[dev] New Defects reported by Coverity Scan for freerangerouting/frr

Thu May 3 12:18:42 EDT 2018

Hi,

Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

3 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)

** CID 1468512:  Control flow issues  (DEADCODE)
/bgpd/bgp_pbr.c: 234 in bgp_pbr_build_and_validate_entry()

________________________________________________________________________________________________________
*** CID 1468512:  Control flow issues  (DEADCODE)
/bgpd/bgp_pbr.c: 234 in bgp_pbr_build_and_validate_entry()
228     		ecom = info->attr->ecommunity;
229     		for (i = 0; i < ecom->size; i++) {
230     			ecom_eval = (struct ecommunity_val *)
231     				ecom->val + (i * ECOMMUNITY_SIZE);
232     
233     			if (action_count > ACTIONS_MAX_NUM) {
>>>     CID 1468512:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "if (term_bgp_debug_pbr & 2U...".
234     				if (BGP_DEBUG(pbr, PBR_ERROR))
235     					zlog_err("%s: flowspec actions exceeds limit (max %u)",
236     						 __func__, action_count);
237     				break;
238     			}
239     			api_action = &api->actions[action_count];

** CID 1468511:  Null pointer dereferences  (FORWARD_NULL)

________________________________________________________________________________________________________
*** CID 1468511:  Null pointer dereferences  (FORWARD_NULL)
/pimd/pim_msdp.c: 259 in pim_msdp_sa_new()
253     	sa->uptime = pim_time_monotonic_sec();
254     
255     	/* insert into misc tables for easy access */
256     	sa = hash_get(pim->msdp.sa_hash, sa, hash_alloc_intern);
257     	if (!sa) {
258     		zlog_err("%s: PIM hash get failure", __PRETTY_FUNCTION__);
>>>     CID 1468511:  Null pointer dereferences  (FORWARD_NULL)
>>>     Passing null pointer "sa" to "pim_msdp_sa_free", which dereferences it.
259     		pim_msdp_sa_free(sa);
260     		return NULL;
261     	}
262     	listnode_add_sort(pim->msdp.sa_list, sa);
263     
264     	if (PIM_DEBUG_MSDP_EVENTS) {

** CID 1468510:  Null pointer dereferences  (NULL_RETURNS)

________________________________________________________________________________________________________
*** CID 1468510:  Null pointer dereferences  (NULL_RETURNS)
/ospf6d/ospf6_intra.c: 1326 in ospf6_intra_prefix_update_route_origin()
1320     	struct ospf6_route *g_route, *nroute;
1321     
1322     	/* Update Global ospf6 route path */
1323     	g_route = ospf6_route_lookup(&oa_route->prefix,
1324     				     ospf6->route_table);
1325     
>>>     CID 1468510:  Null pointer dereferences  (NULL_RETURNS)
>>>     Dereferencing a pointer that might be null "g_route" when calling "ospf6_route_lock".
1326     	for (ospf6_route_lock(g_route); g_route &&
1327     	     ospf6_route_is_prefix(&oa_route->prefix, g_route);
1328     	     g_route = nroute) {
1329     		nroute = ospf6_route_next(g_route);
1330     		if (g_route->type != oa_route->type)
1331     			continue;

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJnLIQB1b9UiAbnEl9HCsoYtO8Ku9mc5UcL78CHAxjn-2BgQ-2BjKh2eHsLB1N0zmyesM2A7CmwsLnv89IJlCXtISUBaVQbCSB8S1MaNWPCDe5fFaO9q4BUkL0knMqaB29g-2FGP9MswSGDcV2Hsh7cHMZE2Vq8WFXMNqGpeNDV34k3NcaCQ-3D-3D