New Defects reported by Coverity Scan for LibreOffice
scan-admin at coverity.com
scan-admin at coverity.com
Mon Jul 1 09:10:36 UTC 2019
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
261 new defect(s) introduced to LibreOffice found with Coverity Scan.
49 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 261 defect(s)
** CID 1448549: Memory - illegal accesses (USE_AFTER_FREE)
________________________________________________________________________________________________________
*** CID 1448549: Memory - illegal accesses (USE_AFTER_FREE)
/sw/source/core/layout/flylay.cxx: 688 in SwFlyFreeFrame::CheckClip(const SwFormatFrameSize &)()
682 pLow->Calc(getRootFrame()->GetCurrShell()->GetOut());
683 // also calculate the (Column)BodyFrame
684 static_cast<SwLayoutFrame*>(pLow)->Lower()->Calc(getRootFrame()->GetCurrShell()->GetOut());
685 pLow = pLow->GetNext();
686 } while ( pLow );
687 ::CalcContent( this );
>>> CID 1448549: Memory - illegal accesses (USE_AFTER_FREE)
>>> Calling "ColUnlock" dereferences freed pointer "this".
688 ColUnlock();
689
690 if ( !isFrameAreaSizeValid() && !m_bWidthClipped )
691 {
692 setFrameAreaSizeValid(true);
693 m_bFormatHeightOnly = true;
** CID 1448548: Memory - corruptions (OVERLAPPING_COPY)
/unoidl/source/sourceprovider-parser.y: 242 in <unnamed>::coerce(int, void *, unoidl::detail::SourceProviderExpr *, unoidl::detail::SourceProviderExpr *)()
________________________________________________________________________________________________________
*** CID 1448548: Memory - corruptions (OVERLAPPING_COPY)
/unoidl/source/sourceprovider-parser.y: 242 in <unnamed>::coerce(int, void *, unoidl::detail::SourceProviderExpr *, unoidl::detail::SourceProviderExpr *)()
236 case unoidl::detail::SourceProviderExpr::TYPE_FLOAT:
237 switch (rhs->type) {
238 case unoidl::detail::SourceProviderExpr::TYPE_BOOL:
239 ok = false;
240 break;
241 case unoidl::detail::SourceProviderExpr::TYPE_INT:
>>> CID 1448548: Memory - corruptions (OVERLAPPING_COPY)
>>> Assigning "(*rhs).ival" to "(*rhs).fval", which have overlapping memory locations and different types.
242 rhs->fval = rhs->ival;
243 ok = true;
244 break;
245 case unoidl::detail::SourceProviderExpr::TYPE_UINT:
246 rhs->fval = rhs->uval;
247 ok = true;
** CID 1448547: Error handling issues (CHECKED_RETURN)
/basic/source/runtime/methods.cxx: 782 in SbRtl_FileLen(StarBASIC *, SbxArray &, bool)()
________________________________________________________________________________________________________
*** CID 1448547: Error handling issues (CHECKED_RETURN)
/basic/source/runtime/methods.cxx: 782 in SbRtl_FileLen(StarBASIC *, SbxArray &, bool)()
776 }
777 else
778 {
779 DirectoryItem aItem;
780 DirectoryItem::get( getFullPath( aStr ), aItem );
781 FileStatus aFileStatus( osl_FileStatus_Mask_FileSize );
>>> CID 1448547: Error handling issues (CHECKED_RETURN)
>>> Calling "getFileStatus" without checking return value (as is done elsewhere 76 out of 88 times).
782 aItem.getFileStatus( aFileStatus );
783 nLen = static_cast<sal_Int32>(aFileStatus.getFileSize());
784 }
785 rPar.Get(0)->PutLong( static_cast<long>(nLen) );
786 }
787 }
** CID 1448546: Control flow issues (DEADCODE)
/opencl/opencltest/main.cxx: 126 in runTest(const char *, const char *)()
________________________________________________________________________________________________________
*** CID 1448546: Control flow issues (DEADCODE)
/opencl/opencltest/main.cxx: 126 in runTest(const char *, const char *)()
120 status = clGetProgramBuildInfo(program, deviceId, CL_PROGRAM_BUILD_LOG, length,
121 error.data(), nullptr);
122 error[length] = '\0';
123 cerr << "OpenCL driver check build error:" << error.data() << endl;
124 abort();
125 #else
>>> CID 1448546: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: ";".
126 openclcheck(state);
127 #endif
128 }
129 cl_kernel kernel = clCreateKernel(program, "testFunction", &state);
130 openclcheck(state);
131
** CID 1448545: Memory - illegal accesses (WRAPPER_ESCAPE)
/svx/source/gallery2/gallery1.cxx: 726 in Gallery::ImplGetCachedTheme(const GalleryThemeEntry *)()
________________________________________________________________________________________________________
*** CID 1448545: Memory - illegal accesses (WRAPPER_ESCAPE)
/svx/source/gallery2/gallery1.cxx: 726 in Gallery::ImplGetCachedTheme(const GalleryThemeEntry *)()
720 pTheme = pNewTheme.get();
721 if( pTheme )
722 aThemeCache.push_back( new GalleryThemeCacheEntry( pThemeEntry, std::move(pNewTheme) ));
723 }
724 }
725
>>> CID 1448545: Memory - illegal accesses (WRAPPER_ESCAPE)
>>> Using internal representation of destroyed object local "pNewTheme".
726 return pTheme;
727 }
728
729 void Gallery::ImplDeleteCachedTheme( GalleryTheme const * pTheme )
730 {
731 auto it = std::find_if(aThemeCache.begin(), aThemeCache.end(),
** CID 1448544: Error handling issues (UNCAUGHT_EXCEPT)
/usr/include/c++/8/bits/stl_vector.h: 1654 in std::vector<rtl::Reference<sd::AnnotationTag>, std::allocator<rtl::Reference<sd::AnnotationTag>>>::_M_erase_at_end(rtl::Reference<sd::AnnotationTag> *)()
________________________________________________________________________________________________________
*** CID 1448544: Error handling issues (UNCAUGHT_EXCEPT)
/usr/include/c++/8/bits/stl_vector.h: 1654 in std::vector<rtl::Reference<sd::AnnotationTag>, std::allocator<rtl::Reference<sd::AnnotationTag>>>::_M_erase_at_end(rtl::Reference<sd::AnnotationTag> *)()
1648
1649 // Internal erase functions follow.
1650
1651 // Called by erase(q1,q2), clear(), resize(), _M_fill_assign,
1652 // _M_assign_aux.
1653 void
>>> CID 1448544: Error handling issues (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown but the throw list "noexcept" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
1654 _M_erase_at_end(pointer __pos) _GLIBCXX_NOEXCEPT
1655 {
1656 if (size_type __n = this->_M_impl._M_finish - __pos)
1657 {
1658 std::_Destroy(__pos, this->_M_impl._M_finish,
1659 _M_get_Tp_allocator());
** CID 1448543: (SIGN_EXTENSION)
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 687 in <unnamed>::scaleDownPaletteGeneral(<unnamed>::ScaleContext &, long, long)()
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 696 in <unnamed>::scaleDownPaletteGeneral(<unnamed>::ScaleContext &, long, long)()
________________________________________________________________________________________________________
*** CID 1448543: (SIGN_EXTENSION)
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 687 in <unnamed>::scaleDownPaletteGeneral(<unnamed>::ScaleContext &, long, long)()
681 nTotalWeightX += lclMaxWeight();
682 }
683 else if( j == 0 )
684 {
685
686 BilinearWeightType nWeightX = lclMaxWeight() - rCtx.maMapFX[ nLeft ];
>>> CID 1448543: (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "aCol0.GetBlue()" with type "sal_uInt8" (8 bits, unsigned) is promoted in "nWeightX * aCol0.GetBlue()" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "nWeightX * aCol0.GetBlue()" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
687 nSumRowB += ( nWeightX *aCol0.GetBlue()) ;
688 nSumRowG += ( nWeightX *aCol0.GetGreen()) ;
689 nSumRowR += ( nWeightX *aCol0.GetRed()) ;
690 nTotalWeightX += nWeightX;
691 }
692 else if ( nRowRange == j )
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 696 in <unnamed>::scaleDownPaletteGeneral(<unnamed>::ScaleContext &, long, long)()
690 nTotalWeightX += nWeightX;
691 }
692 else if ( nRowRange == j )
693 {
694
695 BilinearWeightType nWeightX = rCtx.maMapFX[ nRight ] ;
>>> CID 1448543: (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "aCol0.GetBlue()" with type "sal_uInt8" (8 bits, unsigned) is promoted in "nWeightX * aCol0.GetBlue()" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "nWeightX * aCol0.GetBlue()" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
696 nSumRowB += ( nWeightX *aCol0.GetBlue() );
697 nSumRowG += ( nWeightX *aCol0.GetGreen() );
698 nSumRowR += ( nWeightX *aCol0.GetRed() );
699 nTotalWeightX += nWeightX;
700 }
701 else
** CID 1448542: (SIGN_EXTENSION)
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 821 in <unnamed>::scaleDown24bit(<unnamed>::ScaleContext &, long, long)()
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 828 in <unnamed>::scaleDown24bit(<unnamed>::ScaleContext &, long, long)()
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 822 in <unnamed>::scaleDown24bit(<unnamed>::ScaleContext &, long, long)()
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 829 in <unnamed>::scaleDown24bit(<unnamed>::ScaleContext &, long, long)()
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 820 in <unnamed>::scaleDown24bit(<unnamed>::ScaleContext &, long, long)()
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 830 in <unnamed>::scaleDown24bit(<unnamed>::ScaleContext &, long, long)()
________________________________________________________________________________________________________
*** CID 1448542: (SIGN_EXTENSION)
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 821 in <unnamed>::scaleDown24bit(<unnamed>::ScaleContext &, long, long)()
815 nTotalWeightX += lclMaxWeight();
816 }
817 else if(j == 0)
818 {
819 BilinearWeightType nWeightX = lclMaxWeight() - rCtx.maMapFX[nLeft];
820 nSumRow1 += (nWeightX * (*pTmpX)); pTmpX++;
>>> CID 1448542: (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "*pTmpX" with type "sal_uInt8" (8 bits, unsigned) is promoted in "nWeightX * *pTmpX" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "nWeightX * *pTmpX" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
821 nSumRow2 += (nWeightX * (*pTmpX)); pTmpX++;
822 nSumRow3 += (nWeightX * (*pTmpX)); pTmpX++;
823 nTotalWeightX += nWeightX;
824 }
825 else if ( nRowRange == j )
826 {
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 828 in <unnamed>::scaleDown24bit(<unnamed>::ScaleContext &, long, long)()
822 nSumRow3 += (nWeightX * (*pTmpX)); pTmpX++;
823 nTotalWeightX += nWeightX;
824 }
825 else if ( nRowRange == j )
826 {
827 BilinearWeightType nWeightX = rCtx.maMapFX[ nRight ] ;
>>> CID 1448542: (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "*pTmpX" with type "sal_uInt8" (8 bits, unsigned) is promoted in "nWeightX * *pTmpX" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "nWeightX * *pTmpX" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
828 nSumRow1 += (nWeightX * (*pTmpX)); pTmpX++;
829 nSumRow2 += (nWeightX * (*pTmpX)); pTmpX++;
830 nSumRow3 += (nWeightX * (*pTmpX)); pTmpX++;
831 nTotalWeightX += nWeightX;
832 }
833 else
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 822 in <unnamed>::scaleDown24bit(<unnamed>::ScaleContext &, long, long)()
816 }
