New Defects reported by Coverity Scan for LibreOffice

2018-11-26 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1441522:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1441522:  Null pointer dereferences  (FORWARD_NULL)
/svx/source/tbxctrls/fontworkgallery.cxx: 200 in 
svx::FontWorkGalleryDialog::insertSelectedFontwork()()
194 // the mpSdrView that is used to insert 
(InsertObjectAtView below) the
195 // cloned SdrObject.
196 const bool bUseSpecialCalcMode(nullptr != mppSdrObject 
&& nullptr != mpDestModel);
197 const bool bSdrViewInsertMode(nullptr != mpSdrView);
198 
199 // center shape on current view
>>> CID 1441522:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing null pointer "this->mpSdrView" to "GetFirstOutputDevice", which 
>>> dereferences it.
200 OutputDevice* 
pOutDev(mpSdrView->GetFirstOutputDevice());
201 
202 if(pOutDev && (bUseSpecialCalcMode || 
bSdrViewInsertMode))
203 {
204 // Clone directly to target SdrModel (may be 
different due to user/caller (!))
205 SdrObject* pNewObject(

** CID 1441521:  API usage errors  (INVALIDATE_ITERATOR)
/svl/source/passwordcontainer/passwordcontainer.cxx: 1280 in 
PasswordContainer::Notify()()



*** CID 1441521:  API usage errors  (INVALIDATE_ITERATOR)
/svl/source/passwordcontainer/passwordcontainer.cxx: 1280 in 
PasswordContainer::Notify()()
1274 if ( m_pStorageFile )
1275 m_pStorageFile->remove( rEntry.first, 
aNPIter->GetUserName() ); // remove record ( aURL, aName )
1276 }
1277 
1278 if( !aNPIter->HasPasswords( MEMORY_RECORD ) )
1279 {
>>> CID 1441521:  API usage errors  (INVALIDATE_ITERATOR)
>>> Using invalid iterator "std::vector>> std::allocator >::const_iterator(aNPIter)".
1280 aNPIter = rEntry.second.erase(aNPIter);
1281 }
1282 else
1283 ++aNPIter;
1284 }
1285 }



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyPvqYm7xQDzkVodLK1TcrkXKPdOyH620dN1PXJe81RVARFJDDBwCZPHg2q9rcCOCHpXWKxzCyug927WQjrLSJJytBCqRmTrMIfQKTNV-2BBcS5H990Z2VWkX58BzNNDQt4CB9eHPXssxwal2n7qxz-2BzDMYCO9SE82lnxETmLr-2FLiuA-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-11-22 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1441484:  Control flow issues  (DEADCODE)
/sw/source/ui/chrdlg/swuiccoll.cxx: 247 in SwCondCollPage::SelectHdl(const 
weld::Widget *)()



*** CID 1441484:  Control flow issues  (DEADCODE)
/sw/source/ui/chrdlg/swuiccoll.cxx: 247 in SwCondCollPage::SelectHdl(const 
weld::Widget *)()
241 m_xStyleLB->append_text(pBase->GetName());
242 bEmpty = false;
243 }
244 pBase = pPool->Next();
245 }
246 if (!bEmpty)
>>> CID 1441484:  Control flow issues  (DEADCODE)
>>> Execution cannot reach the expression "-1" inside this statement: 
>>> "this->m_xStyleLB->select((b...".
247 m_xStyleLB->select(bEmpty ? -1 : 0);
248 SelectHdl(m_xStyleLB.get());
249 }
250 else
251 {
252 int nSelected = m_xTbLinks->get_selected_index();

** CID 1441483:  API usage errors  (INVALIDATE_ITERATOR)
/svx/source/accessibility/ChildrenManagerImpl.cxx: 745 in 
accessibility::ChildrenManagerImpl::ReplaceChild(accessibility::AccessibleShape 
*, const com::sun::star::uno::Reference &, 
long, const accessibility::AccessibleShapeTreeInfo &)()



*** CID 1441483:  API usage errors  (INVALIDATE_ITERATOR)
/svx/source/accessibility/ChildrenManagerImpl.cxx: 745 in 
accessibility::ChildrenManagerImpl::ReplaceChild(accessibility::AccessibleShape 
*, const com::sun::star::uno::Reference &, 
long, const accessibility::AccessibleShapeTreeInfo &)()
739 
740 bool bResult = I != maVisibleChildren.end();
741 if (bResult)
742 {
743 // Dispose the current child and send an event about its 
deletion.
744 pCurrentChild->dispose();
>>> CID 1441483:  API usage errors  (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "I" though it is already past the end of its 
>>> container.
745 mrContext.CommitChange (
746 AccessibleEventId::CHILD,
747 uno::Any(),
748 uno::makeAny (I->mxAccessibleShape));
749 
750 // Replace with replacement and send an event about existence



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyqUcLQTB-2FWiMN37Dhqh8FvKyo3BiWom4o0RgySJTcDOecT17spWWE6qA3Uk5e-2FZdQHsejmheBSSZkpIfUtg-2F-2FoRo2bQ8Bpz3bOQ1oeKzvlAYRaz3TyLyvHTeQ9mERYBSrvooFasy-2FRyFixxBxjZXy0ePyjeGH3ASyWSu40StJVH4-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-11-20 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

5 new defect(s) introduced to LibreOffice found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 1441470:  Uninitialized members  (UNINIT_CTOR)
/vcl/unx/gtk3/gtk3gtkinst.cxx: 4133 in 
GtkInstanceTreeIter::GtkInstanceTreeIter(const GtkInstanceTreeIter*)()



*** CID 1441470:  Uninitialized members  (UNINIT_CTOR)
/vcl/unx/gtk3/gtk3gtkinst.cxx: 4133 in 
GtkInstanceTreeIter::GtkInstanceTreeIter(const GtkInstanceTreeIter*)()
4127 
4128 struct GtkInstanceTreeIter : public weld::TreeIter
4129 {
4130 GtkInstanceTreeIter(const GtkInstanceTreeIter* pOrig)
4131 {
4132 if (!pOrig)
>>> CID 1441470:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member field "iter.user_data3" is not initialized in 
>>> this constructor nor in any functions that it calls.
4133 return;
4134 iter = pOrig->iter;
4135 }
4136 GtkTreeIter iter;
4137 };
4138 

** CID 1441469:  Null pointer dereferences  (NULL_RETURNS)



*** CID 1441469:  Null pointer dereferences  (NULL_RETURNS)
/vcl/source/app/salvtables.cxx: 2165 in 
SalInstanceTreeView::ExpandingHdl(SvTreeListBox *)()
2159 bool bPlaceHolder = false;
2160 if (pEntry->HasChildren())
2161 {
2162 auto pChild = m_xTreeView->FirstChild(pEntry);
2163 if (m_xTreeView->GetEntryText(pChild) == "")
2164 {
>>> CID 1441469:  Null pointer dereferences  (NULL_RETURNS)
>>> Dereferencing a pointer that might be null "pChild" when calling 
>>> "RemoveEntry".
2165 m_xTreeView->RemoveEntry(pChild);
2166 bPlaceHolder = true;
2167 }
2168 }
2169 
2170 SalInstanceTreeIter aIter(nullptr);

** CID 1441468:  Uninitialized members  (UNINIT_CTOR)
/vcl/source/app/salvtables.cxx: 1758 in 
SalInstanceTreeIter::SalInstanceTreeIter(const SalInstanceTreeIter*)()



*** CID 1441468:  Uninitialized members  (UNINIT_CTOR)
/vcl/source/app/salvtables.cxx: 1758 in 
SalInstanceTreeIter::SalInstanceTreeIter(const SalInstanceTreeIter*)()
1752 
1753 struct SalInstanceTreeIter : public weld::TreeIter
1754 {
1755 SalInstanceTreeIter(const SalInstanceTreeIter* pOrig)
1756 {
1757 if (!pOrig)
>>> CID 1441468:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "iter" is not initialized in this constructor 
>>> nor in any functions that it calls.
1758 return;
1759 iter = pOrig->iter;
1760 }
1761 SvTreeListEntry* iter;
1762 };
1763 

** CID 1441467:  Error handling issues  (CHECKED_RETURN)
/vcl/unx/gtk/fpicker/SalGtkFilePicker.cxx: 1236 in 
SalGtkFilePicker::HandleGetListValue(_GtkComboBox *, short)()



*** CID 1441467:  Error handling issues  (CHECKED_RETURN)
/vcl/unx/gtk/fpicker/SalGtkFilePicker.cxx: 1236 in 
SalGtkFilePicker::HandleGetListValue(_GtkComboBox *, short)()
1230 {
1231 gchar *item;
1232 
gtk_tree_model_get(gtk_combo_box_get_model(pWidget),
1233 , 0, , -1);
1234 aItemList[i] = OUString(item, strlen(item), 
RTL_TEXTENCODING_UTF8);
1235 g_free(item);
>>> CID 1441467:  Error handling issues  (CHECKED_RETURN)
>>> Calling "gtk_tree_model_iter_next" without checking return value (as is 
>>> done elsewhere 4 out of 5 times).
1236 gtk_tree_model_iter_next(pTree, );
1237 }
1238 }
1239 aAny <<= aItemList;
1240 }
1241 break;

** CID 1441466:(TAINTED_SCALAR)
/filter/source/graphicfilter/ipict/ipict.cxx: 1095 in 
PictReader::ReadPixMapEtc(BitmapEx &, bool, bool, tools::Rectangle *, 
tools::Rectangle *, bool, bool)()
/filter/source/graphicfilter/ipict/ipict.cxx: 1126 in 
PictReader::ReadPixMapEtc(BitmapEx &, bool, bool, tools::Rectangle *, 
tools::Rectangle *, bool, bool)()



*** CID 1441466:(TAINTED_SCALAR)
/filter/source/graphicfilter/ipict/ipict.cxx: 1095 in 
PictReader::ReadPixMapEtc(BitmapEx &, bool, bool, 

New Defects reported by Coverity Scan for LibreOffice

2018-11-18 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1441444:  Integer handling issues  (SIGN_EXTENSION)
/sc/source/filter/inc/ftools.hxx: 104 in insert_value(T1 &, T2, unsigned char, unsigned char)()



