<!DOCTYPE html>
<html>
<head>
  <meta charset="UTF-8">
  <title>New Defects Reported - LibreOffice</title>
  <style>
    body { font-family: Arial, sans-serif; color: #222; line-height: 1.6; }
    .button {
      display: inline-block;
      padding: 10px 20px;
      margin: 20px 0;
      font-size: 16px;
      color: #fff !important;
      background-color: #0056b3;
      text-decoration: none;
      border-radius: 5px;
    }
    pre {
      background: #f8f9fa;
      padding: 10px;
      border-radius: 5px;
      font-size: 14px;
      overflow-x: auto;
    }
  </style>
</head>
<body>
  <p>Hi,</p>

  <p>
    Please find the latest report on new defect(s) introduced to <strong>LibreOffice</strong>
     found with Coverity Scan.
  </p>  

  <ul>
    <li><strong>New Defects Found:</strong> 2</li>
      <li>
        29 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
      </li>
    <li><strong>Defects Shown:</strong> Showing 2 of 2 defect(s)</li>
  </ul>

  <h3>Defect Details</h3>
  <pre>
** CID 1662706:       Insecure data handling  (TAINTED_SCALAR)


_____________________________________________________________________________________________
*** CID 1662706:         Insecure data handling  (TAINTED_SCALAR)
/sw/source/filter/ww8/docxattributeoutput.cxx: 7636             in DocxAttributeOutput::EmbedFontStyle(std::basic_string_view<char16_t, std::char_traits<char16_t>>, int, FontFamily, FontItalic, FontWeight, FontPitch)()
7630                     xOutStream->closeOutput();
7631                     return false;
7632                 }
7633                 if( readSize == 0 )
7634                     break;
7635                 // coverity[overrun-buffer-arg : FALSE] - coverity has difficulty with css::uno::Sequence
>>>     CID 1662706:         Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted expression "buffer" to "Sequence", which uses it as a loop boundary.
7636                 xOutStream->writeBytes( uno::Sequence< sal_Int8 >( reinterpret_cast< const sal_Int8* >( buffer ), readSize ));
7637             }
7638             xOutStream->closeOutput();
7639             EmbeddedFontRef ref;
7640             ref.relId = OUStringToOString( GetExport().GetFilter().addRelation( m_pSerializer->getOutputStream(),
7641                 oox::getRelationship(Relationship::FONT),

** CID 1662705:       Insecure data handling  (TAINTED_SCALAR)


_____________________________________________________________________________________________
*** CID 1662705:         Insecure data handling  (TAINTED_SCALAR)
/xmloff/source/style/XMLFontAutoStylePool.cxx: 651             in SvXMLExport::embedFontFile(const rtl::OUString &, const rtl::OUString &)()
645                     outputStream->closeOutput();
646                     return OUString();
647                 }
648                 if( readSize == 0 )
649                     break;
650                 // coverity[overrun-buffer-arg : FALSE] - coverity has difficulty with css::uno::Sequence
>>>     CID 1662705:         Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted expression "buffer" to "Sequence", which uses it as a loop boundary.
651                 outputStream->writeBytes(uno::Sequence<sal_Int8>(buffer, readSize));
652             }
653             outputStream->closeOutput();
654             if( storage.is() )
655             {
656                 Reference< embed::XTransactedObject > transaction( storage, UNO_QUERY );

  </pre>

  <p>
    <a href="https://scan.coverity.com/projects/libreoffice?tab=overview" class="button">View Defects in Coverity Scan</a>
  </p>

  <p>Best regards,</p>
  <p>The Coverity Scan Admin Team</p>
  <img class="logo" width="140" src="https://scan.coverity.com/assets/BlackDuckLogo-6697adc63e07340464201a2ad534d3d3e44f95d36edda20b140440d34f05372f.svg" />
</body>
</html>