New Defects reported by Coverity Scan for freerangerouting/frr

Tue Oct 24 23:20:00 UTC 2023

Hi,

Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.

1 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)

** CID 1569357:    (OVERRUN)
/bgpd/bgp_packet.c: 3310 in bgp_dynamic_capability_fqdn()
/bgpd/bgp_packet.c: 3343 in bgp_dynamic_capability_fqdn()

________________________________________________________________________________________________________
*** CID 1569357:    (OVERRUN)
/bgpd/bgp_packet.c: 3310 in bgp_dynamic_capability_fqdn()
3304     			memcpy(&str, data, len);
3305     			str[len] = '\0';
3306     		}
3307     		data += len;
3308     
3309     		if (len) {
>>>     CID 1569357:    (OVERRUN)
>>>     Overrunning array "str" of 65 bytes at byte offset 65 using index "len" (which evaluates to 65).
3310     			str[len] = '\0';
3311     
3312     			XFREE(MTYPE_BGP_PEER_HOST, peer->hostname);
3313     			XFREE(MTYPE_BGP_PEER_HOST, peer->domainname);
3314     
3315     			peer->hostname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
/bgpd/bgp_packet.c: 3343 in bgp_dynamic_capability_fqdn()
3337     			memcpy(&str, data, len);
3338     			str[len] = '\0';
3339     		}
3340     		data += len;
3341     
3342     		if (len) {
>>>     CID 1569357:    (OVERRUN)
>>>     Overrunning array "str" of 65 bytes at byte offset 65 using index "len" (which evaluates to 65).
3343     			str[len] = '\0';
3344     
3345     			XFREE(MTYPE_BGP_PEER_HOST, peer->domainname);
3346     
3347     			peer->domainname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
3348     		}

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yrtN2DGUU98GYhjd55wXsXtw53zRK70R0agdV-2Fb7c45-2BoAJF92cCodBN9BBnDbw-2FFg-3DToJX_O0IDF7c8sUs2B6kWTeWwAJZqriD5fgsfL8PAN30oQTzXnLTZUu7jqmWCrHZFw5hWtpqHB5EpXRiYXCCYrL0oX99xka7BuXJIQE-2BEsJsRw8Ma8CUBkEJqzAXCMsPAhsyRLb7niWs4uIDNPHAhrPA842a2ZxXAJ3FpL7MAjPf-2F1ujD9b-2B7kDCdiRRL5biLZr3UR-2FsRlSh0-2BfQalswIWlwGLw-3D-3D