From 84da3f37e24fd688704d90d8563912863276001b Mon Sep 17 00:00:00 2001 From: Anton Moryakov Date: Mon, 17 Feb 2025 19:21:50 +0300 Subject: [PATCH] ip: check return value of iproute_flush_cache() in irpoute.c Static analyzer reported: Return value of function 'iproute_flush_cache', called at iproute.c:1732, is not checked. The return value is obtained from function 'open64' and possibly contains an error code. Corrections explained: The function iproute_flush_cache() may return an error code, which was previously ignored. This could lead to unexpected behavior if the cache flush fails. Added error handling to ensure the function fails gracefully when iproute_flush_cache() returns an error. Triggers found by static analyzer Svace. Signed-off-by: Anton Moryakov Signed-off-by: David Ahern --- ip/iproute.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ip/iproute.c b/ip/iproute.c index e1fe26ce..0e2c171f 100644 --- a/ip/iproute.c +++ b/ip/iproute.c @@ -1729,7 +1729,10 @@ static int iproute_flush(int family, rtnl_filter_t filter_fn) if (filter.cloned) { if (family != AF_INET6) { - iproute_flush_cache(); + ret = iproute_flush_cache(); + if (ret < 0) + return ret; + if (show_stats) printf("*** IPv4 routing cache is flushed.\n"); } -- 2.47.2