'New Defects reported by Coverity Scan for LibreOffice'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       libreoffice
Subject:    New Defects reported by Coverity Scan for LibreOffice
From:       scan-admin () coverity ! com
Date:       2022-02-28 11:30:25
Message-ID: 621cb250ef30c_ae6f02b0cf36619a0847e2 () prd-scan-dashboard-0 ! mail
[Download RAW message or body]

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found with \
Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
21 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent \
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1501377:  Null pointer dereferences  (FORWARD_NULL)
/hwpfilter/source/hwpreader.cxx: 2651 in HwpReader::makeFStyle(FBoxStyle *)()


________________________________________________________________________________________________________
                
*** CID 1501377:  Null pointer dereferences  (FORWARD_NULL)
/hwpfilter/source/hwpreader.cxx: 2651 in HwpReader::makeFStyle(FBoxStyle *)()
2645                     Double2Str(WTMM(-fstyle->margin[1][2]) ) + "mm " +
2646                     Double2Str(WTMM(-fstyle->margin[1][3]) ) + "mm)";
2647                  padd("style:mirror", sXML_CDATA, "none");
2648                  padd("fo:clip", sXML_CDATA, clip);
2649             }
2650             char *cell = static_cast<char *>(fstyle->cell);
> > > CID 1501377:  Null pointer dereferences  (FORWARD_NULL)
> > > Dereferencing null pointer "cell".
2651             padd("draw:luminance", sXML_CDATA,
2652                 ascii(Int2Str(cell[0], "%d%%", buf)));
2653             padd("draw:contrast", sXML_CDATA,
2654                 ascii(Int2Str(cell[1], "%d%%", buf)));
2655             if( cell[2] == 0 )
2656                 padd("draw:color-mode", sXML_CDATA, "standard");

** CID 1473807:  Insecure data handling  (TAINTED_SCALAR)


________________________________________________________________________________________________________
                
*** CID 1473807:  Insecure data handling  (TAINTED_SCALAR)
/vcl/unx/generic/fontmanager/fontmanager.cxx: 1075 in \
psp::PrintFontManager::createFontSubset(FontSubsetInfo &, int, const rtl::OUString &, \
const unsigned short *, const unsigned char *, int *, int)() 1069         else
1070         {
1071             CloseTTFont( pTTFont );
1072             return false;
1073         }
1074     
> > > CID 1473807:  Insecure data handling  (TAINTED_SCALAR)
> > > Passing tainted expression "pTTFont->m_aGlyphOffsets" to \
> > > "CreateTTFromTTGlyphs", which uses it as an offset.
1075         bool bSuccess = ( SFErrCodes::Ok == CreateTTFromTTGlyphs( pTTFont,
1076                                                          aToFile.getStr(),
1077                                                          pGID,
1078                                                          pEnc,
1079                                                          nGlyphs ) );
1080         CloseTTFont( pTTFont );


________________________________________________________________________________________________________
 To view the defects in Coverity Scan visit, \
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31O \
Yv50ypSs1kiFPuCn2xFdlMIFBirii0zZ9j2-2F9F2XPBcBm2BNgi9duPy3v-2FzgFDd2LJ-2BDKI-3DO4WL_OT \
q2XUZbbipYjyLSo6GRo-2FpVxQ9OzkDINu9UTS-2FQhSdO0F0jQniitrGlNxDIzPJiBH1T54tUVqVb6Zogco94 \
VQkb8dDnep8KV9SHDOJkl1L8McLzEs5GlPa6Jw8qOnMo-2B2rjslO2HjOyai5pVrsRsTiM8xhG104sh1RGvPsFubAUL0s-2FV1cEXQAmxkbAAaDWWtp13cbjuf7LJz2PAkXYiwQMwhmv5LWoO-2Bqp-2BRwD7Uo-3D



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic