Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
9 new defect(s) introduced to LibreOffice found with Coverity Scan.
11 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by
Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)
** CID 1412992: Code maintainability issues (UNUSED_VALUE)
/svx/source/dialog/hdft.cxx: 831 in SvxHFPage::ResetBackground_Impl(const SfxItemSet &)()
________________________________________________________________________________________________________
*** CID 1412992: Code maintainability issues (UNUSED_VALUE)
/svx/source/dialog/hdft.cxx: 831 in SvxHFPage::ResetBackground_Impl(const SfxItemSet &)()
825 setSvxBrushItemAsFillAttributesToTargetSet(rItem, aTempSet);
826 aFooterFillAttributes.reset(new
drawinglayer::attribute::SdrAllFillAttributesHelper(aTempSet));
827 }
828 }
829
830 m_pBspWin->setFooterFillAttributes(aFooterFillAttributes);
CID 1412992: Code maintainability issues (UNUSED_VALUE)
Assigning value from "this->GetWhich(10024, true)" to "nWhich" here, but that stored value
is overwritten before it can be used.
831 nWhich = GetWhich(SID_ATTR_BORDER_OUTER);
832 }
833 }
834
835 drawinglayer::attribute::SdrAllFillAttributesHelperPtr aPageFillAttributes;
836
** CID 1412991: Resource leaks (RESOURCE_LEAK)
/sw/source/uibase/dochdl/gloshdl.cxx: 725 in SwGlossaryHdl::ImportGlossaries(const rtl::OUString
&)()
________________________________________________________________________________________________________
*** CID 1412991: Resource leaks (RESOURCE_LEAK)
/sw/source/uibase/dochdl/gloshdl.cxx: 725 in SwGlossaryHdl::ImportGlossaries(const rtl::OUString
&)()
719 {
720 const SvxAutoCorrCfg& rCfg = SvxAutoCorrCfg::Get();
721 bRet = aReader.ReadGlossaries( *pR, *pGlossary,
722 rCfg.IsSaveRelFile() );
723 }
724 }
CID 1412991: Resource leaks (RESOURCE_LEAK)
Variable "pGlossary" going out of scope leaks the storage it points to.
725 }
726 }
727 return bRet;
728 }
729
** CID 1412990: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1412990: Memory - corruptions (OVERRUN)
/sw/source/filter/ww8/docxattributeoutput.cxx: 3265 in
DocxAttributeOutput::TableDefinition(std::shared_ptr<ww8::WW8TableNodeInfoInner>)()
3259 FSNS( XML_w, XML_tblLook ),
3260 FSNS( XML_w, XML_tblPrChange )
3261 };
3262
3263 // postpone the output so that we can later []
3264 // prepend the properties before the run
CID 1412990: Memory - corruptions (OVERRUN)
Overrunning array "aOrder" of 64 bytes by passing it to a function which accesses it at
byte offset 120.
3265 m_pSerializer->mark(Tag_TableDefinition, comphelper::containerToSequence(aOrder));
3266
3267 long nPageSize = 0;
3268 const char* widthType = "dxa";
3269
3270 // If actual width of table is relative it should export is as "pct".`
** CID 1412989: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1412989: Memory - corruptions (OVERRUN)
/sw/source/filter/ww8/docxattributeoutput.cxx: 5599 in DocxAttributeOutput::StartSection()()
5593 FSNS( XML_w, XML_printerSettings ),
5594 FSNS( XML_w, XML_sectPrChange )
5595 };
5596
5597 // postpone the output so that we can later [in EndParagraphProperties()]
5598 // prepend the properties before the run
CID 1412989: Memory - corruptions (OVERRUN)
Overrunning array "aOrder" of 88 bytes by passing it to a function which accesses it at
byte offset 168.
5599 m_pSerializer->mark(Tag_StartSection, comphelper::containerToSequence(aOrder));
5600 m_bHadSectPr = true;
5601 }
5602
5603 void DocxAttributeOutput::EndSection()
5604 {
** CID 1412988: Uninitialized members (UNINIT_CTOR)
/vcl/source/window/errinf.cxx: 235 in ImplDynamicErrorInfo::ImplDynamicErrorInfo()()
________________________________________________________________________________________________________
*** CID 1412988: Uninitialized members (UNINIT_CTOR)
/vcl/source/window/errinf.cxx: 235 in ImplDynamicErrorInfo::ImplDynamicErrorInfo()()
229 private:
230 void RegisterError(DynamicErrorInfo *);
231 static void UnRegisterError(DynamicErrorInfo const *);
232 static ErrorInfo* GetDynamicErrorInfo(ErrCode nId);
233
234 ErrCode nErrId;
CID 1412988: Uninitialized members (UNINIT_CTOR)
The compiler-generated constructor for this class does not initialize "nMask".
