New Defects reported by Coverity Scan for LibreOffice
scan-admin at coverity.com
scan-admin at coverity.com
Mon Sep 21 23:16:21 UTC 2020
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
4 new defect(s) introduced to LibreOffice found with Coverity Scan.
249 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1467075: Error handling issues (CHECKED_RETURN)
/chart2/source/controller/dialogs/DialogModel.cxx: 680 in chart::DialogModel::detectArguments(rtl::OUString &, bool &, bool &, bool &) const()
________________________________________________________________________________________________________
*** CID 1467075: Error handling issues (CHECKED_RETURN)
/chart2/source/controller/dialogs/DialogModel.cxx: 680 in chart::DialogModel::detectArguments(rtl::OUString &, bool &, bool &, bool &) const()
674 try
675 {
676 uno::Sequence< sal_Int32 > aSequenceMapping;//todo YYYX
677
678 // Note: unused data is currently not supported in being passed to detectRangeSegmentation
679 if( m_xChartDocument.is())
>>> CID 1467075: Error handling issues (CHECKED_RETURN)
>>> Calling "detectRangeSegmentation" without checking return value (as is done elsewhere 7 out of 8 times).
680 DataSourceHelper::detectRangeSegmentation(
681 Reference< frame::XModel >( m_xChartDocument, uno::UNO_QUERY_THROW ),
682 rOutRangeString, aSequenceMapping, rOutUseColumns, rOutFirstCellAsLabel, rOutHasCategories );
683 }
684 catch( const uno::Exception & )
685 {
** CID 1448510: (TAINTED_SCALAR)
________________________________________________________________________________________________________
*** CID 1448510: (TAINTED_SCALAR)
/sw/source/filter/ww8/docxattributeoutput.cxx: 7043 in DocxAttributeOutput::EmbedFontStyle(const rtl::OUString &, int, FontFamily, FontItalic, FontWeight, FontPitch)()
7037 xOutStream->closeOutput();
7038 return;
7039 }
7040 if( readSize == 0 )
7041 break;
7042 // coverity[overrun-buffer-arg : FALSE] - coverity has difficulty with css::uno::Sequence
>>> CID 1448510: (TAINTED_SCALAR)
>>> Passing tainted variable "buffer" to a tainted sink.
7043 xOutStream->writeBytes( uno::Sequence< sal_Int8 >( reinterpret_cast< const sal_Int8* >( buffer ), readSize ));
7044 }
7045 xOutStream->closeOutput();
7046 OString relId = OUStringToOString( GetExport().GetFilter().addRelation( m_pSerializer->getOutputStream(),
7047 oox::getRelationship(Relationship::FONT),
7048 "fonts/font" + OUString::number( m_nextFontId ) + ".odttf" ), RTL_TEXTENCODING_UTF8 );
/sw/source/filter/ww8/docxattributeoutput.cxx: 7022 in DocxAttributeOutput::EmbedFontStyle(const rtl::OUString &, int, FontFamily, FontItalic, FontWeight, FontPitch)()
7016 i < 16;
7017 ++i )
7018 {
7019 buffer[ i ] ^= fontKey[ i ];
7020 buffer[ i + 16 ] ^= fontKey[ i ];
7021 }
>>> CID 1448510: (TAINTED_SCALAR)
>>> Passing tainted variable "buffer" to a tainted sink.
7022 xOutStream->writeBytes( uno::Sequence< sal_Int8 >( reinterpret_cast< const sal_Int8* >( buffer ), 32 ));
7023 for(;;)
7024 {
7025 sal_Bool eof;
7026 if( file.isEndOfFile( &eof ) != osl::File::E_None )
7027 {
** CID 1448420: Insecure data handling (TAINTED_SCALAR)
________________________________________________________________________________________________________
*** CID 1448420: Insecure data handling (TAINTED_SCALAR)
/ucb/source/ucp/file/filtask.cxx: 648 in fileaccess::TaskManager::page(int, const rtl::OUString &, const com::sun::star::uno::Reference<com::sun::star::io::XOutputStream> &)()
642 do
643 {
644 err = aFile.read( static_cast<void*>(BFF),bfz,nrc );
645 if( err == osl::FileBase::E_None )
646 {
647 // coverity[overrun-buffer-arg : FALSE] - coverity has difficulty with css::uno::Sequence
>>> CID 1448420: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "BFF" to a tainted sink.
648 uno::Sequence< sal_Int8 > seq( BFF, static_cast<sal_uInt32>(nrc) );
649 try
650 {
651 xOutputStream->writeBytes( seq );
652 }
653 catch (const io::NotConnectedException&)
** CID 1448292: Insecure data handling (TAINTED_SCALAR)
________________________________________________________________________________________________________
*** CID 1448292: Insecure data handling (TAINTED_SCALAR)
/xmloff/source/style/XMLFontAutoStylePool.cxx: 646 in XMLFontAutoStylePool::embedFontFile(const rtl::OUString &, const rtl::OUString &)()
640 outputStream->closeOutput();
641 return OUString();
642 }
643 if( readSize == 0 )
644 break;
645 // coverity[overrun-buffer-arg : FALSE] - coverity has difficulty with css::uno::Sequence
>>> CID 1448292: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "buffer" to a tainted sink.
646 outputStream->writeBytes(uno::Sequence<sal_Int8>(buffer, readSize));
647 }
648 outputStream->closeOutput();
649 if( storage.is() )
650 {
651 Reference< embed::XTransactedObject > transaction( storage, UNO_QUERY );
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypSs1kiFPuCn2xFdlMIFBirii0zZ9j2-2F9F2XPBcBm2BNgi9duPy3v-2FzgFDd2LJ-2BDKI-3D6JtA_OTq2XUZbbipYjyLSo6GRo-2FpVxQ9OzkDINu9UTS-2FQhSdO0F0jQniitrGlNxDIzPJiWMr4ZoBQTHEwAAB6-2Ffmcp5FNLhFUeeNk-2BAHWpxTxPHU9cwmLQoJUIgMMIdf5MPQMA-2B4nJH6TVvAhNsAq739LpEpSB4LdV3BDOMx-2FZxYB9pU7PozoJhcBvV81Ov9fJAApeEUUOeudHjlvhLdMfDrK4j9AxZjUUvFqAdxNDre-2FjSaC31RGHSma30XOSf3Z1Ldk
More information about the LibreOffice
mailing list