[dev] New Defects reported by Coverity Scan for freerangerouting/frr

scan-admin at coverity.com scan-admin at coverity.com
Sun May 7 20:24:30 EDT 2017


Hi,

Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

32 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 20 of 32 defect(s)


** CID 1433372:  Resource leaks  (RESOURCE_LEAK)
/eigrpd/eigrp_interface.c: 339 in eigrp_if_up()


________________________________________________________________________________________________________
*** CID 1433372:  Resource leaks  (RESOURCE_LEAK)
/eigrpd/eigrp_interface.c: 339 in eigrp_if_up()
333             }
334         }
335     
336       pe->req_action &= ~EIGRP_FSM_NEED_UPDATE;
337       listnode_delete(eigrp->topology_changes_internalIPV4, pe);
338     
>>>     CID 1433372:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "dest_addr" going out of scope leaks the storage it points to.
339       return 1;
340     }
341     
342     int
343     eigrp_if_down (struct eigrp_interface *ei)
344     {

** CID 1433371:  Memory - illegal accesses  (OVERRUN)
/eigrpd/eigrp_dump.c: 356 in show_debugging_eigrp()


________________________________________________________________________________________________________
*** CID 1433371:  Memory - illegal accesses  (OVERRUN)
/eigrpd/eigrp_dump.c: 356 in show_debugging_eigrp()
350       /* Show debug status for EIGRP Packets. */
351       for (i = 0; i < 11 ; i++)
352         {
353           if (i == 8)
354             continue;
355     
>>>     CID 1433371:  Memory - illegal accesses  (OVERRUN)
>>>     Overrunning array "term_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
356           if (IS_DEBUG_EIGRP_PACKET (i, SEND) && IS_DEBUG_EIGRP_PACKET (i, RECV))
357             {
358               vty_out (vty, "  EIGRP packet %s%s debugging is on%s",
359                        LOOKUP (eigrp_packet_type_str, i + 1),
360                        IS_DEBUG_EIGRP_PACKET (i, PACKET_DETAIL) ? " detail" : "",
361                        VTY_NEWLINE);

** CID 1433370:  Resource leaks  (RESOURCE_LEAK)
/eigrpd/eigrp_query.c: 228 in eigrp_send_query()


________________________________________________________________________________________________________
*** CID 1433370:  Resource leaks  (RESOURCE_LEAK)
/eigrpd/eigrp_query.c: 228 in eigrp_send_query()
222               if (nbr->retrans_queue->count == 1)
223                 {
224                   eigrp_send_packet_reliably(nbr);
225                 }
226             }
227         }
>>>     CID 1433370:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "ep" going out of scope leaks the storage it points to.

** CID 1433369:  Resource leaks  (RESOURCE_LEAK)
/eigrpd/eigrp_reply.c: 249 in eigrp_reply_receive()


________________________________________________________________________________________________________
*** CID 1433369:  Resource leaks  (RESOURCE_LEAK)
/eigrpd/eigrp_reply.c: 249 in eigrp_reply_receive()
243               msg->prefix = dest;
244               int event = eigrp_get_fsm_event(msg);
245               eigrp_fsm_event(msg, event);
246     
247     
248               eigrp_IPv4_InternalTLV_free (tlv);
>>>     CID 1433369:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "dest_addr" going out of scope leaks the storage it points to.
249             }
250         }
251       eigrp_hello_send_ack(nbr);

** CID 1433368:  Resource leaks  (RESOURCE_LEAK)
/eigrpd/eigrp_siaquery.c: 114 in eigrp_siaquery_receive()


________________________________________________________________________________________________________
*** CID 1433368:  Resource leaks  (RESOURCE_LEAK)
/eigrpd/eigrp_siaquery.c: 114 in eigrp_siaquery_receive()
108                   msg->entry = entry;
109                   msg->prefix = dest;
110                   int event = eigrp_get_fsm_event(msg);
111                   eigrp_fsm_event(msg, event);
112                 }
113               eigrp_IPv4_InternalTLV_free (tlv);
>>>     CID 1433368:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "dest_addr" going out of scope leaks the storage it points to.
114             }
115         }
116       eigrp_hello_send_ack(nbr);
117     }
118     
119     void