*** CID 1441444:  Integer handling issues  (SIGN_EXTENSION)
/sc/source/filter/inc/ftools.hxx: 104 in insert_value(T1 &, T2, unsigned char, unsigned char)()
98 there at bit nStartBit. Other contents of rnBitField keep unchanged. 
*/
99 template< typename Type, typename InsertType >
100 void insert_value( Type& rnBitField, InsertType nValue, sal_uInt8 
nStartBit, sal_uInt8 nBitCount )
101 {
102 unsigned long nMask = ((1UL << nBitCount) - 1);
103 Type nNewValue = static_cast< Type >( nValue & nMask );
>>> CID 1441444:  Integer handling issues  (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "nNewValue" with type "sal_uInt16" 
>>> (16 bits, unsigned) is promoted in "nNewValue << nStartBit" to type "int" 
>>> (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, 
>>> unsigned).  If "nNewValue << nStartBit" is greater than 0x7FFF, the 
>>> upper bits of the result will all be 1.
104 rnBitField = (rnBitField & ~(nMask << nStartBit)) | (nNewValue << 
nStartBit);
105 }
106 
107 class Color;
108 class SfxPoolItem;
109 class SfxItemSet;

** CID 1441443:  Null pointer dereferences  (REVERSE_INULL)
/sw/source/core/text/txtfrm.cxx: 3310 in 
SwTextFrame::CalcAdditionalFirstLineOffset()()



*** CID 1441443:  Null pointer dereferences  (REVERSE_INULL)
/sw/source/core/text/txtfrm.cxx: 3310 in 
SwTextFrame::CalcAdditionalFirstLineOffset()()
3304 // reset additional first line offset
3305 mnAdditionalFirstLineOffset = 0;
3306 
3307 const SwTextNode* pTextNode( GetTextNodeForParaProps() );
3308 // sw_redlinehide: check that pParaPropsNode is the correct one
3309 assert(pTextNode->IsNumbered(getRootFrame()) == 
pTextNode->IsNumbered(nullptr));
>>> CID 1441443:  Null pointer dereferences  (REVERSE_INULL)
>>> Null-checking "pTextNode" suggests that it may be null, but it has 
>>> already been dereferenced on all paths leading to the check.
3310 if (pTextNode && pTextNode->IsNumbered(getRootFrame()) &&
3311 pTextNode->IsCountedInList() && pTextNode->GetNumRule())
3312 {
3313 int nListLevel = pTextNode->GetActualListLevel();
3314 
3315 if (nListLevel < 0)

** CID 1441442:  Integer handling issues  (SIGN_EXTENSION)
/sc/source/filter/inc/ftools.hxx: 104 in insert_value(T1 &, T2, unsigned char, unsigned char)()



*** CID 1441442:  Integer handling issues  (SIGN_EXTENSION)
/sc/source/filter/inc/ftools.hxx: 104 in insert_value(T1 &, T2, unsigned char, unsigned char)()
98 there at bit nStartBit. Other contents of rnBitField keep unchanged. 
*/
99 template< typename Type, typename InsertType >
100 void insert_value( Type& rnBitField, InsertType nValue, sal_uInt8 
nStartBit, sal_uInt8 nBitCount )
101 {
102 unsigned long nMask = ((1UL << nBitCount) - 1);
103 Type nNewValue = static_cast< Type >( nValue & nMask );
>>> CID 1441442:  Integer handling issues  (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "nNewValue" with type "sal_uInt16" 
>>> (16 bits, unsigned) is promoted in "nNewValue << nStartBit" to type "int" 
>>> (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, 
>>> unsigned).  If "nNewValue << nStartBit" is greater than 0x7FFF, the 
>>> upper bits of the result will all be 1.
104 rnBitField = (rnBitField & ~(nMask << nStartBit)) | (nNewValue << 
nStartBit);
105 }
106 
107 class Color;
108 class SfxPoolItem;
109 class SfxItemSet;

** CID 1441441:  Error handling issues  (UNCAUGHT_EXCEPT)
/sc/source/core/data/formulacell.cxx: 1505 in 
::TemporaryCellGroupMaker::~TemporaryCellGroupMaker()()



*** CID 1441441:  Error handling issues  (UNCAUGHT_EXCEPT)
/sc/source/core/data/formulacell.cxx: 1505 in 
::TemporaryCellGroupMaker::~TemporaryCellGroupMaker()()
1499 if( mEnabled && mCell->GetCellGroup() == nullptr )
1500 {
1501 mCell->CreateCellGroup( 1, false );
1502   

New Defects reported by Coverity Scan for LibreOffice

2018-11-07 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1441102:  Incorrect expression  (COPY_PASTE_ERROR)
/filter/source/graphicfilter/ipict/ipict.cxx: 924 in 
PictReader::ReadPixMapEtc(BitmapEx &, bool, bool, tools::Rectangle *, 
tools::Rectangle *, bool, bool)()



*** CID 1441102:  Incorrect expression  (COPY_PASTE_ERROR)
/filter/source/graphicfilter/ipict/ipict.cxx: 924 in 
PictReader::ReadPixMapEtc(BitmapEx &, bool, bool, tools::Rectangle *, 
tools::Rectangle *, bool, bool)()
918 sal_uInt16  nByteCount, nCount, nD;
919 sal_uLong   nSrcBitsPos;
920 
921 if (nWidth > nRowBytes / 2)
922 return 0x;
923 
>>> CID 1441102:  Incorrect expression  (COPY_PASTE_ERROR)
>>> "nRowBytes" in "nRowBytes < 8" looks like a copy-paste error.
924 if (nRowBytes < 8 || nPackType == 1)
925 {
926 if (nHeight > pPict->remainingSize() / (sizeof(sal_uInt16) 
* nWidth))
927 return 0x;
928 }
929 else

** CID 1441101:  Incorrect expression  (ASSERT_SIDE_EFFECT)
/comphelper/source/misc/profilezone.cxx: 44 in 
comphelper::ProfileRecording::addRecording(const char *, long long)()



*** CID 1441101:  Incorrect expression  (ASSERT_SIDE_EFFECT)
/comphelper/source/misc/profilezone.cxx: 44 in 
comphelper::ProfileRecording::addRecording(const char *, long long)()
38 }
39 ProfileZone::g_bRecording = bStartRecording;
40 }
41 
42 long long addRecording(const char * aProfileId, long long aCreateTime)
43 {
>>> CID 1441101:  Incorrect expression  (ASSERT_SIDE_EFFECT)
>>> Argument "comphelper::ProfileZone::g_bRecording" of assert() has a side 
>>> effect because the variable is volatile.  The containing function might 
>>> work differently in a non-debug build.
44 assert( ProfileZone::g_bRecording );
45 
46 TimeValue systemTime;
47 osl_getSystemTime(  );
48 long long aTime = static_cast(systemTime.Seconds) * 
100 + systemTime.Nanosec/1000;
49 

** CID 1441100:  Memory - corruptions  (ARRAY_VS_SINGLETON)



*** CID 1441100:  Memory - corruptions  (ARRAY_VS_SINGLETON)
/cppu/source/uno/data.cxx: 57 in binuno_queryInterface::[lambda() (instance 
1)]::operator ()() const()
51 
TYPELIB_DANGER_GET(reinterpret_cast(),
52type_XInterface);
53 assert(pTXInterfaceDescr->ppAllMembers);
54 typelib_TypeDescription* pQITD = nullptr;
55 typelib_typedescriptionreference_getDescription(,
56 
pTXInterfaceDescr->ppAllMembers[0]);
>>> CID 1441100:  Memory - corruptions  (ARRAY_VS_SINGLETON)
>>> Passing ">aBase" to function 
>>> "TYPELIB_DANGER_RELEASE" which uses it as an array. This might corrupt or 
>>> misinterpret adjacent memory locations.
57 TYPELIB_DANGER_RELEASE(>aBase);
58 return pQITD;
59 }();
60 
61 uno_Any aRet, aExc;
62 uno_Any * pExc = 

** CID 1441099:  Error handling issues  (CHECKED_RETURN)
/vcl/source/outdev/font.cxx: 1134 in OutputDevice::ImplNewFont() const()



*** CID 1441099:  Error handling issues  (CHECKED_RETURN)
/vcl/source/outdev/font.cxx: 1134 in OutputDevice::ImplNewFont() const()
1128 if( (nNewWidth != nOrigWidth) && (nNewWidth != 0) )
1129 {
1130 Size aOrigSize = maFont.GetFontSize();
1131 const_cast(maFont).SetFontSize( Size( 
nNewWidth, aSize.Height() ) );
1132 mbMap = false;
1133 mbNewFont = true;
>>> CID 1441099:  Error handling issues  (CHECKED_RETURN)
>>> Calling "ImplNewFont" without checking return value (as is done 
>>> elsewhere 4 out of 5 times).
1134 ImplNewFont();  // recurse once using stretched width
1135 mbMap = true;
1136 const_cast(maFont).SetFontSize( aOrigSize );
1137 }
1138 }
1139 



To view the defects in Coverity Scan visit, 

New Defects reported by Coverity Scan for LibreOffice

2018-11-03 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

9 new defect(s) introduced to LibreOffice found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)


** CID 1440845:  API usage errors  (INVALIDATE_ITERATOR)
/sw/source/ui/dbui/customizeaddresslistdialog.cxx: 142 in 
SwCustomizeAddressListDialog::UpDownHdl_Impl(weld::Button &)()



*** CID 1440845:  API usage errors  (INVALIDATE_ITERATOR)
/sw/source/ui/dbui/customizeaddresslistdialog.cxx: 142 in 
SwCustomizeAddressListDialog::UpDownHdl_Impl(weld::Button &)()
136 OUString sHeader = m_xNewData->aDBColumnHeaders[nOldPos];
137 
m_xNewData->aDBColumnHeaders.erase(m_xNewData->aDBColumnHeaders.begin() + 
nOldPos);
138 
m_xNewData->aDBColumnHeaders.insert(m_xNewData->aDBColumnHeaders.begin() + 
nPos, sHeader);
139 for (auto& rData : m_xNewData->aDBData)
140 {
141 OUString sData = rData[nOldPos];
>>> CID 1440845:  API usage errors  (INVALIDATE_ITERATOR)
>>> Using invalid iterator "std::vector>> std::allocator >::const_iterator(rData->begin() + nOldPos)".
142 rData.erase(rData.begin() + nOldPos);
143 rData.insert(rData.begin() + nPos, sData);
144 }
145 
146 UpdateButtons();
147 }

