[dev] New Defects reported by Coverity Scan for freerangerouting/frr
scan-admin at coverity.com
scan-admin at coverity.com
Sun May 7 20:24:30 EDT 2017
Hi,
Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
32 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 32 defect(s)
** CID 1433372: Resource leaks (RESOURCE_LEAK)
/eigrpd/eigrp_interface.c: 339 in eigrp_if_up()
________________________________________________________________________________________________________
*** CID 1433372: Resource leaks (RESOURCE_LEAK)
/eigrpd/eigrp_interface.c: 339 in eigrp_if_up()
333 }
334 }
335
336 pe->req_action &= ~EIGRP_FSM_NEED_UPDATE;
337 listnode_delete(eigrp->topology_changes_internalIPV4, pe);
338
>>> CID 1433372: Resource leaks (RESOURCE_LEAK)
>>> Variable "dest_addr" going out of scope leaks the storage it points to.
339 return 1;
340 }
341
342 int
343 eigrp_if_down (struct eigrp_interface *ei)
344 {
** CID 1433371: Memory - illegal accesses (OVERRUN)
/eigrpd/eigrp_dump.c: 356 in show_debugging_eigrp()
________________________________________________________________________________________________________
*** CID 1433371: Memory - illegal accesses (OVERRUN)
/eigrpd/eigrp_dump.c: 356 in show_debugging_eigrp()
350 /* Show debug status for EIGRP Packets. */
351 for (i = 0; i < 11 ; i++)
352 {
353 if (i == 8)
354 continue;
355
>>> CID 1433371: Memory - illegal accesses (OVERRUN)
>>> Overrunning array "term_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
356 if (IS_DEBUG_EIGRP_PACKET (i, SEND) && IS_DEBUG_EIGRP_PACKET (i, RECV))
357 {
358 vty_out (vty, " EIGRP packet %s%s debugging is on%s",
359 LOOKUP (eigrp_packet_type_str, i + 1),
360 IS_DEBUG_EIGRP_PACKET (i, PACKET_DETAIL) ? " detail" : "",
361 VTY_NEWLINE);
** CID 1433370: Resource leaks (RESOURCE_LEAK)
/eigrpd/eigrp_query.c: 228 in eigrp_send_query()
________________________________________________________________________________________________________
*** CID 1433370: Resource leaks (RESOURCE_LEAK)
/eigrpd/eigrp_query.c: 228 in eigrp_send_query()
222 if (nbr->retrans_queue->count == 1)
223 {
224 eigrp_send_packet_reliably(nbr);
225 }
226 }
227 }
>>> CID 1433370: Resource leaks (RESOURCE_LEAK)
>>> Variable "ep" going out of scope leaks the storage it points to.
** CID 1433369: Resource leaks (RESOURCE_LEAK)
/eigrpd/eigrp_reply.c: 249 in eigrp_reply_receive()
________________________________________________________________________________________________________
*** CID 1433369: Resource leaks (RESOURCE_LEAK)
/eigrpd/eigrp_reply.c: 249 in eigrp_reply_receive()
243 msg->prefix = dest;
244 int event = eigrp_get_fsm_event(msg);
245 eigrp_fsm_event(msg, event);
246
247
248 eigrp_IPv4_InternalTLV_free (tlv);
>>> CID 1433369: Resource leaks (RESOURCE_LEAK)
>>> Variable "dest_addr" going out of scope leaks the storage it points to.
249 }
250 }
251 eigrp_hello_send_ack(nbr);
** CID 1433368: Resource leaks (RESOURCE_LEAK)
/eigrpd/eigrp_siaquery.c: 114 in eigrp_siaquery_receive()
________________________________________________________________________________________________________
*** CID 1433368: Resource leaks (RESOURCE_LEAK)
/eigrpd/eigrp_siaquery.c: 114 in eigrp_siaquery_receive()
108 msg->entry = entry;
109 msg->prefix = dest;
110 int event = eigrp_get_fsm_event(msg);
111 eigrp_fsm_event(msg, event);
112 }
113 eigrp_IPv4_InternalTLV_free (tlv);
>>> CID 1433368: Resource leaks (RESOURCE_LEAK)
>>> Variable "dest_addr" going out of scope leaks the storage it points to.
