New Defects reported by Coverity Scan for freerangerouting/frr
scan-admin at coverity.com
scan-admin at coverity.com
Thu Mar 23 12:20:47 UTC 2023
Hi,
Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
6 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 6 of 6 defect(s)
** CID 1536832: Memory - corruptions (OVERLAPPING_COPY)
/mgmtd/mgmt_history.c: 85 in mgmt_history_create_cmt_rec()
________________________________________________________________________________________________________
*** CID 1536832: Memory - corruptions (OVERLAPPING_COPY)
/mgmtd/mgmt_history.c: 85 in mgmt_history_create_cmt_rec()
79
80 new = XCALLOC(MTYPE_MGMTD_CMT_INFO, sizeof(struct mgmt_cmt_info_t));
81 gettimeofday(&cmt_recd_tv, NULL);
82 mgmt_realtime_to_string(&cmt_recd_tv, new->time_str,
83 sizeof(new->time_str));
84 mgmt_history_hash(new->time_str, new->cmtid_str);
>>> CID 1536832: Memory - corruptions (OVERLAPPING_COPY)
>>> In the call to function "snprintf", the object pointed to by argument "new->cmtid_str" may overlap with the object pointed to by argument "new->cmt_json_file".
85 snprintf(new->cmt_json_file, sizeof(new->cmt_json_file),
86 MGMTD_COMMIT_FILE_PATH, new->cmtid_str);
87
88 if (mgmt_cmt_infos_count(&mm->cmts) == MGMTD_MAX_COMMIT_LIST) {
89 FOREACH_CMT_REC (mm, cmt_info)
90 last_cmt_info = cmt_info;
** CID 1536831: Error handling issues (NEGATIVE_RETURNS)
/mgmtd/mgmt_be_server.c: 123 in mgmt_be_server_start()
________________________________________________________________________________________________________
*** CID 1536831: Error handling issues (NEGATIVE_RETURNS)
/mgmtd/mgmt_be_server.c: 123 in mgmt_be_server_start()
117
118 MGMTD_BE_SRVR_DBG("Started MGMTD Backend Server!");
119 return;
120
121 mgmt_be_server_start_failed:
122 if (sock)
>>> CID 1536831: Error handling issues (NEGATIVE_RETURNS)
>>> "sock" is passed to a parameter that cannot be negative.
123 close(sock);
124
125 mgmt_be_listen_fd = -1;
126 exit(-1);
127 }
128
** CID 1536830: Resource leaks (RESOURCE_LEAK)
/mgmtd/mgmt_history.c: 146 in mgmt_history_read_cmt_record_index()
________________________________________________________________________________________________________
*** CID 1536830: Resource leaks (RESOURCE_LEAK)
/mgmtd/mgmt_history.c: 146 in mgmt_history_read_cmt_record_index()
140 sizeof(struct mgmt_cmt_info_t));
141 memcpy(new, &cmt_info, sizeof(struct mgmt_cmt_info_t));
142 mgmt_cmt_infos_add_tail(&mm->cmts, new);
143 } else {
144 zlog_err("More records found in index file %s",
145 MGMTD_COMMIT_INDEX_FILE_NAME);
>>> CID 1536830: Resource leaks (RESOURCE_LEAK)
>>> Variable "fp" going out of scope leaks the storage it points to.
146 return false;
147 }
148
149 cnt++;
150 }
151
** CID 1536829: Error handling issues (NEGATIVE_RETURNS)
/mgmtd/mgmt_fe_server.c: 123 in mgmt_fe_server_start()
________________________________________________________________________________________________________
*** CID 1536829: Error handling issues (NEGATIVE_RETURNS)
/mgmtd/mgmt_fe_server.c: 123 in mgmt_fe_server_start()
117
118 MGMTD_FE_SRVR_DBG("Started MGMTD Frontend Server!");
119 return;
120
121 mgmt_fe_server_start_failed:
122 if (sock)
>>> CID 1536829: Error handling issues (NEGATIVE_RETURNS)
>>> "sock" is passed to a parameter that cannot be negative.
123 close(sock);
124
125 mgmt_fe_listen_fd = -1;
126 exit(-1);
127 }
128
** CID 1536828: Possible Control flow issues (DEADCODE)
/mgmtd/mgmt_txn.c: 1859 in mgmt_txn_get_config()
________________________________________________________________________________________________________
*** CID 1536828: Possible Control flow issues (DEADCODE)
/mgmtd/mgmt_txn.c: 1859 in mgmt_txn_get_config()
1853 mgmt_txn_get_config_failed:
1854
1855 if (pending_list) {
1856 /*
1857 * Move the transaction to corresponding pending list.
1858 */
>>> CID 1536828: Possible Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "if (req_list)
mgmt_txn_re...".
1859 if (req_list)
1860 mgmt_txn_reqs_del(req_list, txn_req);
1861 txn_req->pending_be_proc = true;
1862 mgmt_txn_reqs_add_tail(pending_list, txn_req);
1863 MGMTD_TXN_DBG(
1864 "Moved Req: %p for Txn: %p from Req-List to Pending-List",
** CID 1536827: Null pointer dereferences (NULL_RETURNS)
/mgmtd/mgmt_ds.c: 526 in mgmt_ds_delete_data_nodes()
________________________________________________________________________________________________________
*** CID 1536827: Null pointer dereferences (NULL_RETURNS)
/mgmtd/mgmt_ds.c: 526 in mgmt_ds_delete_data_nodes()
520 /*
521 * Return a special error code so the caller can choose
522 * whether to ignore it or not.
523 */
524 return NB_ERR_NOT_FOUND;
525 /* destroy dependant */
>>> CID 1536827: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing "nb_node", which is known to be "NULL".
526 if (nb_node->dep_cbs.get_dependant_xpath) {
527 nb_node->dep_cbs.get_dependant_xpath(dnode, dep_xpath);
528
529 dep_dnode = yang_dnode_get(
530 ds_ctx->config_ds ? ds_ctx->root.cfg_root->dnode
531 : ds_ctx->root.dnode_root,
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yrtN2DGUU98GYhjd55wXsXtw53zRK70R0agdV-2Fb7c45-2BkxBoZjryQtr5SpUD80NNfE-3D_6GD_O0IDF7c8sUs2B6kWTeWwAJZqriD5fgsfL8PAN30oQTz-2Bprxy733WMkYT1SLeB40gWXj1xnqcfAV7S294aOwPB5R9Rn1mbY8QINZEGbobqwqG2P5xErCC4kZexmhAXE125PoeOviAU3Qqj9tz8nAnXqCiFA42jQWB92jrdEkXlbUFLxWZNvSj3kBw5mlxmRBTUW6GBJrkpB69zLddUOu3eQ-3D-3D
More information about the dev
mailing list