817 else if(j == 0)
818 {
819 BilinearWeightType nWeightX = lclMaxWeight() - rCtx.maMapFX[nLeft];
820 nSumRow1 += (nWeightX * (*pTmpX)); pTmpX++;
821 nSumRow2 += (nWeightX * (*pTmpX)); pTmpX++;
>>> CID 1448542: (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "*pTmpX" with type "sal_uInt8" (8 bits, unsigned) is promoted in "nWeightX * *pTmpX" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "nWeightX * *pTmpX" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
822 nSumRow3 += (nWeightX * (*pTmpX)); pTmpX++;
823 nTotalWeightX += nWeightX;
824 }
825 else if ( nRowRange == j )
826 {
827 BilinearWeightType nWeightX = rCtx.maMapFX[ nRight ] ;
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 829 in <unnamed>::scaleDown24bit(<unnamed>::ScaleContext &, long, long)()
823 nTotalWeightX += nWeightX;
824 }
825 else if ( nRowRange == j )
826 {
827 BilinearWeightType nWeightX = rCtx.maMapFX[ nRight ] ;
828 nSumRow1 += (nWeightX * (*pTmpX)); pTmpX++;
>>> CID 1448542: (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "*pTmpX" with type "sal_uInt8" (8 bits, unsigned) is promoted in "nWeightX * *pTmpX" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "nWeightX * *pTmpX" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
829 nSumRow2 += (nWeightX * (*pTmpX)); pTmpX++;
830 nSumRow3 += (nWeightX * (*pTmpX)); pTmpX++;
831 nTotalWeightX += nWeightX;
832 }
833 else
834 {
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 820 in <unnamed>::scaleDown24bit(<unnamed>::ScaleContext &, long, long)()
814 nSumRow3 += (*pTmpX) << MAP_PRECISION; pTmpX++;
815 nTotalWeightX += lclMaxWeight();
816 }
817 else if(j == 0)
818 {
819 BilinearWeightType nWeightX = lclMaxWeight() - rCtx.maMapFX[nLeft];
>>> CID 1448542: (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "*pTmpX" with type "sal_uInt8" (8 bits, unsigned) is promoted in "nWeightX * *pTmpX" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "nWeightX * *pTmpX" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
820 nSumRow1 += (nWeightX * (*pTmpX)); pTmpX++;
821 nSumRow2 += (nWeightX * (*pTmpX)); pTmpX++;
822 nSumRow3 += (nWeightX * (*pTmpX)); pTmpX++;
823 nTotalWeightX += nWeightX;
824 }
825 else if ( nRowRange == j )
/vcl/source/bitmap/BitmapScaleSuperFilter.cxx: 830 in <unnamed>::scaleDown24bit(<unnamed>::ScaleContext &, long, long)()
824 }
825 else if ( nRowRange == j )
826 {
827 BilinearWeightType nWeightX = rCtx.maMapFX[ nRight ] ;
828 nSumRow1 += (nWeightX * (*pTmpX)); pTmpX++;
829 nSumRow2 += (nWeightX * (*pTmpX)); pTmpX++;
>>> CID 1448542: (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "*pTmpX" with type "sal_uInt8" (8 bits, unsigned) is promoted in "nWeightX * *pTmpX" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "nWeightX * *pTmpX" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
830 nSumRow3 += (nWeightX * (*pTmpX)); pTmpX++;
831 nTotalWeightX += nWeightX;
832 }
833 else
834 {
835 nSumRow1 += (*pTmpX) << MAP_PRECISION; pTmpX++;
** CID 1448541: Memory - corruptions (OVERLAPPING_COPY)
/idlc/source/astexpression.cxx: 310 in coerce_value(AstExprValue *, ExprType)()
________________________________________________________________________________________________________
*** CID 1448541: Memory - corruptions (OVERLAPPING_COPY)
/idlc/source/astexpression.cxx: 310 in coerce_value(AstExprValue *, ExprType)()
304 if (ev->u.uhval > SAL_MAX_UINT32)
305 return false;
306 ev->u.ulval = static_cast<sal_uInt32>(ev->u.uhval);
307 ev->et = ET_ulong;
308 return true;
309 case ET_boolean:
>>> CID 1448541: Memory - corruptions (OVERLAPPING_COPY)
>>> Assigning "ev->u.bval" to "ev->u.ulval", which have overlapping memory locations and different types.
310 ev->u.ulval = static_cast<sal_uInt32>(ev->u.bval);
311 ev->et = ET_ulong;
312 return true;
313 case ET_float:
314 if (ev->u.fval < 0.0 || ev->u.fval > SAL_MAX_UINT32)
315 return false;
** CID 1448540: (NULL_RETURNS)
________________________________________________________________________________________________________
*** CID 1448540: (NULL_RETURNS)
/sw/source/uibase/uiview/viewtab.cxx: 2306 in SwView::StateTabWin(SfxItemSet &)()
2300 aFillStyleItem.SetWhich( SID_ATTR_PAGE_FILLSTYLE );
2301 rSet.Put(aFillStyleItem);
2302 switch(eXFS)
2303 {
2304 case drawing::FillStyle_SOLID:
2305 {
>>> CID 1448540: (NULL_RETURNS)
>>> Dereferencing a pointer that might be "nullptr" "aSet.GetItem(TypedWhichId<XFillColorItem>(1015), false)" when calling "GetColorValue".
2306 Color aColor = aSet.GetItem<XFillColorItem>( XATTR_FILLCOLOR, false )->GetColorValue();
2307 XFillColorItem aFillColorItem( OUString(), aColor );
2308 aFillColorItem.SetWhich( SID_ATTR_PAGE_COLOR );
2309 rSet.Put( aFillColorItem );
2310 }
2311 break;
/sw/source/uibase/uiview/viewtab.cxx: 2298 in SwView::StateTabWin(SfxItemSet &)()
2292 case SID_ATTR_PAGE_FILLSTYLE:
2293 case SID_ATTR_PAGE_GRADIENT:
2294 case SID_ATTR_PAGE_HATCH:
2295 case SID_ATTR_PAGE_BITMAP:
2296 {
2297 SfxItemSet aSet = rDesc.GetMaster().GetAttrSet();
>>> CID 1448540: (NULL_RETURNS)
>>> Dereferencing a pointer that might be "nullptr" "aSet.GetItem(TypedWhichId<XFillStyleItem>(1014), true)" when calling "GetValue".
