[dev] New Defects reported by Coverity Scan for freerangerouting/frr

scan-admin at coverity.com scan-admin at coverity.com
Sun Mar 18 18:10:30 EDT 2018


Hi,

Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

27 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 20 of 27 defect(s)


** CID 1465497:  Control flow issues  (DEADCODE)
/zebra/zebra_netns_id.c: 253 in zebra_ns_id_get()


________________________________________________________________________________________________________
*** CID 1465497:  Control flow issues  (DEADCODE)
/zebra/zebra_netns_id.c: 253 in zebra_ns_id_get()
247     				break;
248     			}
249     		}
250     		len = len - NETLINK_ALIGN(nlh->nlmsg_len);
251     		nlh = (struct nlmsghdr *)((char *)nlh
252     					  + NETLINK_ALIGN(nlh->nlmsg_len));
>>>     CID 1465497:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach the expression "ret == 0" inside this statement: "do  {
  if (nlh->nlmsg_type...".
253     	} while (len != 0 && return_nsid != NS_UNKNOWN && ret == 0);
254     
255     	if (ret <= 0) {
256     		if (errno != EEXIST && ret != 0) {
257     			zlog_err(
258     				"netlink( %u) recvfrom() error 2 when reading: %s",

** CID 1465496:  Null pointer dereferences  (FORWARD_NULL)


________________________________________________________________________________________________________
*** CID 1465496:  Null pointer dereferences  (FORWARD_NULL)
/bgpd/bgp_vty.c: 6969 in clear_bgp_instance_ipv6_safi_prefix()
6963     	/* [<view|vrf> VIEWVRFNAME] */
6964     	char *vrfview = argv_find(argv, argc, "VIEWVRFNAME", &idx_word) ?
6965     		argv[idx_word]->arg : NULL;
6966     
6967     	argv_find_and_parse_safi(argv, argc, &idx_safi, &safi);
6968     
>>>     CID 1465496:  Null pointer dereferences  (FORWARD_NULL)
>>>     Passing null pointer "prefix" to "bgp_clear_prefix", which dereferences it.
6969     	return bgp_clear_prefix(
6970     		vty, vrfview, prefix,
6971     		AFI_IP6, safi, NULL);
6972     }
6973     
6974     DEFUN (show_bgp_views,

** CID 1465495:  Memory - illegal accesses  (OVERRUN)
/zebra/zserv.c: 2617 in zserv_handle_commands()


________________________________________________________________________________________________________
*** CID 1465495:  Memory - illegal accesses  (OVERRUN)
/zebra/zserv.c: 2617 in zserv_handle_commands()
2611     
2612     static inline void zserv_handle_commands(struct zserv *client,
2613     					 struct zmsghdr *hdr,
2614     					 struct stream *msg,
2615     					 struct zebra_vrf *zvrf)
2616     {
>>>     CID 1465495:  Memory - illegal accesses  (OVERRUN)
>>>     Overrunning array "zserv_handlers" of 79 8-byte elements at element index 632 (byte offset 5056) using index "hdr->command" (which evaluates to 632).
2617     	if (hdr->command > sizeof(zserv_handlers)
2618     	    || zserv_handlers[hdr->command] == NULL)
2619     		zlog_info("Zebra received unknown command %d", hdr->command);
2620     	else
2621     		zserv_handlers[hdr->command](client, hdr, msg, zvrf);
2622     

** CID 1465494:    (STRING_NULL)
/zebra/zebra_netns_notify.c: 169 in zebra_ns_notify_read()
/zebra/zebra_netns_notify.c: 169 in zebra_ns_notify_read()
/zebra/zebra_netns_notify.c: 169 in zebra_ns_notify_read()


