New Defects reported by Coverity Scan for LibreOffice

Mon Jul 29 02:13:00 UTC 2024

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
39 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)

** CID 1615230:  Integer handling issues  (INTEGER_OVERFLOW)
/ucb/source/ucp/webdav-curl/CurlSession.cxx: 545 in http_dav_ucp::ProcessHeaders(const std::vector<rtl::OString, std::allocator<rtl::OString>> &)()

________________________________________________________________________________________________________
*** CID 1615230:  Integer handling issues  (INTEGER_OVERFLOW)
/ucb/source/ucp/webdav-curl/CurlSession.cxx: 545 in http_dav_ucp::ProcessHeaders(const std::vector<rtl::OString, std::allocator<rtl::OString>> &)()
539                 SAL_WARN("ucb.ucp.webdav.curl", "invalid header field (empty name)");
540                 continue;
541             }
542             // case insensitive; must be ASCII
543             auto const name(::rtl::OStringToOUString(OString(line.substr(0, nColon)).toAsciiLowerCase(),
544                                                      RTL_TEXTENCODING_ASCII_US));
>>>     CID 1615230:  Integer handling issues  (INTEGER_OVERFLOW)
>>>     Expression "nColon + 1UL", which is equal to 0, where "nColon" is known to be equal to 18446744073709551615, overflows the type that receives it, an unsigned integer 64 bits wide.
545             sal_Int32 nStart(nColon + 1);
546             while (nStart < static_cast<sal_Int32>(line.size())
547                    && (line[nStart] == ' ' || line[nStart] == '\t'))
548             {
549                 ++nStart;
550             }

** CID 1615229:  Memory - illegal accesses  (UNINIT)

________________________________________________________________________________________________________
*** CID 1615229:  Memory - illegal accesses  (UNINIT)
/ucb/source/ucp/webdav-curl/SerfLockStore.cxx: 142 in http_dav_ucp::SerfLockStore::joinThreads()()
136         std::unique_lock aGuard(m_aMutex);
137         // FIXME: cure could be worse than the problem; we don't
138         // want to block on a long-standing webdav lock refresh request.
139         // perhaps we should timeout on a condition instead if a request
140         // is in progress.
141         if (m_pTickerThread.is())
>>>     CID 1615229:  Memory - illegal accesses  (UNINIT)
>>>     Using uninitialized value "aGuard._M_owns" when calling "stopTicker".
142             stopTicker(aGuard);
143         return true;
144     }
145     
146     void SerfLockStore::startThreads()
147     {

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu6VvXBlQRUbS683tC8265rGNPXqJ1ffcoLZCnTuJFQbNcTEkb4XaEQkzovKhJ5DB3c-3DwRwS_A9M4dSy7guk8NP6DcfgslOyvJRzavztVIKj6nRqYjYpWom7SJFyX0y710bz0kUGtrmiH2yJI-2BgyOtDjBdb4jwKZ9QWoZ487I1UR2VZnDzxykUz7oMxIB2eMuCumtTrOCwjuY9xRfX-2B616dpmH8DhezxCiuXdWTDls76mKHJJKR8eFWelCpjhO8E3Qm56p-2FXcnkX2Nb5OoiUO4gaqqUi60vIhTl4SyjN9SkcoQl0a7hI-3D