Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
10 new defect(s) introduced to LibreOffice found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by
Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 10 of 10 defect(s)
** CID 1409901: Code maintainability issues (UNUSED_VALUE)
/sc/source/core/tool/interpr1.cxx: 3885 in ScInterpreter::GetStVarParams(bool, double (*)(double,
unsigned long))()
________________________________________________________________________________________________________
*** CID 1409901: Code maintainability issues (UNUSED_VALUE)
/sc/source/core/tool/interpr1.cxx: 3885 in ScInterpreter::GetStVarParams(bool, double (*)(double,
unsigned long))()
3879 {
3880 rArrayValue.mfSum = CreateDoubleError( nErr);
3881 }
3882 // Reset.
3883 std::vector<double>().swap(values);
3884 fSum = 0.0;
CID 1409901: Code maintainability issues (UNUSED_VALUE)
Assigning value "18446744073709551615UL" to "nRefArrayPos" here, but that stored value is
overwritten before it can be used.
3885 nRefArrayPos = std::numeric_limits<size_t>::max();
3886 break;
3887 }
3888 }
3889 SAL_FALLTHROUGH;
3890 case svDoubleRef :
** CID 1409900: Error handling issues (UNCAUGHT_EXCEPT)
/sdext/source/presenter/PresenterTextView.cxx: 1087 in
sdext::presenter::PresenterTextCaret::~PresenterTextCaret()()
________________________________________________________________________________________________________
*** CID 1409900: Error handling issues (UNCAUGHT_EXCEPT)
/sdext/source/presenter/PresenterTextView.cxx: 1087 in
sdext::presenter::PresenterTextCaret::~PresenterTextCaret()()
1081 maInvalidator(rInvalidator),
1082 maBroadcaster(),
1083 maCaretBounds()
1084 {
1085 }
1086
CID 1409900: Error handling issues (UNCAUGHT_EXCEPT)
An exception of type "com::sun::star::uno::DeploymentException" is thrown but the throw
list "throw()" doesn't allow it to be thrown. This will cause a call to unexpected() which
usually calls terminate().
1087 PresenterTextCaret::~PresenterTextCaret()
1088 {
1089 HideCaret();
1090 }
1091
1092 void PresenterTextCaret::ShowCaret()
** CID 1409899: Null pointer dereferences (REVERSE_INULL)
/sw/source/core/para/paratr.cxx: 71 in SwFormatDrop::SetCharFormat(SwCharFormat *)()
________________________________________________________________________________________________________
*** CID 1409899: Null pointer dereferences (REVERSE_INULL)
/sw/source/core/para/paratr.cxx: 71 in SwFormatDrop::SetCharFormat(SwCharFormat *)()
65 void SwFormatDrop::SetCharFormat( SwCharFormat *pNew )
66 {
67 assert(!pNew->IsDefault()); // expose cases that lead to use-after-free
68 // Rewire
69 if ( GetRegisteredIn() )
70 GetRegisteredInNonConst()->Remove( this );
CID 1409899: Null pointer dereferences (REVERSE_INULL)
Null-checking "pNew" suggests that it may be null, but it has already been dereferenced on
all paths leading to the check.
71 if(pNew)
72 pNew->Add( this );
73 }
74
75 void SwFormatDrop::Modify( const SfxPoolItem*, const SfxPoolItem * )
76 {
** CID 1409898: Null pointer dereferences (REVERSE_INULL)
/sc/source/core/tool/compiler.cxx: 1777 in ScCompiler::ScCompiler(ScDocument *, const ScAddress &,
ScTokenArray &, formula::FormulaGrammar::Grammar)()
________________________________________________________________________________________________________
*** CID 1409898: Null pointer dereferences (REVERSE_INULL)
/sc/source/core/tool/compiler.cxx: 1777 in ScCompiler::ScCompiler(ScDocument *, const ScAddress &,
ScTokenArray &, formula::FormulaGrammar::Grammar)()
1771 pConv( GetRefConvention( FormulaGrammar::CONV_OOO ) ),
1772 meExtendedErrorDetection( EXTENDED_ERROR_DETECTION_NONE ),
1773 mbCloseBrackets( true ),
1774 mbRewind( false )
1775 {
1776 SetGrammar( ((eGrammar == formula::FormulaGrammar::GRAM_UNSPECIFIED) ?
CID 1409898: Null pointer dereferences (REVERSE_INULL)
Null-checking "pDocument" suggests that it may be null, but it has already been
dereferenced on all paths leading to the check.
