New Defects reported by Coverity Scan for LibreOffice

Fri Aug 23 23:42:04 UTC 2024

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
14 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)

** CID 1616925:  Integer handling issues  (SIGN_EXTENSION)
/hwpfilter/source/hgzip.cxx: 265 in getLongEquals(gz_stream *, unsigned long)()

________________________________________________________________________________________________________
*** CID 1616925:  Integer handling issues  (SIGN_EXTENSION)
/hwpfilter/source/hgzip.cxx: 265 in getLongEquals(gz_stream *, unsigned long)()
259     */
260     static bool getLongEquals(gz_stream* s, uLong val)
261     {
262         uLong x = get_byte(s);
263         x += get_byte(s) << 8;
264         x += get_byte(s) << 16;
>>>     CID 1616925:  Integer handling issues  (SIGN_EXTENSION)
>>>     Suspicious implicit sign extension: "get_byte(s)" with type "unsigned char" (8 bits, unsigned) is promoted in "get_byte(s) << 24" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned).  If "get_byte(s) << 24" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
265         x += get_byte(s) << 24;
266         if (s->z_eof)
267         {
268             s->z_err = Z_DATA_ERROR;
269             return false;
270         }

** CID 1616924:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/writerfilter/dmapper/DomainMapperTableManager.cxx: 244 in writerfilter::dmapper::DomainMapperTableManager::sprm(writerfilter::Sprm &)()

________________________________________________________________________________________________________
*** CID 1616924:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/writerfilter/dmapper/DomainMapperTableManager.cxx: 244 in writerfilter::dmapper::DomainMapperTableManager::sprm(writerfilter::Sprm &)()
238                         insertRowProps(pPropMap);
239                     }
240                 break;
241                 case NS_ooxml::LN_CT_TblPrBase_tblStyle: //table style name
242                 {
243                     TablePropertyMapPtr pPropMap( new TablePropertyMap );
>>>     CID 1616924:  Null pointer dereferences  (FORWARD_NULL)
>>>     Passing null pointer "pValue" to "getString", which dereferences it. (The dereference happens because this is a virtual function call.)
244                     pPropMap->Insert( META_PROP_TABLE_STYLE_NAME, uno::Any( pValue->getString() ));
245                     insertTableProps(pPropMap);
246                 }
247                 break;
248                 case NS_ooxml::LN_CT_TblGridBase_gridCol:
249                 {

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu6VvXBlQRUbS683tC8265rGNPXqJ1ffcoLZCnTuJFQbNcTEkb4XaEQkzovKhJ5DB3c-3DlyYU_A9M4dSy7guk8NP6DcfgslOyvJRzavztVIKj6nRqYjYpWom7SJFyX0y710bz0kUGtLiqXn0Yxh0pmkvQKgsMFbMDPqANLpKdrP8yWgPgqO5cJPMEwg7ar-2BdxtB5FPibFpkAis95mrin-2FNEms04FbSKp7mBe5Jbk6ah1L13PxwnmDAm8vqx5eMF4d6O2PyBOX0CBZuTIvP46RbIqkH3sQZxgg3LRuCgwbBwZTkwWKiNgc-3D