________________________________________________________________________________________________________
*** CID 1465494:    (STRING_NULL)
/zebra/zebra_netns_notify.c: 169 in zebra_ns_notify_read()
163     	struct inotify_event *event;
164     	char buf[BUFSIZ];
165     	ssize_t len;
166     
167     	zebra_netns_notify_current = thread_add_read(
168     		zebrad.master, zebra_ns_notify_read, NULL, fd_monitor, NULL);
>>>     CID 1465494:    (STRING_NULL)
>>>     Function "read" does not terminate string "*buf".
169     	len = read(fd_monitor, buf, sizeof(buf));
170     	if (len < 0) {
171     		zlog_warn("NS notify read: failed to read (%s)",
172     			  safe_strerror(errno));
173     		return 0;
174     	}
/zebra/zebra_netns_notify.c: 169 in zebra_ns_notify_read()
163     	struct inotify_event *event;
164     	char buf[BUFSIZ];
165     	ssize_t len;
166     
167     	zebra_netns_notify_current = thread_add_read(
168     		zebrad.master, zebra_ns_notify_read, NULL, fd_monitor, NULL);
>>>     CID 1465494:    (STRING_NULL)
>>>     Function "read" does not terminate string "*buf".
169     	len = read(fd_monitor, buf, sizeof(buf));
170     	if (len < 0) {
171     		zlog_warn("NS notify read: failed to read (%s)",
172     			  safe_strerror(errno));
173     		return 0;
174     	}
/zebra/zebra_netns_notify.c: 169 in zebra_ns_notify_read()
163     	struct inotify_event *event;
164     	char buf[BUFSIZ];
165     	ssize_t len;
166     
167     	zebra_netns_notify_current = thread_add_read(
168     		zebrad.master, zebra_ns_notify_read, NULL, fd_monitor, NULL);
>>>     CID 1465494:    (STRING_NULL)
>>>     Function "read" does not terminate string "*buf".
169     	len = read(fd_monitor, buf, sizeof(buf));
170     	if (len < 0) {
171     		zlog_warn("NS notify read: failed to read (%s)",
172     			  safe_strerror(errno));
173     		return 0;
174     	}

** CID 1465493:  Memory - illegal accesses  (UNINIT)
/pimd/pim_igmp_mtrace.c: 269 in mtrace_un_forward_packet()


________________________________________________________________________________________________________
*** CID 1465493:  Memory - illegal accesses  (UNINIT)
/pimd/pim_igmp_mtrace.c: 269 in mtrace_un_forward_packet()
263     				zlog_warn(
264     					"Dropping mtrace packet, "
265     					"no route to destination");
266     			return -1;
267     		}
268     
>>>     CID 1465493:  Memory - illegal accesses  (UNINIT)
>>>     Using uninitialized value "nexthop.interface".
269     		if_out = nexthop.interface;
270     	} else {
271     		if_out = interface;
272     	}
273     
274     	ret = pim_socket_bind(fd, if_out);

** CID 1465492:  Resource leaks  (RESOURCE_LEAK)
/zebra/zserv.c: 599 in zsend_redistribute_route()


________________________________________________________________________________________________________
*** CID 1465492:  Resource leaks  (RESOURCE_LEAK)
/zebra/zserv.c: 599 in zsend_redistribute_route()
593     	api.mtu = re->mtu;
594     
595     	struct stream *s = stream_new(ZEBRA_MAX_PACKET_SIZ);
596     
597     	/* Encode route and send. */
598     	if (zapi_route_encode(cmd, s, &api) < 0)
>>>     CID 1465492:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "s" going out of scope leaks the storage it points to.
599     		return -1;
600     
601     	if (IS_ZEBRA_DEBUG_SEND) {
602     		char buf_prefix[PREFIX_STRLEN];
603     		prefix2str(&api.prefix, buf_prefix, sizeof(buf_prefix));
604     

** CID 1465491:    (TAINTED_SCALAR)
/pimd/mtracebis.c: 281 in recv_response()
/pimd/mtracebis.c: 311 in recv_response()


________________________________________________________________________________________________________
*** CID 1465491:    (TAINTED_SCALAR)
/pimd/mtracebis.c: 281 in recv_response()
275     	sum = ip->ip_sum;
276     	ip->ip_sum = 0;
277     
278     	if (sum != in_cksum(ip, ip->ip_hl * 4))
279     		return -1;
280     
>>>     CID 1465491:    (TAINTED_SCALAR)
>>>     Using tainted variable "4 * ip->ip_hl" as an index into an array "mtrace_buf".
281     	mtrace = (struct igmp_mtrace *)(mtrace_buf + (4 * ip->ip_hl));
282     
283     	mtrace_len = ntohs(ip->ip_len) - ip->ip_hl * 4;
284     
285     	if (mtrace_len < (int)MTRACE_HDR_SIZE)
286     		return -1;
/pimd/mtracebis.c: 311 in recv_response()
305     	}
306     
307     	if (hops)
308     		*hops = responses;
309     
310     	if (mtracer)
>>>     CID 1465491:    (TAINTED_SCALAR)
>>>     Passing tainted variable "mtrace_len" to a tainted sink.
311     		memcpy(mtracer, mtrace, mtrace_len);
312     
313     	return 0;
314     }
315     
316     static int wait_for_response(int fd, int *hops, struct igmp_mtrace *mtrace,

