New Defects reported by Coverity Scan for LibreOffice
scan-admin at coverity.com
scan-admin at coverity.com
Sat Feb 15 06:57:43 UTC 2020
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
9 new defect(s) introduced to LibreOffice found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)
** CID 1458437: Incorrect expression (USELESS_CALL)
________________________________________________________________________________________________________
*** CID 1458437: Incorrect expression (USELESS_CALL)
/vcl/source/fontsubset/sft.cxx: 2434 in vcl::GetTTGlobalFontInfo(vcl::TrueTypeFont *, vcl::TTGlobalFontInfo *)()
2428 if (table && table_size >= 10) {
2429 info->ascender = XUnits(UPEm, GetInt16(table, HHEA_ascender_offset));
2430 info->descender = XUnits(UPEm, GetInt16(table, HHEA_descender_offset));
2431 info->linegap = XUnits(UPEm, GetInt16(table, HHEA_lineGap_offset));
2432 }
2433
>>> CID 1458437: Incorrect expression (USELESS_CALL)
>>> Calling "vcl::getTable(ttf, 8U)" is only useful for its return value, which is ignored.
2434 getTable(ttf, O_vhea);
2435 }
2436
2437 GlyphData *GetTTRawGlyphData(TrueTypeFont *ttf, sal_uInt32 glyphID)
2438 {
2439 const sal_uInt8* glyf = getTable(ttf, O_glyf);
** CID 1458436: Error handling issues (CHECKED_RETURN)
/vcl/source/window/builder.cxx: 3186 in VclBuilder::handleRow(xmlreader::XmlReader &, const rtl::OString &)()
________________________________________________________________________________________________________
*** CID 1458436: Error handling issues (CHECKED_RETURN)
/vcl/source/window/builder.cxx: 3186 in VclBuilder::handleRow(xmlreader::XmlReader &, const rtl::OString &)()
3180 {
3181 name = reader.getAttributeValue(false);
3182 sContext = OString(name.begin, name.length);
3183 }
3184 }
3185
>>> CID 1458436: Error handling issues (CHECKED_RETURN)
>>> Calling "nextItem" without checking return value (as is done elsewhere 25 out of 31 times).
3186 reader.nextItem(
3187 xmlreader::XmlReader::Text::Raw, &name, &nsId);
3188
3189 OString sValue(name.begin, name.length);
3190 OUString sFinalValue;
3191 if (bTranslated)
** CID 1458435: Error handling issues (CHECKED_RETURN)
/vcl/source/window/builder.cxx: 3347 in VclBuilder::handleItems(xmlreader::XmlReader &) const()
________________________________________________________________________________________________________
*** CID 1458435: Error handling issues (CHECKED_RETURN)
/vcl/source/window/builder.cxx: 3347 in VclBuilder::handleItems(xmlreader::XmlReader &) const()
3341 {
3342 name = reader.getAttributeValue(false);
3343 sId = OString(name.begin, name.length);
3344 }
3345 }
3346
>>> CID 1458435: Error handling issues (CHECKED_RETURN)
>>> Calling "nextItem" without checking return value (as is done elsewhere 25 out of 31 times).
3347 reader.nextItem(
3348 xmlreader::XmlReader::Text::Raw, &name, &nsId);
3349
3350 OString sValue(name.begin, name.length);
3351 OUString sFinalValue;
3352 if (bTranslated)
** CID 1458434: (TAINTED_SCALAR)
/filter/source/graphicfilter/ipict/ipict.cxx: 1129 in <unnamed>::PictReader::ReadPixMapEtc(BitmapEx &, bool, bool, tools::Rectangle *, tools::Rectangle *, bool, bool)()
/filter/source/graphicfilter/ipict/ipict.cxx: 1129 in <unnamed>::PictReader::ReadPixMapEtc(BitmapEx &, bool, bool, tools::Rectangle *, tools::Rectangle *, bool, bool)()
________________________________________________________________________________________________________
*** CID 1458434: (TAINTED_SCALAR)
/filter/source/graphicfilter/ipict/ipict.cxx: 1129 in <unnamed>::PictReader::ReadPixMapEtc(BitmapEx &, bool, bool, tools::Rectangle *, tools::Rectangle *, bool, bool)()
1123 aScanline[ i++ ] = nDat;
1124 }
1125 }
1126 sal_uInt8* pTmp = aScanline.data();
1127 if ( nCmpCount == 4 )
1128 pTmp += nWidth;
>>> CID 1458434: (TAINTED_SCALAR)
>>> Using tainted variable "nWidth" as a loop boundary.