** CID 1433367:  Memory - corruptions  (OVERRUN)
/eigrpd/eigrp_dump.c: 526 in debug_eigrp_packets()


________________________________________________________________________________________________________
*** CID 1433367:  Memory - corruptions  (OVERRUN)
/eigrpd/eigrp_dump.c: 526 in debug_eigrp_packets()
520         flag |= EIGRP_DEBUG_PACKET_DETAIL;
521     
522       for (i = 0; i < 11; i++)
523         if (type & (0x01 << i))
524           {
525             if (vty->node == CONFIG_NODE)
>>>     CID 1433367:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array "term_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
526               DEBUG_PACKET_ON (i, flag);
527             else
528               TERM_DEBUG_PACKET_ON (i, flag);
529           }
530     
531       return CMD_SUCCESS;

** CID 1433366:  Memory - corruptions  (OVERRUN)
/eigrpd/eigrp_packet.c: 186 in eigrp_check_md5_digest()


________________________________________________________________________________________________________
*** CID 1433366:  Memory - corruptions  (OVERRUN)
/eigrpd/eigrp_packet.c: 186 in eigrp_check_md5_digest()
180         }
181     
182       eigrph = (struct eigrp_header *) s->data;
183       eigrph->checksum = 0;
184     
185       auth_TLV =(struct TLV_MD5_Authentication_Type *) (s->data + EIGRP_HEADER_LEN);
>>>     CID 1433366:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array ""0"" of 2 bytes by passing it to a function which accesses it at byte offset 15 using argument "16UL".
186       memcpy(auth_TLV->digest, "0", sizeof(auth_TLV->digest));
187     
188       ibuf = s->data;
189       backup_end = s->endp;
190     
191       keychain = keychain_lookup(IF_DEF_PARAMS (nbr->ei->ifp)->auth_keychain);

** CID 1433365:  Memory - corruptions  (OVERRUN)
/eigrpd/eigrp_dump.c: 602 in no_debug_eigrp_packets()


________________________________________________________________________________________________________
*** CID 1433365:  Memory - corruptions  (OVERRUN)
/eigrpd/eigrp_dump.c: 602 in no_debug_eigrp_packets()
596        flag |= EIGRP_DEBUG_PACKET_DETAIL;
597     
598      for (i = 0; i < 11; i++)
599        if (type & (0x01 << i))
600          {
601            if (vty->node == CONFIG_NODE)
>>>     CID 1433365:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array "conf_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
602              DEBUG_PACKET_OFF (i, flag);
603            else
604              TERM_DEBUG_PACKET_OFF (i, flag);
605          }
606     
607      return CMD_SUCCESS;

** CID 1433364:  Memory - corruptions  (OVERRUN)
/eigrpd/eigrp_dump.c: 602 in no_debug_eigrp_packets()


________________________________________________________________________________________________________
*** CID 1433364:  Memory - corruptions  (OVERRUN)
/eigrpd/eigrp_dump.c: 602 in no_debug_eigrp_packets()
596        flag |= EIGRP_DEBUG_PACKET_DETAIL;
597     
598      for (i = 0; i < 11; i++)
599        if (type & (0x01 << i))
600          {
601            if (vty->node == CONFIG_NODE)
>>>     CID 1433364:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array "term_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
602              DEBUG_PACKET_OFF (i, flag);
603            else
604              TERM_DEBUG_PACKET_OFF (i, flag);
605          }
606     
607      return CMD_SUCCESS;

** CID 1433363:  Memory - corruptions  (OVERRUN)
/eigrpd/eigrp_dump.c: 526 in debug_eigrp_packets()


________________________________________________________________________________________________________
*** CID 1433363:  Memory - corruptions  (OVERRUN)
/eigrpd/eigrp_dump.c: 526 in debug_eigrp_packets()
520         flag |= EIGRP_DEBUG_PACKET_DETAIL;
521     
522       for (i = 0; i < 11; i++)
523         if (type & (0x01 << i))
524           {
525             if (vty->node == CONFIG_NODE)
>>>     CID 1433363:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array "conf_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
526               DEBUG_PACKET_ON (i, flag);
527             else
528               TERM_DEBUG_PACKET_ON (i, flag);
529           }
530     
531       return CMD_SUCCESS;

** CID 1433362:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/eigrpd/eigrp_topology.c: 467 in eigrp_topology_update_node_flags()