** CID 1440844:  Memory - illegal accesses  (UNINIT)



*** CID 1440844:  Memory - illegal accesses  (UNINIT)
/vcl/source/gdi/impglyphitem.cxx: 33 in SalLayoutGlyphs::SalLayoutGlyphs(const 
SalLayoutGlyphs&)()
27 : m_pImpl(nullptr)
28 {
29 }
30 
31 SalLayoutGlyphs::~SalLayoutGlyphs() { delete m_pImpl; }
32 
>>> CID 1440844:  Memory - illegal accesses  (UNINIT)
>>> Using uninitialized value "this->m_pImpl" when calling "operator =".
33 SalLayoutGlyphs::SalLayoutGlyphs(const SalLayoutGlyphs& rOther) { 
operator=(rOther); }
34 
35 SalLayoutGlyphs& SalLayoutGlyphs::operator=(const SalLayoutGlyphs& 
rOther)
36 {
37 delete m_pImpl;
38 m_pImpl = rOther.m_pImpl ? rOther.m_pImpl->clone(*this) : nullptr;

** CID 1440843:  Memory - illegal accesses  (WRAPPER_ESCAPE)
/sot/source/sdstor/stgdir.cxx: 661 in StgDirEntry::Tmp2Strm()()



*** CID 1440843:  Memory - illegal accesses  (WRAPPER_ESCAPE)
/sot/source/sdstor/stgdir.cxx: 661 in StgDirEntry::Tmp2Strm()()
655 return false;
656 }
657 else
658 {
659 m_pStgStrm->SetSize( 0 );
660 delete m_pStgStrm;
>>> CID 1440843:  Memory - illegal accesses  (WRAPPER_ESCAPE)
>>> The internal representation of local "pNewStrm" escapes into 
>>> "this->m_pStgStrm", but is destroyed when it exits scope.
661 m_pStgStrm = pNewStrm.get();
662 pNewStrm->SetEntry( *this );
663 pNewStrm->Pos2Page( m_nPos );
664 pNewStrm.release();
665 delete m_pTmpStrm;
666 delete m_pCurStrm;

** CID 1440842:  API usage errors  (INVALIDATE_ITERATOR)
/sw/source/ui/dbui/customizeaddresslistdialog.cxx: 118 in 
SwCustomizeAddressListDialog::DeleteHdl_Impl(weld::Button &)()



*** CID 1440842:  API usage errors  (INVALIDATE_ITERATOR)
/sw/source/ui/dbui/customizeaddresslistdialog.cxx: 118 in 
SwCustomizeAddressListDialog::DeleteHdl_Impl(weld::Button &)()
112 m_xFieldsLB->select(nPos > m_xFieldsLB->n_children() - 1 ? nPos - 1 
: nPos);
113 
114 //remove the column
115 
m_xNewData->aDBColumnHeaders.erase(m_xNewData->aDBColumnHeaders.begin() + nPos);
116 //remove the data
117 for (auto& rData : m_xNewData->aDBData)
>>> CID 1440842:  API usage errors  (INVALIDATE_ITERATOR)
>>> Using invalid iterator "std::vector>> std::allocator >::const_iterator(rData->begin() + nPos)".
118 rData.erase(rData.begin() + nPos);
119 
120 UpdateButtons();
121 }
122 
123 IMPL_LINK(SwCustomizeAddressListDialog, UpDownHdl_Impl, weld::Button&, 
rButton, void)

** CID 1440841:  Error handling issues  (CHECKED_RETURN)
/vcl/source/outdev/font.cxx: 977 in OutputDevice::GetFontInstance() const()



*** CID 1440841:  Error handling issues  (CHECKED_RETURN)
/vcl/source/outdev/font.cxx: 977 in OutputDevice::GetFontInstance() const()

New Defects reported by Coverity Scan for LibreOffice

2018-10-20 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

1 new defect(s) introduced to LibreOffice found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1440400:  Resource leaks  (CTOR_DTOR_LEAK)
/sw/source/uibase/dbui/mailmergehelper.cxx: 549 in 
AddressPreview::AddressPreview(std::unique_ptr>)()



*** CID 1440400:  Resource leaks  (CTOR_DTOR_LEAK)
/sw/source/uibase/dbui/mailmergehelper.cxx: 549 in 
AddressPreview::AddressPreview(std::unique_ptr>)()
543 }
544 return sAddress.makeStringAndClear();
545 }
546 
547 AddressPreview::AddressPreview(std::unique_ptr 
xWindow)
548 : m_xVScrollBar(std::move(xWindow))
>>> CID 1440400:  Resource leaks  (CTOR_DTOR_LEAK)
>>> Allocating memory by calling "new SwAddressPreview_Impl".
549 , pImpl(new SwAddressPreview_Impl())
550 {
551 m_xVScrollBar->set_user_managed_scrolling();
552 m_xVScrollBar->connect_vadjustment_changed(LINK(this, 
AddressPreview, ScrollHdl));
553 }
554 



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyfMvAD-2B4zVnyq0pz6UPDkb8dpFeaCou3K53ghLodOcIJ3KbY09rjje7p7AjGcZ4tNBeJlcauNAEMQJDABeB3jRzCMBCNyIYdWxA5PBkm4xeMdfNWHpT8JYajeWX2vSm5hqZ8eLlS0JrufJsWU4FYYRC4tOfBgwZyd1h7uDPS6VFI-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


Re: New Defects reported by Coverity Scan for LibreOffice

2018-10-16 Thread Stephan Bergmann

On 16/10/2018 16:03, Caolán McNamara wrote:

On Tue, 2018-10-16 at 12:33 +, scan-ad...@coverity.com wrote:


** CID 1440303:  Error handling issues  (UNCAUGHT_EXCEPT)
/sc/source/core/data/column3.cxx: 2394 in
::FormulaToValueHandler::Entry::Entry(::FormulaToVa
lueHandler::Entry&&)()


FWIW I think the const-ing up of loplugin:constfields effectively
disables move constructors


https://www.chromium.org/rvalue-references?tmpl=%2Fsystem%2Fapp%2Ftemplates%2Fprint%2F=1#TOC-8.-Move-constructors-will-only-bind-to-non-const-rvalues
.


the poor consequences of loplugin:constfields notwithstanding, i think 
the coverity warning is bogus or incomplete:  ScCellValue's both copy 
and move ctors are potentially throwing, so Entry's impl defined move 
ctor may indeed throw an exception, but will impl have a potentially 
throwing exception spec (whether or not Entry's



ScCellValue const maValue;


member is const).  and the coverity analysis doesnt show that such an 
exception isnt caught, but claims "If the exception is ever thrown, the 
program will crash."

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


Re: New Defects reported by Coverity Scan for LibreOffice

2018-10-16 Thread Caolán McNamara
On Tue, 2018-10-16 at 12:33 +, scan-ad...@coverity.com wrote:
> 
> ** CID 1440303:  Error handling issues  (UNCAUGHT_EXCEPT)
> /sc/source/core/data/column3.cxx: 2394 in
> ::FormulaToValueHandler::Entry::Entry(::FormulaToVa
> lueHandler::Entry&&)()

FWIW I think the const-ing up of loplugin:constfields effectively
disables move constructors


https://www.chromium.org/rvalue-references?tmpl=%2Fsystem%2Fapp%2Ftemplates%2Fprint%2F=1#TOC-8.-Move-constructors-will-only-bind-to-non-const-rvalues
.

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


Re: New Defects reported by Coverity Scan for LibreOffice

2018-10-16 Thread Caolán McNamara
On Tue, 2018-10-16 at 16:14 +0300, Arkadiy Illarionov wrote:
> 
> I suppose it's FP since aI ∈ [rGroup.begin(); aStart) ∪
> (aStart; rGroup.end()).

Seems a false positive to me anyway.

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


Re: New Defects reported by Coverity Scan for LibreOffice

2018-10-16 Thread Arkadiy Illarionov
вт, 16 окт. 2018 г. в 15:34, :

> ** CID 1440300:  API usage errors  (INVALIDATE_ITERATOR)
> /vcl/source/window/dlgctrl.cxx: 548 in ::focusNextInGroup(const
> __gnu_cxx::__normal_iterator *,
> std::vector, std::allocator>>> &,
> std::vector, std::allocator>> &)()
>
>
>
> 
> *** CID 1440300:  API usage errors  (INVALIDATE_ITERATOR)
> /vcl/source/window/dlgctrl.cxx: 548 in ::focusNextInGroup(const
> __gnu_cxx::__normal_iterator *,
> std::vector, std::allocator>>> &,
> std::vector, std::allocator>> &)()
> 542 {
> 543 aI = std::find_if(rGroup.begin(), aStart,
> isSuitableDestination);
> 544 if (aI == aStart)
> 545 return false;
> 546 }
> 547
> >>> CID 1440300:  API usage errors  (INVALIDATE_ITERATOR)
> >>> Dereferencing iterator "aI" though it is already past the end of
> its container.
> 548 vcl::Window *pWindow = *aI;
> 549
> 550 pWindow->ImplControlFocus( GetFocusFlags::CURSOR |
> GetFocusFlags::Forward );
> 551 return true;
> 552 }
> 553
>

I suppose it's FP since aI ∈ [rGroup.begin(); aStart) ∪
(aStart; rGroup.end()).
___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-10-16 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1440303:  Error handling issues  (UNCAUGHT_EXCEPT)
/sc/source/core/data/column3.cxx: 2394 in 
::FormulaToValueHandler::Entry::Entry(::FormulaToValueHandler::Entry&&)()



*** CID 1440303:  Error handling issues  (UNCAUGHT_EXCEPT)
/sc/source/core/data/column3.cxx: 2394 in 
::FormulaToValueHandler::Entry::Entry(::FormulaToValueHandler::Entry&&)()
2388 }
2389 
2390 namespace {
2391 
2392 class FormulaToValueHandler
2393 {
>>> CID 1440303:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
2394 struct Entry
2395 {
2396 SCROW const mnRow;
2397 ScCellValue const maValue;
2398 
2399 Entry(SCROW nRow, double f) : mnRow(nRow), maValue(f) {}

** CID 1440302:  Error handling issues  (UNCAUGHT_EXCEPT)
/oox/qa/unit/vba_compression.cxx: 20 in 
TestVbaCompression::TestVbaCompression()()



*** CID 1440302:  Error handling issues  (UNCAUGHT_EXCEPT)
/oox/qa/unit/vba_compression.cxx: 20 in 
TestVbaCompression::TestVbaCompression()()
14 #include 
15 #include 
16 #include 
17 #include 
18 #include 
19 
>>> CID 1440302:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "CppUnit::Exception" is thrown but the throw list 
>>> "throw()" doesn't allow it to be thrown. This will cause a call to 
>>> unexpected() which usually calls terminate().
20 class TestVbaCompression : public CppUnit::TestFixture
21 {
22 public:
23 // just a sequence of bytes that should not be compressed at all
24 void testSimple1();
25 

