From 3130e2868685e7714aa1a90d83320df05addb3a3 Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Mon, 27 Jul 2020 06:54:23 -0400 Subject: [PATCH 1/3] bgpd: Comment out dead code for future I wanted to preserve the old code flow to see what might be needed in the future in commit: 23ca3269da5f9d898cb54d42c560d519b9cb9915 Coverity doesn't like dead code. So let's comment it out. Signed-off-by: Donald Sharp --- bgpd/bgp_main.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c index 33eaf9ae74..b082aa9c6a 100644 --- a/bgpd/bgp_main.c +++ b/bgpd/bgp_main.c @@ -133,19 +133,20 @@ void sighup(void) /* * This is turned off for the moment. There is all * sorts of config turned off by bgp_terminate - * that is not setup properly again in bgp_rest. + * that is not setup properly again in bgp_reset. * I see no easy way to do this nor do I see that * this is a desirable way to reload config * given the yang work. */ /* Terminate all thread. */ - bgp_terminate(); - bgp_reset(); - zlog_info("bgpd restarting!"); - - /* Reload config file. */ - vty_read_config(NULL, bgpd_di.config_file, config_default); + /* + * bgp_terminate(); + * bgp_reset(); + * zlog_info("bgpd restarting!"); + * Reload config file. + * vty_read_config(NULL, bgpd_di.config_file, config_default); + */ /* Try to return to normal operation. */ } From 7b3a38053141a3ebfc5b039bc191c5e08d8b9cef Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Mon, 27 Jul 2020 06:59:45 -0400 Subject: [PATCH 2/3] bgpd: Prevent Null pointer usage Coverity rightly points out that bgp_table_top might return NULL and immediately deref'ing it might be a problem. Add a bit of safety. Signed-off-by: Donald Sharp --- bgpd/bgp_bmp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/bgpd/bgp_bmp.c b/bgpd/bgp_bmp.c index db330f998c..af88547ca9 100644 --- a/bgpd/bgp_bmp.c +++ b/bgpd/bgp_bmp.c @@ -951,8 +951,11 @@ afibreak: /* initialize syncrdpos to the first * mid-layer table entry */ - if (!bmp->syncrdpos) + if (!bmp->syncrdpos) { bmp->syncrdpos = bgp_table_top(table); + if (!bmp->syncrdpos) + goto eor; + } /* look for a valid mid-layer table */ do { From 5f140efeeffdd9951456701b78a70a71b879be5a Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Mon, 27 Jul 2020 07:10:41 -0400 Subject: [PATCH 3/3] bgpd: Deref after null check in bgp_evpn_vty.c Coverity has noticed that we are using bgp_evpn after we have already NULL checked it one time. Add an assert to make Coverity happy here, if we get to this point something terrible has happened. Signed-off-by: Donald Sharp --- bgpd/bgp_evpn_vty.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/bgpd/bgp_evpn_vty.c b/bgpd/bgp_evpn_vty.c index 2cb13fb85f..2584939378 100644 --- a/bgpd/bgp_evpn_vty.c +++ b/bgpd/bgp_evpn_vty.c @@ -3899,6 +3899,12 @@ DEFPY (bgp_evpn_advertise_pip_ip_mac, struct listnode *node = NULL; struct bgpevpn *vpn = NULL; + /* + * At this point if bgp_evpn is NULL and evpn is enabled + * something stupid has gone wrong + */ + assert(bgp_evpn); + update_advertise_vrf_routes(bgp_vrf); /* Update (svi) type-2 routes */