** CID 1465490:  Error handling issues  (CHECKED_RETURN)
/pimd/pim_igmp_mtrace.c: 664 in igmp_mtrace_recv_qry_req()


________________________________________________________________________________________________________
*** CID 1465490:  Error handling issues  (CHECKED_RETURN)
/pimd/pim_igmp_mtrace.c: 664 in igmp_mtrace_recv_qry_req()
658     		if (pim_if_connected_to_source(out_ifp, mtracep->src_addr))
659     			return mtrace_send_response(pim, mtracep, mtrace_len);
660     		/*
661     		 * 6.4 Forwarding Traceroute Requests:
662     		 * Previous-hop router not known
663     		 */
>>>     CID 1465490:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "inet_aton" without checking return value (as is done elsewhere 114 out of 116 times).
664     		inet_aton(MCAST_ALL_ROUTERS, &nh_addr);
665     	}
666     
667     	if (mtracep->hops <= (last_rsp_ind + 1))
668     		return mtrace_send_response(pim, mtracep, mtrace_len);
669     

** CID 1465489:  Null pointer dereferences  (FORWARD_NULL)


________________________________________________________________________________________________________
*** CID 1465489:  Null pointer dereferences  (FORWARD_NULL)
/bgpd/bgp_vty_clippy.c: 144 in vpn_policy_nexthop()
138     	}
139     #if 1 /* anything that can fail? */
140     	if (_failcnt)
141     		return CMD_WARNING;
142     #endif
143     #endif
>>>     CID 1465489:  Null pointer dereferences  (FORWARD_NULL)
>>>     Passing null pointer "nexthop" to "vpn_policy_nexthop_magic", which dereferences it.
144     	return vpn_policy_nexthop_magic(self, vty, argc, argv, nexthop, nexthop_str);
145     }
146     
147     /* show_ip_bgp_instance_updgrps_adj_s => "show [ip]$ip bgp [<view|vrf> VIEWVRFNAME$vrf] [<ipv4|ipv6>$afi <unicast|multicast|vpn>$safi] update-groups [SUBGROUP-ID]$sgid <advertise-queue|advertised-routes|packet-queue>$rtq" */
148     DEFUN_CMD_FUNC_DECL(show_ip_bgp_instance_updgrps_adj_s)
149     #define funcdecl_show_ip_bgp_instance_updgrps_adj_s static int show_ip_bgp_instance_updgrps_adj_s_magic(\

** CID 1465488:  Error handling issues  (CHECKED_RETURN)
/zebra/zserv.c: 1163 in zread_route_add()


________________________________________________________________________________________________________
*** CID 1465488:  Error handling issues  (CHECKED_RETURN)
/zebra/zserv.c: 1163 in zread_route_add()
1157     	struct nexthop *nexthop = NULL;
1158     	int i, ret;
1159     	vrf_id_t vrf_id = 0;
1160     	struct ipaddr vtep_ip;
1161     
1162     	s = msg;
>>>     CID 1465488:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "zapi_route_decode" without checking return value (as is done elsewhere 12 out of 13 times).
1163     	zapi_route_decode(s, &api);
1164     
1165     	if (IS_ZEBRA_DEBUG_RECV) {
1166     		char buf_prefix[PREFIX_STRLEN];
1167     		prefix2str(&api.prefix, buf_prefix, sizeof(buf_prefix));
1168     		zlog_debug("%s: p=%s, ZAPI_MESSAGE_LABEL: %sset, flags=0x%x",

** CID 1465487:  Null pointer dereferences  (REVERSE_INULL)
/bgpd/bgp_network.c: 458 in bgp_get_bound_name()


________________________________________________________________________________________________________
*** CID 1465487:  Null pointer dereferences  (REVERSE_INULL)
/bgpd/bgp_network.c: 458 in bgp_get_bound_name()
452     		return NULL;
453     
454     	if (peer->su.sa.sa_family != AF_INET
455     	    && peer->su.sa.sa_family != AF_INET6)
456     		return NULL; // unexpected
457     
>>>     CID 1465487:  Null pointer dereferences  (REVERSE_INULL)
>>>     Null-checking "peer" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
458     	if (!peer)
459     		return name;
460     	/* For IPv6 peering, interface (unnumbered or link-local with interface)
461     	 * takes precedence over VRF. For IPv4 peering, explicit interface or
462     	 * VRF are the situations to bind.
463     	 */