** CID 1440301:  Error handling issues  (UNCAUGHT_EXCEPT)
/sc/source/core/data/column3.cxx: 2394 in 
::FormulaToValueHandler::Entry::Entry(const 
::FormulaToValueHandler::Entry&)()



*** CID 1440301:  Error handling issues  (UNCAUGHT_EXCEPT)
/sc/source/core/data/column3.cxx: 2394 in 
::FormulaToValueHandler::Entry::Entry(const 
::FormulaToValueHandler::Entry&)()
2388 }
2389 
2390 namespace {
2391 
2392 class FormulaToValueHandler
2393 {
>>> CID 1440301:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
2394 struct Entry
2395 {
2396 SCROW const mnRow;
2397 ScCellValue const maValue;
2398 
2399 Entry(SCROW nRow, double f) : mnRow(nRow), maValue(f) {}

** CID 1440300:  API usage errors  (INVALIDATE_ITERATOR)
/vcl/source/window/dlgctrl.cxx: 548 in ::focusNextInGroup(const 
__gnu_cxx::__normal_iterator *, 
std::vector, std::allocator>>> &, 
std::vector, std::allocator>> &)()



*** CID 1440300:  API usage errors  (INVALIDATE_ITERATOR)
/vcl/source/window/dlgctrl.cxx: 548 in ::focusNextInGroup(const 
__gnu_cxx::__normal_iterator *, 
std::vector, std::allocator>>> &, 
std::vector, std::allocator>> &)()
542 {
543 aI = std::find_if(rGroup.begin(), aStart, 
isSuitableDestination);
544 if (aI == aStart)
545 return false;
546 }
547 
>>> CID 1440300:  API usage errors  (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "aI" though it is already past the end of its 
>>> container.
548 vcl::Window *pWindow = *aI;
549 
550 pWindow->ImplControlFocus( GetFocusFlags::CURSOR | 
GetFocusFlags::Forward );
551 return true;
552 }
553 



To view the defects in Coverity Scan visit, 

New Defects reported by Coverity Scan for LibreOffice

2018-10-11 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

7 new defect(s) introduced to LibreOffice found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 7 of 7 defect(s)


** CID 1440243:  Uninitialized members  (UNINIT_CTOR)
/sw/source/core/txtnode/txtedt.cxx: 746 in SwScanner::SwScanner(const 
SwTextNode &, const rtl::OUString &, const o3tl::strong_int *, const ModelToViewHelper &, unsigned short, int, int, bool)()



*** CID 1440243:  Uninitialized members  (UNINIT_CTOR)
/sw/source/core/txtnode/txtedt.cxx: 746 in SwScanner::SwScanner(const 
SwTextNode &, const rtl::OUString &, const o3tl::strong_int *, const ModelToViewHelper &, unsigned short, int, int, bool)()
740 sal_uInt16 nType, sal_Int32 nStart, sal_Int32 nEnde, bool bClp )
741 : SwScanner(
742 [](sal_Int32 const nBegin, sal_uInt16 const nScript, bool 
const bNoChar)
743 { return rNd.GetLang(nBegin, bNoChar ? 0 : 1, nScript); }
744 , rText, pLang, rConvMap, nType, nStart, nEnde, bClp)
745 {
>>> CID 1440243:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member field "m_pGetLangOfChar._M_invoker" is not 
>>> initialized in this constructor nor in any functions that it calls.
746 }
747 
748 SwScanner::SwScanner(std::function const& pGetLangOfChar,
749  const OUString& rText, const LanguageType* pLang,
750  const ModelToViewHelper& rConvMap, sal_uInt16 
nType, sal_Int32 nStart,
751  sal_Int32 nEnde, bool bClp)

** CID 1440242:  Incorrect expression  (USELESS_CALL)



*** CID 1440242:  Incorrect expression  (USELESS_CALL)
/vcl/unx/generic/glyphs/freetype_glyphcache.cxx: 281 in 
GlyphCache::InitFreetype()()
275 if( pEnv )
276 nDefaultPrioAntiAlias = pEnv[0] - '0';
277 pEnv = ::getenv( "SAL_AUTOHINTING_PRIORITY" );
278 if( pEnv )
279 nDefaultPrioAutoHint  = pEnv[0] - '0';
280 
>>> CID 1440242:  Incorrect expression  (USELESS_CALL)
>>> Calling "rtl::Static>> std::shared_ptr, rtl::CStringHash, rtl::CStringEqual, 
>>> std::allocator>> std::shared_ptr > > >, 
>>> ::vclFontFileList>::get()" is only useful for its return value, 
>>> which is ignored.
281 vclFontFileList::get();
282 }
283 
284 FT_Face FreetypeFont::GetFtFace() const
285 {
286 FT_Activate_Size( maSizeFT );

** CID 1440241:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1440241:  Null pointer dereferences  (FORWARD_NULL)
/svtools/source/filter/exportdialog.cxx: 951 in ExportDialog::updateControls()()
945 }
946 mxNfResolution->set_value( nResolution );
947 
948 if (mpSbCompression && mpSbCompression->get_visible() && 
mpNfCompression)
949 mpSbCompression->set_value(mpNfCompression->get_value());
950 
>>> CID 1440241:  Null pointer dereferences  (FORWARD_NULL)
>>> "GetGraphicStream" dereferences null "this->mpSbCompression".
951 GetGraphicStream();
952 
953 // updating estimated size
954 sal_Int64 nRealFileSize( mpTempStream->Tell() );
955 if ( mbIsPixelFormat )
956 {

** CID 1440240:  Error handling issues  (UNCAUGHT_EXCEPT)
/starmath/source/view.cxx: 852 in SmViewShell_Impl::SmViewShell_Impl()()



*** CID 1440240:  Error handling issues  (UNCAUGHT_EXCEPT)
/starmath/source/view.cxx: 852 in SmViewShell_Impl::SmViewShell_Impl()()
846 
847 // make window docked to the bottom initially (after first start)
848 SetAlignment(SfxChildAlignment::BOTTOM);
849 static_cast(GetWindow())->Initialize(pInfo);
850 }
851 
>>> CID 1440240:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
852 struct SmViewShell_Impl
853 {
854 std::unique_ptr pDocInserter;
855 std::unique_ptr pRequest;
856 SvtMiscOptions constaOpts;
857 };

** CID 1440239:  Error handling issues  (UNCAUGHT_EXCEPT)
/sd/source/ui/view/viewshel.cxx: 1209 in 
sd::KeepSlideSorterInSyncWithPageChanges::~KeepSlideSorterInSyncWithPageChanges()()



New Defects reported by Coverity Scan for LibreOffice

2018-09-20 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
12 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1439599:  Uninitialized members  (UNINIT_CTOR)
/svx/source/dialog/measctrl.cxx: 35 in 
SvxXMeasurePreview::SvxXMeasurePreview()()



*** CID 1439599:  Uninitialized members  (UNINIT_CTOR)
/svx/source/dialog/measctrl.cxx: 35 in 
SvxXMeasurePreview::SvxXMeasurePreview()()
29 SvxXMeasurePreview::SvxXMeasurePreview()
30 : m_aMapMode(MapUnit::Map100thMM)
31 {
32 // Scale: 1:2
33 m_aMapMode.SetScaleX(Fraction(1, 2));
34 m_aMapMode.SetScaleY(Fraction(1, 2));
>>> CID 1439599:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "pMeasureObj" is not initialized in this 
>>> constructor nor in any functions that it calls.
35 }
36 
37 void SvxXMeasurePreview::SetDrawingArea(weld::DrawingArea* pDrawingArea)
38 {
39 CustomWidgetController::SetDrawingArea(pDrawingArea);
40 Size aSize(getPreviewStripSize(pDrawingArea->get_ref_device()));

** CID 1439598:  Incorrect expression  (MIXED_ENUMS)
/sw/source/uibase/config/modcfg.cxx: 252 in 
SwRevisionConfig::SwRevisionConfig()()



*** CID 1439598:  Incorrect expression  (MIXED_ENUMS)
/sw/source/uibase/config/modcfg.cxx: 252 in 
SwRevisionConfig::SwRevisionConfig()()
246 ConfigItemMode::DelayedUpdate|ConfigItemMode::ReleaseTree)
247 {
248 m_aInsertAttr.m_nItemId = SID_ATTR_CHAR_UNDERLINE;
249 m_aInsertAttr.m_nAttr = LINESTYLE_SINGLE;
250 m_aInsertAttr.m_nColor = COL_TRANSPARENT;
251 m_aDeletedAttr.m_nItemId = SID_ATTR_CHAR_STRIKEOUT;
>>> CID 1439598:  Incorrect expression  (MIXED_ENUMS)
>>> Mixing enum types "FontLineStyle" and "FontStrikeout" for "m_nAttr".
252 m_aDeletedAttr.m_nAttr = STRIKEOUT_SINGLE;
253 m_aDeletedAttr.m_nColor = COL_TRANSPARENT;
254 m_aFormatAttr.m_nItemId = SID_ATTR_CHAR_WEIGHT;
255 m_aFormatAttr.m_nAttr = WEIGHT_BOLD;
256 m_aFormatAttr.m_nColor = COL_BLACK;
257 Load();

** CID 1439597:  Null pointer dereferences  (REVERSE_INULL)
/sw/source/filter/ww8/ww8atr.cxx: 5520 in 
AttributeOutputBase::GetParagraphMarkerRedline(const SwTextNode &, unsigned 
short)()



*** CID 1439597:  Null pointer dereferences  (REVERSE_INULL)
/sw/source/filter/ww8/ww8atr.cxx: 5520 in 
AttributeOutputBase::GetParagraphMarkerRedline(const SwTextNode &, unsigned 
short)()
5514 sal_uLong uEndNodeIndex   = pCheckedEnd->nNode.GetIndex();
5515 sal_uLong uEndCharIndex   = pCheckedEnd->nContent.GetIndex();
5516 sal_uLong uNodeIndex = rNode.GetIndex();
5517 
5518 if( uStartNodeIndex <= uNodeIndex && uNodeIndex < 
uEndNodeIndex )
5519 {
>>> CID 1439597:  Null pointer dereferences  (REVERSE_INULL)
>>> Null-checking "pCheckedEnd" suggests that it may be null, but it has 
>>> already been dereferenced on all paths leading to the check.
5520 if ( !pCheckedEnd )
5521 continue;
5522 
5523 // Maybe add here a check that also the start & end of the 
redline is the entire paragraph
5524 if ( ( uStartNodeIndex < uEndNodeIndex ) &&
5525  // check start:

** CID 1439596:  Incorrect expression  (MIXED_ENUMS)
/sw/source/uibase/config/modcfg.cxx: 255 in 
SwRevisionConfig::SwRevisionConfig()()



