New Defects reported by Coverity Scan for LibreOffice
scan-admin at coverity.com
scan-admin at coverity.com
Fri Aug 13 14:28:41 UTC 2021
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
3 new defect(s) introduced to LibreOffice found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1490212: Insecure data handling (TAINTED_SCALAR)
/sw/source/filter/ww8/ww8par.cxx: 1029 in SwMSDffManager::ProcessObj(SvStream &, DffObjData &, SvxMSDffClientData &, tools::Rectangle &, SdrObject *)()
________________________________________________________________________________________________________
*** CID 1490212: Insecure data handling (TAINTED_SCALAR)
/sw/source/filter/ww8/ww8par.cxx: 1029 in SwMSDffManager::ProcessObj(SvStream &, DffObjData &, SvxMSDffClientData &, tools::Rectangle &, SdrObject *)()
1023 rSt.ReadUInt16( nNumElemVert ).ReadUInt16( nNumElemMemVert ).ReadUInt16( nElemSizeVert );
1024 bool bOk = false;
1025 if (nNumElemVert && ((nElemSizeVert == 8) || (nElemSizeVert == 4)))
1026 {
1027 //check if there is enough data in the file to make the
1028 //record sane
>>> CID 1490212: Insecure data handling (TAINTED_SCALAR)
>>> Using tainted expression "nElemSizeVert" as the divisor in "rSt->remainingSize() / nElemSizeVert".
1029 bOk = rSt.remainingSize() / nElemSizeVert >= nNumElemVert;
1030 }
1031 if (bOk)
1032 {
1033 pImpRec->pWrapPolygon.reset( new tools::Polygon(nNumElemVert) );
1034 for (sal_uInt16 i = 0; i < nNumElemVert; ++i)
** CID 1490211: API usage errors (SWAPPED_ARGUMENTS)
________________________________________________________________________________________________________
*** CID 1490211: API usage errors (SWAPPED_ARGUMENTS)
/vcl/backendtest/outputdevice/common.cxx: 793 in vcl::test::OutputDeviceTestCommon::checkClosedBezier(Bitmap &)()
787 { { 12, 9 }, true }, { { 12, 10 }, true }, { { 13, 9 }, true } };
788
789 for (tools::Long x = 0; x < pAccess->Width(); x++)
790 {
791 for (tools::Long y = 0; y < pAccess->Height(); ++y)
792 {
>>> CID 1490211: API usage errors (SWAPPED_ARGUMENTS)
>>> The positions of arguments in the constructor for "std::pair<long, long>" do not match the ordering of the parameters:
* "y" is passed to "__x".
* "x" is passed to "__y".
793 if (SetPixels[{ y, x }])
794 {
795 checkValue(pAccess, x, y, constLineColor, nNumberOfQuirks, nNumberOfErrors, true);
796 }
797 else
798 {
** CID 1490210: API usage errors (SWAPPED_ARGUMENTS)
________________________________________________________________________________________________________
*** CID 1490210: API usage errors (SWAPPED_ARGUMENTS)
/vcl/backendtest/outputdevice/common.cxx: 748 in vcl::test::OutputDeviceTestCommon::checkHalfEllipse(Bitmap &, bool)()
742 };
743
744 for (tools::Long x = 0; x < pAccess->Width(); x++)
745 {
746 for (tools::Long y = 0; y < pAccess->Height(); ++y)
747 {
>>> CID 1490210: API usage errors (SWAPPED_ARGUMENTS)
>>> The positions of arguments in the constructor for "std::pair<long, long>" do not match the ordering of the parameters:
* "y" is passed to "__x".
* "x" is passed to "__y".
748 if (SetPixels[{ y, x }])
749 {
750 if (aEnableAA)
751 checkValueAA(pAccess, x, y, constLineColor, nNumberOfQuirks, nNumberOfErrors);
752 else
753 checkValue(pAccess, x, y, constLineColor, nNumberOfQuirks, nNumberOfErrors,
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypSs1kiFPuCn2xFdlMIFBirii0zZ9j2-2F9F2XPBcBm2BNgi9duPy3v-2FzgFDd2LJ-2BDKI-3DRFee_OTq2XUZbbipYjyLSo6GRo-2FpVxQ9OzkDINu9UTS-2FQhSdO0F0jQniitrGlNxDIzPJifTM-2F2n3p4xbO-2BUuyFagSC0j7t4VRRVUxfA8yQxEqA3qAmGrU-2Bt3fpSMJtv3QfYmXNpNkNEXqF1UctOyMV7ulLJs1FWhXQX0FtPCF6MlAM8y-2BramEpHbmC29RphXwjpPLAsG5L5LLi4x-2BJYPeVsvH02qMX9DjOyaUafSKG3y3TFk-3D
More information about the LibreOffice
mailing list