[dev] New Defects reported by Coverity Scan for freerangerouting/frr
scan-admin at coverity.com
scan-admin at coverity.com
Wed Jun 20 13:21:04 EDT 2018
Hi,
Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
1 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1470113: (TAINTED_SCALAR)
/zebra/zebra_netns_notify.c: 215 in zebra_ns_notify_read()
/zebra/zebra_netns_notify.c: 219 in zebra_ns_notify_read()
/zebra/zebra_netns_notify.c: 215 in zebra_ns_notify_read()
/zebra/zebra_netns_notify.c: 219 in zebra_ns_notify_read()
/zebra/zebra_netns_notify.c: 215 in zebra_ns_notify_read()
/zebra/zebra_netns_notify.c: 219 in zebra_ns_notify_read()
/zebra/zebra_netns_notify.c: 215 in zebra_ns_notify_read()
/zebra/zebra_netns_notify.c: 219 in zebra_ns_notify_read()
________________________________________________________________________________________________________
*** CID 1470113: (TAINTED_SCALAR)
/zebra/zebra_netns_notify.c: 215 in zebra_ns_notify_read()
209 struct zebra_netns_info *netnsinfo;
210
211 if (!(event->mask & (IN_CREATE | IN_DELETE)))
212 continue;
213 if (event->mask & IN_DELETE)
214 return zebra_ns_delete(event->name);
>>> CID 1470113: (TAINTED_SCALAR)
>>> Using tainted variable "event->len" as an index into an array "event->name".
215 if (&event->name[event->len] >= &buf[sizeof(buf)]) {
216 zlog_err("NS notify read: buffer underflow");
217 break;
218 }
219 event->name[event->len] = 0;
220 netnspath = ns_netns_pathname(NULL, event->name);
/zebra/zebra_netns_notify.c: 219 in zebra_ns_notify_read()
213 if (event->mask & IN_DELETE)
214 return zebra_ns_delete(event->name);
215 if (&event->name[event->len] >= &buf[sizeof(buf)]) {
216 zlog_err("NS notify read: buffer underflow");
217 break;
218 }
>>> CID 1470113: (TAINTED_SCALAR)
>>> Using tainted variable "event->len" as an index into an array "event->name".
219 event->name[event->len] = 0;
220 netnspath = ns_netns_pathname(NULL, event->name);
221 if (!netnspath)
222 continue;
223 netnspath = XSTRDUP(MTYPE_NETNS_MISC, netnspath);
224 netnsinfo = XCALLOC(MTYPE_NETNS_MISC,
/zebra/zebra_netns_notify.c: 215 in zebra_ns_notify_read()
209 struct zebra_netns_info *netnsinfo;
210
211 if (!(event->mask & (IN_CREATE | IN_DELETE)))
212 continue;
213 if (event->mask & IN_DELETE)
214 return zebra_ns_delete(event->name);
>>> CID 1470113: (TAINTED_SCALAR)
>>> Using tainted variable "event->len" as an index into an array "event->name".
215 if (&event->name[event->len] >= &buf[sizeof(buf)]) {
216 zlog_err("NS notify read: buffer underflow");
217 break;
218 }
219 event->name[event->len] = 0;
220 netnspath = ns_netns_pathname(NULL, event->name);
/zebra/zebra_netns_notify.c: 219 in zebra_ns_notify_read()
213 if (event->mask & IN_DELETE)
214 return zebra_ns_delete(event->name);
215 if (&event->name[event->len] >= &buf[sizeof(buf)]) {
216 zlog_err("NS notify read: buffer underflow");
217 break;
218 }
>>> CID 1470113: (TAINTED_SCALAR)
>>> Using tainted variable "event->len" as an index into an array "event->name".
219 event->name[event->len] = 0;
220 netnspath = ns_netns_pathname(NULL, event->name);
221 if (!netnspath)
222 continue;
223 netnspath = XSTRDUP(MTYPE_NETNS_MISC, netnspath);
224 netnsinfo = XCALLOC(MTYPE_NETNS_MISC,
/zebra/zebra_netns_notify.c: 215 in zebra_ns_notify_read()
209 struct zebra_netns_info *netnsinfo;
210
211 if (!(event->mask & (IN_CREATE | IN_DELETE)))
212 continue;
213 if (event->mask & IN_DELETE)
214 return zebra_ns_delete(event->name);
>>> CID 1470113: (TAINTED_SCALAR)
>>> Using tainted variable "event->len" as an index into an array "event->name".
215 if (&event->name[event->len] >= &buf[sizeof(buf)]) {
216 zlog_err("NS notify read: buffer underflow");
217 break;
218 }
219 event->name[event->len] = 0;
220 netnspath = ns_netns_pathname(NULL, event->name);
/zebra/zebra_netns_notify.c: 219 in zebra_ns_notify_read()
213 if (event->mask & IN_DELETE)
214 return zebra_ns_delete(event->name);
215 if (&event->name[event->len] >= &buf[sizeof(buf)]) {
216 zlog_err("NS notify read: buffer underflow");
217 break;
218 }
>>> CID 1470113: (TAINTED_SCALAR)
>>> Using tainted variable "event->len" as an index into an array "event->name".
219 event->name[event->len] = 0;
220 netnspath = ns_netns_pathname(NULL, event->name);
221 if (!netnspath)
222 continue;
223 netnspath = XSTRDUP(MTYPE_NETNS_MISC, netnspath);
224 netnsinfo = XCALLOC(MTYPE_NETNS_MISC,
/zebra/zebra_netns_notify.c: 215 in zebra_ns_notify_read()
209 struct zebra_netns_info *netnsinfo;
210
211 if (!(event->mask & (IN_CREATE | IN_DELETE)))
212 continue;
213 if (event->mask & IN_DELETE)
214 return zebra_ns_delete(event->name);
>>> CID 1470113: (TAINTED_SCALAR)
>>> Using tainted variable "event->len" as an index into an array "event->name".
215 if (&event->name[event->len] >= &buf[sizeof(buf)]) {
216 zlog_err("NS notify read: buffer underflow");
217 break;
218 }
219 event->name[event->len] = 0;
220 netnspath = ns_netns_pathname(NULL, event->name);
/zebra/zebra_netns_notify.c: 219 in zebra_ns_notify_read()
213 if (event->mask & IN_DELETE)
214 return zebra_ns_delete(event->name);
215 if (&event->name[event->len] >= &buf[sizeof(buf)]) {
216 zlog_err("NS notify read: buffer underflow");
217 break;
218 }
>>> CID 1470113: (TAINTED_SCALAR)
>>> Using tainted variable "event->len" as an index into an array "event->name".
219 event->name[event->len] = 0;
220 netnspath = ns_netns_pathname(NULL, event->name);
221 if (!netnspath)
222 continue;
223 netnspath = XSTRDUP(MTYPE_NETNS_MISC, netnspath);
224 netnsinfo = XCALLOC(MTYPE_NETNS_MISC,
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJnbESSDA-2BOHheIvAIUQpGwiLrVxpfMe5zAqtoA03QrUybyXSKI-2Fy49osfvIh8ciXto1a9AErJ2toat2IgznHOFuRd2-2Bj9KHLkqFyA69-2B6cznpm0GyYvV0DuSZi5aDR-2BFSQnqbuC7yF2cVEw9FlzU-2BLOYKMCcticytzjC9P623zGKA-3D-3D
More information about the dev
mailing list