*** CID 1439596:  Incorrect expression  (MIXED_ENUMS)
/sw/source/uibase/config/modcfg.cxx: 255 in 
SwRevisionConfig::SwRevisionConfig()()
249 m_aInsertAttr.m_nAttr = LINESTYLE_SINGLE;
250 m_aInsertAttr.m_nColor = COL_TRANSPARENT;
251 m_aDeletedAttr.m_nItemId = SID_ATTR_CHAR_STRIKEOUT;
252 m_aDeletedAttr.m_nAttr = STRIKEOUT_SINGLE;
253 m_aDeletedAttr.m_nColor = COL_TRANSPARENT;
254 m_aFormatAttr.m_nItemId = SID_ATTR_CHAR_WEIGHT;
>>> CID 1439596:  Incorrect expression  (MIXED_ENUMS)
>>> Mixing enum types "FontLineStyle" and "FontWeight" for "m_nAttr".
255 m_aFormatAttr.m_nAttr = WEIGHT_BOLD;
256 m_aFormatAttr.m_nColor = COL_BLACK;
257 Load();
258 }
259 
260 SwRevisionConfig::~SwRevisionConfig()



To 

New Defects reported by Coverity Scan for LibreOffice

2018-09-14 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

10 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 10 of 10 defect(s)


** CID 1439340:  Error handling issues  (CHECKED_RETURN)
/sfx2/qa/cppunit/test_misc.cxx: 190 in ::MiscTest::testHardLinks()()



*** CID 1439340:  Error handling issues  (CHECKED_RETURN)
/sfx2/qa/cppunit/test_misc.cxx: 190 in ::MiscTest::testHardLinks()()
184 int nRet = stat(aOld.getStr(), );
185 CPPUNIT_ASSERT_EQUAL(0, nRet);
186 // This failed: hard link count was 1, the hard link broke on store.
187 CPPUNIT_ASSERT(buf.st_nlink > 1);
188 
189 // Test that symlinks are presreved as well.
>>> CID 1439340:  Error handling issues  (CHECKED_RETURN)
>>> Calling "remove(aNew.getStr())" without checking return value. This 
>>> library function may fail and return an error code.
190 remove(aNew.getStr());
191 symlink(aOld.getStr(), aNew.getStr());
192 xStorable->storeToURL(aURL + ".2", {});
193 nRet = lstat(aNew.getStr(), );
194 CPPUNIT_ASSERT_EQUAL(0, nRet);
195 // This failed, the hello.odt.2 symlink was replaced with a real 
file.

** CID 1439339:  Null pointer dereferences  (NULL_RETURNS)



*** CID 1439339:  Null pointer dereferences  (NULL_RETURNS)
/sw/source/ui/envelp/label1.cxx: 684 in 
SwBusinessDataPage::FillItemSet(SfxItemSet *)()
678 FillItemSet(_pSet);
679 return DeactivateRC::LeavePage;
680 }
681 
682 bool SwBusinessDataPage::FillItemSet(SfxItemSet* rSet)
683 {
>>> CID 1439339:  Null pointer dereferences  (NULL_RETURNS)
>>> Dereferencing a pointer that might be null 
>>> "this->GetDialogExampleSet()" when calling "Get".
684 SwLabItem aItem = static_cast(GetDialogExampleSet()->Get(FN_LABEL));
685 
686 aItem.m_aCompCompany   = m_xCompanyED->get_text();
687 aItem.m_aCompCompanyExt= m_xCompanyExtED->get_text();
688 aItem.m_aCompSlogan= m_xSloganED->get_text();
689 aItem.m_aCompStreet= m_xStreetED->get_text();

** CID 1439338:  Security best practices violations  (TOCTOU)
/sfx2/qa/cppunit/test_misc.cxx: 184 in ::MiscTest::testHardLinks()()



*** CID 1439338:  Security best practices violations  (TOCTOU)
/sfx2/qa/cppunit/test_misc.cxx: 184 in ::MiscTest::testHardLinks()()
178 CPPUNIT_ASSERT(xComponent.is());
179 
180 uno::Reference xStorable(xComponent, 
uno::UNO_QUERY);
181 xStorable->store();
182 
183 struct stat buf;
>>> CID 1439338:  Security best practices violations  (TOCTOU)
>>> Calling function "stat" to perform check on "aOld.getStr()".
184 int nRet = stat(aOld.getStr(), );
185 CPPUNIT_ASSERT_EQUAL(0, nRet);
186 // This failed: hard link count was 1, the hard link broke on store.
187 CPPUNIT_ASSERT(buf.st_nlink > 1);
188 
189 // Test that symlinks are presreved as well.

** CID 1439337:  Uninitialized members  (UNINIT_CTOR)
/svx/source/dialog/svxbmpnumvalueset.cxx: 822 in 
SvxBmpNumValueSet::SvxBmpNumValueSet(std::unique_ptr>)()



*** CID 1439337:  Uninitialized members  (UNINIT_CTOR)
/svx/source/dialog/svxbmpnumvalueset.cxx: 822 in 
SvxBmpNumValueSet::SvxBmpNumValueSet(std::unique_ptr>)()
816 }
817 
818 
SvxBmpNumValueSet::SvxBmpNumValueSet(std::unique_ptr 
pScrolledWindow)
819 : NumValueSet(std::move(pScrolledWindow))
820 , aFormatIdle("SvxBmpNumValueSet FormatIdle")
821 {
>>> CID 1439337:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "bGrfNotFound" is not initialized in this 
>>> constructor nor in any functions that it calls.
822 }
823 
824 void SvxBmpNumValueSet::init()
825 {
826 NumValueSet::init(NumberingPageType::BITMAP);
827 bGrfNotFound = false;

** CID 1439336:  Resource leaks  (VIRTUAL_DTOR)



*** CID 1439336:  Resource leaks  (VIRTUAL_DTOR)

** CID 1439335:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1439335:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/crsr/findattr.cxx: 631 in SwAttrCheckArr::SetAttrBwd(const 

Re: New Defects reported by Coverity Scan for LibreOffice

2018-08-30 Thread Kohei Yoshida
Hi there,

> On August 30, 2018 at 11:25 AM scan-ad...@coverity.com wrote:

> ** CID 1438872:(UNUSED_VALUE)

I did look into this and I confirm coverity's assessment.  It should be 
resolved with the following commit:

https://gitlab.com/mdds/mdds/commit/61900151e63d232d6c49891bccb7f5d1c1976991

> ** CID 1438870:  Performance inefficiencies  (PASS_BY_VALUE)
> /usr/include/mdds-1.4/mdds/multi_type_matrix_def.inl: 697 in 
> mdds::multi_type_matrix::walk<::WalkElementBlockOperation>(T1,
>  const mdds::multi_type_matrix::size_pair_type &, const 
> mdds::multi_type_matrix::size_pair_type &) const()

This one, however, is related to the function object being passed by value, and 
it's intentional.  It's modeled after how std::for_each implementation takes 
its function object by value and returns either a copied or a moved instance of 
it.

As far as I know it cannot support inline lambdas unless the method takes the 
function object by value.

--
Kohei Yoshida, LibreOffice Calc volunteer hacker
___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-08-30 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1438872:(UNUSED_VALUE)
/usr/include/mdds-1.4/mdds/multi_type_vector_def.inl: 1881 in 
mdds::multi_type_vector>, 
mdds::detail::mtv::event_func>::transfer_multi_blocks(unsigned long, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long, 
mdds::multi_type_vector>, mdds::detail::mtv::event_func>&, unsigned long)()
/usr/include/mdds-1.4/mdds/multi_type_vector_def.inl: 1891 in 
mdds::multi_type_vector>, 
mdds::detail::mtv::event_func>::transfer_multi_blocks(unsigned long, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long, 
mdds::multi_type_vector>, mdds::detail::mtv::event_func>&, unsigned long)()
/usr/include/mdds-1.4/mdds/multi_type_vector_def.inl: 1881 in 
mdds::multi_type_vector>, mdds::detail::mtv::event_func>::transfer_multi_blocks(unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long, unsigned 
long, 
mdds::multi_type_vector>, mdds::detail::mtv::event_func>&, unsigned long)()
/usr/include/mdds-1.4/mdds/multi_type_vector_def.inl: 1891 in 
mdds::multi_type_vector>, mdds::detail::mtv::event_func>::transfer_multi_blocks(unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long, unsigned 
long, 
mdds::multi_type_vector>, mdds::detail::mtv::event_func>&, unsigned long)()
/usr/include/mdds-1.4/mdds/multi_type_vector_def.inl: 1881 in 
mdds::multi_type_vector, mdds::mtv::noncopyable_managed_element_block<(int)53, 
EditTextObject>, mdds::mtv::noncopyable_managed_element_block<(int)54, 
ScFormulaCell>>, sc::CellStoreEvent>::transfer_multi_blocks(unsigned long, 
unsigned long, unsigned long, unsigned long, unsigned long, unsigned long, 
mdds::multi_type_vector, mdds::mtv::noncopyable_managed_element_block<(int)53, 
EditTextObject>, mdds::mtv::noncopyable_managed_element_block<(int)54, 
ScFormulaCell>>, sc::CellStoreEvent>&, unsigned long)()
/usr/include/mdds-1.4/mdds/multi_type_vector_def.inl: 1891 in 
mdds::multi_type_vector, mdds::mtv::noncopyable_managed_element_block<(int)53, 
EditTextObject>, mdds::mtv::noncopyable_managed_element_block<(int)54, 
ScFormulaCell>>, sc::CellStoreEvent>::transfer_multi_blocks(unsigned long, 
unsigned long, unsigned long, unsigned long, unsigned long, unsigned long, 
mdds::multi_type_vector, mdds::mtv::noncopyable_managed_element_block<(int)53, 
EditTextObject>, mdds::mtv::noncopyable_managed_element_block<(int)54, 
ScFormulaCell>>, sc::CellStoreEvent>&, unsigned long)()
/usr/include/mdds-1.4/mdds/multi_type_vector_def.inl: 1881 in 
mdds::multi_type_vector>, 
mdds::detail::mtv::event_func>::transfer_multi_blocks(unsigned long, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long, 
mdds::multi_type_vector>, mdds::detail::mtv::event_func>&, unsigned long)()
/usr/include/mdds-1.4/mdds/multi_type_vector_def.inl: 1891 in 
mdds::multi_type_vector>, 
mdds::detail::mtv::event_func>::transfer_multi_blocks(unsigned long, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long, 
mdds::multi_type_vector>, mdds::detail::mtv::event_func>&, unsigned long)()