________________________________________________________________________________________________________
*** CID 1433362:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/eigrpd/eigrp_topology.c: 467 in eigrp_topology_update_node_flags()
461       struct listnode *node;
462       struct eigrp_neighbor_entry *entry;
463       struct eigrp * eigrp = eigrp_lookup();
464     
465       for (ALL_LIST_ELEMENTS_RO(dest->entries, node, entry))
466         {
>>>     CID 1433362:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
>>>     Potentially overflowing expression "dest->distance * eigrp->variance" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
467           if ((entry->distance <= (uint64_t)(dest->distance*eigrp->variance)) &&
468               entry->distance != EIGRP_MAX_METRIC) // is successor
469             {
470               entry->flags |= EIGRP_NEIGHBOR_ENTRY_SUCCESSOR_FLAG;
471               entry->flags &= ~EIGRP_NEIGHBOR_ENTRY_FSUCCESSOR_FLAG;
472             }

** CID 1433361:  Null pointer dereferences  (NULL_RETURNS)
/eigrpd/eigrp_dump.c: 315 in show_ip_eigrp_prefix_entry()


________________________________________________________________________________________________________
*** CID 1433361:  Null pointer dereferences  (NULL_RETURNS)
/eigrpd/eigrp_dump.c: 315 in show_ip_eigrp_prefix_entry()
309     
310     void
311     show_ip_eigrp_prefix_entry (struct vty *vty, struct eigrp_prefix_entry *tn)
312     {
313       vty_out (vty, "%-3c",(tn->state > 0) ? 'A' : 'P');
314       vty_out (vty, "%s/%u, ",inet_ntoa (tn->destination_ipv4->prefix),tn->destination_ipv4->prefixlen);
>>>     CID 1433361:  Null pointer dereferences  (NULL_RETURNS)
>>>     Dereferencing a null pointer "eigrp_topology_get_successor(tn)".
315       vty_out (vty, "%u successors, ",eigrp_topology_get_successor(tn)->count);
316       vty_out (vty, "FD is %u, serno: %lu %s",tn->fdistance, tn->serno, VTY_NEWLINE);
317     }
318     
319     void
320     show_ip_eigrp_neighbor_entry (struct vty *vty, struct eigrp *eigrp, struct eigrp_neighbor_entry *te)

** CID 1433360:  Null pointer dereferences  (NULL_RETURNS)
/eigrpd/eigrp_packet.c: 276 in eigrp_make_sha256_digest()


________________________________________________________________________________________________________
*** CID 1433360:  Null pointer dereferences  (NULL_RETURNS)
/eigrpd/eigrp_packet.c: 276 in eigrp_make_sha256_digest()
270         key = key_lookup_for_send(keychain);
271     
272       //     saved_len[index] = strnzcpyn(saved_key[index], key,
273       //                             PLAINTEXT_LENGTH + 1);
274     
275       source_ip = calloc(16, sizeof(char));
>>>     CID 1433360:  Null pointer dereferences  (NULL_RETURNS)
>>>     Dereferencing a pointer that might be null "source_ip" when calling "inet_ntop".
276       inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, 16);
277     
278       memset(&ctx, 0, sizeof(ctx));
279       buffer[0] = '\n';
280       memcpy(buffer + 1, key, strlen (key->string));
281       memcpy(buffer + 1 + strlen(key->string), source_ip, strlen(source_ip));

** CID 1433359:    (FORWARD_NULL)
/eigrpd/eigrp_filter.c: 219 in eigrp_distribute_update()
/eigrpd/eigrp_filter.c: 222 in eigrp_distribute_update()
/eigrpd/eigrp_filter.c: 226 in eigrp_distribute_update()


