New Defects reported by Coverity Scan for LibreOffice

scan-admin at coverity.com scan-admin at coverity.com
Sat Dec 12 04:49:51 PST 2015 

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
21 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1341876:  Insecure data handling  (TAINTED_SCALAR)
/sw/source/filter/ww8/ww8scan.cxx: 6372 in MSOPropertyBag::Read(SvStream &)()


________________________________________________________________________________________________________
*** CID 1341876:  Insecure data handling  (TAINTED_SCALAR)
/sw/source/filter/ww8/ww8scan.cxx: 6372 in MSOPropertyBag::Read(SvStream &)()
6366     void MSOPropertyBag::Read(SvStream& rStream)
6367     {
6368         rStream.ReadUInt16(m_nId);
6369         sal_uInt16 cProp(0);
6370         rStream.ReadUInt16(cProp);
6371         rStream.SeekRel(2); // cbUnknown
>>>     CID 1341876:  Insecure data handling  (TAINTED_SCALAR)
>>>     Using tainted variable "cProp" as a loop boundary.
6372         for (sal_uInt16 i = 0; i < cProp; ++i)
6373         {
6374             MSOProperty aProperty;
6375             aProperty.Read(rStream);
6376             m_aProperties.push_back(aProperty);
6377         }

** CID 1341875:  Incorrect expression  (DIVIDE_BY_ZERO)
/lotuswordpro/source/filter/lwptablelayout.cxx: 614 in LwpTableLayout::RegisterColumns()()


________________________________________________________________________________________________________
*** CID 1341875:  Incorrect expression  (DIVIDE_BY_ZERO)
/lotuswordpro/source/filter/lwptablelayout.cxx: 614 in LwpTableLayout::RegisterColumns()()
608                 dTableWidth = dDefaultColumn;
609                 assert(false);
610             }
611         }
612     
613         // justifiable columns will share the remain width averagely
>>>     CID 1341875:  Incorrect expression  (DIVIDE_BY_ZERO)
>>>     In expression "dTableWidth / nJustifiableColumn", division by expression "nJustifiableColumn" which may be zero has undefined behavior.
614         dDefaultColumn = dTableWidth/nJustifiableColumn;
615     
616         // register default column style
617         XFColStyle *pColStyle = new XFColStyle();
618         pColStyle->SetWidth(static_cast<float>(dDefaultColumn));
619     


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/libreoffice?tab=overview

To manage Coverity Scan email notifications for "libreoffice at lists.freedesktop.org", click https://scan.coverity.com/subscriptions/edit?email=libreoffice%40lists.freedesktop.org&token=d6481d718a775246b2340f282ebe5939

More information about the LibreOffice mailing list