New Defects reported by Coverity Scan for LibreOffice

[scan-admin@xxxxxxxxxxxx]

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1470591:  Null pointer dereferences  (REVERSE_INULL)
/sc/source/filter/xcl97/xcl97rec.cxx: 1106 in XclObjAny::WriteFromTo(XclExpXmlStream &, const com::sun::star::uno::Reference<com::sun::star::drawing::XShape> &, short)()


________________________________________________________________________________________________________
*** CID 1470591:  Null pointer dereferences  (REVERSE_INULL)
/sc/source/filter/xcl97/xcl97rec.cxx: 1106 in XclObjAny::WriteFromTo(XclExpXmlStream &, const com::sun::star::uno::Reference<com::sun::star::drawing::XShape> &, short)()
1100         awt::Point  aTopLeft    = rShape->getPosition();
1101         awt::Size   aSize       = rShape->getSize();
1102     
1103         // size is correct, but aTopLeft needs correction for rotated shapes
1104         SdrObject* pObj = SdrObject::getSdrObjectFromXShape(rShape.get());
1105         sal_Int32 nRotation = pObj->GetRotateAngle();
>>>     CID 1470591:  Null pointer dereferences  (REVERSE_INULL)
>>>     Null-checking "pObj" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
1106         if ( pObj && nRotation != 0 && pObj->GetObjIdentifier() == OBJ_CUSTOMSHAPE )
1107         {
1108             const tools::Rectangle& aSnapRect(pObj->GetSnapRect()); // bounding box of the rotated shape
1109             aTopLeft.X = aSnapRect.getX() + (aSnapRect.GetWidth() / 2) - (aSize.Width / 2);
1110             aTopLeft.Y = aSnapRect.getY() + (aSnapRect.GetHeight() / 2) - (aSize.Height / 2);
1111         }

** CID 1470590:  Memory - corruptions  (OVERRUN)


________________________________________________________________________________________________________
*** CID 1470590:  Memory - corruptions  (OVERRUN)
/comphelper/source/misc/storagehelper.cxx: 436 in comphelper::OStorageHelper::CreatePackageEncryptionData(std::basic_string_view<char16_t, std::char_traits<char16_t>>)()
430                 if ( nError != rtl_Digest_E_None )
431                 {
432                     aEncryptionData.realloc( nSha1Ind );
433                     break;
434                 }
435     
>>>     CID 1470590:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array "pBuffer" of 20 bytes by passing it to a function which accesses it at byte offset 159 using argument "20".
436                 aEncryptionData[nSha1Ind+nInd].Value <<= uno::Sequence< sal_Int8 >( reinterpret_cast<sal_Int8*>(pBuffer), RTL_DIGEST_LENGTH_SHA1 );
437             }
438     
439             // actual SHA1
440             aEncryptionData[nSha1Ind + 2].Name = PACKAGE_ENCRYPTIONDATA_SHA1CORRECT;
441             OString aByteStrPass = OUStringToOString(aPassword, RTL_TEXTENCODING_UTF8);


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypSs1kiFPuCn2xFdlMIFBirii0zZ9j2-2F9F2XPBcBm2BNgi9duPy3v-2FzgFDd2LJ-2BDKI-3D3Fdw_OTq2XUZbbipYjyLSo6GRo-2FpVxQ9OzkDINu9UTS-2FQhSdO0F0jQniitrGlNxDIzPJi4Hml82RPhD614tpZwPe6uTjWmrhpUB9PgbQjAFoqHUX47TnYaD0Q17l-2BtWdnv4HsPIeGYUVj3Oq0r0t711qIX9ZOpOSOAIx6G5nV6s2ODdsVTwoec340-2BsUA0BFp5nk-2BJrXE5Jel7S2Q1jQzFEjAfDeXhnPGp7lVAb0eFiDE53atHAxfvdEKq0vZ11iau-2BCG

_______________________________________________
LibreOffice mailing list
LibreOffice@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/libreoffice