Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
9 new defect(s) introduced to LibreOffice found with Coverity Scan.
10 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)
** CID 1602450: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________________________________________________
*** CID 1602450: Null pointer dereferences (FORWARD_NULL)
/sw/source/filter/ww8/wrtww8gr.cxx: 149 in WW8Export::TestOleNeedsGraphic(const SwAttrSet &, const rtl::Reference<SotStorage> &, const rtl::Reference<SotStorage> &, const rtl::OUString &, SwOLENode *)()
143 0,
144 nAspect,
145 m_pWriter->GetBaseURL());
146
147 if (pRet)
148 {
>>> CID 1602450: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "pOLENd->GetOLEObj()" to "GetOleRef", which dereferences it.
149 uno::Reference< embed::XEmbeddedObject > xObj = pOLENd->GetOLEObj().GetOleRef();
150 if ( xObj.is() )
151 {
152 std::unique_ptr<SvStream> pGraphicStream;
153 comphelper::EmbeddedObjectContainer aCnt( m_rDoc.GetDocStorage() );
154 try
** CID 1602449: Resource leaks (RESOURCE_LEAK)
/sw/source/core/doc/docsort.cxx: 457 in SwDoc::SortText(const SwPaM &, const SwSortOptions &)()
________________________________________________________________________________________________________
*** CID 1602449: Resource leaks (RESOURCE_LEAK)
/sw/source/core/doc/docsort.cxx: 457 in SwDoc::SortText(const SwPaM &, const SwSortOptions &)()
451 GetIDocumentUndoRedo().DoUndo( bUndo );
452 if( bUndo )
453 {
454 GetIDocumentUndoRedo().EndUndo( SwUndoId::END, nullptr );
455 }
456
>>> CID 1602449: Resource leaks (RESOURCE_LEAK)
>>> Variable "pRedlUndo" going out of scope leaks the storage it points to.
457 return true;
458 }
459
460 /// Sort Table in the Document
461 bool SwDoc::SortTable(const SwSelBoxes& rBoxes, const SwSortOptions& rOpt)
462 {
** CID 1602448: Error handling issues (CHECKED_RETURN)
/sw/source/filter/html/htmlplug.cxx: 837 in SwHTMLParser::NewObject()()
________________________________________________________________________________________________________
*** CID 1602448: Error handling issues (CHECKED_RETURN)
/sw/source/filter/html/htmlplug.cxx: 837 in SwHTMLParser::NewObject()()
831
832 m_pAppletImpl->SetAltText( aStandBy );
833
834 SfxItemSet aItemSet( m_xDoc->GetAttrPool(), m_pCSS1Parser->GetWhichMap() );
835 SvxCSS1PropertyInfo aPropInfo;
836 if( HasStyleOptions( aStyle, aId, aClass ) )
>>> CID 1602448: Error handling issues (CHECKED_RETURN)
>>> Calling "ParseStyleOptions" without checking return value (as is done elsewhere 18 out of 22 times).
837 ParseStyleOptions( aStyle, aId, aClass, aItemSet, aPropInfo );
838
839 SfxItemSet& rFrameSet = m_pAppletImpl->GetItemSet();
840 if( !IsNewDoc() )
841 Reader::ResetFrameFormatAttrs( rFrameSet );
842
** CID 1602447: Error handling issues (CHECKED_RETURN)
/sw/source/filter/html/htmlgrin.cxx: 566 in SwHTMLParser::InsertImage()()
________________________________________________________________________________________________________
*** CID 1602447: Error handling issues (CHECKED_RETURN)
/sw/source/filter/html/htmlgrin.cxx: 566 in SwHTMLParser::InsertImage()()
560 }
561 }
562
563 SfxItemSet aItemSet( m_xDoc->GetAttrPool(), m_pCSS1Parser->GetWhichMap() );
564 SvxCSS1PropertyInfo aPropInfo;
565 if( HasStyleOptions( aStyle, aId, aClass ) )
>>> CID 1602447: Error handling issues (CHECKED_RETURN)
>>> Calling "ParseStyleOptions" without checking return value (as is done elsewhere 18 out of 22 times).
566 ParseStyleOptions( aStyle, aId, aClass, aItemSet, aPropInfo );
567
568 SfxItemSetFixed<RES_FRMATR_BEGIN, RES_FRMATR_END-1> aFrameSet( m_xDoc->GetAttrPool() );
569 if( !IsNewDoc() )
570 Reader::ResetFrameFormatAttrs( aFrameSet );
571
** CID 1602446: Error handling issues (CHECKED_RETURN)
/sc/source/core/tool/dbdata.cxx: 1601 in ScDBCollection::CopyToTable(short, short)()
________________________________________________________________________________________________________
*** CID 1602446: Error handling issues (CHECKED_RETURN)
/sc/source/core/tool/dbdata.cxx: 1601 in ScDBCollection::CopyToTable(short, short)()
1595 for (const auto& rxNamedDB : aTemp)
1596 {
1597 const OUString newName( lcl_IncrementNumberInNamedRange( maNamedDBs, rxNamedDB->GetName()));
1598 std::unique_ptr<ScDBData> pDataCopy = std::make_unique<ScDBData>(newName, *rxNamedDB);
1599 pDataCopy->UpdateMoveTab(nOldPos, nNewPos);
1600 pDataCopy->SetIndex(0);
>>> CID 1602446: Error handling issues (CHECKED_RETURN)
>>> Calling "insert" without checking return value (as is done elsewhere 5 out of 6 times).
