Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
8 new defect(s) introduced to LibreOffice found with Coverity Scan.
38 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by
Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)
** CID 1255386: Unchecked return value (CHECKED_RETURN)
/sal/osl/unx/profile.cxx: 140 in osl_openProfile()
** CID 1255387: Division or modulo by float zero (DIVIDE_BY_ZERO)
/vcl/opengl/gdiimpl.cxx: 732 in OpenGLSalGraphicsImpl::DrawTransformedTexture(OpenGLTexture &,
OpenGLTexture &, const basegfx::B2DPoint &, const basegfx::B2DPoint &, const basegfx::B2DPoint &)()
/vcl/opengl/gdiimpl.cxx: 732 in OpenGLSalGraphicsImpl::DrawTransformedTexture(OpenGLTexture &,
OpenGLTexture &, const basegfx::B2DPoint &, const basegfx::B2DPoint &, const basegfx::B2DPoint &)()
** CID 1255388: Division or modulo by float zero (DIVIDE_BY_ZERO)
/vcl/opengl/gdiimpl.cxx: 732 in OpenGLSalGraphicsImpl::DrawTransformedTexture(OpenGLTexture &,
OpenGLTexture &, const basegfx::B2DPoint &, const basegfx::B2DPoint &, const basegfx::B2DPoint &)()
/vcl/opengl/gdiimpl.cxx: 732 in OpenGLSalGraphicsImpl::DrawTransformedTexture(OpenGLTexture &,
OpenGLTexture &, const basegfx::B2DPoint &, const basegfx::B2DPoint &, const basegfx::B2DPoint &)()
** CID 1255389: Dereference null return value (NULL_RETURNS)
/svtools/qa/unit/GraphicObjectTest.cxx: 170 in
<unnamed>::GraphicObjectTest::testSizeBasedAutoSwap()()
/svtools/qa/unit/GraphicObjectTest.cxx: 170 in
<unnamed>::GraphicObjectTest::testSizeBasedAutoSwap()()
** CID 1255390: Resource leak (RESOURCE_LEAK)
/basic/source/runtime/methods.cxx: 3733 in SbRtl_Shell(StarBASIC *, SbxArray &, bool)()
** CID 1255391: Time of check time of use (TOCTOU)
/sal/osl/unx/pipe.cxx: 291 in osl_psz_createPipe(const char *, unsigned int, void *)()
/sal/osl/unx/pipe.cxx: 314 in osl_psz_createPipe(const char *, unsigned int, void *)()
** CID 1209008: Unchecked return value (CHECKED_RETURN)
/sd/source/ui/app/sdmod1.cxx: 315 in SdModule::OutlineToImpress(SfxRequest &)()
** CID 1209049: Unchecked return value (CHECKED_RETURN)
/sal/osl/unx/process.cxx: 475 in osl_executeProcess_WithRedirectedIO()
________________________________________________________________________________________________________
*** CID 1255386: Unchecked return value (CHECKED_RETURN)
/sal/osl/unx/profile.cxx: 140 in osl_openProfile()
134
135 oslProfile SAL_CALL osl_openProfile(rtl_uString *ustrProfileName, oslProfileOption Options)
136 {
137 char profilePath[PATH_MAX] = "";
138
139 if ( ustrProfileName != 0 && ustrProfileName->buffer[0] != 0 )
CID 1255386: Unchecked return value (CHECKED_RETURN)
Calling "FileURLToPath" without checking return value (as is done elsewhere 11 out of 13
times).
140 FileURLToPath( profilePath, PATH_MAX, ustrProfileName );
141
142 return osl_psz_openProfile( profilePath,Options );
143 }
144
145 static oslProfile SAL_CALL osl_psz_openProfile(const sal_Char *pszProfileName,
oslProfileOption Flags)
________________________________________________________________________________________________________
*** CID 1255387: Division or modulo by float zero (DIVIDE_BY_ZERO)
/vcl/opengl/gdiimpl.cxx: 732 in OpenGLSalGraphicsImpl::DrawTransformedTexture(OpenGLTexture &,
OpenGLTexture &, const basegfx::B2DPoint &, const basegfx::B2DPoint &, const basegfx::B2DPoint &)()
726 const basegfx::B2DPoint& rNull,
727 const basegfx::B2DPoint& rX,
728 const basegfx::B2DPoint& rY )
729 {
730 const basegfx::B2DVector aXRel = rX - rNull;
731 const basegfx::B2DVector aYRel = rY - rNull;
CID 1255387: Division or modulo by float zero (DIVIDE_BY_ZERO)
In expression "(float)aYRel.getY() / rTexture->GetHeight()", division by expression
"rTexture->GetHeight()" which may be zero has undefined behavior.
732 const float aValues[] = {
733 (float) aXRel.getX()/rTexture.GetWidth(), (float)
aXRel.getY()/rTexture.GetWidth(), 0, 0,
734 (float) aYRel.getX()/rTexture.GetHeight(), (float)
aYRel.getY()/rTexture.GetHeight(), 0, 0,
735 0, 0,
1, 0,
736 (float) rNull.getX(), (float) rNull.getY(),
0, 1 };
737 glm::mat4 mMatrix = glm::make_mat4( aValues );
/vcl/opengl/gdiimpl.cxx: 732 in OpenGLSalGraphicsImpl::DrawTransformedTexture(OpenGLTexture &,
OpenGLTexture &, const basegfx::B2DPoint &, const basegfx::B2DPoint &, const basegfx::B2DPoint &)()
726 const basegfx::B2DPoint& rNull,
727 const basegfx::B2DPoint& rX,
728 const basegfx::B2DPoint& rY )
729 {
730 const basegfx::B2DVector aXRel = rX - rNull;
731 const basegfx::B2DVector aYRel = rY - rNull;
CID 1255387: Division or modulo by float zero (DIVIDE_BY_ZERO)
In expression "(float)aYRel.getX() / rTexture->GetHeight()", division by expression
"rTexture->GetHeight()" which may be zero has undefined behavior.
732 const float aValues[] = {
733 (float) aXRel.getX()/rTexture.GetWidth(), (float)
aXRel.getY()/rTexture.GetWidth(), 0, 0,
734 (float) aYRel.getX()/rTexture.GetHeight(), (float)
aYRel.getY()/rTexture.GetHeight(), 0, 0,
735 0, 0,
1, 0,
736 (float) rNull.getX(), (float) rNull.getY(),
0, 1 };
737 glm::mat4 mMatrix = glm::make_mat4( aValues );
________________________________________________________________________________________________________
*** CID 1255388: Division or modulo by float zero (DIVIDE_BY_ZERO)
/vcl/opengl/gdiimpl.cxx: 732 in OpenGLSalGraphicsImpl::DrawTransformedTexture(OpenGLTexture &,
OpenGLTexture &, const basegfx::B2DPoint &, const basegfx::B2DPoint &, const basegfx::B2DPoint &)()
726 const basegfx::B2DPoint& rNull,
727 const basegfx::B2DPoint& rX,
728 const basegfx::B2DPoint& rY )
729 {
730 const basegfx::B2DVector aXRel = rX - rNull;
731 const basegfx::B2DVector aYRel = rY - rNull;
CID 1255388: Division or modulo by float zero (DIVIDE_BY_ZERO)
In expression "(float)aXRel.getY() / rTexture->GetWidth()", division by expression
"rTexture->GetWidth()" which may be zero has undefined behavior.
732 const float aValues[] = {
733 (float) aXRel.getX()/rTexture.GetWidth(), (float)
aXRel.getY()/rTexture.GetWidth(), 0, 0,
734 (float) aYRel.getX()/rTexture.GetHeight(), (float)
aYRel.getY()/rTexture.GetHeight(), 0, 0,
735 0, 0,
1, 0,
736 (float) rNull.getX(), (float) rNull.getY(),
0, 1 };
737 glm::mat4 mMatrix = glm::make_mat4( aValues );
/vcl/opengl/gdiimpl.cxx: 732 in OpenGLSalGraphicsImpl::DrawTransformedTexture(OpenGLTexture &,
OpenGLTexture &, const basegfx::B2DPoint &, const basegfx::B2DPoint &, const basegfx::B2DPoint &)()
726 const basegfx::B2DPoint& rNull,
727 const basegfx::B2DPoint& rX,
728 const basegfx::B2DPoint& rY )
729 {
730 const basegfx::B2DVector aXRel = rX - rNull;
731 const basegfx::B2DVector aYRel = rY - rNull;
CID 1255388: Division or modulo by float zero (DIVIDE_BY_ZERO)
In expression "(float)aXRel.getX() / rTexture->GetWidth()", division by expression
"rTexture->GetWidth()" which may be zero has undefined behavior.
732 const float aValues[] = {
733 (float) aXRel.getX()/rTexture.GetWidth(), (float)
aXRel.getY()/rTexture.GetWidth(), 0, 0,
734 (float) aYRel.getX()/rTexture.GetHeight(), (float)
aYRel.getY()/rTexture.GetHeight(), 0, 0,
735 0, 0,
1, 0,
736 (float) rNull.getX(), (float) rNull.getY(),
0, 1 };
737 glm::mat4 mMatrix = glm::make_mat4( aValues );
________________________________________________________________________________________________________
*** CID 1255389: Dereference null return value (NULL_RETURNS)
/svtools/qa/unit/GraphicObjectTest.cxx: 170 in
<unnamed>::GraphicObjectTest::testSizeBasedAutoSwap()()
164 const GraphicObject* pGrafObj1 = 0;
165 const GraphicObject* pGrafObj2 = 0;
166 for( sal_uLong nIndex = 0; nIndex < aNodes.Count(); ++nIndex)
167 {
168 if( aNodes[nIndex]->IsGrfNode() )
169 {
CID 1255389: Dereference null return value (NULL_RETURNS)
Assigning: "pGrfNode" = null return value from "GetGrfNode".
