Date: prev next · Thread: first prev next last
2014 Archives by date, by thread · List index



Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

8 new defect(s) introduced to LibreOffice found with Coverity Scan.
10 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by 
Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)


** CID 1260295:  Wrong operator used  (CONSTANT_EXPRESSION_RESULT)
/vcl/source/window/builder.cxx: 1660 in VclBuilder::makeObject(vcl::Window *, const rtl::OString &, 
const rtl::OString &, std::map<rtl::OString, rtl::OString, std::less<rtl::OString>, 
std::allocator<std::pair<const rtl::OString, rtl::OString>>> &)()

** CID 1260296:  Unchecked dynamic_cast  (FORWARD_NULL)
/sw/source/uibase/misc/redlndlg.cxx: 146 in SwRedlineAcceptDlg::SwRedlineAcceptDlg(vcl::Window *, 
vcl::Window *, bool)()

** CID 1260301:  Using invalid iterator  (INVALIDATE_ITERATOR)
/sc/source/filter/oox/unitconverter.cxx: 232 in oox::xls::UnitConverter::calcErrorString(unsigned 
char) const()

** CID 1242381:  Don't call  (DC.WEAK_CRYPTO)
/usr/include/boost/uuid/seed_rng.hpp: 143 in boost::uuids::detail::seed_rng::sha1_random_digest_()()

** CID 1260333:  Unused value  (UNUSED_VALUE)
/sc/source/filter/excel/excform8.cxx: 436 in ExcelToSc8::Convert(const ScTokenArray *&, 
XclImpStream &, unsigned long, bool, FORMULA_TYPE)()

** CID 1260323:  Unused value  (UNUSED_VALUE)
/sc/source/filter/excel/excform8.cxx: 435 in ExcelToSc8::Convert(const ScTokenArray *&, 
XclImpStream &, unsigned long, bool, FORMULA_TYPE)()

** CID 1260332:  Unused value  (UNUSED_VALUE)
/sc/source/filter/excel/excform.cxx: 470 in ExcelToSc::Convert(const ScTokenArray *&, XclImpStream 
&, unsigned long, bool, FORMULA_TYPE)()

** CID 1260325:  Unused value  (UNUSED_VALUE)
/sc/source/filter/excel/excform.cxx: 471 in ExcelToSc::Convert(const ScTokenArray *&, XclImpStream 
&, unsigned long, bool, FORMULA_TYPE)()


________________________________________________________________________________________________________
*** CID 1260295:  Wrong operator used  (CONSTANT_EXPRESSION_RESULT)
/vcl/source/window/builder.cxx: 1660 in VclBuilder::makeObject(vcl::Window *, const rtl::OString &, 
const rtl::OString &, std::map<rtl::OString, rtl::OString, std::less<rtl::OString>, 
std::allocator<std::pair<const rtl::OString, rtl::OString>>> &)()
1654                 return NULL; // no widget to be created
1655             }
1656         }
1657         else if (name == "GtkWindow")
1658         {
1659             WinBits nBits = extractDeferredBits(rMap);
    CID 1260295:  Wrong operator used  (CONSTANT_EXPRESSION_RESULT)
    "nBits | 536870912L /* (WinBits)536870912L */" is always 1/true regardless of the values of 
its operand. This occurs as the logical operand of if.
1660             if (nBits | WB_DOCKABLE)
1661                 pWindow = new DockingWindow(pParent, nBits|WB_MOVEABLE);
1662             else
1663                 pWindow = new FloatingWindow(pParent, nBits|WB_MOVEABLE);
1664         }
1665         else

________________________________________________________________________________________________________
*** CID 1260296:  Unchecked dynamic_cast  (FORWARD_NULL)
/sw/source/uibase/misc/redlndlg.cxx: 146 in SwRedlineAcceptDlg::SwRedlineAcceptDlg(vcl::Window *, 
vcl::Window *, bool)()
140     {
141         delete pImplDlg;
142     }
143     
144     SwRedlineAcceptDlg::SwRedlineAcceptDlg(vcl::Window *pParent, vcl::Window *pContentArea, 
bool bAutoFmt) :
145         pParentDlg      (pParent),
    CID 1260296:  Unchecked dynamic_cast  (FORWARD_NULL)
    Dynamic cast to pointer "dynamic_cast <VclBuilderContainer *>(pParent)" can return "NULL".
146         aTabPagesCTRL   (pContentArea, dynamic_cast<VclBuilderContainer*>(pParent)),
147         aPopup          (SW_RES(MN_REDLINE_POPUP)),
148         sInserted       (SW_RES(STR_REDLINE_INSERTED)),
149         sDeleted        (SW_RES(STR_REDLINE_DELETED)),
150         sFormated       (SW_RES(STR_REDLINE_FORMATED)),
151         sTableChgd      (SW_RES(STR_REDLINE_TABLECHG)),

________________________________________________________________________________________________________
*** CID 1260301:  Using invalid iterator  (INVALIDATE_ITERATOR)
/sc/source/filter/oox/unitconverter.cxx: 232 in oox::xls::UnitConverter::calcErrorString(unsigned 
char) const()
226             if (aIt->second == nErrorCode)
227                 return aIt->first;
228             if (aIt->second == BIFF_ERR_NA)
229                 iFail = aIt;
230         }
231         assert(iFail != maOoxErrCodes.end());   // BIFF_ERR_NA really should be in the map..
    CID 1260301:  Using invalid iterator  (INVALIDATE_ITERATOR)
    Dereferencing iterator "iFail" though it is already past the end of its container.
232         return iFail->first;
233     }
234     
235     void UnitConverter::addErrorCode( sal_uInt8 nErrorCode, const OUString& rErrorCode )
236     {
237         maOoxErrCodes[ rErrorCode ]  = nErrorCode;

