Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found
with Coverity Scan.
7 new defect(s) introduced to LibreOffice found with Coverity Scan.
17 defect(s), reported by Coverity Scan earlier, were marked fixed in the
recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 7 of 7 defect(s)
** CID 1681429: Integer handling issues (INTEGER_OVERFLOW)
/vcl/source/treelist/svimpbox.cxx: 1457 in
SvImpLBox::EntryCollapsed(SvTreeListEntry *)()
_____________________________________________________________________________________________
*** CID 1681429: Integer handling issues (INTEGER_OVERFLOW)
/vcl/source/treelist/svimpbox.cxx: 1457 in
SvImpLBox::EntryCollapsed(SvTreeListEntry *)()
1451 }
1452
1453 if( m_pStartEntry )
1454 {
1455 tools::Long nOldThumbPos = m_aVerSBar->GetThumbPos();
1456 sal_uLong nVisList = m_pView->GetVisibleCount();
>>> CID 1681429: Integer handling issues (INTEGER_OVERFLOW)
>>> Expression "nVisList - 1UL", where "nVisList" is known to be equal to
>>> 0, underflows the type of "nVisList - 1UL", which is type "unsigned long".
1457 m_aVerSBar->SetRange( Range(0, nVisList-1) );
1458 tools::Long nNewThumbPos = m_aVerSBar->GetThumbPos();
1459 if( nNewThumbPos != nOldThumbPos )
1460 {
1461 m_pStartEntry = m_pView->First();
1462 sal_uInt16 nDistance =
static_cast<sal_uInt16>(nNewThumbPos);
** CID 1681428: Integer handling issues (INTEGER_OVERFLOW)
/vcl/source/treelist/svimpbox.cxx: 1713 in
SvImpLBox::EntryMoved(SvTreeListEntry *)()
_____________________________________________________________________________________________
*** CID 1681428: Integer handling issues (INTEGER_OVERFLOW)
/vcl/source/treelist/svimpbox.cxx: 1713 in
SvImpLBox::EntryMoved(SvTreeListEntry *)()
1707
1708 if ( !m_pStartEntry )
1709 // this might happen if the only entry in the view is moved to
its very same position
1710 // #i97346#
1711 m_pStartEntry = m_pView->First();
1712
>>> CID 1681428: Integer handling issues (INTEGER_OVERFLOW)
>>> Expression "this->m_pView->GetVisibleCount() - 1U", where
>>> "this->m_pView->GetVisibleCount()" is known to be equal to 0, underflows
>>> the type of "this->m_pView->GetVisibleCount() - 1U", which is type
>>> "unsigned int".
1713 m_aVerSBar->SetRange( Range(0, m_pView->GetVisibleCount()-1));
1714 sal_uInt16 nFirstPos = static_cast<sal_uInt16>(m_pTree->GetAbsPos(
m_pStartEntry ));
1715 sal_uInt16 nNewPos = static_cast<sal_uInt16>(m_pTree->GetAbsPos(
pEntry ));
1716 FindMostRight();
1717 if( nNewPos < nFirstPos ) // HACK!
1718 m_pStartEntry = pEntry;
** CID 1681427: Integer handling issues (INTEGER_OVERFLOW)
/vcl/source/treelist/svimpbox.cxx: 1433 in
SvImpLBox::EntryExpanded(SvTreeListEntry *)()
_____________________________________________________________________________________________
*** CID 1681427: Integer handling issues (INTEGER_OVERFLOW)
/vcl/source/treelist/svimpbox.cxx: 1433 in
SvImpLBox::EntryExpanded(SvTreeListEntry *)()
1427 tools::Long nY = GetEntryLine( pEntry );
1428 if( IsLineVisible(nY) )
1429 {
1430 InvalidateEntriesFrom( nY );
1431 FindMostRight( pEntry );
1432 }
>>> CID 1681427: Integer handling issues (INTEGER_OVERFLOW)
>>> Expression "this->m_pView->GetVisibleCount() - 1U", where
>>> "this->m_pView->GetVisibleCount()" is known to be equal to 0, underflows
>>> the type of "this->m_pView->GetVisibleCount() - 1U", which is type
>>> "unsigned int".
1433 m_aVerSBar->SetRange( Range(0, m_pView->GetVisibleCount()-1 ) );
1434 // if we expanded before the thumb, the thumb's position has to be
1435 // corrected
1436 SyncVerThumb();
1437 ShowVerSBar();
1438 ShowCursor( true );
** CID 1681426: Null pointer dereferences (NULL_RETURNS)
_____________________________________________________________________________________________
*** CID 1681426: Null pointer dereferences (NULL_RETURNS)
/svx/source/diagram/datamodel_svx.cxx: 493 in
svx::diagram::DiagramData_svx::addDiagramNode()()
487
488 aPresPoint.msPresentationAssociationId = aDataPoint.msModelId;
489 if (!sPresSibling.isEmpty())
490 {
491 // no idea where to get these values from, so copy from
previous sibling
492 const svx::diagram::Point*
pSiblingPoint(getPointByModelID(sPresSibling));
>>> CID 1681426: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing a pointer that might be "nullptr"
>>> "pSiblingPoint->msPresentationLayoutName" when calling "operator =".
