[dev] New Defects reported by Coverity Scan for freerangerouting/frr
scan-admin at coverity.com
scan-admin at coverity.com
Fri Apr 6 14:51:21 EDT 2018
Hi,
Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
2 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1467487: (RESOURCE_LEAK)
/ospf6d/ospf6_intra.c: 1720 in ospf6_intra_prefix_lsa_remove()
/ospf6d/ospf6_intra.c: 1914 in ospf6_intra_prefix_lsa_remove()
________________________________________________________________________________________________________
*** CID 1467487: (RESOURCE_LEAK)
/ospf6d/ospf6_intra.c: 1720 in ospf6_intra_prefix_lsa_remove()
1714 if (prefix_num == 0)
1715 break;
1716 if (end < current + OSPF6_PREFIX_SIZE(op))
1717 break;
1718 prefix_num--;
1719
>>> CID 1467487: (RESOURCE_LEAK)
>>> Overwriting "route_to_del" in "route_to_del = ospf6_route_create()" leaks the storage that "route_to_del" points to.
1720 route_to_del = ospf6_route_create();
1721
1722 memset(&route_to_del->prefix, 0, sizeof(struct prefix));
1723 route_to_del->prefix.family = AF_INET6;
1724 route_to_del->prefix.prefixlen = op->prefix_length;
1725 ospf6_prefix_in6_addr(&route_to_del->prefix.u.prefix6, op);
/ospf6d/ospf6_intra.c: 1914 in ospf6_intra_prefix_lsa_remove()
1908
1909 ospf6_route_delete(route_to_del);
1910 }
1911
1912 if (current != end && IS_OSPF6_DEBUG_EXAMIN(INTRA_PREFIX))
1913 zlog_debug("Trailing garbage ignored");
>>> CID 1467487: (RESOURCE_LEAK)
>>> Variable "route_to_del" going out of scope leaks the storage it points to.
1914 }
1915
1916 void ospf6_intra_route_calculation(struct ospf6_area *oa)
1917 {
1918 struct ospf6_route *route, *nroute;
1919 uint16_t type;
** CID 1467486: Null pointer dereferences (REVERSE_INULL)
/bgpd/bgp_mplsvpn.c: 475 in leak_update()
________________________________________________________________________________________________________
*** CID 1467486: Null pointer dereferences (REVERSE_INULL)
/bgpd/bgp_mplsvpn.c: 475 in leak_update()
469 /*
470 * nexthop tracking for unicast routes
471 */
472 struct bgp *bgp_nexthop = bgp;
473 int nh_valid;
474
>>> CID 1467486: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "new->extra" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
475 if (new->extra && new->extra->bgp_orig)
476 bgp_nexthop = new->extra->bgp_orig;
477
478 /*
479 * No nexthop tracking for redistributed routes because
480 * their originating protocols will do the tracking and
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJknwudaqFnEB73p-2FH6WpSGZHR2f0vNhQC-2FjJLpXjCLmHfEsNlIsLkPrP7Hq-2FL0O0Wf-2BUAIu99mr8QFcWGKIfutuh4XHxSHDLx4lQ3i1-2BMaUuFP6LVv-2FOqtjsATXw3u-2BCQAgOSLTvxHsixmUnWm0DBdPKKtVJ066JdamZ18ZnlOxTA-3D-3D
More information about the dev
mailing list