Date: prev next · Thread: first prev next last
2017 Archives by date, by thread · List index



Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

9 new defect(s) introduced to LibreOffice found with Coverity Scan.
11 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by 
Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)


** CID 1412992:  Code maintainability issues  (UNUSED_VALUE)
/svx/source/dialog/hdft.cxx: 831 in SvxHFPage::ResetBackground_Impl(const SfxItemSet &)()


________________________________________________________________________________________________________
*** CID 1412992:  Code maintainability issues  (UNUSED_VALUE)
/svx/source/dialog/hdft.cxx: 831 in SvxHFPage::ResetBackground_Impl(const SfxItemSet &)()
825                         setSvxBrushItemAsFillAttributesToTargetSet(rItem, aTempSet);
826                         aFooterFillAttributes.reset(new 
drawinglayer::attribute::SdrAllFillAttributesHelper(aTempSet));
827                     }
828                 }
829     
830                 m_pBspWin->setFooterFillAttributes(aFooterFillAttributes);
    CID 1412992:  Code maintainability issues  (UNUSED_VALUE)
    Assigning value from "this->GetWhich(10024, true)" to "nWhich" here, but that stored value 
is overwritten before it can be used.
831                 nWhich = GetWhich(SID_ATTR_BORDER_OUTER);
832             }
833         }
834     
835         drawinglayer::attribute::SdrAllFillAttributesHelperPtr aPageFillAttributes;
836     

** CID 1412991:  Resource leaks  (RESOURCE_LEAK)
/sw/source/uibase/dochdl/gloshdl.cxx: 725 in SwGlossaryHdl::ImportGlossaries(const rtl::OUString 
&)()


________________________________________________________________________________________________________
*** CID 1412991:  Resource leaks  (RESOURCE_LEAK)
/sw/source/uibase/dochdl/gloshdl.cxx: 725 in SwGlossaryHdl::ImportGlossaries(const rtl::OUString 
&)()
719                     {
720                         const SvxAutoCorrCfg& rCfg = SvxAutoCorrCfg::Get();
721                         bRet = aReader.ReadGlossaries( *pR, *pGlossary,
722                                     rCfg.IsSaveRelFile() );
723                     }
724                 }
    CID 1412991:  Resource leaks  (RESOURCE_LEAK)
    Variable "pGlossary" going out of scope leaks the storage it points to.
725             }
726         }
727         return bRet;
728     }
729     

** CID 1412990:  Memory - corruptions  (OVERRUN)


________________________________________________________________________________________________________
*** CID 1412990:  Memory - corruptions  (OVERRUN)
/sw/source/filter/ww8/docxattributeoutput.cxx: 3265 in 
DocxAttributeOutput::TableDefinition(std::shared_ptr<ww8::WW8TableNodeInfoInner>)()
3259             FSNS( XML_w, XML_tblLook ),
3260             FSNS( XML_w, XML_tblPrChange )
3261         };
3262     
3263         // postpone the output so that we can later []
3264         // prepend the properties before the run
    CID 1412990:  Memory - corruptions  (OVERRUN)
    Overrunning array "aOrder" of 64 bytes by passing it to a function which accesses it at 
byte offset 120.
3265         m_pSerializer->mark(Tag_TableDefinition, comphelper::containerToSequence(aOrder));
3266     
3267         long nPageSize = 0;
3268         const char* widthType = "dxa";
3269     
3270         // If actual width of table is relative it should export is as "pct".`

** CID 1412989:  Memory - corruptions  (OVERRUN)


________________________________________________________________________________________________________
*** CID 1412989:  Memory - corruptions  (OVERRUN)
/sw/source/filter/ww8/docxattributeoutput.cxx: 5599 in DocxAttributeOutput::StartSection()()
5593             FSNS( XML_w, XML_printerSettings ),
5594             FSNS( XML_w, XML_sectPrChange )
5595         };
5596     
5597         // postpone the output so that we can later [in EndParagraphProperties()]
5598         // prepend the properties before the run
    CID 1412989:  Memory - corruptions  (OVERRUN)
    Overrunning array "aOrder" of 88 bytes by passing it to a function which accesses it at 
byte offset 168.
5599         m_pSerializer->mark(Tag_StartSection, comphelper::containerToSequence(aOrder));
5600         m_bHadSectPr = true;
5601     }
5602     
5603     void DocxAttributeOutput::EndSection()
5604     {

** CID 1412988:  Uninitialized members  (UNINIT_CTOR)
/vcl/source/window/errinf.cxx: 235 in ImplDynamicErrorInfo::ImplDynamicErrorInfo()()


________________________________________________________________________________________________________
*** CID 1412988:  Uninitialized members  (UNINIT_CTOR)
/vcl/source/window/errinf.cxx: 235 in ImplDynamicErrorInfo::ImplDynamicErrorInfo()()
229     private:
230         void                        RegisterError(DynamicErrorInfo *);
231         static void                 UnRegisterError(DynamicErrorInfo const *);
232         static ErrorInfo*           GetDynamicErrorInfo(ErrCode nId);
233     
234         ErrCode                     nErrId;
    CID 1412988:  Uninitialized members  (UNINIT_CTOR)
    The compiler-generated constructor for this class does not initialize "nMask".
235         DialogMask                  nMask;
236     
237     };
238     
239     void ImplDynamicErrorInfo::RegisterError(DynamicErrorInfo *pDynErrInfo)
240     {