114 }
115 }
116 eigrp_hello_send_ack(nbr);
117 }
118
119 void
** CID 1433367: Memory - corruptions (OVERRUN)
/eigrpd/eigrp_dump.c: 526 in debug_eigrp_packets()
________________________________________________________________________________________________________
*** CID 1433367: Memory - corruptions (OVERRUN)
/eigrpd/eigrp_dump.c: 526 in debug_eigrp_packets()
520 flag |= EIGRP_DEBUG_PACKET_DETAIL;
521
522 for (i = 0; i < 11; i++)
523 if (type & (0x01 << i))
524 {
525 if (vty->node == CONFIG_NODE)
>>> CID 1433367: Memory - corruptions (OVERRUN)
>>> Overrunning array "term_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
526 DEBUG_PACKET_ON (i, flag);
527 else
528 TERM_DEBUG_PACKET_ON (i, flag);
529 }
530
531 return CMD_SUCCESS;
** CID 1433366: Memory - corruptions (OVERRUN)
/eigrpd/eigrp_packet.c: 186 in eigrp_check_md5_digest()
________________________________________________________________________________________________________
*** CID 1433366: Memory - corruptions (OVERRUN)
/eigrpd/eigrp_packet.c: 186 in eigrp_check_md5_digest()
180 }
181
182 eigrph = (struct eigrp_header *) s->data;
183 eigrph->checksum = 0;
184
185 auth_TLV =(struct TLV_MD5_Authentication_Type *) (s->data + EIGRP_HEADER_LEN);
>>> CID 1433366: Memory - corruptions (OVERRUN)
>>> Overrunning array ""0"" of 2 bytes by passing it to a function which accesses it at byte offset 15 using argument "16UL".
186 memcpy(auth_TLV->digest, "0", sizeof(auth_TLV->digest));
187
188 ibuf = s->data;
189 backup_end = s->endp;
190
191 keychain = keychain_lookup(IF_DEF_PARAMS (nbr->ei->ifp)->auth_keychain);
** CID 1433365: Memory - corruptions (OVERRUN)
/eigrpd/eigrp_dump.c: 602 in no_debug_eigrp_packets()
________________________________________________________________________________________________________
*** CID 1433365: Memory - corruptions (OVERRUN)
/eigrpd/eigrp_dump.c: 602 in no_debug_eigrp_packets()
596 flag |= EIGRP_DEBUG_PACKET_DETAIL;
597
598 for (i = 0; i < 11; i++)
599 if (type & (0x01 << i))
600 {
601 if (vty->node == CONFIG_NODE)
>>> CID 1433365: Memory - corruptions (OVERRUN)
>>> Overrunning array "conf_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
602 DEBUG_PACKET_OFF (i, flag);
603 else
604 TERM_DEBUG_PACKET_OFF (i, flag);
605 }
606
607 return CMD_SUCCESS;
** CID 1433364: Memory - corruptions (OVERRUN)
/eigrpd/eigrp_dump.c: 602 in no_debug_eigrp_packets()
________________________________________________________________________________________________________
*** CID 1433364: Memory - corruptions (OVERRUN)
/eigrpd/eigrp_dump.c: 602 in no_debug_eigrp_packets()
596 flag |= EIGRP_DEBUG_PACKET_DETAIL;
597
598 for (i = 0; i < 11; i++)
599 if (type & (0x01 << i))
600 {
601 if (vty->node == CONFIG_NODE)
>>> CID 1433364: Memory - corruptions (OVERRUN)
>>> Overrunning array "term_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
602 DEBUG_PACKET_OFF (i, flag);
603 else
604 TERM_DEBUG_PACKET_OFF (i, flag);
605 }
606
607 return CMD_SUCCESS;
** CID 1433363: Memory - corruptions (OVERRUN)
/eigrpd/eigrp_dump.c: 526 in debug_eigrp_packets()
________________________________________________________________________________________________________
*** CID 1433363: Memory - corruptions (OVERRUN)
/eigrpd/eigrp_dump.c: 526 in debug_eigrp_packets()
520 flag |= EIGRP_DEBUG_PACKET_DETAIL;
521
522 for (i = 0; i < 11; i++)
523 if (type & (0x01 << i))
524 {
525 if (vty->node == CONFIG_NODE)
>>> CID 1433363: Memory - corruptions (OVERRUN)
>>> Overrunning array "conf_debug_eigrp_packet" of 10 8-byte elements at element index 10 (byte offset 80) using index "i" (which evaluates to 10).
