[dev] New Defects reported by Coverity Scan for freerangerouting/frr

scan-admin at coverity.com scan-admin at coverity.com
Tue May 14 11:23:15 EDT 2019


Hi,

Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

2 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1480220:  Null pointer dereferences  (FORWARD_NULL)


________________________________________________________________________________________________________
*** CID 1480220:  Null pointer dereferences  (FORWARD_NULL)
/bfdd/bfd_packet.c: 529 in bfd_recv_cb()
523     	uint8_t msgbuf[1516];
524     	struct bfd_vrf_global *bvrf = THREAD_ARG(t);
525     
526     	if (bvrf)
527     		vrfid = bvrf->vrf->vrf_id;
528     	/* Schedule next read. */
>>>     CID 1480220:  Null pointer dereferences  (FORWARD_NULL)
>>>     Passing null pointer "bvrf" to "bfd_sd_reschedule", which dereferences it.
529     	bfd_sd_reschedule(bvrf, sd);
530     
531     	/* Handle echo packets. */
532     	if (sd == bvrf->bg_echo || sd == bvrf->bg_echov6) {
533     		ptm_bfd_process_echo_pkt(bvrf, sd);
534     		return 0;

** CID 1480219:    (NULL_RETURNS)


________________________________________________________________________________________________________
*** CID 1480219:    (NULL_RETURNS)
/bfdd/bfd.c: 182 in bfd_session_enable()
176     	/*
177     	 * Get socket for transmitting control packets.  Note that if we
178     	 * could use the destination port (3784) for the source
179     	 * port we wouldn't need a socket per session.
180     	 */
181     	if (BFD_CHECK_FLAG(bs->flags, BFD_SESS_FLAG_IPV6) == 0) {
>>>     CID 1480219:    (NULL_RETURNS)
>>>     Dereferencing a pointer that might be null "bs->vrf" when calling "bp_peer_socket".
182     		psock = bp_peer_socket(bs);
183     		if (psock == -1)
184     			return 0;
185     	} else {
186     		psock = bp_peer_socketv6(bs);
187     		if (psock == -1)
/bfdd/bfd.c: 186 in bfd_session_enable()
180     	 */
181     	if (BFD_CHECK_FLAG(bs->flags, BFD_SESS_FLAG_IPV6) == 0) {
182     		psock = bp_peer_socket(bs);
183     		if (psock == -1)
184     			return 0;
185     	} else {
>>>     CID 1480219:    (NULL_RETURNS)
>>>     Dereferencing a pointer that might be null "bs->vrf" when calling "bp_peer_socketv6".
186     		psock = bp_peer_socketv6(bs);
187     		if (psock == -1)
188     			return 0;
189     	}
190     
191     	/*


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeDU1AdI-2FBBrnda9ub5tlg3U-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJmWM5njR-2BB5Azcua40iz-2BnaRKZ1Z8-2BmgdORvcCdJcDN3Qvq4wYvMxX4b40bNH9DqrdhcXbTSpiCytSN-2BLdWineYCXapvkNiYRKz367sm5-2Bj7ALYhzwmR565grQQWpEsPkc6PB8GKCEf5u5O40Dc6607ZyY3KCSiPGw2wn2IXHl7nQ-3D-3D




More information about the dev mailing list