New Defects reported by Coverity Scan for LibreOffice
scan-admin at coverity.com
scan-admin at coverity.com
Wed Dec 21 11:30:58 UTC 2022
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
3 new defect(s) introduced to LibreOffice found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1517814: (DC.WEAK_CRYPTO)
/basegfx/source/color/bcolormodifier.cxx: 316 in basegfx::BColorModifier_randomize::getModifiedColor(const basegfx::BColor &) const()
/basegfx/source/color/bcolormodifier.cxx: 308 in basegfx::BColorModifier_randomize::getModifiedColor(const basegfx::BColor &) const()
/basegfx/source/color/bcolormodifier.cxx: 317 in basegfx::BColorModifier_randomize::getModifiedColor(const basegfx::BColor &) const()
/basegfx/source/color/bcolormodifier.cxx: 308 in basegfx::BColorModifier_randomize::getModifiedColor(const basegfx::BColor &) const()
/basegfx/source/color/bcolormodifier.cxx: 315 in basegfx::BColorModifier_randomize::getModifiedColor(const basegfx::BColor &) const()
/basegfx/source/color/bcolormodifier.cxx: 308 in basegfx::BColorModifier_randomize::getModifiedColor(const basegfx::BColor &) const()
________________________________________________________________________________________________________
*** CID 1517814: (DC.WEAK_CRYPTO)
/basegfx/source/color/bcolormodifier.cxx: 316 in basegfx::BColorModifier_randomize::getModifiedColor(const basegfx::BColor &) const()
310
311 // mixed color
312 const double fMulA(1.0 - mfRandomPart);
313 const double fMulB(mfRandomPart / RAND_MAX);
314 return basegfx::BColor(
315 aSourceColor.getRed() * fMulA + rand() * fMulB,
>>> CID 1517814: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
316 aSourceColor.getGreen() * fMulA + rand() * fMulB,
317 aSourceColor.getBlue() * fMulA + rand() * fMulB);
318 }
319
320 ::basegfx::BColor BColorModifierStack::getModifiedColor(const ::basegfx::BColor& rSource) const
321 {
/basegfx/source/color/bcolormodifier.cxx: 308 in basegfx::BColorModifier_randomize::getModifiedColor(const basegfx::BColor &) const()
302 }
303
304 if(1.0 <= mfRandomPart)
305 {
306 // full randomized color
307 const double fMul(1.0 / RAND_MAX);
>>> CID 1517814: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
308 return basegfx::BColor(rand() * fMul, rand() * fMul, rand() * fMul);
309 }
310
311 // mixed color
312 const double fMulA(1.0 - mfRandomPart);
313 const double fMulB(mfRandomPart / RAND_MAX);
/basegfx/source/color/bcolormodifier.cxx: 317 in basegfx::BColorModifier_randomize::getModifiedColor(const basegfx::BColor &) const()
311 // mixed color
312 const double fMulA(1.0 - mfRandomPart);
313 const double fMulB(mfRandomPart / RAND_MAX);
314 return basegfx::BColor(
315 aSourceColor.getRed() * fMulA + rand() * fMulB,
316 aSourceColor.getGreen() * fMulA + rand() * fMulB,
>>> CID 1517814: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
317 aSourceColor.getBlue() * fMulA + rand() * fMulB);
318 }
319
320 ::basegfx::BColor BColorModifierStack::getModifiedColor(const ::basegfx::BColor& rSource) const
321 {
322 if(maBColorModifiers.empty())
/basegfx/source/color/bcolormodifier.cxx: 308 in basegfx::BColorModifier_randomize::getModifiedColor(const basegfx::BColor &) const()
302 }
303
304 if(1.0 <= mfRandomPart)
305 {
306 // full randomized color
307 const double fMul(1.0 / RAND_MAX);
>>> CID 1517814: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
308 return basegfx::BColor(rand() * fMul, rand() * fMul, rand() * fMul);
309 }
310
311 // mixed color
312 const double fMulA(1.0 - mfRandomPart);
313 const double fMulB(mfRandomPart / RAND_MAX);
