New Defects reported by Coverity Scan for LibreOffice

scan-admin -AT- coverity.com
Thu, 20 Oct 2016 10:48:23 -0700


Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

5 new defect(s) introduced to LibreOffice found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by 
Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 1374093:  Control flow issues  (UNREACHABLE)
/xmlsecurity/source/pdfio/pdfdocument.cxx: 1419 in 
xmlsecurity::pdfio::PDFDocument::ValidateSignature(SvStream &, xmlsecurity::pdfio::PDFObjectElement 
*, SignatureInformation &)()


________________________________________________________________________________________________________
*** CID 1374093:  Control flow issues  (UNREACHABLE)
/xmlsecurity/source/pdfio/pdfdocument.cxx: 1419 in 
xmlsecurity::pdfio::PDFDocument::ValidateSignature(SvStream &, xmlsecurity::pdfio::PDFObjectElement 
*, SignatureInformation &)()
1413         NSS_CMSSignerInfo_Destroy(pCMSSignerInfo);
1414     
1415         return true;
1416     #endif
1417     
1418         // Not implemented.

    CID 1374093:  Control flow issues  (UNREACHABLE)
    This code cannot be reached: "(void)rStream;".

1419         (void)rStream;
1420         (void)rInformation;
1421     
1422         return false;
1423     }
1424     

** CID 1374092:  Control flow issues  (UNREACHABLE)
/xmlsecurity/source/pdfio/pdfdocument.cxx: 620 in xmlsecurity::pdfio::PDFDocument::Sign(const 
com::sun::star::uno::Reference<com::sun::star::security::XCertificate> &)()


________________________________________________________________________________________________________
*** CID 1374092:  Control flow issues  (UNREACHABLE)
/xmlsecurity/source/pdfio/pdfdocument.cxx: 620 in xmlsecurity::pdfio::PDFDocument::Sign(const 
com::sun::star::uno::Reference<com::sun::star::security::XCertificate> &)()
614         NSS_CMSMessage_Destroy(pCMSMessage);
615     
616         return true;
617     #endif
618     
619         // Not implemented.

    CID 1374092:  Control flow issues  (UNREACHABLE)
    This code cannot be reached: "(void)pDerEncoded;".

620         (void)pDerEncoded;
621         (void)nDerEncoded;
622     
623         return false;
624     }
625     

** CID 1374091:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/vcl/source/gdi/CommonSalLayout.cxx: 105 in scaleHbFont(hb_font_t *, const FontSelectPattern &)()


________________________________________________________________________________________________________
*** CID 1374091:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/vcl/source/gdi/CommonSalLayout.cxx: 105 in scaleHbFont(hb_font_t *, const FontSelectPattern &)()
99         return pHbFont;
100     }
101     
102     static void scaleHbFont(hb_font_t* pHbFont, const FontSelectPattern& aFontSelData)
103     {
104         uint64_t nXScale = aFontSelData.mnWidth << 6;

    CID 1374091:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
    Potentially overflowing expression "aFontSelData.mnHeight << 6" with type "int" (32 bits, 
signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an 
expression of type "uint64_t" (64 bits, unsigned).

105         uint64_t nYScale = aFontSelData.mnHeight << 6;
106     
107     #if defined(_WIN32)
108         // HACK to get stretched/shrunken text. TODO: Get rid of HACK
109         if (nXScale)
110             nXScale = double(nXScale) * 1.812;

** CID 1374090:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/vcl/source/gdi/CommonSalLayout.cxx: 104 in scaleHbFont(hb_font_t *, const FontSelectPattern &)()


________________________________________________________________________________________________________
*** CID 1374090:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/vcl/source/gdi/CommonSalLayout.cxx: 104 in scaleHbFont(hb_font_t *, const FontSelectPattern &)()
98     
99         return pHbFont;
100     }
101     
102     static void scaleHbFont(hb_font_t* pHbFont, const FontSelectPattern& aFontSelData)
103     {

    CID 1374090:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
    Potentially overflowing expression "aFontSelData.mnWidth << 6" with type "int" (32 bits, 
signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an 
expression of type "uint64_t" (64 bits, unsigned).

104         uint64_t nXScale = aFontSelData.mnWidth << 6;
105         uint64_t nYScale = aFontSelData.mnHeight << 6;
106     
107     #if defined(_WIN32)
108         // HACK to get stretched/shrunken text. TODO: Get rid of HACK
109         if (nXScale)

** CID 1374089:  Error handling issues  (CHECKED_RETURN)
/comphelper/source/misc/backupfilehelper.cxx: 1694 in 
comphelper::BackupFileHelper::getInitialBaseURL()()


________________________________________________________________________________________________________
*** CID 1374089:  Error handling issues  (CHECKED_RETURN)
/comphelper/source/misc/backupfilehelper.cxx: 1694 in 
comphelper::BackupFileHelper::getInitialBaseURL()()
1688                     if (-1 == nEnd)
1689                     {
1690                         nEnd = conf.getLength();
1691                     }
1692     
1693                     maInitialBaseURL = conf.copy(nStart, nEnd - nStart);

    CID 1374089:  Error handling issues  (CHECKED_RETURN)
    Calling "startsWith" without checking return value (as is done elsewhere 119 out of 122 
times).

1694                     maInitialBaseURL.startsWith("!", &maInitialBaseURL);
1695                 }
1696     
1697                 if (!maInitialBaseURL.isEmpty())
1698                 {
1699                     // split URL at extension and at last path separator


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyq2MVNlUr6nKy6rOAtw-2FR-2FPo7DO5AFgs1rO9TVXlb85TER658uFKRYB5QNfY4f-2BqUITGdMmw3-2FESK71E8dsQ5IAvFt1Xy5VVkXJp73ox3fa-2FcfSuwx-2FtisbABmxXUnfg2wPFjNs7W-2FTm6unbZyKeqL9L5hOFIqjo6PlVkoa3UWQ8-3D

To manage Coverity Scan email notifications for "libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5N5X-2B1MAElavPQhH6nLwozJzqOkt2k8uOkYf2ZoppNa9QVe0T3fEZVQ7Kky1tOkLz_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyq2MVNlUr6nKy6rOAtw-2FR-2FLz4x2IUmedDK4-2BPY8hQrKxSmqOcDKnJ306Xki7Z4MwIm9ZRyB-2BSLaLF-2F0ZbGZuVHAiGihotW-2FXaz1CFGJ-2FsAT9sZwNEn43-2FrgyfAPzoF9ZSE8ApDeuk4AdrMwSL2z5OgQfYPz5-2FSkUIDJrMGYLQtPo-3D

Context

New Defects reported by Coverity Scan for LibreOffice · scan-admin

Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.