New Defects reported by Coverity Scan for freerangerouting/frr

Tue Oct 15 21:35:57 EDT 2019

Hi,

Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

2 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)

** CID 1487116:  Concurrent data access violations  (MISSING_LOCK)
/zebra/zebra_mlag_private.c: 170 in zebra_mlag_connect()

________________________________________________________________________________________________________
*** CID 1487116:  Concurrent data access violations  (MISSING_LOCK)
/zebra/zebra_mlag_private.c: 170 in zebra_mlag_connect()
164     	struct ucred ucred;
165     	socklen_t len = 0;
166     
167     	/* Reset the Timer-running flag */
168     	zrouter.mlag_info.timer_running = false;
169     
>>>     CID 1487116:  Concurrent data access violations  (MISSING_LOCK)
>>>     Accessing "zrouter.mlag_info.t_read" without holding lock "zebra_mlag_info.mlag_th_mtx". Elsewhere, "zebra_mlag_info.t_read" is accessed with "zebra_mlag_info.mlag_th_mtx" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
170     	zrouter.mlag_info.t_read = NULL;
171     	memset(&svr, 0, sizeof(svr));
172     	svr.sun_family = AF_UNIX;
173     #define MLAG_SOCK_NAME "/var/run/clag-zebra.socket"
174     	strlcpy(svr.sun_path, MLAG_SOCK_NAME, sizeof(MLAG_SOCK_NAME) + 1);
175     

** CID 1487115:    (FORWARD_NULL)

________________________________________________________________________________________________________
*** CID 1487115:    (FORWARD_NULL)
/bgpd/bgp_evpn.c: 2581 in install_evpn_route_entry_in_vrf()
2575     	bgp_aggregate_increment(bgp_vrf, &rn->p, pi, afi, safi);
2576     
2577     	/* Perform route selection and update zebra, if required. */
2578     	bgp_process(bgp_vrf, rn, afi, safi);
2579     
2580     	/* Process for route leaking. */
>>>     CID 1487115:    (FORWARD_NULL)
>>>     Passing null pointer "pi" to "vpn_leak_from_vrf_update", which dereferences it.
2581     	vpn_leak_from_vrf_update(bgp_get_default(), bgp_vrf, pi);
2582     
2583     	return ret;
2584     }
2585     
2586     /*
/bgpd/bgp_evpn.c: 2575 in install_evpn_route_entry_in_vrf()
2569     		/* Unintern existing, set to new. */
2570     		bgp_attr_unintern(&pi->attr);
2571     		pi->attr = attr_new;
2572     		pi->uptime = bgp_clock();
2573     	}
2574     
>>>     CID 1487115:    (FORWARD_NULL)
>>>     Passing null pointer "pi" to "bgp_aggregate_increment", which dereferences it.
2575     	bgp_aggregate_increment(bgp_vrf, &rn->p, pi, afi, safi);
2576     
2577     	/* Perform route selection and update zebra, if required. */
2578     	bgp_process(bgp_vrf, rn, afi, safi);
2579     
2580     	/* Process for route leaking. */

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeDU1AdI-2FBBrnda9ub5tlg3U-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJmhJBntyBBN8rdhTP02skVY8wv47pXL2sHoKU6jmckPdVUvtDfGgI6se7sfzCEzhK-2B00pAkpxrlktStwdokmcscvwn4koCUx0fYu0AQqui7viOYomyB-2BO-2BRN4MlhmPdud6-2F41JPxMTTzpGMAdgFMxKU-2BlINCgtfjgkDkR-2BLXdyOKg-3D-3D