493 aPresPoint.msPresentationLayoutName =
pSiblingPoint->msPresentationLayoutName;
494 aPresPoint.msPresentationLayoutStyleLabel =
pSiblingPoint->msPresentationLayoutStyleLabel;
495 aPresPoint.mnLayoutStyleIndex =
pSiblingPoint->mnLayoutStyleIndex;
496 aPresPoint.mnLayoutStyleCount =
pSiblingPoint->mnLayoutStyleCount;
497 }
498
** CID 1681425: Integer handling issues (INTEGER_OVERFLOW)
/vcl/source/treelist/svimpbox.cxx: 675 in SvImpLBox::UpdateAll()()
_____________________________________________________________________________________________
*** CID 1681425: Integer handling issues (INTEGER_OVERFLOW)
/vcl/source/treelist/svimpbox.cxx: 675 in SvImpLBox::UpdateAll()()
669 }
670
671
672 void SvImpLBox::UpdateAll()
673 {
674 FindMostRight();
>>> CID 1681425: Integer handling issues (INTEGER_OVERFLOW)
>>> Expression "this->m_pView->GetVisibleCount() - 1U", where
>>> "this->m_pView->GetVisibleCount()" is known to be equal to 0, underflows
>>> the type of "this->m_pView->GetVisibleCount() - 1U", which is type
>>> "unsigned int".
675 m_aVerSBar->SetRange( Range(0, m_pView->GetVisibleCount()-1 ) );
676 SyncVerThumb();
677 FillView();
678 ShowVerSBar();
679 if( m_bSimpleTravel && m_pCursor && m_pView->HasFocus() )
680 m_pView->Select( m_pCursor );
** CID 1681424: Integer handling issues (INTEGER_OVERFLOW)
/vcl/source/treelist/svimpbox.cxx: 1785 in
SvImpLBox::EntryInserted(SvTreeListEntry *)()
_____________________________________________________________________________________________
*** CID 1681424: Integer handling issues (INTEGER_OVERFLOW)
/vcl/source/treelist/svimpbox.cxx: 1785 in
SvImpLBox::EntryInserted(SvTreeListEntry *)()
1779 }
1780 }
1781 else if( !m_pStartEntry )
1782 m_pView->Invalidate();
1783
1784 SetMostRight( pEntry );
>>> CID 1681424: Integer handling issues (INTEGER_OVERFLOW)
>>> Expression "this->m_pView->GetVisibleCount() - 1U", where
>>> "this->m_pView->GetVisibleCount()" is known to be equal to 0, underflows
>>> the type of "this->m_pView->GetVisibleCount() - 1U", which is type
>>> "unsigned int".
1785 m_aVerSBar->SetRange( Range(0, m_pView->GetVisibleCount()-1));
1786 SyncVerThumb(); // if something was inserted before the thumb
1787 ShowVerSBar();
1788 ShowCursor( true );
1789 if( m_pStartEntry != m_pView->First() && (m_nFlags &
LBoxFlags::Filling) )
1790 m_pView->PaintImmediately();
** CID 1681423: Integer handling issues (INTEGER_OVERFLOW)
/vcl/source/treelist/svimpbox.cxx: 1644 in SvImpLBox::EntryRemoved()()
_____________________________________________________________________________________________
*** CID 1681423: Integer handling issues (INTEGER_OVERFLOW)
/vcl/source/treelist/svimpbox.cxx: 1644 in
SvImpLBox::EntryRemoved()()
1638 m_pView->Select( m_pCursor );
1639
1640 if( GetUpdateMode())
1641 {
1642 if( m_nFlags & LBoxFlags::RemovedRecalcMostRight )
1643 FindMostRight();
>>> CID 1681423: Integer handling issues (INTEGER_OVERFLOW)
>>> Expression "this->m_pView->GetVisibleCount() - 1U", where
>>> "this->m_pView->GetVisibleCount()" is known to be equal to 0, underflows
>>> the type of "this->m_pView->GetVisibleCount() - 1U", which is type
>>> "unsigned int".
1644 m_aVerSBar->SetRange( Range(0, m_pView->GetVisibleCount()-1 )
);
1645 FillView();
1646 if( m_pStartEntry )
1647 // if something above the thumb was deleted
1648 m_aVerSBar->SetThumbPos( m_pView->GetVisiblePos(
m_pStartEntry) );
1649
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://scan.coverity.com/projects/libreoffice?tab=overview