1777 (pDocument ? pDocument->GetGrammar() :
formula::FormulaGrammar::GRAM_DEFAULT) :
1778 eGrammar));
1779 nMaxTab = pDoc->GetTableCount() - 1;
1780 }
1781
1782 ScCompiler::ScCompiler( sc::CompileFormulaContext& rCxt, const ScAddress& rPos ) :
** CID 1409897: Null pointer dereferences (REVERSE_INULL)
/sc/source/ui/docshell/docsh4.cxx: 2244 in ScDocShell::LOKCommentNotify(LOKCommentNotificationType,
const ScDocument *, const ScAddress &, const ScPostIt *)()
________________________________________________________________________________________________________
*** CID 1409897: Null pointer dereferences (REVERSE_INULL)
/sc/source/ui/docshell/docsh4.cxx: 2244 in ScDocShell::LOKCommentNotify(LOKCommentNotificationType,
const ScDocument *, const ScAddress &, const ScPostIt *)()
2238 (nType == LOKCommentNotificationType::Modify ? "Modify" :
"???"))));
2239
2240 assert(pNote);
2241 aAnnotation.put("id", pNote->GetId());
2242 aAnnotation.put("tab", rPos.Tab());
2243
CID 1409897: Null pointer dereferences (REVERSE_INULL)
Null-checking "pNote" suggests that it may be null, but it has already been dereferenced on
all paths leading to the check.
2244 if (nType != LOKCommentNotificationType::Remove && pNote)
2245 {
2246 aAnnotation.put("author", pNote->GetAuthor());
2247 aAnnotation.put("dateTime", pNote->GetDate());
2248 aAnnotation.put("text", pNote->GetText());
2249
** CID 1409896: Null pointer dereferences (REVERSE_INULL)
/sw/source/uibase/app/docst.cxx: 280 in SwDocShell::StateStyleSheet(SfxItemSet &, SwWrtShell *)()
________________________________________________________________________________________________________
*** CID 1409896: Null pointer dereferences (REVERSE_INULL)
/sw/source/uibase/app/docst.cxx: 280 in SwDocShell::StateStyleSheet(SfxItemSet &, SwWrtShell *)()
274 break;
275 case SID_STYLE_EDIT:
276 break;
277 case SID_WATERMARK:
278 {
279 SfxWatermarkItem aItem = pSh->GetWatermark();
CID 1409896: Null pointer dereferences (REVERSE_INULL)
Null-checking "pSh" suggests that it may be null, but it has already been dereferenced on
all paths leading to the check.
280 if( pSh )
281 rSet.Put(aItem);
282 }
283 break;
284 default:
285 OSL_FAIL("Invalid SlotId");
** CID 1409895: Resource leaks (RESOURCE_LEAK)
/sw/source/uibase/dialog/watermarkdialog.cxx: 85 in SwWatermarkDialog::InitFields()()
________________________________________________________________________________________________________
*** CID 1409895: Resource leaks (RESOURCE_LEAK)
/sw/source/uibase/dialog/watermarkdialog.cxx: 85 in SwWatermarkDialog::InitFields()()
79 m_pTextInput->SetText( sText );
80 m_pFont->SelectEntryPos( m_pFont->GetEntryPos( pWatermark->GetFont() ) );
81 m_pAngle->SetValue( pWatermark->GetAngle() );
82 m_pColor->SelectEntry( pWatermark->GetColor() );
83 m_pTransparency->SetValue( pWatermark->GetTransparency() );
84 }
CID 1409895: Resource leaks (RESOURCE_LEAK)
Variable "pFontList" going out of scope leaks the storage it points to.
