New Defects reported by Coverity Scan for LibreOffice
scan-admin at coverity.com
scan-admin at coverity.com
Wed May 1 19:06:34 UTC 2024
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
5 new defect(s) introduced to LibreOffice found with Coverity Scan.
11 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)
** CID 1596707: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________________________________________________
*** CID 1596707: Null pointer dereferences (FORWARD_NULL)
/sd/source/ui/view/frmview.cxx: 286 in sd::FrameView::Update(const SdOptions *)()
280 {
281 if (!pOptions)
282 return;
283
284 SdDrawDocument* pDrawDocument = dynamic_cast<SdDrawDocument*>(&GetModel());
285
>>> CID 1596707: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "pDrawDocument" to "GetDocumentType", which dereferences it.
286 if (pDrawDocument->GetDocumentType() == DocumentType::Impress)
287 {
288 mbRuler = officecfg::Office::Impress::Layout::Display::Ruler::get();
289 SetDragStripes( officecfg::Office::Impress::Layout::Display::Guide::get() );
290 SetNoDragXorPolys ( !officecfg::Office::Impress::Layout::Display::Contour::get() );
291 }
** CID 1596706: Null pointer dereferences (FORWARD_NULL)
/tools/source/fsys/urlobj.cxx: 2285 in INetURLObject::getPrefix(const char16_t *&, const char16_t *)()
________________________________________________________________________________________________________
*** CID 1596706: Null pointer dereferences (FORWARD_NULL)
/tools/source/fsys/urlobj.cxx: 2285 in INetURLObject::getPrefix(const char16_t *&, const char16_t *)()
2279 pMatch = pFirst++;
2280 pMatched = p;
2281 }
2282 if (p >= pEnd)
2283 break;
2284 sal_uInt32 nChar = rtl::toAsciiLowerCase(*p++);
>>> CID 1596706: Null pointer dereferences (FORWARD_NULL)
>>> Dereferencing null pointer "pFirst->m_pPrefix".
2285 while (pFirst <= pLast && static_cast<unsigned char>(pFirst->m_pPrefix[i]) < nChar)
2286 ++pFirst;
2287 while (pFirst <= pLast && static_cast<unsigned char>(pLast->m_pPrefix[i]) > nChar)
2288 --pLast;
2289 }
2290 if (pFirst == pLast)
** CID 1596705: Code maintainability issues (UNUSED_VALUE)
/basegfx/source/polygon/b2dpolygontools.cxx: 3371 in basegfx::utils::UnoPolygonBezierCoordsToB2DPolygon(const com::sun::star::uno::Sequence<com::sun::star::awt::Point> &, const com::sun::star::uno::Sequence<com::sun::star::drawing::PolygonFlags> &)()
________________________________________________________________________________________________________
*** CID 1596705: Code maintainability issues (UNUSED_VALUE)
/basegfx/source/polygon/b2dpolygontools.cxx: 3371 in basegfx::utils::UnoPolygonBezierCoordsToB2DPolygon(const com::sun::star::uno::Sequence<com::sun::star::awt::Point> &, const com::sun::star::uno::Sequence<com::sun::star::drawing::PolygonFlags> &)()
3365 {
3366 aControlB = aNewCoordinatePair;
3367 bControlB = true;
3368
3369 // get next point and flag
3370 aNewCoordinatePair = B2DPoint(rPointSequenceSource[b].X, rPointSequenceSource[b].Y);
>>> CID 1596705: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "rFlagSequenceSource[b]" to "ePolygonFlag" here, but that stored value is overwritten before it can be used.
3371 ePolygonFlag = rFlagSequenceSource[b];
3372 b++;
3373 }
3374
3375 // two or no control points are consumed, another one would be an error.
3376 // It's also an error if only one control point was read
** CID 1596704: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
/xmlsecurity/source/gpg/CertificateImpl.cxx: 226 in CertificateImpl::setCertificate(std::shared_ptr<GpgME::Context>, const GpgME::Key &)()
________________________________________________________________________________________________________
*** CID 1596704: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
/xmlsecurity/source/gpg/CertificateImpl.cxx: 226 in CertificateImpl::setCertificate(std::shared_ptr<GpgME::Context>, const GpgME::Key &)()
220 return KeyUsage::DIGITAL_SIGNATURE | KeyUsage::NON_REPUDIATION | KeyUsage::KEY_ENCIPHERMENT | KeyUsage::DATA_ENCIPHERMENT;
221 }
222
223 void CertificateImpl::setCertificate(std::shared_ptr<GpgME::Context> ctx, const GpgME::Key& key)
224 {
225 m_pKey = key;
>>> CID 1596704: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
>>> "ctx" is copied in a call to copy assignment "operator =", when it could be moved instead.
226 m_pContext = ctx;
227 }
228
229 const GpgME::Key* CertificateImpl::getCertificate() const
230 {
231 return &m_pKey;
** CID 1596703: Memory - illegal accesses (USE_AFTER_FREE)
/cppu/source/typelib/typelib.cxx: 1673 in typelib_typedescription_getAlignedUnoSize()
________________________________________________________________________________________________________
*** CID 1596703: Memory - illegal accesses (USE_AFTER_FREE)
/cppu/source/typelib/typelib.cxx: 1673 in typelib_typedescription_getAlignedUnoSize()
1667 nMaxIntegral = sal_Int32(sizeof(void *));
1668 nStructSize = newAlignedSize( nStructSize, nMaxIntegral, nMaxIntegral );
1669 }
1670 else
1671 {
1672 TYPELIB_DANGER_GET( &pMemberType, pMemberRef );
>>> CID 1596703: Memory - illegal accesses (USE_AFTER_FREE)
>>> Passing freed pointer "pMemberType" as an argument to "typelib_typedescription_getAlignedUnoSize".
1673 nStructSize = typelib_typedescription_getAlignedUnoSize(
1674 pMemberType, nStructSize, nMaxIntegral );
1675 TYPELIB_DANGER_RELEASE( pMemberType );
1676 }
1677 if( nMaxIntegral > rMaxIntegralTypeSize )
1678 rMaxIntegralTypeSize = nMaxIntegral;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu6VvXBlQRUbS683tC8265rGNPXqJ1ffcoLZCnTuJFQbNcTEkb4XaEQkzovKhJ5DB3c-3D9jxd_A9M4dSy7guk8NP6DcfgslOyvJRzavztVIKj6nRqYjYpWom7SJFyX0y710bz0kUGtrolD5LkhGHagti-2Bm2Ee4B-2Buf9zobpKmOqPfx6HDA7hzhgj1k9Kh-2F7r-2Byr4uv7yMCSaHGkIH-2FYA6xFQQG7RDHVwaKHs8FBoFtccp7dcMFFI46rGqHNOTt05JCAY-2BEe4HjM189EtFDyhHW8FUzhgXrMsi1wPofI1HQ-2F7NbnJZxblk-3D
More information about the LibreOffice
mailing list