2298 drawing::FillStyle eXFS = aSet.GetItem(XATTR_FILLSTYLE)->GetValue();
2299 XFillStyleItem aFillStyleItem( eXFS );
2300 aFillStyleItem.SetWhich( SID_ATTR_PAGE_FILLSTYLE );
2301 rSet.Put(aFillStyleItem);
2302 switch(eXFS)
2303 {
** CID 1448539: (USE_AFTER_FREE)
/usr/include/c++/8/bits/stl_algo.h: 2749 in std::__stable_sort_adaptive<__gnu_cxx::__normal_iterator<WW8PLCFx_Fc_FKP::WW8Fkp::Entry *, std::vector<WW8PLCFx_Fc_FKP::WW8Fkp::Entry, std::allocator<WW8PLCFx_Fc_FKP::WW8Fkp::Entry>>>, WW8PLCFx_Fc_FKP::WW8Fkp::Entry *, long, __gnu_cxx::__ops::_Iter_less_iter>(T1, T1, T2, T3, T4)()
________________________________________________________________________________________________________
*** CID 1448539: (USE_AFTER_FREE)
/usr/include/c++/8/bits/stl_algo.h: 2749 in std::__stable_sort_adaptive<__gnu_cxx::__normal_iterator<WW8PLCFx_Fc_FKP::WW8Fkp::Entry *, std::vector<WW8PLCFx_Fc_FKP::WW8Fkp::Entry, std::allocator<WW8PLCFx_Fc_FKP::WW8Fkp::Entry>>>, WW8PLCFx_Fc_FKP::WW8Fkp::Entry *, long, __gnu_cxx::__ops::_Iter_less_iter>(T1, T1, T2, T3, T4)()
2743 std::__stable_sort_adaptive(__middle, __last, __buffer,
2744 __buffer_size, __comp);
2745 }
2746 else
2747 {
2748 std::__merge_sort_with_buffer(__first, __middle, __buffer, __comp);
>>> CID 1448539: (USE_AFTER_FREE)
>>> Calling "__merge_sort_with_buffer" frees pointer "__buffer->mpData" which has already been freed.
2749 std::__merge_sort_with_buffer(__middle, __last, __buffer, __comp);
2750 }
2751 std::__merge_adaptive(__first, __middle, __last,
2752 _Distance(__middle - __first),
2753 _Distance(__last - __middle),
2754 __buffer, __buffer_size,
/usr/include/c++/8/bits/stl_algo.h: 2749 in std::__stable_sort_adaptive<__gnu_cxx::__normal_iterator<WW8PLCFx_Fc_FKP::WW8Fkp::Entry *, std::vector<WW8PLCFx_Fc_FKP::WW8Fkp::Entry, std::allocator<WW8PLCFx_Fc_FKP::WW8Fkp::Entry>>>, WW8PLCFx_Fc_FKP::WW8Fkp::Entry *, long, __gnu_cxx::__ops::_Iter_less_iter>(T1, T1, T2, T3, T4)()
2743 std::__stable_sort_adaptive(__middle, __last, __buffer,
2744 __buffer_size, __comp);
2745 }
2746 else
2747 {
2748 std::__merge_sort_with_buffer(__first, __middle, __buffer, __comp);
>>> CID 1448539: (USE_AFTER_FREE)
>>> Calling "__merge_sort_with_buffer" dereferences freed pointer "__buffer->mpData".
2749 std::__merge_sort_with_buffer(__middle, __last, __buffer, __comp);
2750 }
2751 std::__merge_adaptive(__first, __middle, __last,
2752 _Distance(__middle - __first),
2753 _Distance(__last - __middle),
2754 __buffer, __buffer_size,
** CID 1448538: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________________________________________________
*** CID 1448538: Null pointer dereferences (FORWARD_NULL)
/sw/source/core/layout/ftnfrm.cxx: 2680 in SwLayoutFrame::MoveLowerFootnotes(SwContentFrame *, SwFootnoteBossFrame *, SwFootnoteBossFrame *, bool)()
2674 if ( !aFootnoteArr.empty() || pFootnoteArr )
2675 {
2676 if( !aFootnoteArr.empty() )
2677 pNewBoss->MoveFootnotes_( aFootnoteArr, true );
2678 if( pFootnoteArr )
2679 {
>>> CID 1448538: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "pNewChief" to "MoveFootnotes_", which dereferences it.
2680 static_cast<SwFootnoteBossFrame*>(pNewChief)->MoveFootnotes_( *pFootnoteArr, true );
2681 pFootnoteArr.reset();
2682 }
2683 bMoved = true;
2684
2685 // update FootnoteNum only at page change
** CID 1448537: Memory - illegal accesses (WRAPPER_ESCAPE)
/sc/source/core/tool/compiler.cxx: 4726 in ScCompiler::CompileString(const rtl::OUString &)()
________________________________________________________________________________________________________
*** CID 1448537: Memory - illegal accesses (WRAPPER_ESCAPE)
/sc/source/core/tool/compiler.cxx: 4726 in ScCompiler::CompileString(const rtl::OUString &)()
4720 if (pFunctionStack != &aFuncs[0])
4721 delete [] pFunctionStack;
4722
4723 // remember pArr, in case a subsequent CompileTokenArray() is executed.
4724 std::unique_ptr<ScTokenArray> pNew(new ScTokenArray( aArr ));
4725 pNew->GenHash();
>>> CID 1448537: Memory - illegal accesses (WRAPPER_ESCAPE)
>>> The internal representation of local "pNew" escapes into "this->pArr", but is destroyed when it exits scope.
4726 pArr = pNew.get();
4727 maArrIterator = FormulaTokenArrayPlainIterator(*pArr);
4728
4729 if (!maExternalFiles.empty())
4730 {
4731 // Remove duplicates, and register all external files found in this cell.
