New Defects reported by Coverity Scan for LibreOffice
scan-admin at coverity.com
scan-admin at coverity.com
Sun Nov 23 19:48:49 PST 2014
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
7 new defect(s) introduced to LibreOffice found with Coverity Scan.
10 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 7 of 7 defect(s)
** CID 1255905: Buffer not null terminated (BUFFER_SIZE_WARNING)
/vcl/opengl/x11/X11DeviceInfo.cxx: 242 in X11OpenGLDeviceInfo::GetData()()
** CID 1255906: Unchecked return value (CHECKED_RETURN)
/sc/source/ui/optdlg/calcoptionsdlg.cxx: 1012 in <unnamed>::OpenCLTester::addTest(const <unnamed>::Area &)()
** CID 1195349: Argument cannot be negative (NEGATIVE_RETURNS)
/vcl/unx/glxtest.cxx: 111 in glxtest()
** CID 1255907: Explicit null dereferenced (FORWARD_NULL)
/vcl/source/opengl/OpenGLContext.cxx: 552 in <unnamed>::getFBConfig(_XDisplay *, unsigned long, int &, bool, bool)()
** CID 1255908: Resource leak (RESOURCE_LEAK)
/sc/source/ui/optdlg/calcoptionsdlg.cxx: 1364 in ScCalcOptionsDialog::TestClickHdl(PushButton *)()
** CID 1255910: Uninitialized scalar field (UNINIT_CTOR)
/sw/source/uibase/utlui/content.cxx: 847 in SwContentTree::SwContentTree(vcl::Window *, const ResId &)()
** CID 1255909: Uninitialized scalar field (UNINIT_CTOR)
/include/vcl/salgtype.hxx: 50 in SalTwoRect::SalTwoRect()()
________________________________________________________________________________________________________
*** CID 1255905: Buffer not null terminated (BUFFER_SIZE_WARNING)
/vcl/opengl/x11/X11DeviceInfo.cxx: 242 in X11OpenGLDeviceInfo::GetData()()
236 whereToReadVersionNumbers = maVersion.getStr();
237 }
238
239 // read major.minor version numbers of the driver (not to be confused with the OpenGL version)
240 if (whereToReadVersionNumbers) {
241 // copy into writable buffer, for tokenization
>>> CID 1255905: Buffer not null terminated (BUFFER_SIZE_WARNING)
>>> Calling strncpy with a maximum size argument of 1024 bytes on destination array "buf" of size 1024 bytes might leave the destination string unterminated.
242 strncpy(buf, whereToReadVersionNumbers, buf_size);
243 bufptr = buf;
244
245 // now try to read major.minor version numbers. In case of failure, gracefully exit: these numbers have
246 // been initialized as 0 anyways
247 char *token = strtok_wrapper(".", &bufptr);
________________________________________________________________________________________________________
*** CID 1255906: Unchecked return value (CHECKED_RETURN)
/sc/source/ui/optdlg/calcoptionsdlg.cxx: 1012 in <unnamed>::OpenCLTester::addTest(const <unnamed>::Area &)()
1006
1007 void addTest(const Area &rArea)
1008 {
1009 sc::AutoCalcSwitch aACSwitch(*mpDoc, true);
1010
1011 mnTestAreas++;
>>> CID 1255906: Unchecked return value (CHECKED_RETURN)
>>> Calling "InsertTable" without checking return value (as is done elsewhere 5 out of 6 times).
1012 mpDocShell->GetDocFunc().InsertTable(mnTestAreas, rArea.msTitle, false, true);
1013
1014 rArea.addHeader(mpDoc, mnTestAreas);
1015
1016 for (int i = 0; i < rArea.mnRows; ++i)
1017 rArea.addRow(mpDoc, i, mnTestAreas);
________________________________________________________________________________________________________
*** CID 1195349: Argument cannot be negative (NEGATIVE_RETURNS)
/vcl/unx/glxtest.cxx: 111 in glxtest()
105 // we want to redirect to /dev/null stdout, stderr, and while we're at it,
106 // any PR logging file descriptors. To that effect, we redirect all positive
107 // file descriptors up to what open() returns here. In particular, 1 is stdout and 2 is stderr.