1601 maNamedDBs.insert(std::move(pDataCopy));
1602 }
1603 }
1604
1605 ScDBData* ScDBCollection::GetDBNearCursor(SCCOL nCol, SCROW nRow, SCTAB nTab )
1606 {
** CID 1602445: Error handling issues (UNCAUGHT_EXCEPT)
/sd/source/ui/view/ToolBarManager.cxx: 290 in sd::ToolBarManager::Implementation::UpdateLockImplementation::~UpdateLockImplementation()()
________________________________________________________________________________________________________
*** CID 1602445: Error handling issues (UNCAUGHT_EXCEPT)
/sd/source/ui/view/ToolBarManager.cxx: 290 in sd::ToolBarManager::Implementation::UpdateLockImplementation::~UpdateLockImplementation()()
284
285 class UpdateLockImplementation
286 {
287 public:
288 explicit UpdateLockImplementation (Implementation& rImplementation)
289 : mrImplementation(rImplementation) { mrImplementation.LockUpdate(); }
>>> CID 1602445: Error handling issues (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown but the exception specification "/*implicit*/noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
290 ~UpdateLockImplementation() { mrImplementation.UnlockUpdate(); }
291 private:
292 Implementation& mrImplementation;
293 };
294
295 void LockViewShellManager();
** CID 1602444: Error handling issues (CHECKED_RETURN)
/sw/source/filter/html/htmlplug.cxx: 967 in SwHTMLParser::InsertApplet()()
________________________________________________________________________________________________________
*** CID 1602444: Error handling issues (CHECKED_RETURN)
/sw/source/filter/html/htmlplug.cxx: 967 in SwHTMLParser::InsertApplet()()
961 m_pAppletImpl->CreateApplet( aCode, aName, bMayScript, aCodeBase, m_sBaseURL );//, aAlt );
962 m_pAppletImpl->SetAltText( aAlt );
963
964 SfxItemSet aItemSet( m_xDoc->GetAttrPool(), m_pCSS1Parser->GetWhichMap() );
965 SvxCSS1PropertyInfo aPropInfo;
966 if( HasStyleOptions( aStyle, aId, aClass ) )
>>> CID 1602444: Error handling issues (CHECKED_RETURN)
>>> Calling "ParseStyleOptions" without checking return value (as is done elsewhere 18 out of 22 times).
967 ParseStyleOptions( aStyle, aId, aClass, aItemSet, aPropInfo );
968
969 SfxItemSet& rFrameSet = m_pAppletImpl->GetItemSet();
970 if( !IsNewDoc() )
971 Reader::ResetFrameFormatAttrs( rFrameSet );
972
** CID 1602443: Memory - illegal accesses (USE_AFTER_FREE)
/sw/source/core/doc/docredln.cxx: 725 in SwRedlineTable::DeleteAndDestroy(unsigned long)()
________________________________________________________________________________________________________
*** CID 1602443: Memory - illegal accesses (USE_AFTER_FREE)
/sw/source/core/doc/docredln.cxx: 725 in SwRedlineTable::DeleteAndDestroy(unsigned long)()
719 void SwRedlineTable::DeleteAndDestroy(size_type const nP)
720 {
721 auto const pRedline = maVector[nP];
722 maVector.erase(maVector.begin() + nP);
723 LOKRedlineNotification(RedlineNotification::Remove, pRedline);
724 delete pRedline;
>>> CID 1602443: Memory - illegal accesses (USE_AFTER_FREE)
>>> Using freed pointer "pRedline".
725 if (pRedline == mpMaxEndPos)
726 mpMaxEndPos = nullptr;
727 }
728
729 SwRedlineTable::size_type SwRedlineTable::FindNextOfSeqNo( size_type nSttPos ) const
730 {
** CID 1602442: Uninitialized members (UNINIT_CTOR)
/vcl/source/filter/jpeg/jpegc.cxx: 58 in <unnamed>::ErrorManagerStruct::ErrorManagerStruct()()
________________________________________________________________________________________________________
*** CID 1602442: Uninitialized members (UNINIT_CTOR)
/vcl/source/filter/jpeg/jpegc.cxx: 58 in <unnamed>::ErrorManagerStruct::ErrorManagerStruct()()
52 jpeg_error_mgr pub;
53 jmp_buf setjmp_buffer;
54
55 ErrorManagerStruct()
56 {
57 pub.msg_parm = {};
>>> CID 1602442: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "setjmp_buffer.__saved_mask" is not initialized in this constructor nor in any functions that it calls.
58 }
59 };
60
61 }
62
63 #ifdef _MSC_VER
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu6VvXBlQRUbS683tC8265rGNPXqJ1ffcoLZCnTuJFQbNcTEkb4XaEQkzovKhJ5DB3c-3DbBqq_A9M4dSy7guk8NP6DcfgslOyvJRzavztVIKj6nRqYjYpWom7SJFyX0y710bz0kUGtMe04eAhYunwEIn8W-2BWp5SbDoUmPfFcbuP3qLiEFsHd4nKZ85pbn3Y24qIciWZrF1v4hyCHSJHm1ttm0svBorBIC1-2BdHdAx4MLtEn-2FxpKsixttIG-2FdzWuOIPeo6kZd4YWjxuDa1kr922Jh9LbLNg-2FPL7wr0hGZFAjDoSJYbLTJN8-3D
New Defects reported by Coverity Scan for LibreOffice
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: New Defects reported by Coverity Scan for LibreOffice
- From: scan-admin@xxxxxxxxxxxx
- Date: Sun, 02 Jun 2024 05:42:07 +0000 (UTC)
- Prev by Date: Weekly Status Update 4
- Next by Date: Crash test update
- Previous by thread: New Defects reported by Coverity Scan for LibreOffice
- Next by thread: New Defects reported by Coverity Scan for LibreOffice
- Index(es):
 |