** CID 1448536: (UNCAUGHT_EXCEPT)
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
________________________________________________________________________________________________________
*** CID 1448536: (UNCAUGHT_EXCEPT)
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
85 {
86 mpSet.reset();
87 mpDoc = nullptr;
88 }
89 }
90
>>> CID 1448536: (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::beans::UnknownPropertyException" is thrown but the throw list "throw()" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
91 void SdUnoPageBackground::fillItemSet( SdDrawDocument* pDoc, SfxItemSet& rSet ) throw()
92 {
93 rSet.ClearItem();
94
95 if( mpSet == nullptr )
96 {
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
85 {
86 mpSet.reset();
87 mpDoc = nullptr;
88 }
89 }
90
>>> CID 1448536: (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::beans::UnknownPropertyException" is thrown but the throw list "throw()" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
91 void SdUnoPageBackground::fillItemSet( SdDrawDocument* pDoc, SfxItemSet& rSet ) throw()
92 {
93 rSet.ClearItem();
94
95 if( mpSet == nullptr )
96 {
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
85 {
86 mpSet.reset();
87 mpDoc = nullptr;
88 }
89 }
90
>>> CID 1448536: (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::beans::UnknownPropertyException" is thrown but the throw list "throw()" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
91 void SdUnoPageBackground::fillItemSet( SdDrawDocument* pDoc, SfxItemSet& rSet ) throw()
92 {
93 rSet.ClearItem();
94
95 if( mpSet == nullptr )
96 {
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
85 {
86 mpSet.reset();
87 mpDoc = nullptr;
88 }
89 }
90
>>> CID 1448536: (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::beans::UnknownPropertyException" is thrown but the throw list "throw()" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
91 void SdUnoPageBackground::fillItemSet( SdDrawDocument* pDoc, SfxItemSet& rSet ) throw()
92 {
93 rSet.ClearItem();
94
95 if( mpSet == nullptr )
96 {
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
85 {
86 mpSet.reset();
87 mpDoc = nullptr;
88 }
89 }
90
>>> CID 1448536: (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::beans::UnknownPropertyException" is thrown but the throw list "throw()" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
91 void SdUnoPageBackground::fillItemSet( SdDrawDocument* pDoc, SfxItemSet& rSet ) throw()
92 {
93 rSet.ClearItem();
94
95 if( mpSet == nullptr )
96 {
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
85 {
86 mpSet.reset();
87 mpDoc = nullptr;
88 }
89 }
90
>>> CID 1448536: (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::beans::UnknownPropertyException" is thrown but the throw list "throw()" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
91 void SdUnoPageBackground::fillItemSet( SdDrawDocument* pDoc, SfxItemSet& rSet ) throw()
92 {
93 rSet.ClearItem();
94
95 if( mpSet == nullptr )
96 {
/sd/source/ui/unoidl/unopback.cxx: 91 in SdUnoPageBackground::fillItemSet(SdDrawDocument *, SfxItemSet &)()
85 {
86 mpSet.reset();
87 mpDoc = nullptr;
88 }
89 }
90
>>> CID 1448536: (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::beans::UnknownPropertyException" is thrown but the throw list "throw()" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
91 void SdUnoPageBackground::fillItemSet( SdDrawDocument* pDoc, SfxItemSet& rSet ) throw()
92 {
93 rSet.ClearItem();
94
95 if( mpSet == nullptr )
96 {
** CID 1448535: (CTOR_DTOR_LEAK)
________________________________________________________________________________________________________
*** CID 1448535: (CTOR_DTOR_LEAK)
/usr/include/c++/8/bits/hashtable.h: 445 in std::_Hashtable<rtl::OUString, std::pair<const rtl::OUString, rtl::OUString>, std::allocator<std::pair<const rtl::OUString, rtl::OUString>>, std::__detail::_Select1st, std::equal_to<rtl::OUString>, std::hash<rtl::OUString>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<(bool)1, (bool)0, (bool)1>>::_Hashtable(unsigned long, const std::hash<rtl::OUString> &, const std::equal_to<rtl::OUString> &, const std::allocator<std::pair<const rtl::OUString, rtl::OUString>>&)()
439
440 explicit
441 _Hashtable(size_type __n,
442 const _H1& __hf = _H1(),
443 const key_equal& __eql = key_equal(),
444 const allocator_type& __a = allocator_type())
>>> CID 1448535: (CTOR_DTOR_LEAK)
>>> Calling allocation function "_Hashtable".
445 : _Hashtable(__n, __hf, _H2(), _Hash(), __eql,
446 __key_extract(), __a)
447 { }
448
449 template<typename _InputIterator>
450 _Hashtable(_InputIterator __f, _InputIterator __l,
/usr/include/c++/8/bits/hashtable.h: 445 in std::_Hashtable<rtl::OUString, rtl::OUString, std::allocator<rtl::OUString>, std::__detail::_Identity, std::equal_to<rtl::OUString>, std::hash<rtl::OUString>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<(bool)1, (bool)1, (bool)1>>::_Hashtable(unsigned long, const std::hash<rtl::OUString> &, const std::equal_to<rtl::OUString> &, const std::allocator<rtl::OUString>&)()
439
440 explicit
441 _Hashtable(size_type __n,
442 const _H1& __hf = _H1(),
443 const key_equal& __eql = key_equal(),
444 const allocator_type& __a = allocator_type())
>>> CID 1448535: (CTOR_DTOR_LEAK)
>>> Calling allocation function "_Hashtable".
445 : _Hashtable(__n, __hf, _H2(), _Hash(), __eql,
446 __key_extract(), __a)
447 { }
448
449 template<typename _InputIterator>
450 _Hashtable(_InputIterator __f, _InputIterator __l,
/usr/include/c++/8/bits/hashtable.h: 445 in std::_Hashtable<rtl::OUString, std::pair<const rtl::OUString, const char *>, std::allocator<std::pair<const rtl::OUString, const char *>>, std::__detail::_Select1st, std::equal_to<rtl::OUString>, std::hash<rtl::OUString>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<(bool)1, (bool)0, (bool)1>>::_Hashtable(unsigned long, const std::hash<rtl::OUString> &, const std::equal_to<rtl::OUString> &, const std::allocator<std::pair<const rtl::OUString, const char *>>&)()
439
440 explicit
441 _Hashtable(size_type __n,
442 const _H1& __hf = _H1(),
443 const key_equal& __eql = key_equal(),
444 const allocator_type& __a = allocator_type())
>>> CID 1448535: (CTOR_DTOR_LEAK)
>>> Calling allocation function "_Hashtable".
445 : _Hashtable(__n, __hf, _H2(), _Hash(), __eql,
446 __key_extract(), __a)
447 { }
448
449 template<typename _InputIterator>
450 _Hashtable(_InputIterator __f, _InputIterator __l,
/usr/include/c++/8/bits/hashtable.h: 445 in std::_Hashtable<com::sun::star::uno::Reference<com::sun::star::drawing::XShape>, std::pair<const com::sun::star::uno::Reference<com::sun::star::drawing::XShape>, std::shared_ptr<slideshow::internal::Shape>>, std::allocator<std::pair<const com::sun::star::uno::Reference<com::sun::star::drawing::XShape>, std::shared_ptr<slideshow::internal::Shape>>>, std::__detail::_Select1st, std::equal_to<com::sun::star::uno::Reference<com::sun::star::drawing::XShape>>, slideshow::internal::hash<com::sun::star::uno::Reference<com::sun::star::drawing::XShape>>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<(bool)1, (bool)0, (bool)1>>::_Hashtable(unsigned long, const slideshow::internal::hash<com::sun::star::uno::Reference<com::sun::star::drawing::XShape>> &, const std::equal_to<com::sun::star::uno::Reference<com::sun::star::drawing::XShape>> &, const std::allocator<std::pair<const com::sun::star::uno::Reference<com::sun::star::drawing::XShape>, std::shared_ptr<slideshow::internal::Shape>>>&)()
439
440 explicit
441 _Hashtable(size_type __n,
442 const _H1& __hf = _H1(),
443 const key_equal& __eql = key_equal(),
444 const allocator_type& __a = allocator_type())
>>> CID 1448535: (CTOR_DTOR_LEAK)
>>> Calling allocation function "_Hashtable".
445 : _Hashtable(__n, __hf, _H2(), _Hash(), __eql,
446 __key_extract(), __a)
447 { }
448
449 template<typename _InputIterator>
450 _Hashtable(_InputIterator __f, _InputIterator __l,
/usr/include/c++/8/bits/hashtable.h: 445 in std::_Hashtable<rtl::OUString, std::pair<const rtl::OUString, vcl::SmallOUStrMap>, std::allocator<std::pair<const rtl::OUString, vcl::SmallOUStrMap>>, std::__detail::_Select1st, std::equal_to<rtl::OUString>, std::hash<rtl::OUString>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<(bool)1, (bool)0, (bool)1>>::_Hashtable(unsigned long, const std::hash<rtl::OUString> &, const std::equal_to<rtl::OUString> &, const std::allocator<std::pair<const rtl::OUString, vcl::SmallOUStrMap>>&)()
439
440 explicit
441 _Hashtable(size_type __n,
442 const _H1& __hf = _H1(),
443 const key_equal& __eql = key_equal(),
444 const allocator_type& __a = allocator_type())
>>> CID 1448535: (CTOR_DTOR_LEAK)
>>> Calling allocation function "_Hashtable".
445 : _Hashtable(__n, __hf, _H2(), _Hash(), __eql,
446 __key_extract(), __a)
447 { }
448
449 template<typename _InputIterator>
450 _Hashtable(_InputIterator __f, _InputIterator __l,
/usr/include/c++/8/bits/hashtable.h: 445 in std::_Hashtable<unsigned int, std::pair<const unsigned int, oglcanvas::TextureCache::CacheEntry>, std::allocator<std::pair<const unsigned int, oglcanvas::TextureCache::CacheEntry>>, std::__detail::_Select1st, std::equal_to<unsigned int>, std::hash<unsigned int>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<(bool)0, (bool)0, (bool)1>>::_Hashtable(unsigned long, const std::hash<unsigned int> &, const std::equal_to<unsigned int> &, const std::allocator<std::pair<const unsigned int, oglcanvas::TextureCache::CacheEntry>>&)()
439
440 explicit
441 _Hashtable(size_type __n,
442 const _H1& __hf = _H1(),
443 const key_equal& __eql = key_equal(),
444 const allocator_type& __a = allocator_type())
>>> CID 1448535: (CTOR_DTOR_LEAK)
>>> Calling allocation function "_Hashtable".
445 : _Hashtable(__n, __hf, _H2(), _Hash(), __eql,
446 __key_extract(), __a)
447 { }
448
449 template<typename _InputIterator>
450 _Hashtable(_InputIterator __f, _InputIterator __l,
/usr/include/c++/8/bits/hashtable.h: 445 in std::_Hashtable<rtl::OUString, std::pair<const rtl::OUString, OpCode>, std::allocator<std::pair<const rtl::OUString, OpCode>>, std::__detail::_Select1st, std::equal_to<rtl::OUString>, std::hash<rtl::OUString>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<(bool)1, (bool)0, (bool)1>>::_Hashtable(unsigned long, const std::hash<rtl::OUString> &, const std::equal_to<rtl::OUString> &, const std::allocator<std::pair<const rtl::OUString, OpCode>>&)()
439
440 explicit
441 _Hashtable(size_type __n,
442 const _H1& __hf = _H1(),
443 const key_equal& __eql = key_equal(),
444 const allocator_type& __a = allocator_type())
>>> CID 1448535: (CTOR_DTOR_LEAK)
>>> Calling allocation function "_Hashtable".
445 : _Hashtable(__n, __hf, _H2(), _Hash(), __eql,
446 __key_extract(), __a)
447 { }
448
449 template<typename _InputIterator>
450 _Hashtable(_InputIterator __f, _InputIterator __l,
/usr/include/c++/8/bits/hashtable.h: 445 in std::_Hashtable<rtl::OUString, std::pair<const rtl::OUString, int>, std::allocator<std::pair<const rtl::OUString, int>>, std::__detail::_Select1st, std::equal_to<rtl::OUString>, std::hash<rtl::OUString>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<(bool)1, (bool)0, (bool)1>>::_Hashtable(unsigned long, const std::hash<rtl::OUString> &, const std::equal_to<rtl::OUString> &, const std::allocator<std::pair<const rtl::OUString, int>>&)()
439
440 explicit
441 _Hashtable(size_type __n,
442 const _H1& __hf = _H1(),
443 const key_equal& __eql = key_equal(),
444 const allocator_type& __a = allocator_type())
>>> CID 1448535: (CTOR_DTOR_LEAK)
>>> Calling allocation function "_Hashtable".
445 : _Hashtable(__n, __hf, _H2(), _Hash(), __eql,
446 __key_extract(), __a)
447 { }
448
449 template<typename _InputIterator>
450 _Hashtable(_InputIterator __f, _InputIterator __l,
/usr/include/c++/8/bits/hashtable.h: 445 in std::_Hashtable<int, std::pair<const int, SalDisplay::RenderEntry>, std::allocator<std::pair<const int, SalDisplay::RenderEntry>>, std::__detail::_Select1st, std::equal_to<int>, std::hash<int>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<(bool)0, (bool)0, (bool)1>>::_Hashtable(unsigned long, const std::hash<int> &, const std::equal_to<int> &, const std::allocator<std::pair<const int, SalDisplay::RenderEntry>>&)()
439
440 explicit
441 _Hashtable(size_type __n,
442 const _H1& __hf = _H1(),
443 const key_equal& __eql = key_equal(),
444 const allocator_type& __a = allocator_type())
>>> CID 1448535: (CTOR_DTOR_LEAK)
>>> Calling allocation function "_Hashtable".
445 : _Hashtable(__n, __hf, _H2(), _Hash(), __eql,
446 __key_extract(), __a)
447 { }
448
449 template<typename _InputIterator>
450 _Hashtable(_InputIterator __f, _InputIterator __l,
/usr/include/c++/8/bits/hashtable.h: 445 in std::_Hashtable<slideshow::internal::<unnamed>::ShapeHashKey, std::pair<const slideshow::internal::<unnamed>::ShapeHashKey, std::vector<com::sun::star::beans::NamedValue, std::allocator<com::sun::star::beans::NamedValue>>>, std::allocator<std::pair<const slideshow::internal::<unnamed>::ShapeHashKey, std::vector<com::sun::star::beans::NamedValue, std::allocator<com::sun::star::beans::NamedValue>>>>, std::__detail::_Select1st, std::equal_to<slideshow::internal::<unnamed>::ShapeHashKey>, slideshow::internal::<unnamed>::ShapeKeyHasher, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<(bool)1, (bool)0, (bool)1>>::_Hashtable(unsigned long, const slideshow::internal::<unnamed>::ShapeKeyHasher &, const std::equal_to<slideshow::internal::<unnamed>::ShapeHashKey> &, const std::allocator<std::pair<const slideshow::internal::<unnamed>::ShapeHashKey, std::vector<com::sun::star::beans::NamedValue, std::allocator<com::sun::star::beans::NamedValue>>>>&)()
439
440 explicit
441 _Hashtable(size_type __n,
442 const _H1& __hf = _H1(),
443 const key_equal& __eql = key_equal(),
444 const allocator_type& __a = allocator_type())
>>> CID 1448535: (CTOR_DTOR_LEAK)
>>> Calling allocation function "_Hashtable".
445 : _Hashtable(__n, __hf, _H2(), _Hash(), __eql,
446 __key_extract(), __a)
447 { }
448
449 template<typename _InputIterator>
450 _Hashtable(_InputIterator __f, _InputIterator __l,
** CID 1448534: (USE_AFTER_FREE)
/sd/source/ui/view/sdview3.cxx: 1181 in sd::View::InsertData(const TransferableDataHelper &, const Point &, signed char &, bool, SotClipboardFormatId, unsigned short, o3tl::strong_int<unsigned char, SdrLayerIDTag>)()
/sd/source/ui/view/sdview3.cxx: 1184 in sd::View::InsertData(const TransferableDataHelper &, const Point &, signed char &, bool, SotClipboardFormatId, unsigned short, o3tl::strong_int<unsigned char, SdrLayerIDTag>)()
________________________________________________________________________________________________________
*** CID 1448534: (USE_AFTER_FREE)
/sd/source/ui/view/sdview3.cxx: 1181 in sd::View::InsertData(const TransferableDataHelper &, const Point &, signed char &, bool, SotClipboardFormatId, unsigned short, o3tl::strong_int<unsigned char, SdrLayerIDTag>)()
1175 nOptions |= SdrInsertFlags::DONTMARK;
1176 }
1177
1178 InsertObjectAtView( pObj, *pPV, nOptions );
1179
1180 if( pImageMap )
>>> CID 1448534: (USE_AFTER_FREE)
>>> Passing freed pointer "pObj" as an argument to "AppendUserData".
1181 pObj->AppendUserData( std::unique_ptr<SdrObjUserData>(new SdIMapInfo( *pImageMap )) );
1182
1183 // let the object stay in loaded state after insertion
1184 pObj->Unload();
1185 bReturn = true;
1186 }
/sd/source/ui/view/sdview3.cxx: 1184 in sd::View::InsertData(const TransferableDataHelper &, const Point &, signed char &, bool, SotClipboardFormatId, unsigned short, o3tl::strong_int<unsigned char, SdrLayerIDTag>)()
1178 InsertObjectAtView( pObj, *pPV, nOptions );
1179
1180 if( pImageMap )
1181 pObj->AppendUserData( std::unique_ptr<SdrObjUserData>(new SdIMapInfo( *pImageMap )) );
1182
1183 // let the object stay in loaded state after insertion
>>> CID 1448534: (USE_AFTER_FREE)
>>> Passing freed pointer "pObj" as an argument to "Unload".
1184 pObj->Unload();
1185 bReturn = true;
1186 }
1187 }
1188 }
1189
** CID 1448533: Uninitialized members (UNINIT_CTOR)
/vcl/source/font/Feature.cxx: 99 in vcl::font::FeatureDefinition::FeatureDefinition()()
________________________________________________________________________________________________________
*** CID 1448533: Uninitialized members (UNINIT_CTOR)
/vcl/source/font/Feature.cxx: 99 in vcl::font::FeatureDefinition::FeatureDefinition()()
93
94 FeatureDefinition::FeatureDefinition()
95 : m_pDescriptionID(nullptr)
96 , m_nCode(0)
97 , m_eType(FeatureParameterType::BOOL)
98 {
>>> CID 1448533: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_nDefault" is not initialized in this constructor nor in any functions that it calls.
99 }
100
101 FeatureDefinition::FeatureDefinition(uint32_t nCode, OUString const& rDescription,
102 FeatureParameterType eType,
103 std::vector<FeatureParameter> const& rEnumParameters,
104 uint32_t nDefault)
** CID 1448532: (OVERLAPPING_COPY)
/idlc/source/astexpression.cxx: 243 in coerce_value(AstExprValue *, ExprType)()
/idlc/source/astexpression.cxx: 300 in coerce_value(AstExprValue *, ExprType)()
/idlc/source/astexpression.cxx: 345 in coerce_value(AstExprValue *, ExprType)()
________________________________________________________________________________________________________
*** CID 1448532: (OVERLAPPING_COPY)
/idlc/source/astexpression.cxx: 243 in coerce_value(AstExprValue *, ExprType)()
237 ev->u.lval = static_cast<sal_Int32>(ev->u.ulval);
238 ev->et = ET_long;
239 return true;
240 case ET_hyper:
241 if (ev->u.hval < SAL_MIN_INT32 || ev->u.hval > SAL_MAX_INT32)
242 return false;
>>> CID 1448532: (OVERLAPPING_COPY)
>>> Assigning "ev->u.hval" to "ev->u.lval", which have overlapping memory locations and different types.
243 ev->u.lval = static_cast<sal_Int32>(ev->u.hval);
244 ev->et = ET_long;
245 return true;
246 case ET_uhyper:
247 if (ev->u.uhval > SAL_MAX_INT32)
248 return false;
/idlc/source/astexpression.cxx: 300 in coerce_value(AstExprValue *, ExprType)()
294 return true;
295 case ET_ulong:
296 return true;
297 case ET_hyper:
298 if (ev->u.hval < 0 || ev->u.hval > SAL_MAX_UINT32)
299 return false;
>>> CID 1448532: (OVERLAPPING_COPY)
>>> Assigning "ev->u.hval" to "ev->u.lval", which have overlapping memory locations and different types.
300 ev->u.lval = static_cast<sal_uInt32>(ev->u.hval);
301 ev->et = ET_ulong;
302 return true;
303 case ET_uhyper:
304 if (ev->u.uhval > SAL_MAX_UINT32)
305 return false;
/idlc/source/astexpression.cxx: 345 in coerce_value(AstExprValue *, ExprType)()
339 return true;
340 case ET_ushort:
341 ev->u.hval = static_cast<sal_Int64>(ev->u.usval);
342 ev->et = ET_hyper;
343 return true;
344 case ET_long:
>>> CID 1448532: (OVERLAPPING_COPY)
>>> Assigning "ev->u.lval" to "ev->u.hval", which have overlapping memory locations and different types.
345 ev->u.hval = static_cast<sal_Int64>(ev->u.lval);
346 ev->et = ET_hyper;
347 return true;
348 case ET_ulong:
349 ev->u.hval = static_cast<sal_Int64>(ev->u.ulval);
350 ev->et = ET_hyper;
** CID 1448531: SpotBugs: Dodgy code (FB.RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT)
/qadevOOo/tests/java/ifc/view/_XSelectionSupplier.java: 126 in ifc.view._XSelectionSupplier._select()()
________________________________________________________________________________________________________
*** CID 1448531: SpotBugs: Dodgy code (FB.RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT)
/qadevOOo/tests/java/ifc/view/_XSelectionSupplier.java: 126 in ifc.view._XSelectionSupplier._select()()
120 locRes = oObj.select(selections[i]);
121 log.println("select #" + i + ": " + locRes);
122 Object curSelection = oObj.getSelection();
123 if (locRes) {
124
125 if (ObjCompare != null) {
>>> CID 1448531: SpotBugs: Dodgy code (FB.RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT)
>>> Return value of java.util.Comparator.compare(Object, Object) ignored, but method has no side effect.
126 ObjCompare.compare(selections[i], curSelection);
127 } else {
128 compRes = util.ValueComparer.equalValue(selections[i], curSelection);
129 }
130 log.println("selected object and current selection are equal: "+compRes);
131 if (!compRes && (selections[i]) instanceof Object[]){
** CID 1448530: SpotBugs: Dodgy code (FB.RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT)
/qadevOOo/tests/java/mod/_dbaccess/OQueryDesign.java: 193 in mod._dbaccess.OQueryDesign.getUnititializedObj(lib.TestParameters)()
________________________________________________________________________________________________________
*** CID 1448530: SpotBugs: Dodgy code (FB.RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT)
/qadevOOo/tests/java/mod/_dbaccess/OQueryDesign.java: 193 in mod._dbaccess.OQueryDesign.getUnititializedObj(lib.TestParameters)()
187 // get an instance of QueryDesign
188 Object oQueryDesign = xMSF.createInstance("com.sun.star.sdb.QueryDesign");
189
190 XController xCont = UnoRuntime.queryInterface(XController.class, oQueryDesign);
191
192 // marry them all
>>> CID 1448530: SpotBugs: Dodgy code (FB.RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT)
>>> Return value of com.sun.star.frame.XController.attachModel(XModel) ignored, but method has no side effect.
193 xCont.attachModel(xMod);
194 xMod.connectController(xCont);
195 xMod.setCurrentController(xCont);
196
197 return UnoRuntime.queryInterface(XInitialization.class, oQueryDesign);
198 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB73RtgzoPcQtNNP5dkHLuV1E-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyCCycEVsxxa6xyESei2JXHFJ15SMkxlD91HvOI-2BUpIQ5JRPevvbiEYbOVGNFu47WOerW2Nfomn-2FvMEHUulf6vfVO2YDsjEfX2HKRDrLFqTxcWUB32iv-2Fcp3AwCvE9UXfTIH6-2BhNh08iDTiimZ7eTPpr-2B4NluUVF-2BwQNFyRHDJ7nI-3D
More information about the LibreOffice
mailing list