Date: prev next · Thread: first prev next last
2017 Archives by date, by thread · List index



Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

3 new defect(s) introduced to LibreOffice found with Coverity Scan.
41 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by 
Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1399552:  Integer handling issues  (SIGN_EXTENSION)
/vcl/source/filter/sgfbram.cxx: 297 in SgfFilterBMap(SvStream &, SvStream &, SgfHeader &, SgfEntry 
&)()


________________________________________________________________________________________________________
*** CID 1399552:  Integer handling issues  (SIGN_EXTENSION)
/vcl/source/filter/sgfbram.cxx: 297 in SgfFilterBMap(SvStream &, SvStream &, SgfHeader &, SgfEntry 
&)()
291             }
292         } else if (nColors==256) {
293     
294             //we're going to loop Ysize * XSize on GetByte, max compression for GetByte is a 
run of 63
295             //if we're less than that (and add a generous amount of wriggle room) then its not 
going
296             //to fly
    CID 1399552:  Integer handling issues  (SIGN_EXTENSION)
    Suspicious implicit sign extension: "rHead.Ysize" with type "sal_uInt16" (16 bits, 
unsigned) is promoted in "rHead.Xsize * rHead.Ysize / 128" to type "int" (32 bits, signed), 
then sign-extended to type "unsigned long" (64 bits, unsigned).  If "rHead.Xsize * rHead.Ysize 
/ 128" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
297             const sal_uInt64 nMinBytesPossiblyNeeded = rHead.Xsize * rHead.Ysize / 128;
298             if (rInp.remainingSize() < nMinBytesPossiblyNeeded)
299                 return false;
300     
301             cRGB[3]=0;                      // fourth palette entry for BMP
302             for (sal_uInt16 i=0;i<256;i++) {           // copy palette

** CID 1399551:  Integer handling issues  (SIGN_EXTENSION)
/vcl/source/filter/sgfbram.cxx: 297 in SgfFilterBMap(SvStream &, SvStream &, SgfHeader &, SgfEntry 
&)()


________________________________________________________________________________________________________
*** CID 1399551:  Integer handling issues  (SIGN_EXTENSION)
/vcl/source/filter/sgfbram.cxx: 297 in SgfFilterBMap(SvStream &, SvStream &, SgfHeader &, SgfEntry 
&)()
291             }
292         } else if (nColors==256) {
293     
294             //we're going to loop Ysize * XSize on GetByte, max compression for GetByte is a 
run of 63
295             //if we're less than that (and add a generous amount of wriggle room) then its not 
going
296             //to fly
    CID 1399551:  Integer handling issues  (SIGN_EXTENSION)
    Suspicious implicit sign extension: "rHead.Xsize" with type "sal_uInt16" (16 bits, 
unsigned) is promoted in "rHead.Xsize * rHead.Ysize / 128" to type "int" (32 bits, signed), 
then sign-extended to type "unsigned long" (64 bits, unsigned).  If "rHead.Xsize * rHead.Ysize 
/ 128" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
297             const sal_uInt64 nMinBytesPossiblyNeeded = rHead.Xsize * rHead.Ysize / 128;
298             if (rInp.remainingSize() < nMinBytesPossiblyNeeded)
299                 return false;
300     
301             cRGB[3]=0;                      // fourth palette entry for BMP
302             for (sal_uInt16 i=0;i<256;i++) {           // copy palette

** CID 1399550:  Null pointer dereferences  (FORWARD_NULL)
/sd/source/ui/unoidl/unopage.cxx: 2706 in SdMasterPage::SdMasterPage(SdXImpressDocument *, SdPage 
*)()


________________________________________________________________________________________________________
*** CID 1399550:  Null pointer dereferences  (FORWARD_NULL)
/sd/source/ui/unoidl/unopage.cxx: 2706 in SdMasterPage::SdMasterPage(SdXImpressDocument *, SdPage 
*)()
2700             return Any( Reference< XIndexAccess >( this ) );
2701         }
2702     }
2703     
2704     // class SdMasterPage
2705     SdMasterPage::SdMasterPage( SdXImpressDocument* pModel, SdPage* pPage ) throw()
    CID 1399550:  Null pointer dereferences  (FORWARD_NULL)
    Comparing "pPage" to null implies that "pPage" might be null.
2706     : SdGenericDrawPage( pModel, pPage, ImplGetMasterPagePropertySet( pPage ? 
pPage->GetPageKind() : PageKind::Standard ) )
2707     {
2708     }
2709     
2710     SdMasterPage::~SdMasterPage() throw()
2711     {


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyto4qO066Rh0hXrp2oBZ4b-2Bxsdz-2FWSMWLQW9tdkWAtJPhX9rQ-2BdJDOkcVNWRxD2LkCdzRYe7U4AUYhcJ46wAl3SSTVnEj-2BY6ugYp4Wp1mcWPhAooe2SPvPdlgXMLUdnv8T3OY4DHD7MjcczCHZAaDqbOZ-2Fl29vhBGGjHNuUrJw6M-3D

To manage Coverity Scan email notifications for "libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5N5X-2B1MAElavPQhH6nLwozJzqOkt2k8uOkYf2ZoppNa9QVe0T3fEZVQ7Kky1tOkLz_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyto4qO066Rh0hXrp2oBZ4b3D0KqVkUuGGCYkHeQakyfsodAXK2sUR9sBlz1uBsTZLCodXzySSbISNv3HYjWTQk80fb7jVhkLzH3PWefc0i0EO3tPKc4U48mus-2BzFB50gL4o4ctJ-2BYDsg1A8j2Ua0euaW27iJbYwYbqUyqD9xTF-2F0-3D


Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.