526 DEBUG_PACKET_ON (i, flag);
527 else
528 TERM_DEBUG_PACKET_ON (i, flag);
529 }
530
531 return CMD_SUCCESS;
** CID 1433362: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/eigrpd/eigrp_topology.c: 467 in eigrp_topology_update_node_flags()
________________________________________________________________________________________________________
*** CID 1433362: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/eigrpd/eigrp_topology.c: 467 in eigrp_topology_update_node_flags()
461 struct listnode *node;
462 struct eigrp_neighbor_entry *entry;
463 struct eigrp * eigrp = eigrp_lookup();
464
465 for (ALL_LIST_ELEMENTS_RO(dest->entries, node, entry))
466 {
>>> CID 1433362: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "dest->distance * eigrp->variance" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
467 if ((entry->distance <= (uint64_t)(dest->distance*eigrp->variance)) &&
468 entry->distance != EIGRP_MAX_METRIC) // is successor
469 {
470 entry->flags |= EIGRP_NEIGHBOR_ENTRY_SUCCESSOR_FLAG;
471 entry->flags &= ~EIGRP_NEIGHBOR_ENTRY_FSUCCESSOR_FLAG;
472 }
** CID 1433361: Null pointer dereferences (NULL_RETURNS)
/eigrpd/eigrp_dump.c: 315 in show_ip_eigrp_prefix_entry()
________________________________________________________________________________________________________
*** CID 1433361: Null pointer dereferences (NULL_RETURNS)
/eigrpd/eigrp_dump.c: 315 in show_ip_eigrp_prefix_entry()
309
310 void
311 show_ip_eigrp_prefix_entry (struct vty *vty, struct eigrp_prefix_entry *tn)
312 {
313 vty_out (vty, "%-3c",(tn->state > 0) ? 'A' : 'P');
314 vty_out (vty, "%s/%u, ",inet_ntoa (tn->destination_ipv4->prefix),tn->destination_ipv4->prefixlen);
>>> CID 1433361: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing a null pointer "eigrp_topology_get_successor(tn)".
315 vty_out (vty, "%u successors, ",eigrp_topology_get_successor(tn)->count);
316 vty_out (vty, "FD is %u, serno: %lu %s",tn->fdistance, tn->serno, VTY_NEWLINE);
317 }
318
319 void
320 show_ip_eigrp_neighbor_entry (struct vty *vty, struct eigrp *eigrp, struct eigrp_neighbor_entry *te)
** CID 1433360: Null pointer dereferences (NULL_RETURNS)
/eigrpd/eigrp_packet.c: 276 in eigrp_make_sha256_digest()
________________________________________________________________________________________________________
*** CID 1433360: Null pointer dereferences (NULL_RETURNS)
/eigrpd/eigrp_packet.c: 276 in eigrp_make_sha256_digest()
270 key = key_lookup_for_send(keychain);
271
272 // saved_len[index] = strnzcpyn(saved_key[index], key,
273 // PLAINTEXT_LENGTH + 1);
274
275 source_ip = calloc(16, sizeof(char));
>>> CID 1433360: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing a pointer that might be null "source_ip" when calling "inet_ntop".
276 inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, 16);
277
278 memset(&ctx, 0, sizeof(ctx));
279 buffer[0] = '\n';
280 memcpy(buffer + 1, key, strlen (key->string));
281 memcpy(buffer + 1 + strlen(key->string), source_ip, strlen(source_ip));
** CID 1433359: (FORWARD_NULL)
/eigrpd/eigrp_filter.c: 219 in eigrp_distribute_update()
/eigrpd/eigrp_filter.c: 222 in eigrp_distribute_update()
/eigrpd/eigrp_filter.c: 226 in eigrp_distribute_update()
________________________________________________________________________________________________________
*** CID 1433359: (FORWARD_NULL)
/eigrpd/eigrp_filter.c: 219 in eigrp_distribute_update()
213 /* Access-list for interface in */
214 if (dist->list[DISTRIBUTE_V4_IN])
215 {
216 zlog_info("<DEBUG ACL in");
217 alist = access_list_lookup (AFI_IP, dist->list[DISTRIBUTE_V4_IN]);
218 if (alist){
>>> CID 1433359: (FORWARD_NULL)
>>> Dereferencing null pointer "ei".
