New Defects reported by Coverity Scan for freerangerouting/frr
scan-admin at coverity.com
scan-admin at coverity.com
Wed Apr 27 09:48:20 UTC 2022
Hi,
Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
3 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1517454: Null pointer dereferences (NULL_RETURNS)
/pimd/pim6_cmd.c: 663 in ipv6_mld_group_watermark_magic()
________________________________________________________________________________________________________
*** CID 1517454: Null pointer dereferences (NULL_RETURNS)
/pimd/pim6_cmd.c: 663 in ipv6_mld_group_watermark_magic()
657 "ipv6 mld watermark-warn (1-65535)$limit",
658 IPV6_STR
659 MLD_STR
660 "Configure group limit for watermark warning\n"
661 "Group count to generate watermark warning\n")
662 {
>>> CID 1517454: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing "pim", which is known to be "NULL".
663 PIM_DECLVAR_CONTEXT(vrf, pim);
664 /* TBD Depends on MLD data structure changes */
665 return CMD_SUCCESS;
666 }
667
668 DEFPY (no_ipv6_mld_group_watermark,
** CID 1517453: Null pointer dereferences (NULL_RETURNS)
/pimd/pim6_cmd.c: 677 in no_ipv6_mld_group_watermark_magic()
________________________________________________________________________________________________________
*** CID 1517453: Null pointer dereferences (NULL_RETURNS)
/pimd/pim6_cmd.c: 677 in no_ipv6_mld_group_watermark_magic()
671 NO_STR
672 IPV6_STR
673 MLD_STR
674 "Unconfigure group limit for watermark warning\n"
675 IGNORED_IN_NO_STR)
676 {
>>> CID 1517453: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing "pim", which is known to be "NULL".
677 PIM_DECLVAR_CONTEXT(vrf, pim);
678 /* TBD Depends on MLD data structure changes */
679 return CMD_SUCCESS;
680 }
681
682 DEFPY (interface_ipv6_mld_query_max_response_time,
** CID 1517452: Memory - corruptions (OVERRUN)
/pimd/pim_zlookup.c: 265 in zclient_read_nexthop()
________________________________________________________________________________________________________
*** CID 1517452: Memory - corruptions (OVERRUN)
/pimd/pim_zlookup.c: 265 in zclient_read_nexthop()
259 stream_get(&nexthop_tab[num_ifindex].nexthop_addr, s,
260 sizeof(struct in6_addr));
261 nexthop_tab[num_ifindex].ifindex = stream_getl(s);
262
263 p.family = AF_INET6;
264 p.prefixlen = IPV6_MAX_BITLEN;
>>> CID 1517452: Memory - corruptions (OVERRUN)
>>> Overrunning struct type pim_addr of 4 bytes by passing it to a function which accesses it at byte offset 15 using argument "16UL".
265 memcpy(&p.u.prefix6,
266 &nexthop_tab[num_ifindex].nexthop_addr,
267 sizeof(struct in6_addr));
268
269 /*
270 * If we are sending v6 secondary assume we receive v6
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yrtN2DGUU98GYhjd55wXsXtw53zRK70R0agdV-2Fb7c45-2BkxBoZjryQtr5SpUD80NNfE-3DqToV_O0IDF7c8sUs2B6kWTeWwAJZqriD5fgsfL8PAN30oQTz4CFENZmp4VzYAY-2BA2eDKJcOSG7yA20886t3Pt58-2FTQBmQwciT6TN3nswuJlt-2Ff9sFYBimngOnwGDaHhEq8wXexl-2Fqo8ivDFD6SsVFVSh4XPUMjvMNY-2B0ZMh-2BR32nQfDQ66RflAQHv8ZIk7K8wzn0L6HJbEGhXO2XbvoL824HdLw-3D-3D
More information about the dev
mailing list