________________________________________________________________________________________________________
*** CID 1242381:  Don't call  (DC.WEAK_CRYPTO)
/usr/include/boost/uuid/seed_rng.hpp: 143 in boost::uuids::detail::seed_rng::sha1_random_digest_()()
137             {
138                 std::clock_t ck = std::clock();
139                 sha.process_bytes( (unsigned char const*)&ck, sizeof( ck ) );
140             }
141     
142             {
    CID 1242381:  Don't call  (DC.WEAK_CRYPTO)
    "rand()" should not be used for security related applications, as linear congruential 
algorithms are too easy to break.
143                 unsigned int rn[] =
144                     { static_cast<unsigned int>(std::rand())
145                     , static_cast<unsigned int>(std::rand())
146                     , static_cast<unsigned int>(std::rand())
147                     };
148                 sha.process_bytes( (unsigned char const*)rn, sizeof( rn ) );

________________________________________________________________________________________________________
*** CID 1260333:  Unused value  (UNUSED_VALUE)
/sc/source/filter/excel/excform8.cxx: 436 in ExcelToSc8::Convert(const ScTokenArray *&, 
XclImpStream &, unsigned long, bool, FORMULA_TYPE)()
430                     aStack << aPool.Store( fDouble );
431                     break;
432                 case 0x40:
433                 case 0x60:
434                 case 0x20: // Array Constant                        [317 268]
435                     nByte = aIn.ReaduInt8();
    CID 1260333:  Unused value  (UNUSED_VALUE)
    Value from "aIn->ReaduInt16()" is assigned to "nUINT16" here, but that stored value is not 
used before it is overwritten.
436                     nUINT16 = aIn.ReaduInt16();
437                     aIn.Ignore( 4 );
438                     if( bAllowArrays )
439                     {
440                         aStack << aPool.StoreMatrix();
441                         aExtensions.push_back( EXTENSION_ARRAY );

________________________________________________________________________________________________________
*** CID 1260323:  Unused value  (UNUSED_VALUE)
/sc/source/filter/excel/excform8.cxx: 435 in ExcelToSc8::Convert(const ScTokenArray *&, 
XclImpStream &, unsigned long, bool, FORMULA_TYPE)()
429                     fDouble = aIn.ReadDouble();
430                     aStack << aPool.Store( fDouble );
431                     break;
432                 case 0x40:
433                 case 0x60:
434                 case 0x20: // Array Constant                        [317 268]
    CID 1260323:  Unused value  (UNUSED_VALUE)
    Value from "aIn->ReaduInt8()" is assigned to "nByte" here, but that stored value is not 
used before it is overwritten.
435                     nByte = aIn.ReaduInt8();
436                     nUINT16 = aIn.ReaduInt16();
437                     aIn.Ignore( 4 );
438                     if( bAllowArrays )
439                     {
440                         aStack << aPool.StoreMatrix();

________________________________________________________________________________________________________
*** CID 1260332:  Unused value  (UNUSED_VALUE)
/sc/source/filter/excel/excform.cxx: 470 in ExcelToSc::Convert(const ScTokenArray *&, XclImpStream 
&, unsigned long, bool, FORMULA_TYPE)()
464                     fDouble = aIn.ReadDouble();
465                     aStack << aPool.Store( fDouble );
466                     break;
467                 case 0x40:
468                 case 0x60:
469                 case 0x20: // Array Constant                        [317 268]
    CID 1260332:  Unused value  (UNUSED_VALUE)
    Value from "aIn->ReaduInt8()" is assigned to "nByte" here, but that stored value is not 
used before it is overwritten.
470                     nByte = aIn.ReaduInt8();
471                     nUINT16 = aIn.ReaduInt16();
472                     aIn.Ignore( (meBiff == EXC_BIFF2) ? 3 : 4 );
473                     if( bAllowArrays )
474                     {
475                         aStack << aPool.StoreMatrix();

________________________________________________________________________________________________________
*** CID 1260325:  Unused value  (UNUSED_VALUE)
/sc/source/filter/excel/excform.cxx: 471 in ExcelToSc::Convert(const ScTokenArray *&, XclImpStream 
&, unsigned long, bool, FORMULA_TYPE)()
465                     aStack << aPool.Store( fDouble );
466                     break;
467                 case 0x40:
468                 case 0x60:
469                 case 0x20: // Array Constant                        [317 268]
470                     nByte = aIn.ReaduInt8();
    CID 1260325:  Unused value  (UNUSED_VALUE)
    Value from "aIn->ReaduInt16()" is assigned to "nUINT16" here, but that stored value is not 
used before it is overwritten.
471                     nUINT16 = aIn.ReaduInt16();
472                     aIn.Ignore( (meBiff == EXC_BIFF2) ? 3 : 4 );
473                     if( bAllowArrays )
474                     {
475                         aStack << aPool.StoreMatrix();
476                         aExtensions.push_back( EXTENSION_ARRAY );


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/211?tab=overview

To manage Coverity Scan email notifications for "libreoffice@lists.freedesktop.org", click 
http://scan.coverity.com/subscriptions/edit?email=libreoffice%40lists.freedesktop.org&token=d6481d718a775246b2340f282ebe5939
 .


Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.