1129 for (sal_uInt16 nx = 0; nx < nWidth; pTmp++)
1130 pBitmap->SetPixel(ny, nx++, Color(*pTmp, pTmp[ nWidth ], pTmp[ 2 * nWidth ]));
1131 nDataSize += nByteCount;
1132 pPict->Seek( nSrcBitsPos + nByteCount );
1133 }
1134 }
/filter/source/graphicfilter/ipict/ipict.cxx: 1129 in <unnamed>::PictReader::ReadPixMapEtc(BitmapEx &, bool, bool, tools::Rectangle *, tools::Rectangle *, bool, bool)()
1123 aScanline[ i++ ] = nDat;
1124 }
1125 }
1126 sal_uInt8* pTmp = aScanline.data();
1127 if ( nCmpCount == 4 )
1128 pTmp += nWidth;
>>> CID 1458434: (TAINTED_SCALAR)
>>> Using tainted variable "nWidth" as a loop boundary.
1129 for (sal_uInt16 nx = 0; nx < nWidth; pTmp++)
1130 pBitmap->SetPixel(ny, nx++, Color(*pTmp, pTmp[ nWidth ], pTmp[ 2 * nWidth ]));
1131 nDataSize += nByteCount;
1132 pPict->Seek( nSrcBitsPos + nByteCount );
1133 }
1134 }
** CID 1458433: Error handling issues (CHECKED_RETURN)
/vcl/source/window/builder.cxx: 3949 in VclBuilder::applyPackingProperty(vcl::Window *, vcl::Window *, xmlreader::XmlReader &)()
________________________________________________________________________________________________________
*** CID 1458433: Error handling issues (CHECKED_RETURN)
/vcl/source/window/builder.cxx: 3949 in VclBuilder::applyPackingProperty(vcl::Window *, vcl::Window *, xmlreader::XmlReader &)()
3943 {
3944 if (name == "name")
3945 {
3946 name = reader.getAttributeValue(false);
3947 OString sKey(name.begin, name.length);
3948 sKey = sKey.replace('_', '-');
>>> CID 1458433: Error handling issues (CHECKED_RETURN)
>>> Calling "nextItem" without checking return value (as is done elsewhere 25 out of 31 times).
3949 reader.nextItem(
3950 xmlreader::XmlReader::Text::Raw, &name, &nsId);
3951 OString sValue(name.begin, name.length);
3952
3953 if (sKey == "expand" || sKey == "resize")
3954 {
** CID 1458432: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________________________________________________
*** CID 1458432: Null pointer dereferences (FORWARD_NULL)
/writerfilter/source/dmapper/StyleSheetTable.cxx: 1076 in writerfilter::dmapper::StyleSheetTable::ApplyStyleSheets(const tools::SvRef<writerfilter::dmapper::FontTable> &)()
1070 for (const auto& aSheetProps : m_pImpl->m_aStyleSheetEntries)
1071 {
1072 if (aSheetProps->sStyleIdentifierD == sBaseId)
1073 {
1074 StyleSheetPropertyMap* aStyleSheetProps
1075 = dynamic_cast<StyleSheetPropertyMap*>(aSheetProps->pProperties.get());
>>> CID 1458432: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "aStyleSheetProps" to "GetListLevel", which dereferences it.
1076 pStyleSheetProperties->SetListLevel(aStyleSheetProps->GetListLevel());
1077 pStyleSheetProperties->SetOutlineLevel(aStyleSheetProps->GetOutlineLevel());
1078 pStyleSheetProperties->SetNumId(aStyleSheetProps->GetNumId());
1079 break;
1080 }
1081 }
** CID 1458431: Error handling issues (CHECKED_RETURN)
/vcl/source/window/builder.cxx: 4157 in VclBuilder::handleActionWidget(xmlreader::XmlReader &)()
________________________________________________________________________________________________________
*** CID 1458431: Error handling issues (CHECKED_RETURN)
/vcl/source/window/builder.cxx: 4157 in VclBuilder::handleActionWidget(xmlreader::XmlReader &)()
4151 {
4152 name = reader.getAttributeValue(false);
4153 sResponse = OString(name.begin, name.length);
4154 }
4155 }
4156
>>> CID 1458431: Error handling issues (CHECKED_RETURN)
>>> Calling "nextItem" without checking return value (as is done elsewhere 25 out of 31 times).