** CID 1465486:  Memory - illegal accesses  (UNINIT)
/pimd/pim_igmp_mtrace.c: 645 in igmp_mtrace_recv_qry_req()


________________________________________________________________________________________________________
*** CID 1465486:  Memory - illegal accesses  (UNINIT)
/pimd/pim_igmp_mtrace.c: 645 in igmp_mtrace_recv_qry_req()
639     		else
640     			rspp->fwd_code = fwd_code;
641     		/* 6.5 Sending Traceroute Responses */
642     		return mtrace_send_response(pim, mtracep, mtrace_len);
643     	}
644     
>>>     CID 1465486:  Memory - illegal accesses  (UNINIT)
>>>     Using uninitialized value "nexthop.interface".
645     	out_ifp = nexthop.interface;
646     	pim_out_ifp = out_ifp->info;
647     
648     	rspp->incoming = pim_out_ifp->primary_address;
649     	rspp->prev_hop = nh_addr;
650     	rspp->in_count = htonl(MTRACE_UNKNOWN_COUNT);

** CID 1465485:    (RESOURCE_LEAK)
/bgpd/bgp_mplsvpn.c: 474 in vpn_leak_from_vrf_update()
/bgpd/bgp_mplsvpn.c: 533 in vpn_leak_from_vrf_update()
/bgpd/bgp_mplsvpn.c: 566 in vpn_leak_from_vrf_update()
/bgpd/bgp_mplsvpn.c: 638 in vpn_leak_from_vrf_update()


________________________________________________________________________________________________________
*** CID 1465485:    (RESOURCE_LEAK)
/bgpd/bgp_mplsvpn.c: 474 in vpn_leak_from_vrf_update()
468     			s = ecommunity_ecom2str(info_vrf->attr->ecommunity,
469     						ECOMMUNITY_FORMAT_ROUTE_MAP, 0);
470     		}
471     
472     		zlog_debug("%s: info_vrf->type=%d, EC{%s}", __func__,
473     			   info_vrf->type, s);
>>>     CID 1465485:    (RESOURCE_LEAK)
>>>     Variable "s" going out of scope leaks the storage it points to.
474     	}
475     
476     	if (!bgp_vpn)
477     		return;
478     
479     	if (!afi) {
/bgpd/bgp_mplsvpn.c: 533 in vpn_leak_from_vrf_update()
527     		if (static_attr.ecommunity) {
528     			s = ecommunity_ecom2str(static_attr.ecommunity,
529     						ECOMMUNITY_FORMAT_ROUTE_MAP, 0);
530     		}
531     		zlog_debug("%s: post route map static_attr.ecommunity{%s}",
532     			   __func__, s);
>>>     CID 1465485:    (RESOURCE_LEAK)
>>>     Variable "s" going out of scope leaks the storage it points to.
533     	}
534     
535     	/*
536     	 * Add the vpn-policy rt-list
537     	 */
538     	struct ecommunity *old_ecom;
/bgpd/bgp_mplsvpn.c: 566 in vpn_leak_from_vrf_update()
560     		if (static_attr.ecommunity) {
561     			s = ecommunity_ecom2str(static_attr.ecommunity,
562     						ECOMMUNITY_FORMAT_ROUTE_MAP, 0);
563     		}
564     		zlog_debug("%s: post merge static_attr.ecommunity{%s}",
565     			   __func__, s);
>>>     CID 1465485:    (RESOURCE_LEAK)
>>>     Variable "s" going out of scope leaks the storage it points to.
566     	}
567     
568     	/* Nexthop */
569     	/* if policy nexthop not set, use 0 */
570     	if (CHECK_FLAG(bgp_vrf->vpn_policy[afi].flags,
571     		       BGP_VPN_POLICY_TOVPN_NEXTHOP_SET)) {
/bgpd/bgp_mplsvpn.c: 638 in vpn_leak_from_vrf_update()
632     
633     		if (new_attr->ecommunity) {
634     			s = ecommunity_ecom2str(new_attr->ecommunity,
635     						ECOMMUNITY_FORMAT_ROUTE_MAP, 0);
636     		}
637     		zlog_debug("%s: new_attr->ecommunity{%s}", __func__, s);
>>>     CID 1465485:    (RESOURCE_LEAK)
>>>     Variable "s" going out of scope leaks the storage it points to.
638     	}
639     
640     	/* Now new_attr is an allocated interned attr */
641     
642     	bn = bgp_afi_node_get(bgp_vpn->rib[afi][safi], afi, safi, p,
643     			      &(bgp_vrf->vpn_policy[afi].tovpn_rd));