170 SwGrfNode* pGrfNode = aNodes[nIndex]->GetGrfNode();
171 if( !pGrafObj1 )
172 {
173 pGrafObj1 = &pGrfNode->GetGrfObj();
174 }
175 else
/svtools/qa/unit/GraphicObjectTest.cxx: 170 in
<unnamed>::GraphicObjectTest::testSizeBasedAutoSwap()()
164 const GraphicObject* pGrafObj1 = 0;
165 const GraphicObject* pGrafObj2 = 0;
166 for( sal_uLong nIndex = 0; nIndex < aNodes.Count(); ++nIndex)
167 {
168 if( aNodes[nIndex]->IsGrfNode() )
169 {
CID 1255389: Dereference null return value (NULL_RETURNS)
Assigning: "pGrfNode" = null return value from "GetGrfNode".
170 SwGrfNode* pGrfNode = aNodes[nIndex]->GetGrfNode();
171 if( !pGrafObj1 )
172 {
173 pGrafObj1 = &pGrfNode->GetGrfObj();
174 }
175 else
________________________________________________________________________________________________________
*** CID 1255390: Resource leak (RESOURCE_LEAK)
/basic/source/runtime/methods.cxx: 3733 in SbRtl_Shell(StarBASIC *, SbxArray &, bool)()
3727 StarBASIC::Error( SbERR_FILE_NOT_FOUND );
3728 }
3729 else
3730 {
3731 rPar.Get(0)->PutLong( 0 );
3732 }
CID 1255390: Resource leak (RESOURCE_LEAK)
Variable "pParamList" going out of scope leaks the storage it points to.
3733 }
3734 }
3735
3736 RTLFUNC(VarType)
3737 {
3738 (void)pBasic;
________________________________________________________________________________________________________
*** CID 1255391: Time of check time of use (TOCTOU)
/sal/osl/unx/pipe.cxx: 291 in osl_psz_createPipe(const char *, unsigned int, void *)()
285 OSL_TRACE("osl_createPipe : Pipe already in use. Errno: %d;
%s",errno,strerror(errno));
286 close (pPipe->m_Socket);
287 __osl_destroyPipeImpl(pPipe);
288 return NULL;
289 }
290
CID 1255391: Time of check time of use (TOCTOU)
Calling function "unlink" that uses "name" after a check function. This can cause a
time-of-check, time-of-use race condition.
291 unlink(name);
292 }
293
294 /* ok, fs clean */
295 if ( bind(pPipe->m_Socket, (struct sockaddr *)&addr, len) < 0 )
296 {
/sal/osl/unx/pipe.cxx: 314 in osl_psz_createPipe(const char *, unsigned int, void *)()
308
309 strncpy(pPipe->m_Name, name, sizeof(pPipe->m_Name) - 1);
310
311 if ( listen(pPipe->m_Socket, 5) < 0 )
312 {
313 OSL_TRACE("osl_createPipe failed to listen. Errno: %d;
%s",errno,strerror(errno));
CID 1255391: Time of check time of use (TOCTOU)
Calling function "unlink" that uses "name" after a check function. This can cause a
time-of-check, time-of-use race condition.
314 unlink(name); /* remove filesystem entry */
315 close (pPipe->m_Socket);
316 __osl_destroyPipeImpl(pPipe);
317 return NULL;
318 }
319
________________________________________________________________________________________________________
*** CID 1209008: Unchecked return value (CHECKED_RETURN)
/sd/source/ui/app/sdmod1.cxx: 315 in SdModule::OutlineToImpress(SfxRequest &)()
309 }
310 }
311 }
312 }
313 }
314
CID 1209008: Unchecked return value (CHECKED_RETURN)
Calling "IsDone" without checking return value (as is done elsewhere 7 out of 8 times).
315 rRequest.IsDone();
316 }
317
318 static bool bOnce = false;
319
320 void SdModule::GetState(SfxItemSet& rItemSet)
________________________________________________________________________________________________________
*** CID 1209049: Unchecked return value (CHECKED_RETURN)
/sal/osl/unx/process.cxx: 475 in osl_executeProcess_WithRedirectedIO()
469 return osl_Process_E_Unknown;
470 }
471
472 char szWorkDir[PATH_MAX] = "";
473 if ( ustrWorkDir != 0 && ustrWorkDir->length )
474 {
CID 1209049: Unchecked return value (CHECKED_RETURN)
Calling "FileURLToPath" without checking return value (as is done elsewhere 11 out of 13
times).
475 FileURLToPath( szWorkDir, PATH_MAX, ustrWorkDir );
476 pszWorkDir = szWorkDir;
477 }
478
479 if ( pArguments == 0 && nArguments > 0 )
480 {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/211?tab=overview
To unsubscribe from the email notification for new defects,
http://scan5.coverity.com/cgi-bin/unsubscribe.py
Context
- New Defects reported by Coverity Scan for LibreOffice · scan-admin
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.