*** CID 1438872:(UNUSED_VALUE)
/usr/include/mdds-1.4/mdds/multi_type_vector_def.inl: 1881 in 
mdds::multi_type_vector>, 
mdds::detail::mtv::event_func>::transfer_multi_blocks(unsigned long, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long, 
mdds::multi_type_vector>, mdds::detail::mtv::event_func>&, unsigned long)()
1875 // Copy to the top part of destination block.
1876 if (len < blk_dest->m_size)
1877 {
1878 // Shrink the existing block and insert slots for new 
blocks before it.
1879 blk_dest->m_size -= len;
1880 
dest.m_blocks.insert(dest.m_blocks.begin()+dest_block_index, block_len, 
block());
>>> CID 1438872:(UNUSED_VALUE)
>>> Assigning value from "dest.m_blocks[dest_block_index + block_len]" to 
>>> "blk_dest" here, but that stored value is overwritten before it can be used.
1881 blk_dest = _blocks[dest_block_index+block_len];
1882 }
1883 else
1884 {
1885 // Destination block is exactly of the length of the 
elements being transferred.
1886 dest.delete_element_block(*blk_dest);
/usr/include/mdds-1.4/mdds/multi_type_vector_def.inl: 1891 in 
mdds::multi_type_vector>, 
mdds::detail::mtv::event_func>::transfer_multi_blocks(unsigned long, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long, 
mdds::multi_type_vector>, 

New Defects reported by Coverity Scan for LibreOffice

2018-08-27 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

3 new defect(s) introduced to LibreOffice found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1438785:  Uninitialized members  (UNINIT_CTOR)
/connectivity/source/drivers/mysqlc/mysqlc_resultset.cxx: 107 in 
connectivity::mysqlc::OResultSet::OResultSet(connectivity::mysqlc::OConnection 
&, connectivity::mysqlc::OCommonStatement *, st_mysql_res *, unsigned short)()



*** CID 1438785:  Uninitialized members  (UNINIT_CTOR)
/connectivity/source/drivers/mysqlc/mysqlc_resultset.cxx: 107 in 
connectivity::mysqlc::OResultSet::OResultSet(connectivity::mysqlc::OConnection 
&, connectivity::mysqlc::OCommonStatement *, st_mysql_res *, unsigned short)()
101 , m_xMetaData(nullptr)
102 , m_pResult(pResult)
103 , fieldCount(0)
104 , m_encoding(_encoding)
105 {
106 fieldCount = mysql_num_fields(pResult);
>>> CID 1438785:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "m_aRow" is not initialized in this constructor 
>>> nor in any functions that it calls.
107 }
108 
109 OResultSet::~OResultSet() {}
110 
111 void OResultSet::disposing()
112 {

** CID 1438784:  Uninitialized members  (UNINIT_CTOR)
/connectivity/source/drivers/mysqlc/mysqlc_connection.cxx: 70 in 
connectivity::mysqlc::OConnection::OConnection(connectivity::mysqlc::MysqlCDriver
 &)()



*** CID 1438784:  Uninitialized members  (UNINIT_CTOR)
/connectivity/source/drivers/mysqlc/mysqlc_connection.cxx: 70 in 
connectivity::mysqlc::OConnection::OConnection(connectivity::mysqlc::MysqlCDriver
 &)()
64 
65 OConnection::OConnection(MysqlCDriver& _rDriver)
66 : OMetaConnection_BASE(m_aMutex)
67 , m_xMetaData(nullptr)
68 , m_xDriver(&_rDriver)
69 {
>>> CID 1438784:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member field "m_mysql.extension" is not initialized in 
>>> this constructor nor in any functions that it calls.
70 }
71 
72 OConnection::~OConnection()
73 {
74 if (!isClosed())
75 {

** CID 1438783:  Error handling issues  (CHECKED_RETURN)
/connectivity/source/drivers/mysqlc/mysqlc_resultsetmetadata.cxx: 66 in 
connectivity::mysqlc::OResultSetMetaData::isCaseSensitive(int)()



*** CID 1438783:  Error handling issues  (CHECKED_RETURN)
/connectivity/source/drivers/mysqlc/mysqlc_resultsetmetadata.cxx: 66 in 
connectivity::mysqlc::OResultSetMetaData::isCaseSensitive(int)()
60 sql.append(rtl::OUString::number(pField->charsetnr));
61 
62 Reference stmt = m_rConnection.createStatement();
63 Reference rs = 
stmt->executeQuery(sql.makeStringAndClear());
64 Reference xRow(rs, UNO_QUERY_THROW);
65 
>>> CID 1438783:  Error handling issues  (CHECKED_RETURN)
>>> Calling "next" without checking return value (as is done elsewhere 189 
>>> out of 196 times).
66 rs->next(); // fetch first and only row
67 rtl::OUString sColName = xRow->getString(1); // first column is 
Collation name
68 
69 return !sColName.isEmpty() && !sColName.endsWith("_ci");
70 }
71 



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyyOwYaWC-2BsPwf18-2BUOunOC1fLUGHQiEoPHPfZ4AZbM4pRjFzQSzjJ84-2BsezUcDnIqZk6SNlhBC9LsvmBIePrsFme9rm1aDfL92Y1az1a0af3s2TIYWSGvGZMrE5r1gwvNif01WbGWfm8ZUXDt-2Blx1D4daGoXk-2B-2FEYjAHc9U0q9SM-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-08-24 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

1 new defect(s) introduced to LibreOffice found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1438527:  Control flow issues  (NESTING_INDENT_MISMATCH)
/sw/source/filter/ww8/wrtww8.cxx: 3383 in WW8Export::ExportDocument_Impl()()



*** CID 1438527:  Control flow issues  (NESTING_INDENT_MISMATCH)
/sw/source/filter/ww8/wrtww8.cxx: 3383 in WW8Export::ExportDocument_Impl()()
3377 pStrmTemp = xWwStrm.get();
3378 pTableStrmTemp = xTableStrm.get();
3379 pDataStrmTemp = xDataStrm.get();
3380 
3381 if ( pDataStrmTemp && pDataStrmTemp != pStrmTemp)
3382 err = EncryptRC4(aCtx, *pDataStrm, *pDataStrmTemp);
>>> CID 1438527:  Control flow issues  (NESTING_INDENT_MISMATCH)
>>> This 'if'  statement is indented to column 13, as if it were nested 
>>> within the preceding parent statement, but it is not.
3383 if (err != ERRCODE_NONE) {
3384 goto done;
3385 }
3386 
3387 err = EncryptRC4(aCtx, *pTableStrm, *pTableStrmTemp);
3388 if (err != ERRCODE_NONE) {



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpye5MqKofAK7vKtPm6sr9WoLy8WJ7V5T-2FECpQ0VOCuUCepPrBsfWyhIfRVjKpuIgfLLXCeg88MxxomvNJ3s2kqXfylO-2Bb-2FUAf1Ulme8iv2kqQDdA3LsUOFfZ61LYYGtJWyiGV5W0M8j6v-2BcXIFqjOebK7zyAGgUd-2BMhGikzWyw-2Ftw-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


Re: New Defects reported by Coverity Scan for LibreOffice

2018-08-22 Thread Kaganski Mike
For a specific case of N = 1, the code is really unreachable :-)
___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


Re: New Defects reported by Coverity Scan for LibreOffice

2018-08-22 Thread Stephan Bergmann

On 22/08/18 12:31, scan-ad...@coverity.com wrote:

** CID 1438474:  Control flow issues  (DEADCODE)
/include/rtl/stringutils.hxx: 176 in 
rtl::libreoffice_internal::ConstCharArrayDetector::isValid(const char (&)[1])()



*** CID 1438474:  Control flow issues  (DEADCODE)
/include/rtl/stringutils.hxx: 176 in 
rtl::libreoffice_internal::ConstCharArrayDetector::isValid(const char (&)[1])()
170 static const bool ok = true;
171 #if defined LIBO_INTERNAL_ONLY && HAVE_CXX14_CONSTEXPR
172 constexpr
173 #endif
174 static bool isValid(char const (& literal)[N]) {
175 for (std::size_t i = 0; i != N - 1; ++i) {

 CID 1438474:  Control flow issues  (DEADCODE)
 Execution cannot reach this statement: "if ((*literal)[i] == 0) {

  ...".


who's being dumb here, me or Coverity?


176 if (literal[i] == '\0') {
177 return false;
178 }
179 }
180 return literal[N - 1] == '\0';
181 }

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-08-22 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1438474:  Control flow issues  (DEADCODE)
/include/rtl/stringutils.hxx: 176 in 
rtl::libreoffice_internal::ConstCharArrayDetector::isValid(const char (&)[1])()



*** CID 1438474:  Control flow issues  (DEADCODE)
/include/rtl/stringutils.hxx: 176 in 
rtl::libreoffice_internal::ConstCharArrayDetector::isValid(const char (&)[1])()
170 static const bool ok = true;
171 #if defined LIBO_INTERNAL_ONLY && HAVE_CXX14_CONSTEXPR
172 constexpr
173 #endif
174 static bool isValid(char const (& literal)[N]) {
175 for (std::size_t i = 0; i != N - 1; ++i) {
>>> CID 1438474:  Control flow issues  (DEADCODE)
>>> Execution cannot reach this statement: "if ((*literal)[i] == 0) {
 ...".
176 if (literal[i] == '\0') {
177 return false;
178 }
179 }
180 return literal[N - 1] == '\0';
181 }

** CID 1438473:  Control flow issues  (DEADCODE)
/include/rtl/stringutils.hxx: 176 in 
rtlunittest::libreoffice_internal::ConstCharArrayDetector::isValid(const char (&)[1])()



*** CID 1438473:  Control flow issues  (DEADCODE)
/include/rtl/stringutils.hxx: 176 in 
rtlunittest::libreoffice_internal::ConstCharArrayDetector::isValid(const char (&)[1])()
170 static const bool ok = true;
171 #if defined LIBO_INTERNAL_ONLY && HAVE_CXX14_CONSTEXPR
172 constexpr
173 #endif
174 static bool isValid(char const (& literal)[N]) {
175 for (std::size_t i = 0; i != N - 1; ++i) {
>>> CID 1438473:  Control flow issues  (DEADCODE)
>>> Execution cannot reach this statement: "if ((*literal)[i] == 0) {
 ...".
176 if (literal[i] == '\0') {
177 return false;
178 }
179 }
180 return literal[N - 1] == '\0';
181 }



