New Defects reported by Coverity Scan for LibreOffice
scan-admin at coverity.com
scan-admin at coverity.com
Sat Nov 5 11:31:22 UTC 2022
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
4 new defect(s) introduced to LibreOffice found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1516654: Error handling issues (CHECKED_RETURN)
/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx: 478 in SecurityEnvironment_NssImpl::createCertificateFromAscii(const rtl::OUString &)()
________________________________________________________________________________________________________
*** CID 1516654: Error handling issues (CHECKED_RETURN)
/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx: 478 in SecurityEnvironment_NssImpl::createCertificateFromAscii(const rtl::OUString &)()
472
473 Reference< XCertificate > SecurityEnvironment_NssImpl::createCertificateFromAscii( const OUString& asciiCertificate )
474 {
475 OString oscert = OUStringToOString( asciiCertificate , RTL_TEXTENCODING_ASCII_US ) ;
476 xmlChar* chCert = xmlStrndup( reinterpret_cast<const xmlChar*>(oscert.getStr()), static_cast<int>(oscert.getLength()) ) ;
477 xmlSecSize certSize;
>>> CID 1516654: Error handling issues (CHECKED_RETURN)
>>> Calling "xmlSecBase64Decode_ex" without checking return value (as is done elsewhere 4 out of 5 times).
478 xmlSecBase64Decode_ex( chCert, reinterpret_cast<xmlSecByte*>(chCert), xmlStrlen( chCert ), &certSize ) ;
479 if (certSize == 0)
480 return nullptr;
481
482 Sequence< sal_Int8 > rawCert(comphelper::arrayToSequence<sal_Int8>(chCert, certSize)) ;
483
** CID 1516653: Control flow issues (DEADCODE)
/oox/source/ppt/slidepersist.cxx: 397 in oox::ppt::lcl_SetEdgeLineValue(com::sun::star::uno::Reference<com::sun::star::drawing::XShape> &, std::shared_ptr<oox::drawingml::Shape> &)()
________________________________________________________________________________________________________
*** CID 1516653: Control flow issues (DEADCODE)
/oox/source/ppt/slidepersist.cxx: 397 in oox::ppt::lcl_SetEdgeLineValue(com::sun::star::uno::Reference<com::sun::star::drawing::XShape> &, std::shared_ptr<oox::drawingml::Shape> &)()
391 {
392 bool bFlipH = rShapePtr->getFlipH();
393 bool bFlipV = rShapePtr->getFlipV();
394 sal_Int32 nConnectorAngle = rShapePtr->getRotation() / 60000;
395 if (aConnSize.Height < aConnSize.Width)
396 {
>>> CID 1516653: Control flow issues (DEADCODE)
>>> Execution cannot reach the expression "bFlipV" inside this statement: "if ((nConnectorAngle == 90 ...".
397 if ((nConnectorAngle == 90 && bFlipH && bFlipV) || (nConnectorAngle == 180)
398 || (nConnectorAngle == 180 && bFlipV) || (nConnectorAngle == 270 && bFlipH))
399 nEdge -= aConnSize.Width;
400 else
401 nEdge += aConnSize.Width;
402 }
** CID 1516652: Uninitialized variables (UNINIT)
________________________________________________________________________________________________________
*** CID 1516652: Uninitialized variables (UNINIT)
/oox/source/drawingml/textparagraph.cxx: 115 in oox::drawingml::TextParagraph::insertAt(const oox::core::XmlFilterBase &, const com::sun::star::uno::Reference<com::sun::star::text::XText> &, const com::sun::star::uno::Reference<com::sun::star::text::XTextCursor> &, const oox::drawingml::TextCharacterProperties &, const oox::drawingml::TextListStyle &, const oox::drawingml::TextListStyle &, bool, float, int) const()
109
110 TextCharacterProperties aTextCharacterProps( aTextCharacterStyle );
111 aTextCharacterProps.assignUsed( maEndProperties );
112 if ( aTextCharacterProps.moHeight.has_value() )
113 nCharHeight = nCharHeightFirst = aTextCharacterProps.moHeight.value();
114 aTextCharacterProps.pushToPropSet( aPropSet, rFilterBase );
>>> CID 1516652: Uninitialized variables (UNINIT)
>>> Using uninitialized value "aTextCharacterProps.moLang._M_payload._M_payload" when calling "~TextCharacterProperties".
115 }
116 else
117 {
118 for( TextRunVector::const_iterator aIt = maRuns.begin(), aEnd = maRuns.end(); aIt != aEnd; ++aIt )
119 {
120 sal_Int32 nLen = (*aIt)->getText().getLength();
** CID 1516651: Null pointer dereferences (FORWARD_NULL)
/svx/source/unodraw/unoshtxt.cxx: 554 in SvxTextEditSourceImpl::GetBackgroundTextForwarder()()
________________________________________________________________________________________________________
*** CID 1516651: Null pointer dereferences (FORWARD_NULL)
/svx/source/unodraw/unoshtxt.cxx: 554 in SvxTextEditSourceImpl::GetBackgroundTextForwarder()()
548
549 if( pOutlinerParaObject && ( bOwnParaObj || !mpObject->IsEmptyPresObj() || mpObject->getSdrPageFromSdrObject()->IsMasterPage() ) )
550 {
551 mpOutliner->SetText( *pOutlinerParaObject );
552
553 // put text to object and set EmptyPresObj to FALSE
>>> CID 1516651: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "pTextObj" to "IsReallyEdited", which dereferences it. (The dereference happens because this is a virtual function call.)
554 if( mpText && bOwnParaObj && mpObject->IsEmptyPresObj() && pTextObj->IsReallyEdited() )
555 {
556 mpObject->SetEmptyPresObj( false );
557 static_cast< SdrTextObj* >( mpObject)->NbcSetOutlinerParaObjectForText( pOutlinerParaObject, mpText );
558
559 // #i103982# Here, due to mpObject->NbcSetOutlinerParaObjectForText, we LOSE ownership of the
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypSs1kiFPuCn2xFdlMIFBirii0zZ9j2-2F9F2XPBcBm2BNgi9duPy3v-2FzgFDd2LJ-2BDKI-3Dfy7n_OTq2XUZbbipYjyLSo6GRo-2FpVxQ9OzkDINu9UTS-2FQhSdO0F0jQniitrGlNxDIzPJi8Ie1Fj4s-2FySlcTMpXHg-2BmBq1gWXIvsHBpygjByCt7lJhfyNITf4-2Bsf655YhR02XsxmCX3-2BKzW5C2Rnm9Y1C90Us0Xd7vaRp2KEHOsTodiiA2b9GNi1YhMb2UHFGPed4mxiTVajT8DTE-2FjYdHhvCyhrY4FB23mbbtVDUR-2F6k-2F-2Bkk-3D
More information about the LibreOffice
mailing list