New Defects reported by Coverity Scan for LibreOffice

scan-admin at coverity.com scan-admin at coverity.com
Wed Nov 7 12:53:38 UTC 2018 

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1441102:  Incorrect expression  (COPY_PASTE_ERROR)
/filter/source/graphicfilter/ipict/ipict.cxx: 924 in PictReader::ReadPixMapEtc(BitmapEx &, bool, bool, tools::Rectangle *, tools::Rectangle *, bool, bool)()


________________________________________________________________________________________________________
*** CID 1441102:  Incorrect expression  (COPY_PASTE_ERROR)
/filter/source/graphicfilter/ipict/ipict.cxx: 924 in PictReader::ReadPixMapEtc(BitmapEx &, bool, bool, tools::Rectangle *, tools::Rectangle *, bool, bool)()
918             sal_uInt16  nByteCount, nCount, nD;
919             sal_uLong   nSrcBitsPos;
920     
921             if (nWidth > nRowBytes / 2)
922                 return 0xffffffff;
923     
>>>     CID 1441102:  Incorrect expression  (COPY_PASTE_ERROR)
>>>     "nRowBytes" in "nRowBytes < 8" looks like a copy-paste error.
924             if (nRowBytes < 8 || nPackType == 1)
925             {
926                 if (nHeight > pPict->remainingSize() / (sizeof(sal_uInt16) * nWidth))
927                     return 0xffffffff;
928             }
929             else

** CID 1441101:  Incorrect expression  (ASSERT_SIDE_EFFECT)
/comphelper/source/misc/profilezone.cxx: 44 in comphelper::ProfileRecording::addRecording(const char *, long long)()


________________________________________________________________________________________________________
*** CID 1441101:  Incorrect expression  (ASSERT_SIDE_EFFECT)
/comphelper/source/misc/profilezone.cxx: 44 in comphelper::ProfileRecording::addRecording(const char *, long long)()
38         }
39         ProfileZone::g_bRecording = bStartRecording;
40     }
41     
42     long long addRecording(const char * aProfileId, long long aCreateTime)
43     {
>>>     CID 1441101:  Incorrect expression  (ASSERT_SIDE_EFFECT)
>>>     Argument "comphelper::ProfileZone::g_bRecording" of assert() has a side effect because the variable is volatile.  The containing function might work differently in a non-debug build.
44         assert( ProfileZone::g_bRecording );
45     
46         TimeValue systemTime;
47         osl_getSystemTime( &systemTime );
48         long long aTime = static_cast<long long>(systemTime.Seconds) * 1000000 + systemTime.Nanosec/1000;
49     

** CID 1441100:  Memory - corruptions  (ARRAY_VS_SINGLETON)


________________________________________________________________________________________________________
*** CID 1441100:  Memory - corruptions  (ARRAY_VS_SINGLETON)
/cppu/source/uno/data.cxx: 57 in binuno_queryInterface::[lambda() (instance 1)]::operator ()() const()
51             TYPELIB_DANGER_GET(reinterpret_cast<typelib_TypeDescription**>(&pTXInterfaceDescr),
52                                type_XInterface);
53             assert(pTXInterfaceDescr->ppAllMembers);
54             typelib_TypeDescription* pQITD = nullptr;
55             typelib_typedescriptionreference_getDescription(&pQITD,
56                                                             pTXInterfaceDescr->ppAllMembers[0]);
>>>     CID 1441100:  Memory - corruptions  (ARRAY_VS_SINGLETON)
>>>     Passing "&pTXInterfaceDescr->aBase" to function "TYPELIB_DANGER_RELEASE" which uses it as an array. This might corrupt or misinterpret adjacent memory locations.
57             TYPELIB_DANGER_RELEASE(&pTXInterfaceDescr->aBase);
58             return pQITD;
59         }();
60     
61         uno_Any aRet, aExc;
62         uno_Any * pExc = &aExc;

** CID 1441099:  Error handling issues  (CHECKED_RETURN)
/vcl/source/outdev/font.cxx: 1134 in OutputDevice::ImplNewFont() const()


________________________________________________________________________________________________________
*** CID 1441099:  Error handling issues  (CHECKED_RETURN)
/vcl/source/outdev/font.cxx: 1134 in OutputDevice::ImplNewFont() const()
1128             if( (nNewWidth != nOrigWidth) && (nNewWidth != 0) )
1129             {
1130                 Size aOrigSize = maFont.GetFontSize();
1131                 const_cast<vcl::Font&>(maFont).SetFontSize( Size( nNewWidth, aSize.Height() ) );
1132                 mbMap = false;
1133                 mbNewFont = true;
>>>     CID 1441099:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "ImplNewFont" without checking return value (as is done elsewhere 4 out of 5 times).
1134                 ImplNewFont();  // recurse once using stretched width
1135                 mbMap = true;
1136                 const_cast<vcl::Font&>(maFont).SetFontSize( aOrigSize );
1137             }
1138         }
1139     


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyJE4vMMkW4BK9UAmh2EynpZ-2FZfyNeDlY-2BAmivZ8K8-2FChQF7k2xFk02AWk5gSXgyHCAJH-2BI9caFxAkXJi9eEfgD-2B9xDZfnAx6Rq57RipNQxWEPXhaEt6tYEmUivNFNnFARxmbXzyCG6YbNyVmEm-2FrPMDOQQE2HiHNS3wLpbRRohm0-3D

More information about the LibreOffice mailing list