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyfh-2F2idhMgHMzCx4zBou-2BYC70xHMvajYyEcni2R2zaKIdPDNPI3b3nJ9NRLXEOU1nuDpEuximakh9R1jq9eVpTnsTccqY1uhB2BMZK5JuRW6rrxPiMwdaDz6PqAOAyy8q2TEMYSvaviRD3BL3ZMlqizvaM0mxQpA181RbwtsI0F4-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-08-18 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1438404:  Incorrect expression  (IDENTICAL_BRANCHES)
/sdext/source/presenter/PresenterFrameworkObserver.cxx: 102 in 
sdext::presenter::PresenterFrameworkObserver::notifyConfigurationChange(const 
com::sun::star::drawing::framework::ConfigurationChangeEvent &)()



*** CID 1438404:  Incorrect expression  (IDENTICAL_BRANCHES)
/sdext/source/presenter/PresenterFrameworkObserver.cxx: 102 in 
sdext::presenter::PresenterFrameworkObserver::notifyConfigurationChange(const 
com::sun::star::drawing::framework::ConfigurationChangeEvent &)()
96 void SAL_CALL PresenterFrameworkObserver::notifyConfigurationChange (
97 const ConfigurationChangeEvent& rEvent)
98 {
99 bool bDispose(false);
100 
101 Action aAction (maAction);
>>> CID 1438404:  Incorrect expression  (IDENTICAL_BRANCHES)
>>> The same code is executed regardless of whether "rEvent.Type == 
>>> "ConfigurationUpdateEnd"" is true, because the 'then' and 'else' branches 
>>> are identical. Should one of the branches be modified, or the entire 'if' 
>>> statement replaced?
102 if (rEvent.Type == "ConfigurationUpdateEnd")
103 {
104 Shutdown();
105 aAction(true);
106 bDispose = true;
107 }

** CID 1438403:  Error handling issues  (CHECKED_RETURN)
/sd/source/filter/eppt/pptx-epptooxml.cxx: 1175 in 
oox::core::PowerPointExport::WriteAnimationNodeAnimate(const 
std::shared_ptr &, const 
com::sun::star::uno::Reference &, 
int, bool)()



*** CID 1438403:  Error handling issues  (CHECKED_RETURN)
/sd/source/filter/eppt/pptx-epptooxml.cxx: 1175 in 
oox::core::PowerPointExport::WriteAnimationNodeAnimate(const 
std::shared_ptr &, const 
com::sun::star::uno::Reference &, 
int, bool)()
1169 OUString aPath;
1170 Reference xMotion(rXNode, UNO_QUERY);
1171 if (xMotion.is())
1172 {
1173 xMotion->getPath() >>= aPath;
1174 ::basegfx::B2DPolyPolygon aPolyPoly;
>>> CID 1438403:  Error handling issues  (CHECKED_RETURN)
>>> Calling "importFromSvgD" without checking return value (as is done 
>>> elsewhere 24 out of 26 times).
1175 ::basegfx::utils::importFromSvgD(aPolyPoly, aPath, true, 
nullptr);
1176 aPath = ::basegfx::utils::exportToSvgD(aPolyPoly, false, 
false, true, true);
1177 }
1178 
1179 pFS->startElementNS(XML_p, nXmlNodeType,
1180 XML_origin, "layout",

** CID 1438402:(NEGATIVE_RETURNS)



*** CID 1438402:(NEGATIVE_RETURNS)
/sc/source/filter/xml/xmlexprt.cxx: 1492 in ScXMLExport::OpenRow(int, int, int, 
ScXMLCachedRowAttrAccess &)()
1486 ++nEqualRows;
1487 else
1488 {
1489 if (nRow < nEndRow)
1490 {
1491 ScRowFormatRanges* pTempRowFormatRanges = new 
ScRowFormatRanges(pRowFormatRanges.get());
>>> CID 1438402:(NEGATIVE_RETURNS)
>>> "nPrevIndex" is passed to a parameter that cannot be negative.
1492 OpenAndCloseRow(nPrevIndex, nRow - nEqualRows, 
nEqualRows, bPrevHidden, bPrevFiltered);
1493 pRowFormatRanges.reset(pTempRowFormatRanges);
1494 }
1495 else
1496 OpenAndCloseRow(nPrevIndex, nRow - nEqualRows, 
nEqualRows, bPrevHidden, bPrevFiltered);
1497 nEqualRows = 1;
/sc/source/filter/xml/xmlexprt.cxx: 1504 in ScXMLExport::OpenRow(int, int, int, 
ScXMLCachedRowAttrAccess &)()
1498 nPrevIndex = nIndex;
1499 bPrevHidden = bHidden;
1500 bPrevFiltered = bFiltered;
1501 }
1502 }
1503 }
>>> CID 1438402:(NEGATIVE_RETURNS)
>>> "nPrevIndex" is passed to a parameter that cannot be negative.
1504 OpenNewRow(nPrevIndex, nRow - nEqualRows, nEqualRows, 
bPrevHidden, bPrevFiltered);
1505 }
1506 else
1507 {
1508 sal_Int32 nIndex = pRowStyles->GetStyleNameIndex(nTable, 
nStartRow);
1509 bool bHidden = false;

** CID 1438401:  Integer handling issues  (NEGATIVE_RETURNS)



New Defects reported by Coverity Scan for LibreOffice

2018-08-07 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
16 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1438379:  Uninitialized members  (UNINIT_CTOR)
/sc/source/filter/xml/xmltransformationi.cxx: 639 in 
ScXMLDateTimeContext::ScXMLDateTimeContext(ScXMLImport &, const 
rtl::Reference &)()



*** CID 1438379:  Uninitialized members  (UNINIT_CTOR)
/sc/source/filter/xml/xmltransformationi.cxx: 639 in 
ScXMLDateTimeContext::ScXMLDateTimeContext(ScXMLImport &, const 
rtl::Reference &)()
633 maType = sc::DATETIME_TRANSFORMATION_TYPE::HOUR;
634 else if (aType == "minute")
635 maType = sc::DATETIME_TRANSFORMATION_TYPE::MINUTE;
636 else if (aType == "seconds")
637 maType = sc::DATETIME_TRANSFORMATION_TYPE::SECOND;
638 }
>>> CID 1438379:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "maType" is not initialized in this constructor 
>>> nor in any functions that it calls.
639 }
640 
641 ScXMLDateTimeContext::~ScXMLDateTimeContext()
642 {
643 ScDocument* pDoc = GetScImport().GetDocument();
644 auto& rDataSources = pDoc->GetExternalDataMapper().getDataSources();

** CID 1438378:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/include/tools/helpers.hxx: 82 in NormAngle180(T1)()



*** CID 1438378:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/include/tools/helpers.hxx: 82 in NormAngle180(T1)()
76 return fVal > 0.0 ? static_cast( fVal + 0.5 ) : 
-static_cast( -fVal + 0.5 );
77 }
78 
79 //valid range:  (-180,180]
80 template  inline SAL_WARN_UNUSED_RESULT T NormAngle180(T 
angle)
81 {
>>> CID 1438378:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>> "angle <= -180" is always false regardless of the values of its 
>>> operands. This occurs as the logical operand of "while".
82 while (angle <= -180)
83 angle += 360;
84 while (angle > 180)
85 angle -= 360;
86 return angle;
87 }



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyvkC2CIkFk3Tp9ed9X4jBJwu4ElZdGXWT9uRVrwKViIH3B6RtJjFYVVkFq9Lg69-2FhRQdXuqSiOjRSJCFcmBllJloVumRe5xLN8Uljd2KgETDgQao1sz2x2dF8mcEHmbwxnV6SrnKu6ydOb87umiMPPcQ0E6MgGiJcTDO2YOAMbHc-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-08-04 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

16 new defect(s) introduced to LibreOffice found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 16 of 16 defect(s)


** CID 1438227:  Error handling issues  (NEGATIVE_RETURNS)
/desktop/source/splash/unxsplash.cxx: 98 in 
desktop::UnxSplashScreen::initialize(const 
com::sun::star::uno::Sequence &)()



*** CID 1438227:  Error handling issues  (NEGATIVE_RETURNS)
/desktop/source/splash/unxsplash.cxx: 98 in 
desktop::UnxSplashScreen::initialize(const 
com::sun::star::uno::Sequence &)()
92 OUString aArg;
93 osl_getCommandArg( i,  );
94 OUString aNum;
95 if ( aArg.startsWithIgnoreAsciiCase("--splash-pipe=", ) )
96 {
97 int fd = aNum.toInt32();
>>> CID 1438227:  Error handling issues  (NEGATIVE_RETURNS)
>>> "fd" is passed to a parameter that cannot be negative.
98 m_pOutFd = fdopen( fd, "w" );
99 SAL_INFO("desktop.splash", "Got argument '--splash-pipe=" << 
fd << " ('"
100 << aNum << "') ("
101 << static_cast(m_pOutFd) << ")");
102 }
103 }

** CID 1438226:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1438226:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/unocore/unochart.cxx: 425 in 
GetFormatAndCreateCursorFromRangeRep(const SwDoc *, const rtl::OUString &, 
SwFrameFormat **, std::shared_ptr &)()
419 pUnoCursor->SetMark();
420 pUnoCursor->GetPoint()->nNode = *pBRBox->GetSttNd();
421 pUnoCursor->Move( fnMoveForward, GoInNode );
422 SwUnoTableCursor* pCursor =
423 dynamic_cast(pUnoCursor.get());
424 // HACK: remove pending actions for old style tables
>>> CID 1438226:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing null pointer "pCursor" to "UnoActionRemoveContext", which 
>>> dereferences it.
425 UnoActionRemoveContext aRemoveContext(*pCursor);
426 pCursor->MakeBoxSels();
427 rpUnoCursor = pUnoCursor;
428 }
429 }
430 }

** CID 1438225:  Integer handling issues  (NEGATIVE_RETURNS)
/sw/source/core/tox/txmsrt.cxx: 677 in SwTOXAuthority::GetLevel() const()



*** CID 1438225:  Integer handling issues  (NEGATIVE_RETURNS)
/sw/source/core/tox/txmsrt.cxx: 677 in SwTOXAuthority::GetLevel() const()
671 OUString 
sText(static_cast(m_rField.GetField())->GetFieldText(AUTH_FIELD_AUTHORITY_TYPE));
672 //#i18655# the level '0' is the heading level therefore the values 
are incremented here
673 sal_uInt16 nRet = 1;
674 if( pTOXIntl->IsNumeric( sText ) )
675 {
676 nRet = static_cast(sText.toInt32());
>>> CID 1438225:  Integer handling issues  (NEGATIVE_RETURNS)
>>> Unsigned variable "nRet" is incremented, which might cause an integer 
>>> overflow.
677 nRet++;
678 }
679 //illegal values are also set to 'ARTICLE' as non-numeric values are
680 if(nRet > AUTH_TYPE_END)
681 nRet = 1;
682 return nRet;