** CID 1412987:  Insecure data handling  (TAINTED_SCALAR)
/vcl/source/filter/sgvmain.cxx: 779 in DrawObjkList(SvStream &, OutputDevice &)()


________________________________________________________________________________________________________
*** CID 1412987:  Insecure data handling  (TAINTED_SCALAR)
/vcl/source/filter/sgvmain.cxx: 779 in DrawObjkList(SvStream &, OutputDevice &)()
773                     case ObjRect: { RectType aRect; ReadRectType( rInp, aRect ); if 
(!rInp.GetError()) aRect.Draw(rOut); } break;
774                     case ObjCirc: { CircType aCirc; ReadCircType( rInp, aCirc ); if 
(!rInp.GetError()) aCirc.Draw(rOut); } break;
775                     case ObjText: {
776                         TextType aText;
777                         ReadTextType( rInp, aText );
778                         if (!rInp.GetError()) {
    CID 1412987:  Insecure data handling  (TAINTED_SCALAR)
    Passing tainted variable "aText.BufSize + 1" to a tainted sink.
779                             aText.Buffer=new UCHAR[aText.BufSize+1]; // add one for LookAhead 
at CK-separation
780                             rInp.ReadBytes(aText.Buffer, aText.BufSize);
781                             if (!rInp.GetError()) aText.Draw(rOut);
782                             delete[] aText.Buffer;
783                         }
784                     } break;

** CID 1412986:  Memory - corruptions  (OVERRUN)


________________________________________________________________________________________________________
*** CID 1412986:  Memory - corruptions  (OVERRUN)
/sw/source/filter/ww8/docxattributeoutput.cxx: 1809 in 
DocxAttributeOutput::InitCollectedRunProperties()()
1803             FSNS( XML_w14, XML_stylisticSets ),
1804             FSNS( XML_w14, XML_cntxtAlts ),
1805         };
1806     
1807         // postpone the output so that we can later [in EndParagraphProperties()]
1808         // prepend the properties before the run
    CID 1412986:  Memory - corruptions  (OVERRUN)
    Overrunning array "aOrder" of 208 bytes by passing it to a function which accesses it at 
byte offset 408.
1809         m_pSerializer->mark(Tag_InitCollectedRunProperties, 
comphelper::containerToSequence(aOrder));
1810     }
1811     
1812     namespace
1813     {
1814     

** CID 1412985:  Memory - corruptions  (OVERRUN)


________________________________________________________________________________________________________
*** CID 1412985:  Memory - corruptions  (OVERRUN)
/sw/source/filter/ww8/docxattributeoutput.cxx: 886 in 
DocxAttributeOutput::InitCollectedParagraphProperties()()
880             FSNS( XML_w, XML_sectPr ),
881             FSNS( XML_w, XML_pPrChange )
882         };
883     
884         // postpone the output so that we can later [in EndParagraphProperties()]
885         // prepend the properties before the run
    CID 1412985:  Memory - corruptions  (OVERRUN)
    Overrunning array "aOrder" of 144 bytes by passing it to a function which accesses it at 
byte offset 280.
886         m_pSerializer->mark(Tag_InitCollectedParagraphProperties, 
comphelper::containerToSequence(aOrder));
887     }
888     
889     void DocxAttributeOutput::WriteCollectedParagraphProperties()
890     {
891         if ( m_rExport.SdrExporter().getFlyAttrList().is() )

** CID 735795:  Null pointer dereferences  (FORWARD_NULL)
/sc/source/core/tool/interpr4.cxx: 3434 in ScInterpreter::ScMacro()()


________________________________________________________________________________________________________
*** CID 735795:  Null pointer dereferences  (FORWARD_NULL)
/sc/source/core/tool/interpr4.cxx: 3434 in ScInterpreter::ScMacro()()
3428                 }
3429                 PushDouble( fVal );
3430             }
3431             else if ( eResType & SbxARRAY )
3432             {
3433                 SbxBase* pElemObj = refRes->GetObject();
    CID 735795:  Null pointer dereferences  (FORWARD_NULL)
    Assigning: "pDimArray" = "dynamic_cast <SbxDimArray *>(pElemObj)".
3434                 SbxDimArray* pDimArray = dynamic_cast< SbxDimArray *>( pElemObj );
3435                 short nDim = pDimArray->GetDims();
3436                 if ( 1 <= nDim && nDim <= 2 )
3437                 {
3438                     sal_Int32 nCs, nCe, nRs, nRe;
3439                     SCSIZE nC, nR;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpygf-2BM7yEdP4gaehqtN2ZnhrBE0TvXn7KlDzzgR2zfoJqEMksRuQszhWPTFa8PBMMzrVywaBXOZXm1KH40G1GaTpmuvazj9aQNYZ3VO0TKaM3GDu5-2BolmRZo40QrLu-2BO4A0sTnzK1glKasxJta8bS4xEO6YmX0AEUTdcDmFiUw5kQ-3D

To manage Coverity Scan email notifications for "libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5N5X-2B1MAElavPQhH6nLwozJzqOkt2k8uOkYf2ZoppNa9QVe0T3fEZVQ7Kky1tOkLz_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpygf-2BM7yEdP4gaehqtN2ZnhmvSzTiQ6xNqHXYLni6Ky2iLgLaztcy-2BdiKibK9YPPC5Qalkv069x0hj8YBonmEe-2Bq9dQuTDhHpV6aI7QGV4EL1hbxx6rQlx5yeLuKWztzxd3be3UfdHJbCusAFdYvNgxtwn6UR3SBUwD5As9O1J95s-3D


Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.