** CID 1465484:  Null pointer dereferences  (FORWARD_NULL)


________________________________________________________________________________________________________
*** CID 1465484:  Null pointer dereferences  (FORWARD_NULL)
/bgpd/bgp_vty.c: 6940 in clear_bgp_ipv6_safi_prefix()
6934     	int idx_ipv6_prefix = 0;
6935     	safi_t safi = SAFI_UNICAST;
6936     	char *prefix = argv_find(argv, argc, "X:X::X:X/M", &idx_ipv6_prefix) ?
6937     		argv[idx_ipv6_prefix]->arg : NULL;
6938     
6939     	argv_find_and_parse_safi(argv, argc, &idx_safi, &safi);
>>>     CID 1465484:  Null pointer dereferences  (FORWARD_NULL)
>>>     Passing null pointer "prefix" to "bgp_clear_prefix", which dereferences it.
6940     	return bgp_clear_prefix(
6941     		vty, NULL, prefix, AFI_IP6,
6942     		safi, NULL);
6943     }
6944     
6945     DEFUN (clear_bgp_instance_ipv6_safi_prefix,

** CID 1465483:  Integer handling issues  (NEGATIVE_RETURNS)


________________________________________________________________________________________________________
*** CID 1465483:  Integer handling issues  (NEGATIVE_RETURNS)
/pimd/mtracebis_routeget.c: 87 in routeget()
81     
82     	ret = rtnl_open(&rth, 0);
83     
84     	if (ret < 0)
85     		return ret;
86     
>>>     CID 1465483:  Integer handling issues  (NEGATIVE_RETURNS)
>>>     "rth.fd" is passed to a parameter that cannot be negative.
87     	if (rtnl_talk(&rth, &req.n, 0, 0, &req.n, NULL, NULL) < 0) {
88     		ret = -1;
89     		goto close_rth;
90     	}
91     
92     	ret = find_dst(&req.n, src, gw);

** CID 1465482:    (NULL_RETURNS)
/zebra/zebra_vty.c: 549 in static_config_install_delayed_routes()
/zebra/zebra_vty.c: 549 in static_config_install_delayed_routes()


________________________________________________________________________________________________________
*** CID 1465482:    (NULL_RETURNS)
/zebra/zebra_vty.c: 549 in static_config_install_delayed_routes()
543     		ozvrf = zebra_vrf_lookup_by_name(shr->vrf_name);
544     		nh_zvrf = zebra_vrf_lookup_by_name(shr->nhvrf_name);
545     
546     		if (ozvrf != zvrf && nh_zvrf != zvrf)
547     			continue;
548     
>>>     CID 1465482:    (NULL_RETURNS)
>>>     Dereferencing a null pointer "ozvrf".
549     		if (ozvrf->vrf->vrf_id == VRF_UNKNOWN
550     		    || nh_zvrf->vrf->vrf_id == VRF_UNKNOWN)
551     			continue;
552     
553     		installed = zebra_static_route_leak(
554     			NULL, ozvrf, nh_zvrf, shr->afi, shr->safi, NULL,
/zebra/zebra_vty.c: 549 in static_config_install_delayed_routes()
543     		ozvrf = zebra_vrf_lookup_by_name(shr->vrf_name);
544     		nh_zvrf = zebra_vrf_lookup_by_name(shr->nhvrf_name);
545     
546     		if (ozvrf != zvrf && nh_zvrf != zvrf)
547     			continue;
548     
>>>     CID 1465482:    (NULL_RETURNS)
>>>     Dereferencing a null pointer "nh_zvrf".
549     		if (ozvrf->vrf->vrf_id == VRF_UNKNOWN
550     		    || nh_zvrf->vrf->vrf_id == VRF_UNKNOWN)
551     			continue;
552     
553     		installed = zebra_static_route_leak(
554     			NULL, ozvrf, nh_zvrf, shr->afi, shr->safi, NULL,

