New Defects reported by Coverity Scan for LibreOffice

scan-admin at coverity.com scan-admin at coverity.com
Thu Oct 20 17:48:23 UTC 2016 

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

5 new defect(s) introduced to LibreOffice found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 1374093:  Control flow issues  (UNREACHABLE)
/xmlsecurity/source/pdfio/pdfdocument.cxx: 1419 in xmlsecurity::pdfio::PDFDocument::ValidateSignature(SvStream &, xmlsecurity::pdfio::PDFObjectElement *, SignatureInformation &)()


________________________________________________________________________________________________________
*** CID 1374093:  Control flow issues  (UNREACHABLE)
/xmlsecurity/source/pdfio/pdfdocument.cxx: 1419 in xmlsecurity::pdfio::PDFDocument::ValidateSignature(SvStream &, xmlsecurity::pdfio::PDFObjectElement *, SignatureInformation &)()
1413         NSS_CMSSignerInfo_Destroy(pCMSSignerInfo);
1414     
1415         return true;
1416     #endif
1417     
1418         // Not implemented.
>>>     CID 1374093:  Control flow issues  (UNREACHABLE)
>>>     This code cannot be reached: "(void)rStream;".
1419         (void)rStream;
1420         (void)rInformation;
1421     
1422         return false;
1423     }
1424     

** CID 1374092:  Control flow issues  (UNREACHABLE)
/xmlsecurity/source/pdfio/pdfdocument.cxx: 620 in xmlsecurity::pdfio::PDFDocument::Sign(const com::sun::star::uno::Reference<com::sun::star::security::XCertificate> &)()


________________________________________________________________________________________________________
*** CID 1374092:  Control flow issues  (UNREACHABLE)
/xmlsecurity/source/pdfio/pdfdocument.cxx: 620 in xmlsecurity::pdfio::PDFDocument::Sign(const com::sun::star::uno::Reference<com::sun::star::security::XCertificate> &)()
614         NSS_CMSMessage_Destroy(pCMSMessage);
615     
616         return true;
617     #endif
618     
619         // Not implemented.
>>>     CID 1374092:  Control flow issues  (UNREACHABLE)
>>>     This code cannot be reached: "(void)pDerEncoded;".
620         (void)pDerEncoded;
621         (void)nDerEncoded;
622     
623         return false;
624     }
625     

** CID 1374091:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/vcl/source/gdi/CommonSalLayout.cxx: 105 in scaleHbFont(hb_font_t *, const FontSelectPattern &)()


________________________________________________________________________________________________________
*** CID 1374091:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/vcl/source/gdi/CommonSalLayout.cxx: 105 in scaleHbFont(hb_font_t *, const FontSelectPattern &)()
99         return pHbFont;
100     }
101     
102     static void scaleHbFont(hb_font_t* pHbFont, const FontSelectPattern& aFontSelData)
103     {
104         uint64_t nXScale = aFontSelData.mnWidth << 6;
>>>     CID 1374091:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
>>>     Potentially overflowing expression "aFontSelData.mnHeight << 6" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
105         uint64_t nYScale = aFontSelData.mnHeight << 6;
106     
107     #if defined(_WIN32)
108         // HACK to get stretched/shrunken text. TODO: Get rid of HACK
109         if (nXScale)
110             nXScale = double(nXScale) * 1.812;

** CID 1374090:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/vcl/source/gdi/CommonSalLayout.cxx: 104 in scaleHbFont(hb_font_t *, const FontSelectPattern &)()


________________________________________________________________________________________________________
*** CID 1374090:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/vcl/source/gdi/CommonSalLayout.cxx: 104 in scaleHbFont(hb_font_t *, const FontSelectPattern &)()
98     
99         return pHbFont;
100     }
101     
102     static void scaleHbFont(hb_font_t* pHbFont, const FontSelectPattern& aFontSelData)
103     {
>>>     CID 1374090:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
>>>     Potentially overflowing expression "aFontSelData.mnWidth << 6" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
104         uint64_t nXScale = aFontSelData.mnWidth << 6;
105         uint64_t nYScale = aFontSelData.mnHeight << 6;
106     
107     #if defined(_WIN32)
108         // HACK to get stretched/shrunken text. TODO: Get rid of HACK
109         if (nXScale)

** CID 1374089:  Error handling issues  (CHECKED_RETURN)
/comphelper/source/misc/backupfilehelper.cxx: 1694 in comphelper::BackupFileHelper::getInitialBaseURL()()


________________________________________________________________________________________________________
*** CID 1374089:  Error handling issues  (CHECKED_RETURN)
/comphelper/source/misc/backupfilehelper.cxx: 1694 in comphelper::BackupFileHelper::getInitialBaseURL()()
1688                     if (-1 == nEnd)
1689                     {
1690                         nEnd = conf.getLength();
1691                     }
1692     
1693                     maInitialBaseURL = conf.copy(nStart, nEnd - nStart);
>>>     CID 1374089:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "startsWith" without checking return value (as is done elsewhere 119 out of 122 times).
1694                     maInitialBaseURL.startsWith("!", &maInitialBaseURL);
1695                 }
1696     
1697                 if (!maInitialBaseURL.isEmpty())
1698                 {
1699                     // split URL at extension and at last path separator


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyq2MVNlUr6nKy6rOAtw-2FR-2FPo7DO5AFgs1rO9TVXlb85TER658uFKRYB5QNfY4f-2BqUITGdMmw3-2FESK71E8dsQ5IAvFt1Xy5VVkXJp73ox3fa-2FcfSuwx-2FtisbABmxXUnfg2wPFjNs7W-2FTm6unbZyKeqL9L5hOFIqjo6PlVkoa3UWQ8-3D

To manage Coverity Scan email notifications for "libreoffice at lists.freedesktop.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5N5X-2B1MAElavPQhH6nLwozJzqOkt2k8uOkYf2ZoppNa9QVe0T3fEZVQ7Kky1tOkLz_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyq2MVNlUr6nKy6rOAtw-2FR-2FLz4x2IUmedDK4-2BPY8hQrKxSmqOcDKnJ306Xki7Z4MwIm9ZRyB-2BSLaLF-2F0ZbGZuVHAiGihotW-2FXaz1CFGJ-2FsAT9sZwNEn43-2FrgyfAPzoF9ZSE8ApDeuk4AdrMwSL2z5OgQfYPz5-2FSkUIDJrMGYLQtPo-3D

More information about the LibreOffice mailing list