219 ei->list[EIGRP_FILTER_IN] = alist;
220 }
221 else
222 ei->list[EIGRP_FILTER_IN] = NULL;
223 }
224 else
/eigrpd/eigrp_filter.c: 222 in eigrp_distribute_update()
216 zlog_info("<DEBUG ACL in");
217 alist = access_list_lookup (AFI_IP, dist->list[DISTRIBUTE_V4_IN]);
218 if (alist){
219 ei->list[EIGRP_FILTER_IN] = alist;
220 }
221 else
>>> CID 1433359: (FORWARD_NULL)
>>> Dereferencing null pointer "ei".
222 ei->list[EIGRP_FILTER_IN] = NULL;
223 }
224 else
225 {
226 ei->list[EIGRP_FILTER_IN] = NULL;
227 }
/eigrpd/eigrp_filter.c: 226 in eigrp_distribute_update()
220 }
221 else
222 ei->list[EIGRP_FILTER_IN] = NULL;
223 }
224 else
225 {
>>> CID 1433359: (FORWARD_NULL)
>>> Dereferencing null pointer "ei".
226 ei->list[EIGRP_FILTER_IN] = NULL;
227 }
228
229 /* Access-list for interface in */
230 if (dist->list[DISTRIBUTE_V4_OUT])
231 {
** CID 1433358: Null pointer dereferences (FORWARD_NULL)
/eigrpd/eigrp_interface.c: 301 in eigrp_if_up()
________________________________________________________________________________________________________
*** CID 1433358: Null pointer dereferences (FORWARD_NULL)
/eigrpd/eigrp_interface.c: 301 in eigrp_if_up()
295 struct prefix_ipv4 *dest_addr = prefix_ipv4_new ();
296
297 dest_addr->family = AF_INET;
298 dest_addr->prefix = ei->connected->address->u.prefix4;
299 dest_addr->prefixlen = ei->connected->address->prefixlen;
300 apply_mask_ipv4 (dest_addr);
>>> CID 1433358: Null pointer dereferences (FORWARD_NULL)
>>> Dereferencing null pointer "eigrp".
301 pe = eigrp_topology_table_lookup_ipv4 (eigrp->topology_table, dest_addr);
302
303 if (pe == NULL)
304 {
305 pe = eigrp_prefix_entry_new ();
306 pe->serno = eigrp->serno;
** CID 1433357: Null pointer dereferences (FORWARD_NULL)
/eigrpd/eigrp_packet.c: 280 in eigrp_make_sha256_digest()
________________________________________________________________________________________________________
*** CID 1433357: Null pointer dereferences (FORWARD_NULL)
/eigrpd/eigrp_packet.c: 280 in eigrp_make_sha256_digest()
274
275 source_ip = calloc(16, sizeof(char));
276 inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, 16);
277
278 memset(&ctx, 0, sizeof(ctx));
279 buffer[0] = '\n';
>>> CID 1433357: Null pointer dereferences (FORWARD_NULL)
>>> Dereferencing null pointer "key".
280 memcpy(buffer + 1, key, strlen (key->string));
281 memcpy(buffer + 1 + strlen(key->string), source_ip, strlen(source_ip));
282 HMAC__SHA256_Init(&ctx, buffer, 1 + strlen (key->string) + strlen(source_ip));
283 HMAC__SHA256_Update(&ctx, ibuf, strlen(ibuf));
284 HMAC__SHA256_Final(digest, &ctx);
285
** CID 1433356: (FORWARD_NULL)
/eigrpd/eigrp_packet.c: 202 in eigrp_check_md5_digest()
/eigrpd/eigrp_packet.c: 213 in eigrp_check_md5_digest()
________________________________________________________________________________________________________
*** CID 1433356: (FORWARD_NULL)
/eigrpd/eigrp_packet.c: 202 in eigrp_check_md5_digest()
196 MD5Init(&ctx);
197
198 /* Generate a digest. Each situation needs different handling */
199 if(flags & EIGRP_AUTH_BASIC_HELLO_FLAG)
200 {
201 MD5Update(&ctx, ibuf, EIGRP_MD5_BASIC_COMPUTE);
>>> CID 1433356: (FORWARD_NULL)
>>> Dereferencing null pointer "key".
