Go to file
Abhinay Ramesh 42bfee18c2 ospf6d: fix coverity issues.
Fixed below coverity issues
________________________________________________________________________________________________________
*** CID 1511366:    (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2631 in ospf6_make_lsupdate_list()
2625                          + OSPF6_HEADER_SIZE)
2626                         > ospf6_packet_max(on->ospf6_if)) {
2627                             ospf6_fill_header(on->ospf6_if, (*op)->s,
2628                                               length + OSPF6_HEADER_SIZE);
2629                             (*op)->length = length + OSPF6_HEADER_SIZE;
2630                             ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
>>>     CID 1511366:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2631                             ospf6_send_lsupdate(on, NULL, *op);
2632
2633                             /* refresh packet */
2634                             *op = ospf6_packet_new(on->ospf6_if->ifmtu);
2635                             length = OSPF6_LS_UPD_MIN_SIZE;
2636                             *lsa_cnt = 0;
/ospf6d/ospf6_message.c: 2631 in ospf6_make_lsupdate_list()
2625                          + OSPF6_HEADER_SIZE)
2626                         > ospf6_packet_max(on->ospf6_if)) {
2627                             ospf6_fill_header(on->ospf6_if, (*op)->s,
2628                                               length + OSPF6_HEADER_SIZE);
2629                             (*op)->length = length + OSPF6_HEADER_SIZE;
2630                             ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
>>>     CID 1511366:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2631                             ospf6_send_lsupdate(on, NULL, *op);

________________________________________________________________________________________________________
*** CID 1511365:    (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2669                             if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670                                     (*op)->dst = allspfrouters6;
2671                             else
2672                                     (*op)->dst = on->linklocal_addr;
2673
>>>     CID 1511365:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2674                             ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675                             ospf6_packet_add(on->ospf6_if, *op);
2676                             OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2669                             if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670                                     (*op)->dst = allspfrouters6;
2671                             else
2672                                     (*op)->dst = on->linklocal_addr;
2673
>>>     CID 1511365:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2674                             ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675                             ospf6_packet_add(on->ospf6_if, *op);
2676                             OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2668                             ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
2669                             if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670                                     (*op)->dst = allspfrouters6;
2671                             else
2672                                     (*op)->dst = on->linklocal_addr;
2673
>>>     CID 1511365:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2674                             ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675                             ospf6_packet_add(on->ospf6_if, *op);
2676                             OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);

________________________________________________________________________________________________________
*** CID 1511364:  Insecure data handling  (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2125 in ospf6_write()
2120                     if (oi->at_data.flags != 0) {
2121                             at_len = ospf6_auth_len_get(oi);
2122                             if (at_len) {
2123                                     iovector[0].iov_len =
2124                                             ntohs(oh->length) + at_len;
>>>     CID 1511364:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "iovector[0].iov_len" to a tainted sink.
2125                                     ospf6_auth_digest_send(oi->linklocal_addr, oi,
2126                                                            oh, at_len,
2127                                                            iovector[0].iov_len);
2128                             } else {
2129                                     iovector[0].iov_len = ntohs(oh->length);
2130                             }

________________________________________________________________________________________________________
*** CID 1511363:    (DEADCODE)
/ospf6d/ospf6_auth_trailer.c: 275 in ospf6_hash_hmac_sha_digest()
269      case KEYCHAIN_ALGO_HMAC_SHA512:
270     #ifdef CRYPTO_OPENSSL
271              sha512_digest(mes, len, digest);
272     #endif
273              break;
274      case KEYCHAIN_ALGO_NULL:
>>>     CID 1511363:    (DEADCODE)
>>>     Execution cannot reach this statement: "case KEYCHAIN_ALGO_MAX:".
275      case KEYCHAIN_ALGO_MAX:
276      default:

/ospf6d/ospf6_auth_trailer.c: 274 in ospf6_hash_hmac_sha_digest()
269      case KEYCHAIN_ALGO_HMAC_SHA512:
270     #ifdef CRYPTO_OPENSSL
271              sha512_digest(mes, len, digest);
272     #endif
273              break;
>>>     CID 1511363:    (DEADCODE)
>>>     Execution cannot reach this statement: "case KEYCHAIN_ALGO_NULL:".
274      case KEYCHAIN_ALGO_NULL:
275      case KEYCHAIN_ALGO_MAX:
276      default:

________________________________________________________________________________________________________
*** CID 1511362:  Insecure data handling  (TAINTED_SCALAR)
/ospf6d/ospf6_auth_trailer.c: 541 in ospf6_auth_check_digest()
535
536      auth_len = ntohs(ospf6_auth->length);
537
538      memcpy(temp_hash, ospf6_auth->data, hash_len);
539      memcpy(ospf6_auth->data, apad, hash_len);
540
>>>     CID 1511362:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "oh_len + auth_len + lls_block_len" to a tainted sink.
541      ospf6_auth_update_digest(oi, oh, ospf6_auth, auth_str,
542                               (oh_len + auth_len + lls_block_len),
543                               hash_algo);