85 }
86
87 IMPL_LINK_NOARG( SwWatermarkDialog, OKButtonHdl, Button*, void )
88 {
89 OUString sText = m_pTextInput->GetText();
90
** CID 1409894: Null pointer dereferences (FORWARD_NULL)
/svx/source/form/datanavi.cxx: 700 in svxform::XFormsPage::DoToolBoxAction(unsigned short)()
________________________________________________________________________________________________________
*** CID 1409894: Null pointer dereferences (FORWARD_NULL)
/svx/source/form/datanavi.cxx: 700 in svxform::XFormsPage::DoToolBoxAction(unsigned short)()
694 return bHandled;
695 }
696
697 ScopedVclPtrInstance< AddDataItemDialog > aDlg( this, pNode,
m_xUIHelper );
698 DataItemType eType = DITElement;
699 sal_uInt16 nResId = RID_STR_DATANAV_EDIT_ELEMENT;
CID 1409894: Null pointer dereferences (FORWARD_NULL)
Comparing "pNode" to null implies that "pNode" might be null.
700 if ( pNode && pNode->m_xNode.is() )
701 {
702 try
703 {
704 css::xml::dom::NodeType eChildType =
pNode->m_xNode->getNodeType();
705 if ( eChildType == css::xml::dom::NodeType_ATTRIBUTE_NODE )
** CID 1409893: Incorrect expression (DIVIDE_BY_ZERO)
/sw/source/core/edit/edfcol.cxx: 403 in SwEditShell::SetWatermark(const SfxWatermarkItem &)()
________________________________________________________________________________________________________
*** CID 1409893: Incorrect expression (DIVIDE_BY_ZERO)
/sw/source/core/edit/edfcol.cxx: 403 in SwEditShell::SetWatermark(const SfxWatermarkItem &)()
397 // Calc the ratio.
398 double fRatio = 0;
399 OutputDevice* pOut = Application::GetDefaultDevice();
400 vcl::Font aFont(pOut->GetFont());
401 aFont.SetFamilyName(sFont);
402 fRatio = aFont.GetFontSize().Height();
CID 1409893: Incorrect expression (DIVIDE_BY_ZERO)
In expression "fRatio /= pOut->GetTextWidth(rtl::OUString const(rWatermark->GetText()), 0,
-1, NULL)", division by expression "pOut->GetTextWidth(rtl::OUString
const(rWatermark->GetText()), 0, -1, NULL)" which may be zero has undefined behavior.
403 fRatio /= pOut->GetTextWidth(rWatermark.GetText());
404
405 // Calc the size.
406 sal_Int32 nWidth = 0;
407 awt::Size aSize;
408 xPageStyle->getPropertyValue(UNO_NAME_SIZE) >>= aSize;
** CID 1409892: (CONSTANT_EXPRESSION_RESULT)
/include/o3tl/strong_int.hxx: 65 in o3tl::detail::isInRange<unsigned char, unsigned char>(T2)()
/include/o3tl/strong_int.hxx: 57 in o3tl::detail::isInRange<unsigned int, int>(T2)()
/include/o3tl/strong_int.hxx: 65 in o3tl::detail::isInRange<unsigned short, unsigned short>(T2)()
/include/o3tl/strong_int.hxx: 39 in o3tl::detail::isInRange<int, int>(T2)()
/include/o3tl/strong_int.hxx: 65 in o3tl::detail::isInRange<unsigned int, unsigned int>(T2)()
/include/o3tl/strong_int.hxx: 57 in o3tl::detail::isInRange<unsigned short, short>(T2)()
________________________________________________________________________________________________________
*** CID 1409892: (CONSTANT_EXPRESSION_RESULT)
/include/o3tl/strong_int.hxx: 65 in o3tl::detail::isInRange<unsigned char, unsigned char>(T2)()
59 }
60
61 template<typename T1, typename T2> constexpr
62 typename std::enable_if<
63 std::is_unsigned<T1>::value && std::is_unsigned<T2>::value, bool>::type
64 isInRange(T2 value) {
CID 1409892: (CONSTANT_EXPRESSION_RESULT)
"value <= 255" is always true regardless of the values of its operands. This occurs as a
return value.
65 return value <= std::numeric_limits<T1>::max();
66 }
67
68 }
69
70 #endif
/include/o3tl/strong_int.hxx: 57 in o3tl::detail::isInRange<unsigned int, int>(T2)()
51
52 template<typename T1, typename T2> constexpr
53 typename std::enable_if<
54 std::is_unsigned<T1>::value && std::is_signed<T2>::value, bool>::type
55 isInRange(T2 value) {
56 return value >= 0
CID 1409892: (CONSTANT_EXPRESSION_RESULT)
"static_cast<std::make_unsigned<int>::type>(value) <= 4294967295U" is always true
regardless of the values of its operands. This occurs as the logical second operand of "&&".