________________________________________________________________________________________________________
*** CID 1433359:    (FORWARD_NULL)
/eigrpd/eigrp_filter.c: 219 in eigrp_distribute_update()
213       /* Access-list for interface in */
214       if (dist->list[DISTRIBUTE_V4_IN])
215         {
216           zlog_info("<DEBUG ACL in");
217           alist = access_list_lookup (AFI_IP, dist->list[DISTRIBUTE_V4_IN]);
218           if (alist){
>>>     CID 1433359:    (FORWARD_NULL)
>>>     Dereferencing null pointer "ei".
219             ei->list[EIGRP_FILTER_IN] = alist;
220           }
221           else
222             ei->list[EIGRP_FILTER_IN] = NULL;
223         }
224       else
/eigrpd/eigrp_filter.c: 222 in eigrp_distribute_update()
216           zlog_info("<DEBUG ACL in");
217           alist = access_list_lookup (AFI_IP, dist->list[DISTRIBUTE_V4_IN]);
218           if (alist){
219             ei->list[EIGRP_FILTER_IN] = alist;
220           }
221           else
>>>     CID 1433359:    (FORWARD_NULL)
>>>     Dereferencing null pointer "ei".
222             ei->list[EIGRP_FILTER_IN] = NULL;
223         }
224       else
225       {
226         ei->list[EIGRP_FILTER_IN] = NULL;
227       }
/eigrpd/eigrp_filter.c: 226 in eigrp_distribute_update()
220           }
221           else
222             ei->list[EIGRP_FILTER_IN] = NULL;
223         }
224       else
225       {
>>>     CID 1433359:    (FORWARD_NULL)
>>>     Dereferencing null pointer "ei".
226         ei->list[EIGRP_FILTER_IN] = NULL;
227       }
228     
229       /* Access-list for interface in */
230       if (dist->list[DISTRIBUTE_V4_OUT])
231         {

** CID 1433358:  Null pointer dereferences  (FORWARD_NULL)
/eigrpd/eigrp_interface.c: 301 in eigrp_if_up()


________________________________________________________________________________________________________
*** CID 1433358:  Null pointer dereferences  (FORWARD_NULL)
/eigrpd/eigrp_interface.c: 301 in eigrp_if_up()
295       struct prefix_ipv4 *dest_addr = prefix_ipv4_new ();
296     
297       dest_addr->family = AF_INET;
298       dest_addr->prefix = ei->connected->address->u.prefix4;
299       dest_addr->prefixlen = ei->connected->address->prefixlen;
300       apply_mask_ipv4 (dest_addr);
>>>     CID 1433358:  Null pointer dereferences  (FORWARD_NULL)
>>>     Dereferencing null pointer "eigrp".
301       pe = eigrp_topology_table_lookup_ipv4 (eigrp->topology_table, dest_addr);
302     
303       if (pe == NULL)
304         {
305           pe = eigrp_prefix_entry_new ();
306           pe->serno = eigrp->serno;

** CID 1433357:  Null pointer dereferences  (FORWARD_NULL)
/eigrpd/eigrp_packet.c: 280 in eigrp_make_sha256_digest()


________________________________________________________________________________________________________
*** CID 1433357:  Null pointer dereferences  (FORWARD_NULL)
/eigrpd/eigrp_packet.c: 280 in eigrp_make_sha256_digest()
274     
275       source_ip = calloc(16, sizeof(char));
276       inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, 16);
277     
278       memset(&ctx, 0, sizeof(ctx));
279       buffer[0] = '\n';
>>>     CID 1433357:  Null pointer dereferences  (FORWARD_NULL)
>>>     Dereferencing null pointer "key".
280       memcpy(buffer + 1, key, strlen (key->string));
281       memcpy(buffer + 1 + strlen(key->string), source_ip, strlen(source_ip));
282       HMAC__SHA256_Init(&ctx, buffer, 1 + strlen (key->string) + strlen(source_ip));
283       HMAC__SHA256_Update(&ctx, ibuf, strlen(ibuf));
284       HMAC__SHA256_Final(digest, &ctx);
285     

** CID 1433356:    (FORWARD_NULL)
/eigrpd/eigrp_packet.c: 202 in eigrp_check_md5_digest()
/eigrpd/eigrp_packet.c: 213 in eigrp_check_md5_digest()


________________________________________________________________________________________________________
*** CID 1433356:    (FORWARD_NULL)
/eigrpd/eigrp_packet.c: 202 in eigrp_check_md5_digest()
196       MD5Init(&ctx);
197     
198       /* Generate a digest. Each situation needs different handling */
199       if(flags & EIGRP_AUTH_BASIC_HELLO_FLAG)
200         {
201           MD5Update(&ctx, ibuf, EIGRP_MD5_BASIC_COMPUTE);
>>>     CID 1433356:    (FORWARD_NULL)
>>>     Dereferencing null pointer "key".
202           MD5Update(&ctx, key->string, strlen(key->string));
203           if(strlen(key->string) < 16)
204             MD5Update(&ctx, zeropad, 16 - strlen(key->string));
205         }
206       else if(flags & EIGRP_AUTH_UPDATE_INIT_FLAG)
207         {
/eigrpd/eigrp_packet.c: 213 in eigrp_check_md5_digest()
207         {
208           MD5Update(&ctx, ibuf, EIGRP_MD5_UPDATE_INIT_COMPUTE);
209         }
210       else if(flags & EIGRP_AUTH_UPDATE_FLAG)
211         {
212           MD5Update(&ctx, ibuf, EIGRP_MD5_BASIC_COMPUTE);
>>>     CID 1433356:    (FORWARD_NULL)
>>>     Dereferencing null pointer "key".
213           MD5Update(&ctx, key->string, strlen(key->string));
214           if(strlen(key->string) < 16)
215             MD5Update(&ctx, zeropad, 16 - strlen(key->string));
216           if(backup_end > (EIGRP_HEADER_LEN + EIGRP_AUTH_MD5_TLV_SIZE))
217             {
218               MD5Update(&ctx, ibuf + (EIGRP_HEADER_LEN + EIGRP_AUTH_MD5_TLV_SIZE),

