New Defects reported by Coverity Scan for LibreOffice
scan-admin at coverity.com
scan-admin at coverity.com
Thu Jan 15 10:50:56 PST 2015
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
7 new defect(s) introduced to LibreOffice found with Coverity Scan.
7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 7 of 7 defect(s)
** CID 1264390: Bad bit shift operation (BAD_SHIFT)
/vcl/source/gdi/dibtools.cxx: 769 in ImplReadDIBBody(SvStream &, Bitmap &, Bitmap *, unsigned long, bool)()
** CID 1264392: Logically dead code (DEADCODE)
/sw/source/core/doc/docdesc.cxx: 331 in SwDoc::CopyMasterFooter(const SwPageDesc &, const SwFmtFooter &, SwPageDesc &, bool, bool)()
** CID 1264391: Logically dead code (DEADCODE)
/sw/source/core/doc/docdesc.cxx: 255 in SwDoc::CopyMasterHeader(const SwPageDesc &, const SwFmtHeader &, SwPageDesc &, bool, bool)()
** CID 1264393: Missing break in switch (MISSING_BREAK)
/cui/source/dialogs/zoom.cxx: 81 in SvxZoomDialog::SetFactor(unsigned short, unsigned short)()
** CID 1264394: Missing break in switch (MISSING_BREAK)
/cui/source/dialogs/zoom.cxx: 86 in SvxZoomDialog::SetFactor(unsigned short, unsigned short)()
** CID 1264395: Out-of-bounds access (OVERRUN)
/sot/source/sdstor/ucbstorage.cxx: 680 in UCBStorageStream_Impl::UCBStorageStream_Impl(const rtl::OUString &, StreamMode, UCBStorageStream *, bool, const rtl::OString *, bool, com::sun::star::uno::Reference<com::sun::star::ucb::XProgressHandler>)()
** CID 1264396: Uninitialized scalar field (UNINIT_CTOR)
/vcl/opengl/gdiimpl.cxx: 54 in OpenGLSalGraphicsImpl::OpenGLSalGraphicsImpl(SalGraphics &, SalGeometryProvider *)()
________________________________________________________________________________________________________
*** CID 1264390: Bad bit shift operation (BAD_SHIFT)
/vcl/source/gdi/dibtools.cxx: 769 in ImplReadDIBBody(SvStream &, Bitmap &, Bitmap *, unsigned long, bool)()
763 if(aHeader.nColsUsed)
764 {
765 nColors = (sal_uInt16)aHeader.nColsUsed;
766 }
767 else
768 {
>>> CID 1264390: Bad bit shift operation (BAD_SHIFT)
>>> In expression "1 << aHeader.nBitCount", left shifting by more than 31 bits has undefined behavior. The shift amount, "aHeader.nBitCount", is 32.
769 nColors = ( 1 << aHeader.nBitCount );
770 }
771 }
772
773 if(ZCOMPRESS == aHeader.nCompression)
774 {
________________________________________________________________________________________________________
*** CID 1264392: Logically dead code (DEADCODE)
/sw/source/core/doc/docdesc.cxx: 331 in SwDoc::CopyMasterFooter(const SwPageDesc &, const SwFmtFooter &, SwPageDesc &, bool, bool)()
325 {
326 const SwFrmFmt *pRight = rFoot.GetFooterFmt();
327 const SwFmtCntnt &aRCnt = pRight->GetCntnt();
328 const SwFmtCntnt &aLCnt = rFmtFoot.GetFooterFmt()->GetCntnt();
329 if( !aLCnt.GetCntntIdx() )
330 {
>>> CID 1264392: Logically dead code (DEADCODE)
>>> Execution cannot reach the expression "rChged->GetFirstLeft()" inside this statement: "rChgedFrmFmt = (bFirst ? bL...".
331 const SwFrmFmt& rChgedFrmFmt = (bFirst)
332 ? (bLeft) ? rChged.GetFirstLeft() : rChged.GetFirstMaster()
333 : rChged.GetLeft();
334 rDescFrmFmt.SetFmtAttr( rChgedFrmFmt.GetFooter() );
335 }
336 else if ((*aRCnt.GetCntntIdx() == *aLCnt.GetCntntIdx()) ||
________________________________________________________________________________________________________
*** CID 1264391: Logically dead code (DEADCODE)
/sw/source/core/doc/docdesc.cxx: 255 in SwDoc::CopyMasterHeader(const SwPageDesc &, const SwFmtHeader &, SwPageDesc &, bool, bool)()
249 const SwFrmFmt *pRight = rHead.GetHeaderFmt();
250 const SwFmtCntnt &aRCnt = pRight->GetCntnt();
251 const SwFmtCntnt &aCnt = rFmtHead.GetHeaderFmt()->GetCntnt();
252
253 if (!aCnt.GetCntntIdx())
254 {
>>> CID 1264391: Logically dead code (DEADCODE)
>>> Execution cannot reach the expression "rChged->GetFirstLeft()" inside this statement: "rChgedFrmFmt = (bFirst ? bL...".