** CID 1465481:  Null pointer dereferences  (FORWARD_NULL)


________________________________________________________________________________________________________
*** CID 1465481:  Null pointer dereferences  (FORWARD_NULL)
/bgpd/bgp_fsm.c: 1389 in bgp_start()
1383     				"%s [FSM] In a VRF that is not initialised yet",
1384     				peer->host);
1385     		return -1;
1386     	}
1387     
1388     	/* Register to be notified on peer up */
>>>     CID 1465481:  Null pointer dereferences  (FORWARD_NULL)
>>>     Passing null pointer "peer->bgp" to "bgp_flag_check", which dereferences it.
1389     	if (peer->sort == BGP_PEER_EBGP && peer->ttl == 1
1390     	    && !CHECK_FLAG(peer->flags, PEER_FLAG_DISABLE_CONNECTED_CHECK)
1391     	    && !bgp_flag_check(peer->bgp, BGP_FLAG_DISABLE_NH_CONNECTED_CHK))
1392     		connected = 1;
1393     	else
1394     		connected = 0;

** CID 1465480:  Null pointer dereferences  (FORWARD_NULL)


________________________________________________________________________________________________________
*** CID 1465480:  Null pointer dereferences  (FORWARD_NULL)
/bgpd/bgp_mplsvpn.c: 496 in vpn_leak_from_vrf_update()
490     	if (!vpn_leak_to_vpn_active(bgp_vrf, afi, &debugmsg)) {
491     		if (debug)
492     			zlog_debug("%s: skipping: %s", __func__, debugmsg);
493     		return;
494     	}
495     
>>>     CID 1465480:  Null pointer dereferences  (FORWARD_NULL)
>>>     Passing null pointer "info_vrf->attr" to "bgp_attr_dup", which dereferences it.
496     	bgp_attr_dup(&static_attr, info_vrf->attr); /* shallow copy */
497     
498     	/*
499     	 * route map handling
500     	 */
501     	if (bgp_vrf->vpn_policy[afi].rmap[BGP_VPN_POLICY_DIR_TOVPN]) {

** CID 1465479:  Resource leaks  (RESOURCE_LEAK)
/ospf6d/ospf6_asbr.c: 619 in ospf6_asbr_lsa_remove()


________________________________________________________________________________________________________
*** CID 1465479:  Resource leaks  (RESOURCE_LEAK)
/ospf6d/ospf6_asbr.c: 619 in ospf6_asbr_lsa_remove()
613     	route = ospf6_route_lookup(&prefix, ospf6->route_table);
614     	if (route == NULL) {
615     		if (IS_OSPF6_DEBUG_EXAMIN(AS_EXTERNAL)) {
616     			prefix2str(&prefix, buf, sizeof(buf));
617     			zlog_debug("AS-External route %s not found", buf);
618     		}
>>>     CID 1465479:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "route_to_del" going out of scope leaks the storage it points to.
619     		return;
620     	}
621     
622     	if (IS_OSPF6_DEBUG_EXAMIN(AS_EXTERNAL)) {
623     		prefix2str(&prefix, buf, sizeof(buf));
624     		zlog_debug(

** CID 1465478:  Resource leaks  (RESOURCE_LEAK)
/pimd/pim_igmp_mtrace.c: 266 in mtrace_un_forward_packet()


________________________________________________________________________________________________________
*** CID 1465478:  Resource leaks  (RESOURCE_LEAK)
/pimd/pim_igmp_mtrace.c: 266 in mtrace_un_forward_packet()
260     
261     		if (ret != 0) {
262     			if (PIM_DEBUG_MTRACE)
263     				zlog_warn(
264     					"Dropping mtrace packet, "
265     					"no route to destination");
>>>     CID 1465478:  Resource leaks  (RESOURCE_LEAK)
>>>     Handle variable "fd" going out of scope leaks the handle.
266     			return -1;
267     		}
268     
269     		if_out = nexthop.interface;
270     	} else {
271     		if_out = interface;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJkjilOT4Ic7K-2FFeMG8KZGmVG-2Bf66GtOvYpSuUSDGy0tNMwhRwfyUzQyRtF4QzWszRtY75RdYuGz3bma-2FGHon0-2BBPg-2BgvHHshh6jB2aluTrtmFbSvkxv-2F1FPccBujg770e-2Fdo6PMGp1dF4-2FLiSrMz3mKPLLZ87d0PPRR-2Burg9dXdqA-3D-3D




More information about the dev mailing list