202 MD5Update(&ctx, key->string, strlen(key->string));
203 if(strlen(key->string) < 16)
204 MD5Update(&ctx, zeropad, 16 - strlen(key->string));
205 }
206 else if(flags & EIGRP_AUTH_UPDATE_INIT_FLAG)
207 {
/eigrpd/eigrp_packet.c: 213 in eigrp_check_md5_digest()
207 {
208 MD5Update(&ctx, ibuf, EIGRP_MD5_UPDATE_INIT_COMPUTE);
209 }
210 else if(flags & EIGRP_AUTH_UPDATE_FLAG)
211 {
212 MD5Update(&ctx, ibuf, EIGRP_MD5_BASIC_COMPUTE);
>>> CID 1433356: (FORWARD_NULL)
>>> Dereferencing null pointer "key".
213 MD5Update(&ctx, key->string, strlen(key->string));
214 if(strlen(key->string) < 16)
215 MD5Update(&ctx, zeropad, 16 - strlen(key->string));
216 if(backup_end > (EIGRP_HEADER_LEN + EIGRP_AUTH_MD5_TLV_SIZE))
217 {
218 MD5Update(&ctx, ibuf + (EIGRP_HEADER_LEN + EIGRP_AUTH_MD5_TLV_SIZE),
** CID 1433355: Error handling issues (CHECKED_RETURN)
/eigrpd/eigrpd.c: 190 in eigrp_new()
________________________________________________________________________________________________________
*** CID 1433355: Error handling issues (CHECKED_RETURN)
/eigrpd/eigrpd.c: 190 in eigrp_new()
184 eigrp->t_read = thread_add_read(master, eigrp_read, eigrp, eigrp->fd);
185 eigrp->oi_write_q = list_new();
186
187 eigrp->topology_table = eigrp_topology_new();
188
189 eigrp->neighbor_self = eigrp_nbr_new(NULL);
>>> CID 1433355: Error handling issues (CHECKED_RETURN)
>>> Calling "inet_aton" without checking return value (as is done elsewhere 72 out of 79 times).
190 inet_aton("127.0.0.1", &eigrp->neighbor_self->src);
191
192 eigrp->variance = EIGRP_VARIANCE_DEFAULT;
193 eigrp->max_paths = EIGRP_MAX_PATHS_DEFAULT;
194
195 eigrp->serno = 0;
** CID 1433386: (USE_AFTER_FREE)
/eigrpd/eigrp_hello.c: 395 in eigrp_hello_receive()
________________________________________________________________________________________________________
*** CID 1433386: (USE_AFTER_FREE)
/eigrpd/eigrp_hello.c: 351 in eigrp_hello_receive()
345 zlog_debug(" General TLV(%s)", LOOKUP(eigrp_general_tlv_type_str, type));
346
347 // determine what General TLV is being processed
348 switch (type)
349 {
350 case EIGRP_TLV_PARAMETER:
>>> CID 1433386: (USE_AFTER_FREE)
>>> Calling "eigrp_hello_parameter_decode" dereferences freed pointer "nbr".
351 eigrp_hello_parameter_decode(nbr, tlv_header);
352 break;
353 case EIGRP_TLV_AUTH:
354 {
355 if(eigrp_hello_authentication_decode(s,tlv_header,nbr) == 0)
356 return;
/eigrpd/eigrp_hello.c: 369 in eigrp_hello_receive()
363 case EIGRP_TLV_SW_VERSION:
364 eigrp_sw_version_decode(nbr, tlv_header);
365 break;
366 case EIGRP_TLV_NEXT_MCAST_SEQ:
367 break;
368 case EIGRP_TLV_PEER_TERMINATION:
>>> CID 1433386: (USE_AFTER_FREE)
>>> Calling "eigrp_peer_termination_decode" dereferences freed pointer "nbr".
369 eigrp_peer_termination_decode(nbr, tlv_header);
370 break;
371 case EIGRP_TLV_PEER_MTRLIST:
372 case EIGRP_TLV_PEER_TIDLIST:
373 break;
374 default:
/eigrpd/eigrp_hello.c: 390 in eigrp_hello_receive()
384
385 /*If received packet is hello with Parameter TLV*/
386 if (ntohl(eigrph->ack) == 0)
387 {
388 /* increment statistics. */
389 ei->hello_in++;
>>> CID 1433386: (USE_AFTER_FREE)
>>> Calling "eigrp_nbr_state_update" dereferences freed pointer "nbr".
