New Defects reported by Coverity Scan for freerangerouting/frr
scan-admin at coverity.com
scan-admin at coverity.com
Thu Jul 16 14:20:32 UTC 2020
Hi,
Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
3 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1496376: Null pointer dereferences (NULL_RETURNS)
/zebra/zebra_rib.c: 1948 in rib_count_installed_nh()
________________________________________________________________________________________________________
*** CID 1496376: Null pointer dereferences (NULL_RETURNS)
/zebra/zebra_rib.c: 1948 in rib_count_installed_nh()
1942 } else {
1943 if (CHECK_FLAG(nexthop->flags, NEXTHOP_FLAG_ACTIVE))
1944 count++;
1945 }
1946 }
1947
>>> CID 1496376: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing "rib_get_fib_backup_nhg(re)", which is known to be "NULL".
1948 for (ALL_NEXTHOPS_PTR(rib_get_fib_backup_nhg(re), nexthop)) {
1949 if (CHECK_FLAG(nexthop->flags, NEXTHOP_FLAG_FIB))
1950 count++;
1951 }
1952
1953 return count;
** CID 1496375: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1496375: Memory - corruptions (OVERRUN)
/zebra/zebra_mpls.c: 3408 in mpls_lsp_uninstall()
3402 nhlfe = nhlfe_find(&lsp->nhlfe_list, type, gtype, gate,
3403 ifindex);
3404 if (!nhlfe)
3405 return 0;
3406
3407 if (IS_ZEBRA_DEBUG_MPLS) {
>>> CID 1496375: Memory - corruptions (OVERRUN)
>>> Overrunning array "buf" of 76 bytes by passing it to a function which accesses it at byte offset 8191 using argument "8192".
3408 nhlfe2str(nhlfe, buf, BUFSIZ);
3409 zlog_debug("Del LSP in-label %u type %d nexthop %s flags 0x%x",
3410 in_label, type, buf, nhlfe->flags);
3411 }
3412
3413 if (CHECK_FLAG(lsp->flags, LSP_FLAG_INSTALLED) ||
** CID 1495424: Error handling issues (CHECKED_RETURN)
/zebra/zebra_rnh.c: 1190 in send_client()
________________________________________________________________________________________________________
*** CID 1495424: Error handling issues (CHECKED_RETURN)
/zebra/zebra_rnh.c: 1190 in send_client()
1184 nhg = NULL;
1185
1186 if (nhg) {
1187 for (ALL_NEXTHOPS_PTR(nhg, nh))
1188 if (rnh_nexthop_valid(re, nh)) {
1189 zapi_nexthop_from_nexthop(&znh, nh);
>>> CID 1495424: Error handling issues (CHECKED_RETURN)
>>> Calling "zapi_nexthop_encode" without checking return value (as is done elsewhere 5 out of 6 times).
1190 zapi_nexthop_encode(s, &znh,
1191 0 /* flags */);
1192 num++;
1193 }
1194 }
1195
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yrtN2DGUU98GYhjd55wXsXtw53zRK70R0agdV-2Fb7c45-2BkxBoZjryQtr5SpUD80NNfE-3D6deE_O0IDF7c8sUs2B6kWTeWwAJZqriD5fgsfL8PAN30oQTztP-2BAHF9IZLHZJiNGfVUj4RL-2FopBgdVvOxa95xJG-2FMtG0wXFybeg-2FMInPLOWhB1fSSEOwHfwRBtED1ps11OCDqoErFU5i4QjvSgPlmExDJh7UPKtdfUsULt87cdT7VJjFBDsRj-2FbgFUryfoSOa-2BOswKUNSPloCbvLInKXW1WKBKT1Ao5ZaIisfTqaxufwIC2A-3D
More information about the dev
mailing list