255 const SwFrmFmt& rChgedFrmFmt = (bFirst)
256 ? (bLeft) ? rChged.GetFirstLeft() : rChged.GetFirstMaster()
257 : rChged.GetLeft();
258 rDescFrmFmt.SetFmtAttr( rChgedFrmFmt.GetHeader() );
259 }
260 else if ((*aRCnt.GetCntntIdx() == *aCnt.GetCntntIdx()) ||
________________________________________________________________________________________________________
*** CID 1264393: Missing break in switch (MISSING_BREAK)
/cui/source/dialogs/zoom.cxx: 81 in SvxZoomDialog::SetFactor(unsigned short, unsigned short)()
75 {
76 case ZOOMBTN_OPTIMAL:
77 {
78 m_pOptimalBtn->Check();
79 m_pOptimalBtn->GrabFocus();
80 }
>>> CID 1264393: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
81 case ZOOMBTN_PAGEWIDTH:
82 {
83 m_pPageWidthBtn->Check();
84 m_pPageWidthBtn->GrabFocus();
85 }
86 case ZOOMBTN_WHOLEPAGE:
________________________________________________________________________________________________________
*** CID 1264394: Missing break in switch (MISSING_BREAK)
/cui/source/dialogs/zoom.cxx: 86 in SvxZoomDialog::SetFactor(unsigned short, unsigned short)()
80 }
81 case ZOOMBTN_PAGEWIDTH:
82 {
83 m_pPageWidthBtn->Check();
84 m_pPageWidthBtn->GrabFocus();
85 }
>>> CID 1264394: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
86 case ZOOMBTN_WHOLEPAGE:
87 {
88 m_pWholePageBtn->Check();
89 m_pWholePageBtn->GrabFocus();
90 }
91 }
________________________________________________________________________________________________________
*** CID 1264395: Out-of-bounds access (OVERRUN)
/sot/source/sdstor/ucbstorage.cxx: 680 in UCBStorageStream_Impl::UCBStorageStream_Impl(const rtl::OUString &, StreamMode, UCBStorageStream *, bool, const rtl::OString *, bool, com::sun::star::uno::Reference<com::sun::star::ucb::XProgressHandler>)()
674
675 // stream is encrypted and should be decrypted (without setting the key we'll get the raw data)
676 sal_uInt8 aBuffer[RTL_DIGEST_LENGTH_SHA1];
677 rtlDigestError nErr = rtl_digest_SHA1( pKey->getStr(), pKey->getLength(), aBuffer, RTL_DIGEST_LENGTH_SHA1 );
678 if ( nErr == rtl_Digest_E_None )
679 {
>>> CID 1264395: Out-of-bounds access (OVERRUN)
>>> Assigning: "pBuffer" = "aBuffer". "pBuffer" now points to byte 0 of "aBuffer" (which consists of 20 bytes).
680 sal_uInt8* pBuffer = aBuffer;
681 ::com::sun::star::uno::Sequence < sal_Int8 > aSequ( (sal_Int8*) pBuffer, RTL_DIGEST_LENGTH_SHA1 );
682 ::com::sun::star::uno::Any aAny;
683 aAny <<= aSequ;
684 m_pContent->setPropertyValue("EncryptionKey", aAny );
685 }
________________________________________________________________________________________________________
*** CID 1264396: Uninitialized scalar field (UNINIT_CTOR)
/vcl/opengl/gdiimpl.cxx: 54 in OpenGLSalGraphicsImpl::OpenGLSalGraphicsImpl(SalGraphics &, SalGeometryProvider *)()
48 , mnLineColor(SALCOLOR_NONE)
49 , mnFillColor(SALCOLOR_NONE)
50 #ifdef DBG_UTIL
51 , mProgramIsSolidColor(false)
52 #endif
53 {
>>> CID 1264396: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "mProgramSolidTransparency" is not initialized in this constructor nor in any functions that it calls.
54 }
55
56 OpenGLSalGraphicsImpl::~OpenGLSalGraphicsImpl()
57 {
58 ReleaseContext();
59 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/211?tab=overview
To manage Coverity Scan email notifications for "libreoffice at lists.freedesktop.org", click http://scan.coverity.com/subscriptions/edit?email=libreoffice%40lists.freedesktop.org&token=d6481d718a775246b2340f282ebe5939 .
More information about the LibreOffice
mailing list