Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
2 new defect(s) introduced to LibreOffice found with Coverity Scan.
39 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1615230: Integer handling issues (INTEGER_OVERFLOW)
/ucb/source/ucp/webdav-curl/CurlSession.cxx: 545 in http_dav_ucp::ProcessHeaders(const std::vector<rtl::OString, std::allocator<rtl::OString>> &)()
________________________________________________________________________________________________________
*** CID 1615230: Integer handling issues (INTEGER_OVERFLOW)
/ucb/source/ucp/webdav-curl/CurlSession.cxx: 545 in http_dav_ucp::ProcessHeaders(const std::vector<rtl::OString, std::allocator<rtl::OString>> &)()
539 SAL_WARN("ucb.ucp.webdav.curl", "invalid header field (empty name)");
540 continue;
541 }
542 // case insensitive; must be ASCII
543 auto const name(::rtl::OStringToOUString(OString(line.substr(0, nColon)).toAsciiLowerCase(),
544 RTL_TEXTENCODING_ASCII_US));
>>> CID 1615230: Integer handling issues (INTEGER_OVERFLOW)
>>> Expression "nColon + 1UL", which is equal to 0, where "nColon" is known to be equal to 18446744073709551615, overflows the type that receives it, an unsigned integer 64 bits wide.
545 sal_Int32 nStart(nColon + 1);
546 while (nStart < static_cast<sal_Int32>(line.size())
547 && (line[nStart] == ' ' || line[nStart] == '\t'))
548 {
549 ++nStart;
550 }
** CID 1615229: Memory - illegal accesses (UNINIT)
________________________________________________________________________________________________________
*** CID 1615229: Memory - illegal accesses (UNINIT)
/ucb/source/ucp/webdav-curl/SerfLockStore.cxx: 142 in http_dav_ucp::SerfLockStore::joinThreads()()
136 std::unique_lock aGuard(m_aMutex);
137 // FIXME: cure could be worse than the problem; we don't
138 // want to block on a long-standing webdav lock refresh request.
139 // perhaps we should timeout on a condition instead if a request
140 // is in progress.
141 if (m_pTickerThread.is())
>>> CID 1615229: Memory - illegal accesses (UNINIT)
>>> Using uninitialized value "aGuard._M_owns" when calling "stopTicker".
142 stopTicker(aGuard);
143 return true;
144 }
145
146 void SerfLockStore::startThreads()
147 {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu6VvXBlQRUbS683tC8265rGNPXqJ1ffcoLZCnTuJFQbNcTEkb4XaEQkzovKhJ5DB3c-3DwRwS_A9M4dSy7guk8NP6DcfgslOyvJRzavztVIKj6nRqYjYpWom7SJFyX0y710bz0kUGtrmiH2yJI-2BgyOtDjBdb4jwKZ9QWoZ487I1UR2VZnDzxykUz7oMxIB2eMuCumtTrOCwjuY9xRfX-2B616dpmH8DhezxCiuXdWTDls76mKHJJKR8eFWelCpjhO8E3Qm56p-2FXcnkX2Nb5OoiUO4gaqqUi60vIhTl4SyjN9SkcoQl0a7hI-3D
New Defects reported by Coverity Scan for LibreOffice
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: New Defects reported by Coverity Scan for LibreOffice
- From: scan-admin@xxxxxxxxxxxx
- Date: Mon, 29 Jul 2024 02:13:00 +0000 (UTC)
- Prev by Date: libreoffice on armhf: ‘asm’ operand has impossible constraints or there are not enough registers
- Next by Date: Re: Missing Patch Of LOK in LibreOffice Core Repo
- Previous by thread: New Defects reported by Coverity Scan for LibreOffice
- Next by thread: New Defects reported by Coverity Scan for LibreOffice
- Index(es):
 |