235 DialogMask nMask;
236
237 };
238
239 void ImplDynamicErrorInfo::RegisterError(DynamicErrorInfo *pDynErrInfo)
240 {
** CID 1412987: Insecure data handling (TAINTED_SCALAR)
/vcl/source/filter/sgvmain.cxx: 779 in DrawObjkList(SvStream &, OutputDevice &)()
________________________________________________________________________________________________________
*** CID 1412987: Insecure data handling (TAINTED_SCALAR)
/vcl/source/filter/sgvmain.cxx: 779 in DrawObjkList(SvStream &, OutputDevice &)()
773 case ObjRect: { RectType aRect; ReadRectType( rInp, aRect ); if
(!rInp.GetError()) aRect.Draw(rOut); } break;
774 case ObjCirc: { CircType aCirc; ReadCircType( rInp, aCirc ); if
(!rInp.GetError()) aCirc.Draw(rOut); } break;
775 case ObjText: {
776 TextType aText;
777 ReadTextType( rInp, aText );
778 if (!rInp.GetError()) {
CID 1412987: Insecure data handling (TAINTED_SCALAR)
Passing tainted variable "aText.BufSize + 1" to a tainted sink.
779 aText.Buffer=new UCHAR[aText.BufSize+1]; // add one for LookAhead
at CK-separation
780 rInp.ReadBytes(aText.Buffer, aText.BufSize);
781 if (!rInp.GetError()) aText.Draw(rOut);
782 delete[] aText.Buffer;
783 }
784 } break;
** CID 1412986: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1412986: Memory - corruptions (OVERRUN)
/sw/source/filter/ww8/docxattributeoutput.cxx: 1809 in
DocxAttributeOutput::InitCollectedRunProperties()()
1803 FSNS( XML_w14, XML_stylisticSets ),
1804 FSNS( XML_w14, XML_cntxtAlts ),
1805 };
1806
1807 // postpone the output so that we can later [in EndParagraphProperties()]
1808 // prepend the properties before the run
CID 1412986: Memory - corruptions (OVERRUN)
Overrunning array "aOrder" of 208 bytes by passing it to a function which accesses it at
byte offset 408.
1809 m_pSerializer->mark(Tag_InitCollectedRunProperties,
comphelper::containerToSequence(aOrder));
1810 }
1811
1812 namespace
1813 {
1814
** CID 1412985: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1412985: Memory - corruptions (OVERRUN)
/sw/source/filter/ww8/docxattributeoutput.cxx: 886 in
DocxAttributeOutput::InitCollectedParagraphProperties()()
880 FSNS( XML_w, XML_sectPr ),
881 FSNS( XML_w, XML_pPrChange )
882 };
883
884 // postpone the output so that we can later [in EndParagraphProperties()]
885 // prepend the properties before the run
CID 1412985: Memory - corruptions (OVERRUN)
Overrunning array "aOrder" of 144 bytes by passing it to a function which accesses it at
byte offset 280.
886 m_pSerializer->mark(Tag_InitCollectedParagraphProperties,
comphelper::containerToSequence(aOrder));
887 }
888
889 void DocxAttributeOutput::WriteCollectedParagraphProperties()
890 {
891 if ( m_rExport.SdrExporter().getFlyAttrList().is() )
** CID 735795: Null pointer dereferences (FORWARD_NULL)
/sc/source/core/tool/interpr4.cxx: 3434 in ScInterpreter::ScMacro()()
________________________________________________________________________________________________________
*** CID 735795: Null pointer dereferences (FORWARD_NULL)
/sc/source/core/tool/interpr4.cxx: 3434 in ScInterpreter::ScMacro()()
3428 }
3429 PushDouble( fVal );
3430 }
3431 else if ( eResType & SbxARRAY )
3432 {
3433 SbxBase* pElemObj = refRes->GetObject();
CID 735795: Null pointer dereferences (FORWARD_NULL)
Assigning: "pDimArray" = "dynamic_cast <SbxDimArray *>(pElemObj)".
3434 SbxDimArray* pDimArray = dynamic_cast< SbxDimArray *>( pElemObj );
3435 short nDim = pDimArray->GetDims();
3436 if ( 1 <= nDim && nDim <= 2 )
3437 {
3438 sal_Int32 nCs, nCe, nRs, nRe;
3439 SCSIZE nC, nR;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpygf-2BM7yEdP4gaehqtN2ZnhrBE0TvXn7KlDzzgR2zfoJqEMksRuQszhWPTFa8PBMMzrVywaBXOZXm1KH40G1GaTpmuvazj9aQNYZ3VO0TKaM3GDu5-2BolmRZo40QrLu-2BO4A0sTnzK1glKasxJta8bS4xEO6YmX0AEUTdcDmFiUw5kQ-3D
To manage Coverity Scan email notifications for "libreoffice@lists.freedesktop.org", click
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5N5X-2B1MAElavPQhH6nLwozJzqOkt2k8uOkYf2ZoppNa9QVe0T3fEZVQ7Kky1tOkLz_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpygf-2BM7yEdP4gaehqtN2ZnhmvSzTiQ6xNqHXYLni6Ky2iLgLaztcy-2BdiKibK9YPPC5Qalkv069x0hj8YBonmEe-2Bq9dQuTDhHpV6aI7QGV4EL1hbxx6rQlx5yeLuKWztzxd3be3UfdHJbCusAFdYvNgxtwn6UR3SBUwD5As9O1J95s-3D
Context
- New Defects reported by Coverity Scan for LibreOffice · scan-admin
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.