** CID 1433355:  Error handling issues  (CHECKED_RETURN)
/eigrpd/eigrpd.c: 190 in eigrp_new()


________________________________________________________________________________________________________
*** CID 1433355:  Error handling issues  (CHECKED_RETURN)
/eigrpd/eigrpd.c: 190 in eigrp_new()
184       eigrp->t_read = thread_add_read(master, eigrp_read, eigrp, eigrp->fd);
185       eigrp->oi_write_q = list_new();
186     
187       eigrp->topology_table = eigrp_topology_new();
188     
189       eigrp->neighbor_self = eigrp_nbr_new(NULL);
>>>     CID 1433355:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "inet_aton" without checking return value (as is done elsewhere 72 out of 79 times).
190       inet_aton("127.0.0.1", &eigrp->neighbor_self->src);
191     
192       eigrp->variance = EIGRP_VARIANCE_DEFAULT;
193       eigrp->max_paths = EIGRP_MAX_PATHS_DEFAULT;
194     
195       eigrp->serno = 0;

** CID 1433386:    (USE_AFTER_FREE)
/eigrpd/eigrp_hello.c: 395 in eigrp_hello_receive()


________________________________________________________________________________________________________
*** CID 1433386:    (USE_AFTER_FREE)
/eigrpd/eigrp_hello.c: 351 in eigrp_hello_receive()
345               zlog_debug("  General TLV(%s)", LOOKUP(eigrp_general_tlv_type_str, type));
346     
347             // determine what General TLV is being processed
348             switch (type)
349               {
350               case EIGRP_TLV_PARAMETER:
>>>     CID 1433386:    (USE_AFTER_FREE)
>>>     Calling "eigrp_hello_parameter_decode" dereferences freed pointer "nbr".
351                 eigrp_hello_parameter_decode(nbr, tlv_header);
352                 break;
353               case EIGRP_TLV_AUTH:
354                 {
355                   if(eigrp_hello_authentication_decode(s,tlv_header,nbr) == 0)
356                     return;
/eigrpd/eigrp_hello.c: 369 in eigrp_hello_receive()
363               case EIGRP_TLV_SW_VERSION:
364                 eigrp_sw_version_decode(nbr, tlv_header);
365                 break;
366              case EIGRP_TLV_NEXT_MCAST_SEQ:
367                break;
368               case EIGRP_TLV_PEER_TERMINATION:
>>>     CID 1433386:    (USE_AFTER_FREE)
>>>     Calling "eigrp_peer_termination_decode" dereferences freed pointer "nbr".
369                 eigrp_peer_termination_decode(nbr, tlv_header);
370                 break;
371               case EIGRP_TLV_PEER_MTRLIST:
372              case EIGRP_TLV_PEER_TIDLIST:
373                break;
374               default:
/eigrpd/eigrp_hello.c: 390 in eigrp_hello_receive()
384     
385       /*If received packet is hello with Parameter TLV*/
386       if (ntohl(eigrph->ack) == 0)
387         {
388           /* increment statistics. */
389           ei->hello_in++;
>>>     CID 1433386:    (USE_AFTER_FREE)
>>>     Calling "eigrp_nbr_state_update" dereferences freed pointer "nbr".
390           eigrp_nbr_state_update(nbr);
391     
392         }
393     
394       if (IS_DEBUG_EIGRP_PACKET(0, RECV))
395         zlog_debug("Hello Packet received from %s", inet_ntoa(nbr->src));
/eigrpd/eigrp_hello.c: 395 in eigrp_hello_receive()
389           ei->hello_in++;
390           eigrp_nbr_state_update(nbr);
391     
392         }
393     
394       if (IS_DEBUG_EIGRP_PACKET(0, RECV))
>>>     CID 1433386:    (USE_AFTER_FREE)
>>>     Dereferencing freed pointer "nbr".
395         zlog_debug("Hello Packet received from %s", inet_ntoa(nbr->src));
396     }
397     
398     /**
399      * @fn eigrp_sw_version_encode
400      *
/eigrpd/eigrp_hello.c: 369 in eigrp_hello_receive()
363               case EIGRP_TLV_SW_VERSION:
364                 eigrp_sw_version_decode(nbr, tlv_header);
365                 break;
366              case EIGRP_TLV_NEXT_MCAST_SEQ:
367                break;
368               case EIGRP_TLV_PEER_TERMINATION:
>>>     CID 1433386:    (USE_AFTER_FREE)
>>>     Calling "eigrp_peer_termination_decode" dereferences freed pointer "nbr".
369                 eigrp_peer_termination_decode(nbr, tlv_header);
370                 break;
371               case EIGRP_TLV_PEER_MTRLIST:
372              case EIGRP_TLV_PEER_TIDLIST:
373                break;
374               default:
/eigrpd/eigrp_hello.c: 390 in eigrp_hello_receive()
384     
385       /*If received packet is hello with Parameter TLV*/
386       if (ntohl(eigrph->ack) == 0)
387         {
388           /* increment statistics. */
389           ei->hello_in++;
>>>     CID 1433386:    (USE_AFTER_FREE)
>>>     Calling "eigrp_nbr_state_update" dereferences freed pointer "nbr".
390           eigrp_nbr_state_update(nbr);
391     
392         }
393     
394       if (IS_DEBUG_EIGRP_PACKET(0, RECV))
395         zlog_debug("Hello Packet received from %s", inet_ntoa(nbr->src));

