From 852f96eb036a1bfba878467dc5b378d62f8c87ca Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Fri, 21 Apr 2023 07:54:00 -0400 Subject: [PATCH 1/3] bgpd: All paths have already de-refed rd_str Coverity points out that rd_str has already been deref'ed in all paths leading to this spot. No need to keep at it. Signed-off-by: Donald Sharp --- bgpd/bgp_route.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index 7809d9b0a9..40ecdbb670 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -7038,8 +7038,8 @@ int bgp_static_set_safi(afi_t afi, safi_t safi, struct vty *vty, bgp_static->label = label; bgp_static->prd = prd; - if (rd_str) - bgp_static->prd_pretty = XSTRDUP(MTYPE_BGP, rd_str); + bgp_static->prd_pretty = XSTRDUP(MTYPE_BGP, rd_str); + if (rmap_str) { XFREE(MTYPE_ROUTE_MAP_NAME, bgp_static->rmap.name); route_map_counter_decrement(bgp_static->rmap.map); From bc479b1b17b3f12b487f4164966b35d1ec08fede Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Fri, 21 Apr 2023 07:57:19 -0400 Subject: [PATCH 2/3] bgpd: Coverity mistakenly believes we can fall through Coverity has incorrectly found that a switch statement can be fallen through. It is missing the fact that the previous case statement has a return through every path it can get too. Let's just appease coverity Signed-off-by: Donald Sharp --- bgpd/bgp_mplsvpn_snmp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/bgpd/bgp_mplsvpn_snmp.c b/bgpd/bgp_mplsvpn_snmp.c index 20fec6d77b..0208a6f5a5 100644 --- a/bgpd/bgp_mplsvpn_snmp.c +++ b/bgpd/bgp_mplsvpn_snmp.c @@ -1627,6 +1627,7 @@ static uint8_t *mplsL3vpnRteTable(struct variable *v, oid name[], } } else return SNMP_INTEGER(MPLSL3VPNVRFRTECIDRTYPEOTHER); + break; case MPLSL3VPNVRFRTEINETCIDRPROTO: switch (pi->type) { case ZEBRA_ROUTE_CONNECT: From 332133d19becb6d4e48d730cf47de017f0a4b4f5 Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Fri, 21 Apr 2023 08:04:06 -0400 Subject: [PATCH 3/3] bgpd: Ensure bgp_vrf is non-null If we attempt to get the bgp_vrf and it fails then ensure that we don't just de-ref and crash. Signed-off-by: Donald Sharp --- bgpd/bgp_evpn_vty.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bgpd/bgp_evpn_vty.c b/bgpd/bgp_evpn_vty.c index c1bcbf77ce..811856bfed 100644 --- a/bgpd/bgp_evpn_vty.c +++ b/bgpd/bgp_evpn_vty.c @@ -4305,7 +4305,7 @@ DEFPY (bgp_evpn_advertise_pip_ip_mac, struct bgp *bgp_vrf = VTY_GET_CONTEXT(bgp); /* bgp vrf instance */ struct bgp *bgp_evpn = NULL; - if (EVPN_ENABLED(bgp_vrf)) { + if (!bgp_vrf || EVPN_ENABLED(bgp_vrf)) { vty_out(vty, "This command is supported under L3VNI BGP EVPN VRF\n"); return CMD_WARNING_CONFIG_FAILED;