809: Error handling issues (CHECKED_RETURN)
>>> Calling "inet_aton" without checking return value (as is done elsewhere 72 out of 81 times).
2430 inet_aton(argv[idx_ipv4]->arg, &nbr_addr);
2431
2432 interval = strtoul(argv[idx_poll]->arg, NULL, 10);
2433
2434 if (argc > 4)
2435 priority = strtoul(argv[idx_pri]->arg, NULL, 10);
** CID 1448808: Error handling issues (CHECKED_RETURN)
/ospfd/ospf_vty.c: 2461 in no_ospf_neighbor()
________________________________________________________________________________________________________
*** CID 1448808: Error handling issues (CHECKED_RETURN)
/ospfd/ospf_vty.c: 2461 in no_ospf_neighbor()
2455 "Seconds\n")
2456 {
2457 VTY_DECLVAR_CONTEXT(ospf, ospf);
2458 int idx_ipv4 = 2;
2459 struct in_addr nbr_addr;
2460
>>> CID 1448808: Error handling issues (CHECKED_RETURN)
>>> Calling "inet_aton" without checking return value (as is done elsewhere 72 out of 81 times).
2461 inet_aton(argv[idx_ipv4]->arg, &nbr_addr);
2462
2463 (void)ospf_nbr_nbma_unset (ospf, nbr_addr);
2464
2465 return CMD_SUCCESS;
2466 }
** CID 1448807: Error handling issues (CHECKED_RETURN)
/eigrpd/eigrp_vty.c: 1296 in clear_ip_eigrp_neighbors_IP()
________________________________________________________________________________________________________
*** CID 1448807: Error handling issues (CHECKED_RETURN)
/eigrpd/eigrp_vty.c: 1296 in clear_ip_eigrp_neighbors_IP()
1290 "IP-EIGRP neighbor address\n")
1291 {
1292 struct eigrp *eigrp;
1293 struct eigrp_neighbor *nbr;
1294 struct in_addr nbr_addr;
1295
>>> CID 1448807: Error handling issues (CHECKED_RETURN)
>>> Calling "inet_aton" without checking return value (as is done elsewhere 72 out of 81 times).
1296 inet_aton(argv[4]->arg, &nbr_addr);
1297
1298 /* Check if eigrp process is enabled */
1299 eigrp = eigrp_lookup ();
1300 if (eigrp == NULL)
1301 {
** CID 1448806: Memory - corruptions (ARRAY_VS_SINGLETON)
/lib/prefix.c: 311 in prefix_match_network_statement()
________________________________________________________________________________________________________
*** CID 1448806: Memory - corruptions (ARRAY_VS_SINGLETON)
/lib/prefix.c: 311 in prefix_match_network_statement()
305 pp = (const u_char *)&p->u.prefix;
306
307 offset = n->prefixlen / PNBBY;
308 shift = n->prefixlen % PNBBY;
309
310 if (shift)
>>> CID 1448806: Memory - corruptions (ARRAY_VS_SINGLETON)
>>> Using "np" as an array. This might corrupt or misinterpret adjacent memory locations.
311 if (maskbit[shift] & (np[offset] ^ pp[offset]))
312 return 0;
313
314 while (offset--)
315 if (np[offset] != pp[offset])
316 return 0;
** CID 1448805: Error handling issues (CHECKED_RETURN)
/eigrpd/eigrp_vty.c: 1404 in clear_ip_eigrp_neighbors_IP_soft()
________________________________________________________________________________________________________
*** CID 1448805: Error handling issues (CHECKED_RETURN)
/eigrpd/eigrp_vty.c: 1404 in clear_ip_eigrp_neighbors_IP_soft()
1398 "Resync with peer without adjacency reset\n")
1399 {
1400 struct eigrp *eigrp;
1401 struct eigrp_neighbor *nbr;
1402 struct in_addr nbr_addr;
1403
>>> CID 1448805: Error handling issues (CHECKED_RETURN)
>>> Calling "inet_aton" without checking return value (as is done elsewhere 72 out of 81 times).
1404 inet_aton(argv[4]->arg, &nbr_addr);
1405
1406 /* Check if eigrp process is enabled */
1407 eigrp = eigrp_lookup ();
1408 if (eigrp == NULL)
1409 {
** CID 1448804: Error handling issues (CHECKED_RETURN)
/ospfd/ospf_vty.c: 2483 in no_ospf_neighbor_poll()
________________________________________________________________________________________________________
*** CID 1448804: Error handling issues (CHECKED_RETURN)
/ospfd/ospf_vty.c: 2483 in no_ospf_neighbor_poll()
2477 "Priority\n")
2478 {
2479 VTY_DECLVAR_CONTEXT(ospf, ospf);
2480 int idx_ipv4 = 2;
2481 struct in_addr nbr_addr;
2482
>>> CID 1448804: Error handling issues (CHECKED_RETURN)
>>> Calling "inet_aton" without checking return value (as is done elsewhere 72 out of 81 times).
2483 inet_aton(argv[idx_ipv4]->arg, &nbr_addr);
2484
2485 (void)ospf_nbr_nbma_unset (ospf, nbr_addr);
2486
2487 return CMD_SUCCESS;
2488 }
** CID 1448803: Error handling issues (CHECKED_RETURN)
/ospfd/ospf_vty.c: 2393 in ospf_neighbor()
________________________________________________________________________________________________________
*** CID 1448803: Error handling issues (CHECKED_RETURN)
/ospfd/ospf_vty.c: 2393 in ospf_neighbor()
2387 int idx_pri = 3;
2388 int idx_poll = 5;
2389 struct in_addr nbr_addr;
2390 unsigned int priority = OSPF_NEIGHBOR_PRIORITY_DEFAULT;
2391 unsigned int interval = OSPF_POLL_INTERVAL_DEFAULT;
2392
>>> CID 1448803: Error handling issues (CHECKED_RETURN)
>>> Calling "inet_aton" without checking return value (as is done elsewhere 72 out of 81 times).
2393 inet_aton(argv[idx_ipv4]->arg, &nbr_addr);
2394
2395 if (argc > 2)
2396 priority = strtoul(argv[idx_pri]->arg, NULL, 10);
2397
2398 if (argc > 4)
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJkdrJmtf2Dgp6lsHfcHyAWMl2Bq6P5YRm9yJZwCxonafaxLO-2BQqhVJlN7QF9hWeES3GguLgrPsy-2FxOY7GF4pyI1tjFgOrykRF17t2wCEfIJQ01Zro-2FYmfrSbA6QuzRIehsxiVI0oBOXbvYkJ0HYCB4fOp1MRqY2jvapCozKMfOmzg-3D-3D
To manage Coverity Scan email notifications for "frr at lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4lcTWm1Zma8LQDNpOYqrETKrqBiM18kcBcL8b08LzBPOYJYGySZ4Vv7d5QYcnSbGxl3QyORKgEmDxh-2BE2mj6dp1V4JSs2jbMZuLnEQJOW0Z0-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJkdrJmtf2Dgp6lsHfcHyAWMuBeXnjA9-2FFBp7utQ5Ud8GHPS6pSIbQmS1Yoi-2F5m8w7PTxJFqmE68zpsNlciCRv5ge-2FIzHQ8EsBXI8Ni-2Ba1nUwfLjhBWbUH0-2FKp4rQkByKNawurUW7OTDj1JJyM3jXLDPHK9VIclOZTWPCl1JIYyScQ-3D-3D
More information about the dev
mailing list