________________________________________________________________________________________________________
*** CID 1511361:  Insecure data handling  (TAINTED_SCALAR)
/ospf6d/ospf6_auth_trailer.c: 124 in ospf6_auth_hdr_dump_recv()
118      at_len = length - (oh_len + lls_len);
119      if (at_len > 0) {
120              ospf6_at_hdr =
121                      (struct ospf6_auth_hdr *)((uint8_t *)ospfh + oh_len);
122              at_hdr_len = ntohs(ospf6_at_hdr->length);
123              hash_len = at_hdr_len - OSPF6_AUTH_HDR_MIN_SIZE;
>>>     CID 1511361:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "hash_len" to a tainted sink.
124              memcpy(temp, ospf6_at_hdr->data, hash_len);
125              temp[hash_len] = '\0';

________________________________________________________________________________________________________
*** CID 1482146:  Insecure data handling  (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2787 in ospf6_lsupdate_send_neighbor_now()
2781
2782             if (IS_OSPF6_DEBUG_FLOODING
2783                 || IS_OSPF6_DEBUG_MESSAGE(OSPF6_MESSAGE_TYPE_LSUPDATE, SEND_HDR))
2784                     zlog_debug("%s: Send lsupdate with lsa %s (age %u)", __func__,
2785                                lsa->name, ntohs(lsa->header->age));
2786
>>>     CID 1482146:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "op->length" to a tainted sink.
2787             ospf6_send_lsupdate(on, NULL, op);

