Date: prev next · Thread: first prev next last
2015 Archives by date, by thread · List index 


Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by 
Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1312139:  Insecure data handling  (TAINTED_SCALAR)
/comphelper/source/xml/xmltools.cxx: 84 in comphelper::xml::makeXMLChaff()()


________________________________________________________________________________________________________
*** CID 1312139:  Insecure data handling  (TAINTED_SCALAR)
/comphelper/source/xml/xmltools.cxx: 84 in comphelper::xml::makeXMLChaff()()
78                 rtlRandomPool pool = rtl_random_createPool();
79     
80                 sal_Int8 n;
81                 rtl_random_getBytes(pool, &n, 1);
82     
83                 //1024 minus max -127/plus max 128

    CID 1312139:  Insecure data handling  (TAINTED_SCALAR)
    Assigning: "nLength" = "1024 + n". Both are now tainted.

84                 sal_Int32 nLength = 1024+n;
85                 std::vector<sal_uInt8> aChaff(nLength);
86                 rtl_random_getBytes(pool, &aChaff[0], nLength);
87     
88                 rtl_random_destroyPool(pool);
89     

** CID 1312138:  Resource leaks  (RESOURCE_LEAK)
/sal/osl/unx/random.cxx: 30 in osl_get_system_random_data()


________________________________________________________________________________________________________
*** CID 1312138:  Resource leaks  (RESOURCE_LEAK)
/sal/osl/unx/random.cxx: 30 in osl_get_system_random_data()
24             while(desired_len)
25             {
26                 if ((nb_read = read(fd, buffer, desired_len)) == -1)
27                 {
28                     if (errno != EINTR)
29                     {

    CID 1312138:  Resource leaks  (RESOURCE_LEAK)
    Handle variable "fd" going out of scope leaks the handle.

30                         return false;
31                     }
32                 }
33                 else
34                 {
35                     buffer  += nb_read;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/211?tab=overview

To manage Coverity Scan email notifications for "libreoffice@lists.freedesktop.org", click 
https://scan.coverity.com/subscriptions/edit?email=libreoffice%40lists.freedesktop.org&token=d6481d718a775246b2340f282ebe5939

Context

Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.