108 int fd = open("/dev/null", O_WRONLY);
109 for (int i = 1; i < fd; i++)
110 dup2(fd, i);
>>> CID 1195349: Argument cannot be negative (NEGATIVE_RETURNS)
>>> "fd" is passed to a parameter that cannot be negative.
111 close(fd);
112
113 if (getenv("MOZ_AVOID_OPENGL_ALTOGETHER"))
114 fatal_error("The MOZ_AVOID_OPENGL_ALTOGETHER environment variable is defined");
115
116 ///// Open libGL and load needed symbols /////
________________________________________________________________________________________________________
*** CID 1255907: Explicit null dereferenced (FORWARD_NULL)
/vcl/source/opengl/OpenGLContext.cxx: 552 in <unnamed>::getFBConfig(_XDisplay *, unsigned long, int &, bool, bool)()
546 }
547
548 int best_num_samp = -1;
549 for(int i = 0; i < fbCount; ++i)
550 {
551 XVisualInfo* pVi = glXGetVisualFromFBConfig( dpy, pFBC[i] );
>>> CID 1255907: Explicit null dereferenced (FORWARD_NULL)
>>> Dereferencing null pointer "xattr.visual".
552 if(pVi && (!bWithSameVisualID || pVi->visualid == xattr.visual->visualid) )
553 {
554 // pick the one with the most samples per pixel
555 int nSampleBuf = 0;
556 int nSamples = 0;
557 glXGetFBConfigAttrib( dpy, pFBC[i], GLX_SAMPLE_BUFFERS, &nSampleBuf );
________________________________________________________________________________________________________
*** CID 1255908: Resource leak (RESOURCE_LEAK)
/sc/source/ui/optdlg/calcoptionsdlg.cxx: 1364 in ScCalcOptionsDialog::TestClickHdl(PushButton *)()
1358 pTestDocument->addTest(Reduction("Product", "PRODUCT", 500, 0, 0.1, 2.5, 3e-10,
1359 [] (double nAccum, double nArg)
1360 {
1361 return (nAccum * nArg);
1362 }));
1363
>>> CID 1255908: Resource leak (RESOURCE_LEAK)
>>> Variable "pTestDocument" going out of scope leaks the storage it points to.
1364 return 0;
1365 }
1366
________________________________________________________________________________________________________
*** CID 1255910: Uninitialized scalar field (UNINIT_CTOR)
/sw/source/uibase/utlui/content.cxx: 847 in SwContentTree::SwContentTree(vcl::Window *, const ResId &)()
841 nActiveBlock = pConfig->GetActiveBlock();
842 aUpdTimer.SetTimeoutHdl(LINK(this, SwContentTree, TimerUpdate));
843 aUpdTimer.SetTimeout(1000);
844 Clear();
845 EnableContextMenuHandling();
846 SetStyle( GetStyle() | WB_QUICK_SEARCH );
>>> CID 1255910: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "m_bActiveDocModified" is not initialized in this constructor nor in any functions that it calls.
847 }
848
849 SwContentTree::~SwContentTree()
850 {
851 Clear(); // If applicable erase content types previously.
852 bIsInDrag = false;
________________________________________________________________________________________________________
*** CID 1255909: Uninitialized scalar field (UNINIT_CTOR)
/include/vcl/salgtype.hxx: 50 in SalTwoRect::SalTwoRect()()
44 long mnSrcHeight;
45 long mnDestX;
46 long mnDestY;
47 long mnDestWidth;
48 long mnDestHeight;
49
>>> CID 1255909: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "mnDestHeight" is not initialized in this constructor nor in any functions that it calls.
50 SalTwoRect() {}
51
52 SalTwoRect(long nSrcX, long nSrcY, long nSrcWidth, long nSrcHeight, long nDestX, long nDestY, long nDestWidth, long nDestHeight)
53 : mnSrcX(nSrcX), mnSrcY(nSrcY), mnSrcWidth(nSrcWidth), mnSrcHeight(nSrcHeight), mnDestX(nDestX), mnDestY(nDestY), mnDestWidth(nDestWidth), mnDestHeight(nDestHeight)
54 {
55 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/211?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
More information about the LibreOffice
mailing list