New Defects reported by Coverity Scan for freerangerouting/frr
scan-admin at coverity.com
scan-admin at coverity.com
Mon May 13 23:20:42 UTC 2024
Hi,
Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
1 new defect(s) introduced to freerangerouting/frr found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1587866: Insecure data handling (TAINTED_SCALAR)
/zebra/fpm_listener.c: 719 in parse_netlink_msg()
________________________________________________________________________________________________________
*** CID 1587866: Insecure data handling (TAINTED_SCALAR)
/zebra/fpm_listener.c: 719 in parse_netlink_msg()
713 ctx->rtmsg->rtm_protocol > RTPROT_STATIC) {
714 printf(" Route %s(%u) reflecting back\n",
715 netlink_prot_to_s(
716 ctx->rtmsg->rtm_protocol),
717 ctx->rtmsg->rtm_protocol);
718 ctx->rtmsg->rtm_flags |= RTM_F_OFFLOAD;
>>> CID 1587866: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted expression "fpm_msg_len(fpm)" to "write", which uses it as an offset.
719 write(glob->sock, fpm, fpm_msg_len(fpm));
720 }
721 break;
722
723 default:
724 fprintf(stdout,
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4jkWudbux5UNqYsSt9ZXO3s9m3KMDrlSX-2Bp41IzjejfmdC2hinnLY-2BZ6PvlTenLZs-3DfFmw_t0zeZlCsA34Fiw17aIfmh-2F3kFs1q7rysihvAefHXY79zXr0lazkq-2B9kao0lWvnUgAv-2BD4eTIgPCUgZZ69Q3mohRQXnGnyjItCBnfnvMwig93-2Bfw0Rt9oI6N3eEBoC4QgkhStr1ZtdhoHentO9ToKsXa3dAYrtvwlJJ3RA-2FD0Ry-2BCKs-2F86VMdKQpvlt-2FPMW-2BCzFAJNs5FvYP-2Fr-2BDv6EETlg-3D-3D
More information about the dev
mailing list