New Defects reported by Coverity Scan for LibreOffice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.

5 new defect(s) introduced to LibreOffice found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 1486008:  Null pointer dereferences  (FORWARD_NULL)
/sccomp/source/solver/SwarmSolver.cxx: 254 in <unnamed>::SwarmSolver::getPropertyDescription(const rtl::OUString &)()


________________________________________________________________________________________________________
*** CID 1486008:  Null pointer dereferences  (FORWARD_NULL)
/sccomp/source/solver/SwarmSolver.cxx: 254 in <unnamed>::SwarmSolver::getPropertyDescription(const rtl::OUString &)()
248                 case PROP_ALGORITHM:
249                     pResId = RID_PROPERTY_ALGORITHM;
250                     break;
251                 default:
252                     break;
253             }
>>>     CID 1486008:  Null pointer dereferences  (FORWARD_NULL)
>>>     Passing null pointer "pResId" to "basic_string_view", which dereferences it. (The dereference is assumed on the basis of the "nonnull" parameter attribute.)
254             return SwarmSolver::getResourceString(pResId);
255         }
256     
257         // XServiceInfo
258         virtual OUString SAL_CALL getImplementationName() override
259         {

** CID 1486007:  Memory - illegal accesses  (USE_AFTER_FREE)


________________________________________________________________________________________________________
*** CID 1486007:  Memory - illegal accesses  (USE_AFTER_FREE)
/sw/source/core/layout/ftnfrm.cxx: 1979 in SwFootnoteBossFrame::MoveFootnotes_(std::vector<SwFootnoteFrame *, std::allocator<SwFootnoteFrame *>> &, bool)()
1973                 const sal_uInt16 nRefCol = lcl_ColumnNum( this );
1974                 if( nRefNum < nMyNum || ( nRefNum == nMyNum && nRefCol <= nMyCol ) )
1975                     pRefBoss = this;
1976             }
1977             pRefBoss->InsertFootnote( pFootnote );
1978     
>>>     CID 1486007:  Memory - illegal accesses  (USE_AFTER_FREE)
>>>     Calling "GetUpper" dereferences freed pointer "pFootnote".
1979             if ( pFootnote->GetUpper() ) // robust, e.g. with duplicates
1980             {
1981                 // First condense the content so that footnote frames that do not fit on the page
1982                 // do not do too much harm (Loop 66312). So, the footnote content first grows as
1983                 // soon as the content gets formatted and it is sure that it fits on the page.
1984                 SwFrame *pCnt = pFootnote->ContainsAny();

** CID 1486006:  Null pointer dereferences  (FORWARD_NULL)


________________________________________________________________________________________________________
*** CID 1486006:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/uibase/uno/unoatxt.cxx: 500 in SwXAutoTextGroup::getByIndex(int)()
494         std::unique_ptr<SwTextBlocks> pGlosGroup(pGlossaries ? pGlossaries->GetGroupDoc(m_sGroupName) : nullptr);
495         if (!pGlosGroup || pGlosGroup->GetError())
496             throw uno::RuntimeException();
497         const sal_uInt16 nCount = pGlosGroup->GetCount();
498         if (nIndex < 0 || nIndex >= static_cast<sal_Int32>(nCount))
499             throw lang::IndexOutOfBoundsException();
>>>     CID 1486006:  Null pointer dereferences  (FORWARD_NULL)
>>>     "getByName" dereferences null "this->pGlossaries".
500         return getByName(pGlosGroup->GetShortName(o3tl::narrowing<sal_uInt16>(nIndex)));
501     }
502     
503     uno::Type SwXAutoTextGroup::getElementType()
504     {
505         return cppu::UnoType<text::XAutoTextEntry>::get();

** CID 1486005:  Uninitialized members  (UNINIT_CTOR)
/oox/source/drawingml/textliststyle.cxx: 41 in oox::drawingml::TextListStyle::TextListStyle(const oox::drawingml::TextListStyle&)()


________________________________________________________________________________________________________
*** CID 1486005:  Uninitialized members  (UNINIT_CTOR)
/oox/source/drawingml/textliststyle.cxx: 41 in oox::drawingml::TextListStyle::TextListStyle(const oox::drawingml::TextListStyle&)()
35     {
36         for ( size_t i = 0; i < NUM_TEXT_LIST_STYLE_ENTRIES; i++ )
37         {
38             maListStyle[i] = rStyle.maListStyle[i];
39             maAggregationListStyle[i] = rStyle.maAggregationListStyle[i];
40         }
>>>     CID 1486005:  Uninitialized members  (UNINIT_CTOR)
>>>     Non-static class member "mbHasListStyleOnImport" is not initialized in this constructor nor in any functions that it calls.
41     }
42     
43     TextListStyle& TextListStyle::operator=(const TextListStyle& rStyle)
44     {
45         if(this != &rStyle)
46         {

** CID 1486004:  Error handling issues  (UNCAUGHT_EXCEPT)
/usr/include/c++/9/ext/new_allocator.h: 151 in __gnu_cxx::new_allocator<SwUndoInsLayFormat>::destroy<SwUndoInsLayFormat>(T1 *)()


________________________________________________________________________________________________________
*** CID 1486004:  Error handling issues  (UNCAUGHT_EXCEPT)
/usr/include/c++/9/ext/new_allocator.h: 151 in __gnu_cxx::new_allocator<SwUndoInsLayFormat>::destroy<SwUndoInsLayFormat>(T1 *)()
145     	noexcept(noexcept(::new((void *)__p)
146     			    _Up(std::forward<_Args>(__args)...)))
147     	{ ::new((void *)__p) _Up(std::forward<_Args>(__args)...); }
148     
149           template<typename _Up>
150     	void
>>>     CID 1486004:  Error handling issues  (UNCAUGHT_EXCEPT)
>>>     An exception of type "com::sun::star::uno::RuntimeException" is thrown but the throw list "noexcept" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
151     	destroy(_Up* __p)
152     	noexcept(noexcept( __p->~_Up()))
153     	{ __p->~_Up(); }
154     #else
155           // _GLIBCXX_RESOLVE_LIB_DEFECTS
156           // 402. wrong new expression in [some_] allocator::construct


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypSs1kiFPuCn2xFdlMIFBirii0zZ9j2-2F9F2XPBcBm2BNgi9duPy3v-2FzgFDd2LJ-2BDKI-3D_sj__OTq2XUZbbipYjyLSo6GRo-2FpVxQ9OzkDINu9UTS-2FQhSdO0F0jQniitrGlNxDIzPJiv9vLpsIvvi9AM5F0BEv-2FAkM0tH4Rgw2qUQqC1VQIvLhvmXAkgQFtynAeulySR28tBjKwUdpIiPmHx49B1GibGxXwKDpNLEeATuNpQYzekBuogQuRhwGju0kby4Fy1CC0UvIgbJfGFUizBaE9AQ8l9hHaEjnKMEtztkmN63V1J4U-3D

_______________________________________________
LibreOffice mailing list
LibreOffice@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/libreoffice



[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux