New Defects reported by Coverity Scan for LibreOffice
scan-admin at coverity.com
scan-admin at coverity.com
Sat Jun 19 06:07:50 UTC 2021
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
5 new defect(s) introduced to LibreOffice found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)
** CID 1486008: Null pointer dereferences (FORWARD_NULL)
/sccomp/source/solver/SwarmSolver.cxx: 254 in <unnamed>::SwarmSolver::getPropertyDescription(const rtl::OUString &)()
________________________________________________________________________________________________________
*** CID 1486008: Null pointer dereferences (FORWARD_NULL)
/sccomp/source/solver/SwarmSolver.cxx: 254 in <unnamed>::SwarmSolver::getPropertyDescription(const rtl::OUString &)()
248 case PROP_ALGORITHM:
249 pResId = RID_PROPERTY_ALGORITHM;
250 break;
251 default:
252 break;
253 }
>>> CID 1486008: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "pResId" to "basic_string_view", which dereferences it. (The dereference is assumed on the basis of the "nonnull" parameter attribute.)
254 return SwarmSolver::getResourceString(pResId);
255 }
256
257 // XServiceInfo
258 virtual OUString SAL_CALL getImplementationName() override
259 {
** CID 1486007: Memory - illegal accesses (USE_AFTER_FREE)
________________________________________________________________________________________________________
*** CID 1486007: Memory - illegal accesses (USE_AFTER_FREE)
/sw/source/core/layout/ftnfrm.cxx: 1979 in SwFootnoteBossFrame::MoveFootnotes_(std::vector<SwFootnoteFrame *, std::allocator<SwFootnoteFrame *>> &, bool)()
1973 const sal_uInt16 nRefCol = lcl_ColumnNum( this );
1974 if( nRefNum < nMyNum || ( nRefNum == nMyNum && nRefCol <= nMyCol ) )
1975 pRefBoss = this;
1976 }
1977 pRefBoss->InsertFootnote( pFootnote );
1978
>>> CID 1486007: Memory - illegal accesses (USE_AFTER_FREE)
>>> Calling "GetUpper" dereferences freed pointer "pFootnote".
1979 if ( pFootnote->GetUpper() ) // robust, e.g. with duplicates
1980 {
1981 // First condense the content so that footnote frames that do not fit on the page
1982 // do not do too much harm (Loop 66312). So, the footnote content first grows as
1983 // soon as the content gets formatted and it is sure that it fits on the page.
1984 SwFrame *pCnt = pFootnote->ContainsAny();
** CID 1486006: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________________________________________________
*** CID 1486006: Null pointer dereferences (FORWARD_NULL)
/sw/source/uibase/uno/unoatxt.cxx: 500 in SwXAutoTextGroup::getByIndex(int)()
494 std::unique_ptr<SwTextBlocks> pGlosGroup(pGlossaries ? pGlossaries->GetGroupDoc(m_sGroupName) : nullptr);
495 if (!pGlosGroup || pGlosGroup->GetError())
496 throw uno::RuntimeException();
497 const sal_uInt16 nCount = pGlosGroup->GetCount();
498 if (nIndex < 0 || nIndex >= static_cast<sal_Int32>(nCount))
499 throw lang::IndexOutOfBoundsException();
>>> CID 1486006: Null pointer dereferences (FORWARD_NULL)
>>> "getByName" dereferences null "this->pGlossaries".
500 return getByName(pGlosGroup->GetShortName(o3tl::narrowing<sal_uInt16>(nIndex)));
501 }
502
503 uno::Type SwXAutoTextGroup::getElementType()
504 {
505 return cppu::UnoType<text::XAutoTextEntry>::get();
** CID 1486005: Uninitialized members (UNINIT_CTOR)
/oox/source/drawingml/textliststyle.cxx: 41 in oox::drawingml::TextListStyle::TextListStyle(const oox::drawingml::TextListStyle&)()
________________________________________________________________________________________________________
*** CID 1486005: Uninitialized members (UNINIT_CTOR)
/oox/source/drawingml/textliststyle.cxx: 41 in oox::drawingml::TextListStyle::TextListStyle(const oox::drawingml::TextListStyle&)()
35 {
36 for ( size_t i = 0; i < NUM_TEXT_LIST_STYLE_ENTRIES; i++ )
37 {
38 maListStyle[i] = rStyle.maListStyle[i];
39 maAggregationListStyle[i] = rStyle.maAggregationListStyle[i];
40 }
>>> CID 1486005: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "mbHasListStyleOnImport" is not initialized in this constructor nor in any functions that it calls.
41 }
42
43 TextListStyle& TextListStyle::operator=(const TextListStyle& rStyle)
44 {
45 if(this != &rStyle)
46 {
** CID 1486004: Error handling issues (UNCAUGHT_EXCEPT)
/usr/include/c++/9/ext/new_allocator.h: 151 in __gnu_cxx::new_allocator<SwUndoInsLayFormat>::destroy<SwUndoInsLayFormat>(T1 *)()
________________________________________________________________________________________________________
*** CID 1486004: Error handling issues (UNCAUGHT_EXCEPT)
/usr/include/c++/9/ext/new_allocator.h: 151 in __gnu_cxx::new_allocator<SwUndoInsLayFormat>::destroy<SwUndoInsLayFormat>(T1 *)()
145 noexcept(noexcept(::new((void *)__p)
146 _Up(std::forward<_Args>(__args)...)))
147 { ::new((void *)__p) _Up(std::forward<_Args>(__args)...); }
148
149 template<typename _Up>
150 void
>>> CID 1486004: Error handling issues (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown but the throw list "noexcept" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
151 destroy(_Up* __p)
152 noexcept(noexcept( __p->~_Up()))
153 { __p->~_Up(); }
154 #else
155 // _GLIBCXX_RESOLVE_LIB_DEFECTS
156 // 402. wrong new expression in [some_] allocator::construct
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypSs1kiFPuCn2xFdlMIFBirii0zZ9j2-2F9F2XPBcBm2BNgi9duPy3v-2FzgFDd2LJ-2BDKI-3D_sj__OTq2XUZbbipYjyLSo6GRo-2FpVxQ9OzkDINu9UTS-2FQhSdO0F0jQniitrGlNxDIzPJiv9vLpsIvvi9AM5F0BEv-2FAkM0tH4Rgw2qUQqC1VQIvLhvmXAkgQFtynAeulySR28tBjKwUdpIiPmHx49B1GibGxXwKDpNLEeATuNpQYzekBuogQuRhwGju0kby4Fy1CC0UvIgbJfGFUizBaE9AQ8l9hHaEjnKMEtztkmN63V1J4U-3D
More information about the LibreOffice
mailing list