4157 reader.nextItem(xmlreader::XmlReader::Text::Raw, &name, &nsId);
4158 OString sID(name.begin, name.length);
4159 sal_Int32 nDelim = sID.indexOf(':');
4160 if (nDelim != -1)
4161 sID = sID.copy(0, nDelim);
4162 set_response(sID, sResponse.toInt32());
** CID 1458430: Uninitialized members (UNINIT_CTOR)
/svx/source/tbxctrls/fillctrl.cxx: 82 in SvxFillToolBoxControl::SvxFillToolBoxControl(unsigned short, unsigned short, ToolBox &)()
________________________________________________________________________________________________________
*** CID 1458430: Uninitialized members (UNINIT_CTOR)
/svx/source/tbxctrls/fillctrl.cxx: 82 in SvxFillToolBoxControl::SvxFillToolBoxControl(unsigned short, unsigned short, ToolBox &)()
76 addStatusListener( ".uno:FillHatch");
77 addStatusListener( ".uno:FillBitmap");
78 addStatusListener( ".uno:ColorTableState");
79 addStatusListener( ".uno:GradientListState");
80 addStatusListener( ".uno:HatchListState");
81 addStatusListener( ".uno:BitmapListState");
>>> CID 1458430: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "mpToolBoxColor" is not initialized in this constructor nor in any functions that it calls.
82 }
83
84 SvxFillToolBoxControl::~SvxFillToolBoxControl()
85 {
86 }
87
** CID 1458429: Error handling issues (CHECKED_RETURN)
/vcl/source/window/builder.cxx: 4120 in VclBuilder::collectProperty(xmlreader::XmlReader &, std::map<rtl::OString, rtl::OUString, std::less<rtl::OString>, std::allocator<std::pair<const rtl::OString, rtl::OUString>>> &) const()
________________________________________________________________________________________________________
*** CID 1458429: Error handling issues (CHECKED_RETURN)
/vcl/source/window/builder.cxx: 4120 in VclBuilder::collectProperty(xmlreader::XmlReader &, std::map<rtl::OString, rtl::OUString, std::less<rtl::OString>, std::allocator<std::pair<const rtl::OString, rtl::OUString>>> &) const()
4114 else if (name == "translatable" && reader.getAttributeValue(false) == "yes")
4115 {
4116 bTranslated = true;
4117 }
4118 }
4119
>>> CID 1458429: Error handling issues (CHECKED_RETURN)
>>> Calling "nextItem" without checking return value (as is done elsewhere 25 out of 31 times).
4120 reader.nextItem(xmlreader::XmlReader::Text::Raw, &name, &nsId);
4121 OString sValue(name.begin, name.length);
4122 OUString sFinalValue;
4123 if (bTranslated)
4124 {
4125 if (!sContext.isEmpty())
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/ls/click?upn=nJaKvJSIH-2FPAfmty-2BK5tYpPklAc1eEA-2F1zfUjH6teExViPHTTReBArhCRZ3BE4kCjKjDqn2Dq3ZyEbAvAs31gRpU3vMPHDnoSx68vDAWjNU-3DEyi8_OTq2XUZbbipYjyLSo6GRo-2FpVxQ9OzkDINu9UTS-2FQhSdO0F0jQniitrGlNxDIzPJilofWf5IAfF0N1XPLnepPxqHiAI0rDo3mSlShoaPm3oLL5CkjaoeHD61-2F7pbR-2BGOakeiEXp-2FLz1Q88EyVW0ojz93ukAGT-2BTSI7P3uWqPIRLXcZ5w62u9-2B7VDjlrCOpB-2BCoNLxix2XQjzogtOq-2FEXoWK7RTuIUOx2Ba1uzNnOjuc4jBDVZkE12ascQOf59uQyE
More information about the LibreOffice
mailing list