New Defects reported by Coverity Scan for freerangerouting/frr
scan-admin at coverity.com
scan-admin at coverity.com
Thu Oct 24 09:36:00 EDT 2019
Hi,
Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
3 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
14 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1487305: Memory - corruptions (ARRAY_VS_SINGLETON)
/lib/prefix.c: 643 in evpn_type5_prefix_match()
________________________________________________________________________________________________________
*** CID 1487305: Memory - corruptions (ARRAY_VS_SINGLETON)
/lib/prefix.c: 643 in evpn_type5_prefix_match()
637 return 0;
638
639 offset = prefixlen / PNBBY;
640 shift = prefixlen % PNBBY;
641
642 if (shift)
>>> CID 1487305: Memory - corruptions (ARRAY_VS_SINGLETON)
>>> Using "np" as an array. This might corrupt or misinterpret adjacent memory locations.
643 if (maskbit[shift] & (np[offset] ^ pp[offset]))
644 return 0;
645
646 while (offset--)
647 if (np[offset] != pp[offset])
648 return 0;
** CID 1485637: Incorrect expression (SIZEOF_MISMATCH)
/qpb/qpb_allocator.h: 57 in qpb_alloc_ptr_array()
________________________________________________________________________________________________________
*** CID 1485637: Incorrect expression (SIZEOF_MISMATCH)
/qpb/qpb_allocator.h: 57 in qpb_alloc_ptr_array()
51 *
52 * Allocate space for the specified number of pointers.
53 */
54 static inline void *qpb_alloc_ptr_array(qpb_allocator_t *allocator,
55 size_t num_ptrs)
56 {
>>> CID 1485637: Incorrect expression (SIZEOF_MISMATCH)
>>> Passing argument "num_ptrs * 8UL /* sizeof (void *) */" to function "qpb_alloc" which returns a value of type "void *" is suspicious.
57 return qpb_alloc(allocator, num_ptrs * sizeof(void *));
58 }
59
60 /*
61 * qpb_free
62 */
** CID 1485635: Incorrect expression (SIZEOF_MISMATCH)
/qpb/qpb.h: 124 in qpb__l3_prefix__get()
________________________________________________________________________________________________________
*** CID 1485635: Incorrect expression (SIZEOF_MISMATCH)
/qpb/qpb.h: 124 in qpb__l3_prefix__get()
118 uint8_t family, struct prefix *prefix)
119 {
120
121 switch (family) {
122
123 case AF_INET:
>>> CID 1485635: Incorrect expression (SIZEOF_MISMATCH)
>>> Passing argument "prefix" of type "struct prefix *" and argument "16UL" ("sizeof (struct prefix_ipv4)") to function "memset" is suspicious because a multiple of "sizeof (struct prefix) /*48*/" is expected.
124 memset(prefix, 0, sizeof(struct prefix_ipv4));
125 break;
126
127 case AF_INET6:
128 memset(prefix, 0, sizeof(struct prefix_ipv6));
129 break;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRa7dJ8klHLUFWVd2fqpS-2B-2FHaN43B-2FQ11ntcKmbKat2WeDU1AdI-2FBBrnda9ub5tlg3U-3D_d-2Fi2nRutHp-2FDWtw8JRg-2Bc1m9CS4-2B5uVbodfDyLsp-2FJnE3bO78m9km1QudDWMK3QqkfvDEmlu-2FF-2FVvD1yMWHoPjrmv-2FkSw6q0jNXrw2gb5oYxaZ1xCSCUZgQBGonKKZJGdSRs5WHamdbat6nmEWLKRK3d6SvqndHA-2B3rfkJynWwPp3Ik-2Bq4bpUwCOtpFMyVCcR9mHzgzRYfruMeukevUYVA-3D-3D
More information about the dev
mailing list