New Defects reported by Coverity Scan for LibreOffice

scan-admin at coverity.com scan-admin at coverity.com
Mon Feb 28 11:30:25 UTC 2022 

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
21 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1501377:  Null pointer dereferences  (FORWARD_NULL)
/hwpfilter/source/hwpreader.cxx: 2651 in HwpReader::makeFStyle(FBoxStyle *)()


________________________________________________________________________________________________________
*** CID 1501377:  Null pointer dereferences  (FORWARD_NULL)
/hwpfilter/source/hwpreader.cxx: 2651 in HwpReader::makeFStyle(FBoxStyle *)()
2645                     Double2Str(WTMM(-fstyle->margin[1][2]) ) + "mm " +
2646                     Double2Str(WTMM(-fstyle->margin[1][3]) ) + "mm)";
2647                  padd("style:mirror", sXML_CDATA, "none");
2648                  padd("fo:clip", sXML_CDATA, clip);
2649             }
2650             char *cell = static_cast<char *>(fstyle->cell);
>>>     CID 1501377:  Null pointer dereferences  (FORWARD_NULL)
>>>     Dereferencing null pointer "cell".
2651             padd("draw:luminance", sXML_CDATA,
2652                 ascii(Int2Str(cell[0], "%d%%", buf)));
2653             padd("draw:contrast", sXML_CDATA,
2654                 ascii(Int2Str(cell[1], "%d%%", buf)));
2655             if( cell[2] == 0 )
2656                 padd("draw:color-mode", sXML_CDATA, "standard");

** CID 1473807:  Insecure data handling  (TAINTED_SCALAR)


________________________________________________________________________________________________________
*** CID 1473807:  Insecure data handling  (TAINTED_SCALAR)
/vcl/unx/generic/fontmanager/fontmanager.cxx: 1075 in psp::PrintFontManager::createFontSubset(FontSubsetInfo &, int, const rtl::OUString &, const unsigned short *, const unsigned char *, int *, int)()
1069         else
1070         {
1071             CloseTTFont( pTTFont );
1072             return false;
1073         }
1074     
>>>     CID 1473807:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted expression "pTTFont->m_aGlyphOffsets" to "CreateTTFromTTGlyphs", which uses it as an offset.
1075         bool bSuccess = ( SFErrCodes::Ok == CreateTTFromTTGlyphs( pTTFont,
1076                                                          aToFile.getStr(),
1077                                                          pGID,
1078                                                          pEnc,
1079                                                          nGlyphs ) );
1080         CloseTTFont( pTTFont );


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypSs1kiFPuCn2xFdlMIFBirii0zZ9j2-2F9F2XPBcBm2BNgi9duPy3v-2FzgFDd2LJ-2BDKI-3DO4WL_OTq2XUZbbipYjyLSo6GRo-2FpVxQ9OzkDINu9UTS-2FQhSdO0F0jQniitrGlNxDIzPJiBH1T54tUVqVb6Zogco94VQkb8dDnep8KV9SHDOJkl1L8McLzEs5GlPa6Jw8qOnMo-2B2rjslO2HjOyai5pVrsRsTiM8xhG104sh1RGvPsFubAUL0s-2FV1cEXQAmxkbAAaDWWtp13cbjuf7LJz2PAkXYiwQMwhmv5LWoO-2Bqp-2BRwD7Uo-3D

More information about the LibreOffice mailing list