** CID 1433385:  Code maintainability issues  (UNUSED_VALUE)
/eigrpd/eigrp_packet.c: 641 in eigrp_read()


________________________________________________________________________________________________________
*** CID 1433385:  Code maintainability issues  (UNUSED_VALUE)
/eigrpd/eigrp_packet.c: 641 in eigrp_read()
635                       eigrp_nbr_state_set(nbr, EIGRP_NEIGHBOR_UP);
636                       zlog_info("Neighbor adjacency became full");
637                       nbr->init_sequence_number = 0;
638                       nbr->recv_sequence_number = ntohl(eigrph->sequence);
639                       eigrp_update_send_EOT(nbr);
640                     }
>>>     CID 1433385:  Code maintainability issues  (UNUSED_VALUE)
>>>     Assigning value from "eigrp_fifo_pop_tail(nbr->retrans_queue)" to "ep" here, but that stored value is overwritten before it can be used.
641                   ep = eigrp_fifo_pop_tail(nbr->retrans_queue);
642                   /*eigrp_packet_free(ep);*/
643                   if (nbr->retrans_queue->count > 0)
644                    {
645                      eigrp_send_packet_reliably(nbr);
646                    }


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJk1ZWOHW5fu9rmsCLhqmUjSNjNPWHNBuHlKGh-2BszAaYLS6vQm6Dlu-2FITL6I5NV7gmV-2FceQmbIM9qEgqB3EsJhO0dIbw8-2BV0uzh2W32LwFDdmOWSkZT6ZbCyuPVggrTxpfCJS00Xz7SIhGiDgupCUuK5XSrCZpg3F-2FJ8NXOOnLzCyQ-3D-3D

To manage Coverity Scan email notifications for "frr at lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4lcTWm1Zma8LQDNpOYqrETKrqBiM18kcBcL8b08LzBPOYJYGySZ4Vv7d5QYcnSbGxl3QyORKgEmDxh-2BE2mj6dp1V4JSs2jbMZuLnEQJOW0Z0-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJk1ZWOHW5fu9rmsCLhqmUjSGQWF2sfzlWluZUXu5dRspUa8K-2Bjd3nkHQVAvsY3CsWPKwE2fctqoN5SJCFOYmSU9KZXFuvGKy7xvzCjqcsggJ5yAeecEdxP1UqT5KZr5F4yhsu1A6FA3BkK6-2Fx-2FKxzTc4cYXTqo0G4YsRo0XNMoScA-3D-3D




More information about the dev mailing list