New Defects reported by Coverity Scan for LibreOffice
scan-admin at coverity.com
scan-admin at coverity.com
Mon Dec 1 13:18:18 PST 2014
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
1 new defect(s) introduced to LibreOffice found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1256310: Don't call (DC.WEAK_CRYPTO)
/vcl/workben/vcldemo.cxx: 318 in DemoRenderer::DrawText::RenderRegion(OutputDevice &, Rectangle, const DemoRenderer::RenderContext &)()
________________________________________________________________________________________________________
*** CID 1256310: Don't call (DC.WEAK_CRYPTO)
/vcl/workben/vcldemo.cxx: 318 in DemoRenderer::DrawText::RenderRegion(OutputDevice &, Rectangle, const DemoRenderer::RenderContext &)()
312 for (size_t i = 0; i < SAL_N_ELEMENTS(pNames); i++)
313 maFontNames.push_back(OUString::createFromAscii(pNames[i]));
314 #define PRINT_N_TEXT 20
315 for (int i = 0; i < PRINT_N_TEXT; i++) {
316 rDev.SetTextColor(Color(nCols[i % SAL_N_ELEMENTS(nCols)]));
317 // random font size to avoid buffering
>>> CID 1256310: Don't call (DC.WEAK_CRYPTO)
>>> "rand()" should not be used for security related applications, as linear congruential algorithms are too easy to break.
318 vcl::Font aFont(maFontNames[i % maFontNames.size()], Size(0, 1 + i * (0.9 + (double)rand()/10/RAND_MAX) * (r.Top() - r.Bottom())/PRINT_N_TEXT));
319 rDev.SetFont(aFont);
320 rDev.DrawText(r, aText.copy(0, 4 + (aText.getLength() - 4) * (PRINT_N_TEXT - i)/PRINT_N_TEXT));
321 }
322 }
323 };
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/211?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
More information about the LibreOffice
mailing list