57 && (static_cast<typename std::make_unsigned<T2>::type>(value)
58 <= std::numeric_limits<T1>::max());
59 }
60
61 template<typename T1, typename T2> constexpr
62 typename std::enable_if<
/include/o3tl/strong_int.hxx: 65 in o3tl::detail::isInRange<unsigned short, unsigned short>(T2)()
59 }
60
61 template<typename T1, typename T2> constexpr
62 typename std::enable_if<
63 std::is_unsigned<T1>::value && std::is_unsigned<T2>::value, bool>::type
64 isInRange(T2 value) {
CID 1409892: (CONSTANT_EXPRESSION_RESULT)
"value <= 65535" is always true regardless of the values of its operands. This occurs as a
return value.
65 return value <= std::numeric_limits<T1>::max();
66 }
67
68 }
69
70 #endif
/include/o3tl/strong_int.hxx: 39 in o3tl::detail::isInRange<int, int>(T2)()
33 namespace detail {
34
35 template<typename T1, typename T2> constexpr
36 typename std::enable_if<
37 std::is_signed<T1>::value && std::is_signed<T2>::value, bool>::type
38 isInRange(T2 value) {
CID 1409892: (CONSTANT_EXPRESSION_RESULT)
"value >= -2147483648" is always true regardless of the values of its operands. This occurs
as the logical first operand of "&&".
39 return value >= std::numeric_limits<T1>::min()
40 && value <= std::numeric_limits<T1>::max();
41 }
42
43 template<typename T1, typename T2> constexpr
44 typename std::enable_if<
/include/o3tl/strong_int.hxx: 65 in o3tl::detail::isInRange<unsigned int, unsigned int>(T2)()
59 }
60
61 template<typename T1, typename T2> constexpr
62 typename std::enable_if<
63 std::is_unsigned<T1>::value && std::is_unsigned<T2>::value, bool>::type
64 isInRange(T2 value) {
CID 1409892: (CONSTANT_EXPRESSION_RESULT)
"value <= 4294967295U" is always true regardless of the values of its operands. This occurs
as a return value.
65 return value <= std::numeric_limits<T1>::max();
66 }
67
68 }
69
70 #endif
/include/o3tl/strong_int.hxx: 57 in o3tl::detail::isInRange<unsigned short, short>(T2)()
51
52 template<typename T1, typename T2> constexpr
53 typename std::enable_if<
54 std::is_unsigned<T1>::value && std::is_signed<T2>::value, bool>::type
55 isInRange(T2 value) {
56 return value >= 0
CID 1409892: (CONSTANT_EXPRESSION_RESULT)
"static_cast<std::make_unsigned<short>::type>(value) <= 65535" is always true regardless of
the values of its operands. This occurs as the logical second operand of "&&".
57 && (static_cast<typename std::make_unsigned<T2>::type>(value)
58 <= std::numeric_limits<T1>::max());
59 }
60
61 template<typename T1, typename T2> constexpr
62 typename std::enable_if<
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpybZQLMAbZMCtF821VKx54ROVBE5oRamXv6dZ1bj-2BVXt5mzCRCaDAIjMTsY2U4JDxS5scI-2BpEs3kZWNtN4JrSvUrTBf9Fkc96Qsk59giRssdgu1anH6zy6ChVbWssPZK-2FgJPgnk-2FF8RlqUogNXRvSZxcNE1WKLOnEhBozK9Qxq4h4-3D
To manage Coverity Scan email notifications for "libreoffice@lists.freedesktop.org", click
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5N5X-2B1MAElavPQhH6nLwozJzqOkt2k8uOkYf2ZoppNa9QVe0T3fEZVQ7Kky1tOkLz_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpybZQLMAbZMCtF821VKx54RBEYEYr5REtqFlQP4FcwINgxbXVi7hc-2BMek2KATY1wPF3cHWOgfC476rbi0qZwVIa0-2FJxvwR7q3B0ci-2BEnuIXSr3J162bBFNMo131CUWh8ShLxTjsWerybhWA0yFEsEmRSbnLJv5Y7d6XIaUiTN6O9A-3D
Context
- New Defects reported by Coverity Scan for LibreOffice · scan-admin
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.