From cecb76bd3cdcb5ab6adffac17fe8ef90fafba653 Mon Sep 17 00:00:00 2001
From: Donald Sharp <sharpd@nvidia.com>
Date: Thu, 17 Feb 2022 14:07:57 -0500
Subject: [PATCH 1/4] lib: Fix possible usage of uninited data

assert when if_lookup_address is passed with
a family that is not AF_INET or AF_INET6 as
that we are dead in the water and this is a
dev escape

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 4d7aae38ab5f88421dea48a6f6541f86ce4cd954)
---
 lib/if.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/if.c b/lib/if.c
index 158303a387..8d1b42cf80 100644
--- a/lib/if.c
+++ b/lib/if.c
@@ -490,7 +490,8 @@ struct connected *if_lookup_address(const void *matchaddr, int family,
 		addr.family = AF_INET6;
 		addr.u.prefix6 = *((struct in6_addr *)matchaddr);
 		addr.prefixlen = IPV6_MAX_BITLEN;
-	}
+	} else
+		assert(!"Attempted lookup of family not supported");
 
 	match = NULL;
 

From b487f0aff030e7164fab973c81174909d0732733 Mon Sep 17 00:00:00 2001
From: Donald Sharp <sharpd@nvidia.com>
Date: Fri, 18 Feb 2022 10:45:46 -0500
Subject: [PATCH 2/4] bfdd: Fix overflow possibility with time statements

If time ( a uint64_t ) is large enough doing division
and subtraction can still lead to situations where
the resulting number is greater than a uint32_t.
Just use uint32_t as an intermediate storage spot.
This is unlikely to every occur in a time frame
I could possibly care about but makes Coverity happy.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 46da676a62bbf87dc35d46c86c073869b41fae3d)
---
 bfdd/bfd.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/bfdd/bfd.c b/bfdd/bfd.c
index c9a327490c..58cdeae6ed 100644
--- a/bfdd/bfd.c
+++ b/bfdd/bfd.c
@@ -1453,7 +1453,7 @@ int strtosa(const char *addr, struct sockaddr_any *sa)
 
 void integer2timestr(uint64_t time, char *buf, size_t buflen)
 {
-	unsigned int year, month, day, hour, minute, second;
+	uint64_t year, month, day, hour, minute, second;
 	int rv;
 
 #define MINUTES (60)
@@ -1465,7 +1465,7 @@ void integer2timestr(uint64_t time, char *buf, size_t buflen)
 		year = time / YEARS;
 		time -= year * YEARS;
 
-		rv = snprintf(buf, buflen, "%u year(s), ", year);
+		rv = snprintfrr(buf, buflen, "%" PRIu64 " year(s), ", year);
 		buf += rv;
 		buflen -= rv;
 	}
@@ -1473,7 +1473,7 @@ void integer2timestr(uint64_t time, char *buf, size_t buflen)
 		month = time / MONTHS;
 		time -= month * MONTHS;
 
-		rv = snprintf(buf, buflen, "%u month(s), ", month);
+		rv = snprintfrr(buf, buflen, "%" PRIu64 " month(s), ", month);
 		buf += rv;
 		buflen -= rv;
 	}
@@ -1481,7 +1481,7 @@ void integer2timestr(uint64_t time, char *buf, size_t buflen)
 		day = time / DAYS;
 		time -= day * DAYS;
 
-		rv = snprintf(buf, buflen, "%u day(s), ", day);
+		rv = snprintfrr(buf, buflen, "%" PRIu64 " day(s), ", day);
 		buf += rv;
 		buflen -= rv;
 	}
@@ -1489,7 +1489,7 @@ void integer2timestr(uint64_t time, char *buf, size_t buflen)
 		hour = time / HOURS;
 		time -= hour * HOURS;
 
-		rv = snprintf(buf, buflen, "%u hour(s), ", hour);
+		rv = snprintfrr(buf, buflen, "%" PRIu64 " hour(s), ", hour);
 		buf += rv;
 		buflen -= rv;
 	}
@@ -1497,12 +1497,12 @@ void integer2timestr(uint64_t time, char *buf, size_t buflen)
 		minute = time / MINUTES;
 		time -= minute * MINUTES;
 
