[dev] New Defects reported by Coverity Scan for freerangerouting/frr
scan-admin at coverity.com
scan-admin at coverity.com
Wed Oct 31 20:29:46 EDT 2018
Hi,
Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
4 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1475322: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________________________________________________
*** CID 1475322: Null pointer dereferences (FORWARD_NULL)
/ripd/rip_cli_clippy.c: 1531 in ip_rip_authentication_mode()
1525 }
1526 #if 0 /* anything that can fail? */
1527 if (_failcnt)
1528 return CMD_WARNING;
1529 #endif
1530 #endif
>>> CID 1475322: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "mode" to "ip_rip_authentication_mode_magic", which dereferences it.
1531 return ip_rip_authentication_mode_magic(self, vty, argc, argv, mode, auth_length);
1532 }
1533
1534 /* no_ip_rip_authentication_mode => "no ip rip authentication mode [<md5 [auth-length <rfc|old-ripd>]|text>]" */
1535 DEFUN_CMD_FUNC_DECL(no_ip_rip_authentication_mode)
1536 #define funcdecl_no_ip_rip_authentication_mode static int no_ip_rip_authentication_mode_magic(\
** CID 1475321: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________________________________________________
*** CID 1475321: Null pointer dereferences (FORWARD_NULL)
/lib/northbound_cli_clippy.c: 672 in yang_module_translator_unload_family()
666 }
667 #if 0 /* anything that can fail? */
668 if (_failcnt)
669 return CMD_WARNING;
670 #endif
671 #endif
>>> CID 1475321: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "translator_family" to "yang_module_translator_unload_family_magic", which dereferences it.
672 return yang_module_translator_unload_family_magic(self, vty, argc, argv, translator_family);
673 }
674
675 /* show_config_transaction => "show configuration transaction [ (1-4294967296)$transaction_id [<json$json|xml$xml> [translate WORD$translator_family]] [< with-defaults$with_defaults |changes$changes >] ]" */
676 DEFUN_CMD_FUNC_DECL(show_config_transaction)
677 #define funcdecl_show_config_transaction static int show_config_transaction_magic(\
** CID 1475320: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________________________________________________
*** CID 1475320: Null pointer dereferences (FORWARD_NULL)
/ripd/rip_cli_clippy.c: 1612 in ip_rip_authentication_string()
1606 }
1607 #if 0 /* anything that can fail? */
1608 if (_failcnt)
1609 return CMD_WARNING;
1610 #endif
1611 #endif
>>> CID 1475320: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "password" to "ip_rip_authentication_string_magic", which dereferences it.
1612 return ip_rip_authentication_string_magic(self, vty, argc, argv, password);
1613 }
1614
1615 /* no_ip_rip_authentication_string => "no ip rip authentication string [LINE]" */
1616 DEFUN_CMD_FUNC_DECL(no_ip_rip_authentication_string)
1617 #define funcdecl_no_ip_rip_authentication_string static int no_ip_rip_authentication_string_magic(\
** CID 1475319: Security best practices violations (SECURE_TEMP)
/lib/northbound_cli.c: 419 in nb_write_config()
________________________________________________________________________________________________________
*** CID 1475319: Security best practices violations (SECURE_TEMP)
/lib/northbound_cli.c: 419 in nb_write_config()
413 {
414 int fd;
415 struct vty *file_vty;
416 int ret = 0;
417
418 snprintf(path, pathlen, "/tmp/frr.tmp.XXXXXXXX");
>>> CID 1475319: Security best practices violations (SECURE_TEMP)
>>> Calling "mkstemp" without securely setting umask first.
419 fd = mkstemp(path);
420 if (fd < 0) {
421 flog_warn(EC_LIB_SYSTEM_CALL, "%s: mkstemp() failed: %s",
422 __func__, safe_strerror(errno));
423 return -1;
424 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeHs8691VOJpZofPkpp-2BRBqc-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJkfXLmVqswCNMlUpaS6y-2Fjl3lI8z-2FooUImmpK6X3BcStaUQdfrgYHRpCGEi6YZpirSWVJzQD7zG0iwsCnEhfPV8zYMngn-2F4lWaoBHZUa9f9dAyQT8gUMmrISLP4vZxHP0y5MS8Korvgj2wiX-2BZzXnzEHu-2BC10EdQwnuQh4Qy1Ti8g-3D-3D
More information about the dev
mailing list