390 eigrp_nbr_state_update(nbr);
391
392 }
393
394 if (IS_DEBUG_EIGRP_PACKET(0, RECV))
395 zlog_debug("Hello Packet received from %s", inet_ntoa(nbr->src));
/eigrpd/eigrp_hello.c: 395 in eigrp_hello_receive()
389 ei->hello_in++;
390 eigrp_nbr_state_update(nbr);
391
392 }
393
394 if (IS_DEBUG_EIGRP_PACKET(0, RECV))
>>> CID 1433386: (USE_AFTER_FREE)
>>> Dereferencing freed pointer "nbr".
395 zlog_debug("Hello Packet received from %s", inet_ntoa(nbr->src));
396 }
397
398 /**
399 * @fn eigrp_sw_version_encode
400 *
/eigrpd/eigrp_hello.c: 369 in eigrp_hello_receive()
363 case EIGRP_TLV_SW_VERSION:
364 eigrp_sw_version_decode(nbr, tlv_header);
365 break;
366 case EIGRP_TLV_NEXT_MCAST_SEQ:
367 break;
368 case EIGRP_TLV_PEER_TERMINATION:
>>> CID 1433386: (USE_AFTER_FREE)
>>> Calling "eigrp_peer_termination_decode" dereferences freed pointer "nbr".
369 eigrp_peer_termination_decode(nbr, tlv_header);
370 break;
371 case EIGRP_TLV_PEER_MTRLIST:
372 case EIGRP_TLV_PEER_TIDLIST:
373 break;
374 default:
/eigrpd/eigrp_hello.c: 390 in eigrp_hello_receive()
384
385 /*If received packet is hello with Parameter TLV*/
386 if (ntohl(eigrph->ack) == 0)
387 {
388 /* increment statistics. */
389 ei->hello_in++;
>>> CID 1433386: (USE_AFTER_FREE)
>>> Calling "eigrp_nbr_state_update" dereferences freed pointer "nbr".
390 eigrp_nbr_state_update(nbr);
391
392 }
393
394 if (IS_DEBUG_EIGRP_PACKET(0, RECV))
395 zlog_debug("Hello Packet received from %s", inet_ntoa(nbr->src));
** CID 1433385: Code maintainability issues (UNUSED_VALUE)
/eigrpd/eigrp_packet.c: 641 in eigrp_read()
________________________________________________________________________________________________________
*** CID 1433385: Code maintainability issues (UNUSED_VALUE)
/eigrpd/eigrp_packet.c: 641 in eigrp_read()
635 eigrp_nbr_state_set(nbr, EIGRP_NEIGHBOR_UP);
636 zlog_info("Neighbor adjacency became full");
637 nbr->init_sequence_number = 0;
638 nbr->recv_sequence_number = ntohl(eigrph->sequence);
639 eigrp_update_send_EOT(nbr);
640 }
>>> CID 1433385: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "eigrp_fifo_pop_tail(nbr->retrans_queue)" to "ep" here, but that stored value is overwritten before it can be used.
641 ep = eigrp_fifo_pop_tail(nbr->retrans_queue);
642 /*eigrp_packet_free(ep);*/
643 if (nbr->retrans_queue->count > 0)
644 {
645 eigrp_send_packet_reliably(nbr);
646 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJk1ZWOHW5fu9rmsCLhqmUjSNjNPWHNBuHlKGh-2BszAaYLS6vQm6Dlu-2FITL6I5NV7gmV-2FceQmbIM9qEgqB3EsJhO0dIbw8-2BV0uzh2W32LwFDdmOWSkZT6ZbCyuPVggrTxpfCJS00Xz7SIhGiDgupCUuK5XSrCZpg3F-2FJ8NXOOnLzCyQ-3D-3D
To manage Coverity Scan email notifications for "frr at lists.nox.tf", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4lcTWm1Zma8LQDNpOYqrETKrqBiM18kcBcL8b08LzBPOYJYGySZ4Vv7d5QYcnSbGxl3QyORKgEmDxh-2BE2mj6dp1V4JSs2jbMZuLnEQJOW0Z0-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJk1ZWOHW5fu9rmsCLhqmUjSGQWF2sfzlWluZUXu5dRspUa8K-2Bjd3nkHQVAvsY3CsWPKwE2fctqoN5SJCFOYmSU9KZXFuvGKy7xvzCjqcsggJ5yAeecEdxP1UqT5KZr5F4yhsu1A6FA3BkK6-2Fx-2FKxzTc4cYXTqo0G4YsRo0XNMoScA-3D-3D
More information about the dev
mailing list