-		rv = snprintf(buf, buflen, "%u minute(s), ", minute);
+		rv = snprintfrr(buf, buflen, "%" PRIu64 " minute(s), ", minute);
 		buf += rv;
 		buflen -= rv;
 	}
 	second = time % MINUTES;
-	snprintf(buf, buflen, "%u second(s)", second);
+	snprintfrr(buf, buflen, "%" PRIu64 " second(s)", second);
 }
 
 const char *bs_to_string(const struct bfd_session *bs)

From 82021021f0cf3009f636a836e110f9fe6a827bec Mon Sep 17 00:00:00 2001
From: Donald Sharp <sharpd@nvidia.com>
Date: Fri, 18 Feb 2022 10:55:16 -0500
Subject: [PATCH 3/4] eigrpd: Up convert to uint64_t before doing math

Intentionally up convert uint8_t and uint32_t values
to a uint64_t before doing math to make Coverity happy.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit c960cb28f72bce27dbf0aad75e1a41b85cf1a614)
---
 eigrpd/eigrp_metric.c | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/eigrpd/eigrp_metric.c b/eigrpd/eigrp_metric.c
index ea62f9d1be..7ccafd4fa8 100644
--- a/eigrpd/eigrp_metric.c
+++ b/eigrpd/eigrp_metric.c
@@ -86,19 +86,24 @@ eigrp_metric_t eigrp_calculate_metrics(struct eigrp *eigrp,
 	 */
 
 	if (eigrp->k_values[0])
-		composite += (eigrp->k_values[0] * metric.bandwidth);
+		composite += ((eigrp_metric_t)eigrp->k_values[0] *
+			      (eigrp_metric_t)metric.bandwidth);
 	if (eigrp->k_values[1])
-		composite += ((eigrp->k_values[1] * metric.bandwidth)
-			      / (256 - metric.load));
+		composite += (((eigrp_metric_t)eigrp->k_values[1] *
+			       (eigrp_metric_t)metric.bandwidth) /
+			      (256 - metric.load));
 	if (eigrp->k_values[2])
-		composite += (eigrp->k_values[2] * metric.delay);
+		composite += ((eigrp_metric_t)eigrp->k_values[2] *
+			      (eigrp_metric_t)metric.delay);
 	if (eigrp->k_values[3] && !eigrp->k_values[4])
-		composite *= eigrp->k_values[3];
+		composite *= (eigrp_metric_t)eigrp->k_values[3];
 	if (!eigrp->k_values[3] && eigrp->k_values[4])
-		composite *= (eigrp->k_values[4] / metric.reliability);
+		composite *= ((eigrp_metric_t)eigrp->k_values[4] /
+			      (eigrp_metric_t)metric.reliability);
 	if (eigrp->k_values[3] && eigrp->k_values[4])
-		composite *= ((eigrp->k_values[4] / metric.reliability)
-			      + eigrp->k_values[3]);
+		composite *= (((eigrp_metric_t)eigrp->k_values[4] /
+			       (eigrp_metric_t)metric.reliability) +
+			      (eigrp_metric_t)eigrp->k_values[3]);
 
 	composite =
 		(composite <= EIGRP_METRIC_MAX) ? composite : EIGRP_METRIC_MAX;

From bb74f3c298077ed2e067cb3b89454a15785c2fbf Mon Sep 17 00:00:00 2001
From: Donald Sharp <sharpd@nvidia.com>
Date: Tue, 22 Feb 2022 08:21:32 -0500
Subject: [PATCH 4/4] pceplib: Fix uninited data in test vehicle

Coverity SA found this.  Fix

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit bd6beab0a6722f4ea05b528010ee5064adc66e53)
---
 pceplib/test/pcep_msg_messages_test.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pceplib/test/pcep_msg_messages_test.c b/pceplib/test/pcep_msg_messages_test.c
index 3fec24a225..e3a74f92d1 100644
--- a/pceplib/test/pcep_msg_messages_test.c
+++ b/pceplib/test/pcep_msg_messages_test.c
@@ -143,7 +143,7 @@ void test_pcep_msg_create_request()
 
 	/* Test IPv6 */
 	rp_obj = pcep_obj_create_rp(0, false, false, false, false, 10, NULL);
-	struct in6_addr src_addr_ipv6, dst_addr_ipv6;
+	struct in6_addr src_addr_ipv6 = {}, dst_addr_ipv6 = {};
 	struct pcep_object_endpoints_ipv6 *ipv6_obj =
 		pcep_obj_create_endpoint_ipv6(&src_addr_ipv6, &dst_addr_ipv6);
 	message = pcep_msg_create_request_ipv6(rp_obj, ipv6_obj, NULL);