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>
2022-02-14 06:36:02 +00:00
.github .github: improve bug report template 2020-10-20 16:12:03 -04:00
alpine alpine: fix path for daemons file install 2021-08-30 15:21:59 -04:00
babeld Merge pull request #10504 from qingkaishi/master 2022-02-08 10:10:52 -05:00
bfdd bfdd: Use AF_UNSPEC instead of comparing to 0 2022-02-07 13:25:21 -05:00
bgpd Merge pull request #10540 from idryzhov/attr-extra-revert 2022-02-10 14:46:49 +02:00
debian debian, redhat: updating changelog for new release 2022-02-02 21:49:42 +02:00
doc Merge pull request #9697 from SaiGomathiN/igmp-sources 2022-02-11 07:53:02 +02:00
docker docker: update alpine build enable set own version 2022-01-04 13:14:51 -05:00
eigrpd *: rework renaming the default VRF 2021-12-21 22:09:29 +03:00
fpm build: fix AM_LDFLAGS usage (and gcov) 2021-07-21 17:10:08 +02:00
gdb *: Cleanup some documentation from quagga->frr 2021-11-11 14:41:27 -05:00
grpc build: fix AM_LDFLAGS usage (and gcov) 2021-07-21 17:10:08 +02:00
include Merge pull request #9649 from proelbtn/add-support-for-end-dt4 2022-02-08 08:30:02 -05:00
isisd Merge pull request #10517 from idryzhov/isis_router_cap_tlv_fixes 2022-02-08 08:35:45 -05:00
ldpd *: rework renaming the default VRF 2021-12-21 22:09:29 +03:00
lib ospf6d: fix coverity issues. 2022-02-14 06:36:02 +00:00
m4 grpc: improve checks for GRPC C++ requirements 2021-05-22 00:01:06 +00:00
mlag build: fix AM_LDFLAGS usage (and gcov) 2021-07-21 17:10:08 +02:00
nhrpd bgpd,pimd,isisd,nhrpd: Convert to vty_json() 2022-01-31 21:20:41 +02:00
ospf6d ospf6d: fix coverity issues. 2022-02-14 06:36:02 +00:00
ospfclient build: fix AM_LDFLAGS usage (and gcov) 2021-07-21 17:10:08 +02:00
ospfd Merge pull request #10511 from anlancs/ospf-substitute 2022-02-08 20:50:22 +03:00
pathd pathd: fix typo in pathd/path_ted.c 2021-12-19 11:25:15 +00:00
pbrd pbrd: pbr route maps get addr family of nhgs 2022-01-27 12:47:00 -05:00
pceplib pceplib: fix style issues 2021-12-06 00:09:13 -05:00
pimd Merge pull request #9697 from SaiGomathiN/igmp-sources 2022-02-11 07:53:02 +02:00
pkgsrc *: cleanup .gitignore files 2018-09-08 21:30:42 +02:00
python python: pass conditionals through clippy for DEFPY 2022-01-13 16:01:53 +01:00
qpb build: fix AM_LDFLAGS usage (and gcov) 2021-07-21 17:10:08 +02:00
redhat debian, redhat: updating changelog for new release 2022-02-02 21:49:42 +02:00
ripd *: rework renaming the default VRF 2021-12-21 22:09:29 +03:00
ripngd *: rework renaming the default VRF 2021-12-21 22:09:29 +03:00
sharpd Merge pull request #9649 from proelbtn/add-support-for-end-dt4 2022-02-08 08:30:02 -05:00
snapcraft snapcraft: add missing dependency 2021-08-23 15:08:05 +03:00
staticd staticd: small cleanup 2022-01-31 18:44:17 +08:00
tests tests: Added ospf6 authentication trailer topotest 2022-02-09 01:57:08 +00:00
tools tools: fix frr-reload context keywords 2022-02-10 02:51:49 +03:00
vrrpd *: use ipaddr_cmp instead of memcmp 2022-02-08 20:31:34 +03:00
vtysh ospf6d: support keychain for ospf6 authentication 2022-02-09 01:56:38 +00:00
watchfrr *: Convert quagga_signal_X to frr_signal_X 2021-11-11 14:41:27 -05:00
yang bfdd,yang: optimize nb with YANG 2022-01-25 04:00:49 -05:00
zebra zebra: cleanup multiline strings in debug_nl.c 2022-02-10 21:37:45 +00:00
.clang-format *: Add FOREACH_AFI_SAFI_NSF(afi, safi) macro to reduce nesting 2022-01-13 14:29:54 +02:00
.dir-locals.el tests: remove python format block from dir-locals 2021-09-13 10:04:29 -04:00
.dockerignore docker: Make docker image on CentOS 7 2019-11-26 19:29:30 +00:00
.git-blame-ignore-revs tools: Ignore mass renaming of topotests for git blame 2021-05-11 14:14:26 +03:00
.gitignore *: Add some missed make check generated files in .gitignore 2021-09-16 08:13:17 -04:00
.pylintrc tests: micronet: update infra 2021-09-04 09:04:46 -04:00
.travis.yml lib: libyang2 add missed conversion 2021-05-17 22:13:59 -04:00
bootstrap.sh build: turn on automake warnings (& symlinks) 2021-04-21 15:42:37 +02:00
buildtest.sh build: remove --enable-exampledir 2021-06-24 16:42:58 +02:00
config.version.in build: carry --with-pkg-extra-version into tarballs 2018-10-24 15:11:50 +02:00
configure.ac ospf6d: Stitching the auth trailer code with rest of ospf6. 2022-02-09 01:57:08 +00:00
COPYING *: make consistent & update GPLv2 file headers 2017-05-15 16:37:41 +02:00
COPYING-LGPLv2.1 build: remove LGPL v2.0, add LGPL v2.1 2016-11-15 17:19:38 +09:00
Makefile.am build: fix AM_LDFLAGS usage (and gcov) 2021-07-21 17:10:08 +02:00
README.md doc: Update Documentation to note Solaris Unsupported status 2020-09-21 10:02:20 -04:00
stamp-h.in Initial revision 2002-12-13 20:15:29 +00:00
version.h build: make builddir include path consistent 2021-04-21 15:42:33 +02:00

Icon

FRRouting

FRR is free software that implements and manages various IPv4 and IPv6 routing protocols. It runs on nearly all distributions of Linux and BSD and supports all modern CPU architectures.

FRR currently supports the following protocols:

  • BGP
  • OSPFv2
  • OSPFv3
  • RIPv1
  • RIPv2
  • RIPng
  • IS-IS
  • PIM-SM/MSDP
  • LDP
  • BFD
  • Babel
  • PBR
  • OpenFabric
  • VRRP
  • EIGRP (alpha)
  • NHRP (alpha)

Installation & Use

For source tarballs, see the releases page.

For Debian and its derivatives, use the APT repository at https://deb.frrouting.org/.

Instructions on building and installing from source for supported platforms may be found in the developer docs.

Once installed, please refer to the user guide for instructions on use.

Community

The FRRouting email list server is located here and offers the following public lists:

Topic List
Development dev@lists.frrouting.org
Users & Operators frog@lists.frrouting.org
Announcements announce@lists.frrouting.org

For chat, we currently use Slack. You can join by clicking the "Slack" link under the Participate section of our website.

Contributing

FRR maintains developer's documentation which contains the project workflow and expectations for contributors. Some technical documentation on project internals is also available.

We welcome and appreciate all contributions, no matter how small!

Security

To report security issues, please use our security mailing list:

security [at] lists.frrouting.org