/basegfx/source/color/bcolormodifier.cxx: 315 in basegfx::BColorModifier_randomize::getModifiedColor(const basegfx::BColor &) const()
309 }
310
311 // mixed color
312 const double fMulA(1.0 - mfRandomPart);
313 const double fMulB(mfRandomPart / RAND_MAX);
314 return basegfx::BColor(
>>> CID 1517814: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
315 aSourceColor.getRed() * fMulA + rand() * fMulB,
316 aSourceColor.getGreen() * fMulA + rand() * fMulB,
317 aSourceColor.getBlue() * fMulA + rand() * fMulB);
318 }
319
320 ::basegfx::BColor BColorModifierStack::getModifiedColor(const ::basegfx::BColor& rSource) const
/basegfx/source/color/bcolormodifier.cxx: 308 in basegfx::BColorModifier_randomize::getModifiedColor(const basegfx::BColor &) const()
302 }
303
304 if(1.0 <= mfRandomPart)
305 {
306 // full randomized color
307 const double fMul(1.0 / RAND_MAX);
>>> CID 1517814: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
308 return basegfx::BColor(rand() * fMul, rand() * fMul, rand() * fMul);
309 }
310
311 // mixed color
312 const double fMulA(1.0 - mfRandomPart);
313 const double fMulB(mfRandomPart / RAND_MAX);
** CID 1517813: Uninitialized members (UNINIT_CTOR)
/sfx2/source/doc/guisaveas.cxx: 1357 in SfxStoringHelper::SfxStoringHelper()()
________________________________________________________________________________________________________
*** CID 1517813: Uninitialized members (UNINIT_CTOR)
/sfx2/source/doc/guisaveas.cxx: 1357 in SfxStoringHelper::SfxStoringHelper()()
1351
1352
1353
1354
1355 SfxStoringHelper::SfxStoringHelper()
1356 {
>>> CID 1517813: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_nStoreMode" is not initialized in this constructor nor in any functions that it calls.
1357 }
1358
1359
1360 uno::Reference< container::XNameAccess > const & SfxStoringHelper::GetFilterConfiguration()
1361 {
1362 if ( !m_xFilterCFG.is() )
** CID 1517812: Null pointer dereferences (NULL_RETURNS)
________________________________________________________________________________________________________
*** CID 1517812: Null pointer dereferences (NULL_RETURNS)
/extensions/source/propctrlr/handlerhelper.cxx: 297 in pcr::PropertyHandlerHelper::makeBuilder(const rtl::OUString &, const com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext> &)()
291
292 std::unique_ptr<weld::Builder> PropertyHandlerHelper::makeBuilder(const OUString& rUIFile, const Reference<XComponentContext>& rContext)
293 {
294 Reference<XWindow> xWindow(rContext->getValueByName("BuilderParent"), UNO_QUERY_THROW);
295 weld::TransportAsXWindow* rTunnel
296 = comphelper::getFromUnoTunnel<weld::TransportAsXWindow>(xWindow);
>>> CID 1517812: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing a pointer that might be "nullptr" "rTunnel" when calling "getWidget".
297 return Application::CreateBuilder(rTunnel->getWidget(), rUIFile);
298 }
299
300 void PropertyHandlerHelper::setBuilderParent(const css::uno::Reference<css::uno::XComponentContext>& rContext, weld::Widget* pParent)
301 {
302 Reference<css::container::XNameContainer> xName(rContext, UNO_QUERY_THROW);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypSs1kiFPuCn2xFdlMIFBirii0zZ9j2-2F9F2XPBcBm2BNgi9duPy3v-2FzgFDd2LJ-2BDKI-3Dm-9I_OTq2XUZbbipYjyLSo6GRo-2FpVxQ9OzkDINu9UTS-2FQhSdO0F0jQniitrGlNxDIzPJizzs4girvpivRC8xhOunQzsVGTXlXPLSITI2d0f4lHMyzEJuArDWeqxPgk40-2BgI-2F77zZ9GTSqk90ijXrBhXQU05vepmzOQhHRTbP00LVW-2Bd0iF3brgVSmvSqd7yxfm-2FVXbols4c2uF4Efjql8YCApZkwW1ZiuGreywzttM09MkCs-3D
More information about the LibreOffice
mailing list