New Defects reported by Coverity Scan for LibreOffice

scan-admin at coverity.com scan-admin at coverity.com
Wed Aug 13 10:08:56 UTC 2025 

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
29 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1662706:       Insecure data handling  (TAINTED_SCALAR)


_____________________________________________________________________________________________
*** CID 1662706:         Insecure data handling  (TAINTED_SCALAR)
/sw/source/filter/ww8/docxattributeoutput.cxx: 7636             in DocxAttributeOutput::EmbedFontStyle(std::basic_string_view<char16_t, std::char_traits<char16_t>>, int, FontFamily, FontItalic, FontWeight, FontPitch)()
7630                     xOutStream->closeOutput();
7631                     return false;
7632                 }
7633                 if( readSize == 0 )
7634                     break;
7635                 // coverity[overrun-buffer-arg : FALSE] - coverity has difficulty with css::uno::Sequence
>>>     CID 1662706:         Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted expression "buffer" to "Sequence", which uses it as a loop boundary.
7636                 xOutStream->writeBytes( uno::Sequence< sal_Int8 >( reinterpret_cast< const sal_Int8* >( buffer ), readSize ));
7637             }
7638             xOutStream->closeOutput();
7639             EmbeddedFontRef ref;
7640             ref.relId = OUStringToOString( GetExport().GetFilter().addRelation( m_pSerializer->getOutputStream(),
7641                 oox::getRelationship(Relationship::FONT),

** CID 1662705:       Insecure data handling  (TAINTED_SCALAR)


_____________________________________________________________________________________________
*** CID 1662705:         Insecure data handling  (TAINTED_SCALAR)
/xmloff/source/style/XMLFontAutoStylePool.cxx: 651             in SvXMLExport::embedFontFile(const rtl::OUString &, const rtl::OUString &)()
645                     outputStream->closeOutput();
646                     return OUString();
647                 }
648                 if( readSize == 0 )
649                     break;
650                 // coverity[overrun-buffer-arg : FALSE] - coverity has difficulty with css::uno::Sequence
>>>     CID 1662705:         Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted expression "buffer" to "Sequence", which uses it as a loop boundary.
651                 outputStream->writeBytes(uno::Sequence<sal_Int8>(buffer, readSize));
652             }
653             outputStream->closeOutput();
654             if( storage.is() )
655             {
656                 Reference< embed::XTransactedObject > transaction( storage, UNO_QUERY );


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/libreoffice?tab=overview

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/libreoffice/attachments/20250813/7d21250f/attachment.htm>

More information about the LibreOffice mailing list