New Defects reported by Coverity Scan for freerangerouting/frr

scan-admin at coverity.com scan-admin at coverity.com
Tue Apr 18 21:19:36 UTC 2023 

Hi,

Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

4 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1560315:  Null pointer dereferences  (NULL_RETURNS)
/isisd/isis_affinitymap.c: 49 in isis_affinity_map_update()


________________________________________________________________________________________________________
*** CID 1560315:  Null pointer dereferences  (NULL_RETURNS)
/isisd/isis_affinitymap.c: 49 in isis_affinity_map_update()
43     	struct isis *isis = isis_lookup_by_vrfid(VRF_DEFAULT);
44     	struct listnode *area_node, *fa_node;
45     	struct isis_area *area;
46     	struct flex_algo *fa;
47     	bool changed;
48     
>>>     CID 1560315:  Null pointer dereferences  (NULL_RETURNS)
>>>     Dereferencing "isis", which is known to be "NULL".
49     	for (ALL_LIST_ELEMENTS_RO(isis->area_list, area_node, area)) {
50     		changed = false;
51     		for (ALL_LIST_ELEMENTS_RO(area->flex_algos->flex_algos, fa_node,
52     					  fa)) {
53     			if (admin_group_get(&fa->admin_group_exclude_any,
54     					    old_pos)) {

** CID 1560314:  Incorrect expression  (NO_EFFECT)
/isisd/isisd.c: 3147 in area_resign_level()


________________________________________________________________________________________________________
*** CID 1560314:  Incorrect expression  (NO_EFFECT)
/isisd/isisd.c: 3147 in area_resign_level()
3141     
3142     #ifndef FABRICD
3143     	for (int tree = SPFTREE_IPV4; tree < SPFTREE_COUNT; tree++) {
3144     		for (ALL_LIST_ELEMENTS_RO(area->flex_algos->flex_algos, node,
3145     					  fa)) {
3146     			data = fa->data;
>>>     CID 1560314:  Incorrect expression  (NO_EFFECT)
>>>     Comparing an array to null is not useful: "data->spftree[level - 1]", since the test will always evaluate as true.
3147     			if (data->spftree[level - 1]) {
3148     				isis_spftree_del(
3149     					data->spftree[tree][level - 1]);
3150     				data->spftree[tree][level - 1] = NULL;
3151     			}
3152     		}

** CID 1560313:  Null pointer dereferences  (NULL_RETURNS)
/isisd/isis_affinitymap.c: 26 in isis_affinity_map_check_use()


________________________________________________________________________________________________________
*** CID 1560313:  Null pointer dereferences  (NULL_RETURNS)
/isisd/isis_affinitymap.c: 26 in isis_affinity_map_check_use()
20     	struct affinity_map *map;
21     	uint16_t pos;
22     
23     	map = affinity_map_get(affmap_name);
24     	pos = map->bit_position;
25     
>>>     CID 1560313:  Null pointer dereferences  (NULL_RETURNS)
>>>     Dereferencing "isis", which is known to be "NULL".
26     	for (ALL_LIST_ELEMENTS_RO(isis->area_list, area_node, area)) {
27     		for (ALL_LIST_ELEMENTS_RO(area->flex_algos->flex_algos, fa_node,
28     					  fa)) {
29     			if (admin_group_get(&fa->admin_group_exclude_any,
30     					    pos) ||
31     			    admin_group_get(&fa->admin_group_include_any,

** CID 1560312:  Memory - corruptions  (OVERRUN)
/isisd/isis_flex_algo.c: 292 in isis_flex_algo_constraint_drop()


________________________________________________________________________________________________________
*** CID 1560312:  Memory - corruptions  (OVERRUN)
/isisd/isis_flex_algo.c: 292 in isis_flex_algo_constraint_drop()
286     	if (link_admin_group && link_ext_admin_group) {
287     		link_ext_admin_group_bitmap0 =
288     			admin_group_get_offset(link_ext_admin_group, 0);
289     		if (*link_admin_group != link_ext_admin_group_bitmap0) {
290     			memcpy(lspid_orig, lsp->hdr.lsp_id,
291     			       ISIS_SYS_ID_LEN + 2);
>>>     CID 1560312:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array "reach->id" of 7 bytes by passing it to a function which accesses it at byte offset 7 using argument "8UL".
292     			memcpy(lspid_neigh, reach->id, ISIS_SYS_ID_LEN + 2);
293     			zlog_warn(
294     				"ISIS-SPF: LSP from %pLS neighbor %pLS. Admin-group 0x%08x differs from ext admin-group 0x%08x.",
295     				lspid_orig, lspid_neigh, *link_admin_group,
296     				link_ext_admin_group_bitmap0);
297     		}


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yrtN2DGUU98GYhjd55wXsXtw53zRK70R0agdV-2Fb7c45-2BkxBoZjryQtr5SpUD80NNfE-3Dxl3d_O0IDF7c8sUs2B6kWTeWwAJZqriD5fgsfL8PAN30oQTwYle-2B-2FgzZIvVeY1mlCvzdCZHGkvE0rBCHxb5YsSrkeDw-2FDnOWJ-2B0tRvJ6am14R6mhqQGaHX7J3SCJ5SE2rrAKmfstoMhBnzo8YYRIJijpt5K0M8jpEJvvzShg5hObwCxcuoEoiAvHMZ8cW48PogQsqyF9BdxdrInPogYjgnTAbCVfadwM-2BYuI-2FjAFTQHpbZr8-3D

More information about the dev mailing list