** CID 1438224:  Null pointer dereferences  (NULL_RETURNS)



*** CID 1438224:  Null pointer dereferences  (NULL_RETURNS)
/oox/source/drawingml/shape.cxx: 525 in 
oox::drawingml::lcl_createPresetShape(com::sun::star::uno::Reference
 &, const rtl::OUString &, const rtl::OUString &, 
std::shared_ptr, 
std::shared_ptr, const oox::GraphicHelper &)()
519 ParagraphAdjust eAdjust = ParagraphAdjust_LEFT;
520 if (pParagraph->getProperties().getParaAdjust())
521 eAdjust = 
pParagraph->getProperties().getParaAdjust().get();
522 xSet->setPropertyValue( "ParaAdjust", uno::makeAny( eAdjust 
) );
523 SvxShape* pShape = SvxShape::getImplementation( xShape );
524 SdrTextHorzAdjust eHorzAdjust = lcl_convertAdjust( eAdjust 
);
>>> CID 1438224:  Null pointer dereferences  (NULL_RETURNS)
>>> Dereferencing a pointer that might be null "pShape" when calling 
>>> "GetSdrObject".
525 pShape->GetSdrObject()->SetMergedItem( 
SdrTextHorzAdjustItem( eHorzAdjust ) );
526 }
527 }
528 
529 // Apply preset shape
530 

New Defects reported by Coverity Scan for LibreOffice

2018-08-01 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

5 new defect(s) introduced to LibreOffice found with Coverity Scan.
7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 1438198:  API usage errors  (INVALIDATE_ITERATOR)
/editeng/source/editeng/impedit2.cxx: 1740 in 
ImpEditEngine::InitScriptTypes(int)()



*** CID 1438198:  API usage errors  (INVALIDATE_ITERATOR)
/editeng/source/editeng/impedit2.cxx: 1740 in 
ImpEditEngine::InitScriptTypes(int)()
1734 // Skip entries in ScriptArray which are not inside 
the RTL run:
1735 while ( nIdx < rTypes.size() && rTypes[nIdx].nStartPos 
< nStart )
1736 ++nIdx;
1737 
1738 // Remove any entries *inside* the current run:
1739 while ( nIdx < rTypes.size() && rTypes[nIdx].nEndPos 
<= nEnd )
>>> CID 1438198:  API usage errors  (INVALIDATE_ITERATOR)
>>> Using invalid iterator "std::vector>> std::allocator >::const_iterator(rTypes->begin() + 
>>> nIdx)".
1740 rTypes.erase( rTypes.begin()+nIdx );
1741 
1742 // special case:
1743 if(nIdx < rTypes.size() && rTypes[nIdx].nStartPos < 
nStart && rTypes[nIdx].nEndPos > nEnd)
1744 {
1745 rTypes.insert( rTypes.begin()+nIdx, 
ScriptTypePosInfo( rTypes[nIdx].nScriptType, nEnd, rTypes[nIdx].nEndPos ) );

** CID 1438197:(DEADCODE)
/drawinglayer/source/processor2d/vclmetafileprocessor2d.cxx: 1317 in 
drawinglayer::processor2d::VclMetafileProcessor2D::processPolygonHairlinePrimitive2D(const
 drawinglayer::primitive2d::PolygonHairlinePrimitive2D &)()
/drawinglayer/source/processor2d/vclmetafileprocessor2d.cxx: 1329 in 
drawinglayer::processor2d::VclMetafileProcessor2D::processPolygonHairlinePrimitive2D(const
 drawinglayer::primitive2d::PolygonHairlinePrimitive2D &)()



*** CID 1438197:(DEADCODE)
/drawinglayer/source/processor2d/vclmetafileprocessor2d.cxx: 1317 in 
drawinglayer::processor2d::VclMetafileProcessor2D::processPolygonHairlinePrimitive2D(const
 drawinglayer::primitive2d::PolygonHairlinePrimitive2D &)()
1311 // the MetaActionType::POLYPOLYGON written by 
RenderPolygonHairlinePrimitive2D
1312 // below
1313 bool bSupportSvtGraphicStroke(false);
1314 
1315 if(bSupportSvtGraphicStroke)
1316 {
>>> CID 1438197:(DEADCODE)
>>> Execution cannot reach this statement: "pSvtGraphicStroke = this->i...".
1317 pSvtGraphicStroke = impTryToCreateSvtGraphicStroke(
1318 rHairlinePrimitive.getB2DPolygon(),
1319 ,
1320 nullptr, nullptr, nullptr, nullptr);
1321 
1322 impStartSvtGraphicStroke(pSvtGraphicStroke);
/drawinglayer/source/processor2d/vclmetafileprocessor2d.cxx: 1329 in 
drawinglayer::processor2d::VclMetafileProcessor2D::processPolygonHairlinePrimitive2D(const
 drawinglayer::primitive2d::PolygonHairlinePrimitive2D &)()
1323 }
1324 
1325 RenderPolygonHairlinePrimitive2D(rHairlinePrimitive, 
false);
1326 
1327 if(bSupportSvtGraphicStroke)
1328 {
>>> CID 1438197:(DEADCODE)
>>> Execution cannot reach this statement: "this->impEndSvtGraphicStrok...".
1329 impEndSvtGraphicStroke(pSvtGraphicStroke);
1330 }
1331 }
1332 }
1333 
1334 void 
VclMetafileProcessor2D::processPolygonStrokePrimitive2D(const 
primitive2d::PolygonStrokePrimitive2D& rStrokePrimitive)

** CID 1438196:(DEADCODE)
/drawinglayer/source/processor2d/vclmetafileprocessor2d.cxx: 1792 in 
drawinglayer::processor2d::VclMetafileProcessor2D::processPolyPolygonColorPrimitive2D(const
 drawinglayer::primitive2d::PolyPolygonColorPrimitive2D &)()
/drawinglayer/source/processor2d/vclmetafileprocessor2d.cxx: 1819 in 
drawinglayer::processor2d::VclMetafileProcessor2D::processPolyPolygonColorPrimitive2D(const
 drawinglayer::primitive2d::PolyPolygonColorPrimitive2D &)()
/drawinglayer/source/processor2d/vclmetafileprocessor2d.cxx: 1826 in 
drawinglayer::processor2d::VclMetafileProcessor2D::processPolyPolygonColorPrimitive2D(const
 drawinglayer::primitive2d::PolyPolygonColorPrimitive2D &)()



*** CID 1438196:(DEADCODE)

New Defects reported by Coverity Scan for LibreOffice

2018-07-29 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

3 new defect(s) introduced to LibreOffice found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1438139:  Uninitialized members  (UNINIT_CTOR)
/sc/source/filter/xml/xmltransformationi.cxx: 289 in 
ScXMLColumnTextContext::ScXMLColumnTextContext(ScXMLImport &, const 
rtl::Reference &)()



*** CID 1438139:  Uninitialized members  (UNINIT_CTOR)
/sc/source/filter/xml/xmltransformationi.cxx: 289 in 
ScXMLColumnTextContext::ScXMLColumnTextContext(ScXMLImport &, const 
rtl::Reference &)()
283 maType = sc::TEXT_TRANSFORM_TYPE::TO_UPPER;
284 else if (aType == "capitalize")
285 maType = sc::TEXT_TRANSFORM_TYPE::CAPITALIZE;
286 else if (aType == "trim")
287 maType = sc::TEXT_TRANSFORM_TYPE::TRIM;
288 }
>>> CID 1438139:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "maType" is not initialized in this constructor 
>>> nor in any functions that it calls.
289 }
290 
291 ScXMLColumnTextContext::~ScXMLColumnTextContext()
292 {
293 ScDocument* pDoc = GetScImport().GetDocument();
294 auto& rDataSources = pDoc->GetExternalDataMapper().getDataSources();

** CID 1438138:  Uninitialized members  (UNINIT_CTOR)
/sc/source/filter/xml/xmltransformationi.cxx: 367 in 
ScXMLColumnAggregateContext::ScXMLColumnAggregateContext(ScXMLImport &, const 
rtl::Reference &)()



*** CID 1438138:  Uninitialized members  (UNINIT_CTOR)
/sc/source/filter/xml/xmltransformationi.cxx: 367 in 
ScXMLColumnAggregateContext::ScXMLColumnAggregateContext(ScXMLImport &, const 
rtl::Reference &)()
361 maType = sc::AGGREGATE_FUNCTION::AVERAGE;
362 else if (aType == "min")
363 maType = sc::AGGREGATE_FUNCTION::MIN;
364 else if (aType == "max")
365 maType = sc::AGGREGATE_FUNCTION::MAX;
366 }
>>> CID 1438138:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "maType" is not initialized in this constructor 
>>> nor in any functions that it calls.
367 }
368 
369 ScXMLColumnAggregateContext::~ScXMLColumnAggregateContext()
370 {
371 ScDocument* pDoc = GetScImport().GetDocument();
372 auto& rDataSources = pDoc->GetExternalDataMapper().getDataSources();

** CID 1438137:(UNINIT_CTOR)
/sc/source/filter/xml/xmltransformationi.cxx: 465 in 
ScXMLColumnNumberContext::ScXMLColumnNumberContext(ScXMLImport &, const 
rtl::Reference &)()
/sc/source/filter/xml/xmltransformationi.cxx: 465 in 
ScXMLColumnNumberContext::ScXMLColumnNumberContext(ScXMLImport &, const 
rtl::Reference &)()



*** CID 1438137:(UNINIT_CTOR)
/sc/source/filter/xml/xmltransformationi.cxx: 465 in 
ScXMLColumnNumberContext::ScXMLColumnNumberContext(ScXMLImport &, const 
rtl::Reference &)()
459 maType = sc::NUMBER_TRANSFORM_TYPE::IS_EVEN;
460 else if (aType == "odd")
461 maType = sc::NUMBER_TRANSFORM_TYPE::IS_ODD;
462 else if (aType == "sign")
463 maType = sc::NUMBER_TRANSFORM_TYPE::SIGN;
464 }
>>> CID 1438137:(UNINIT_CTOR)
>>> Non-static class member "maPrecision" is not initialized in this 
>>> constructor nor in any functions that it calls.
465 }
466 
467 ScXMLColumnNumberContext::~ScXMLColumnNumberContext()
468 {
469 ScDocument* pDoc = GetScImport().GetDocument();
470 auto& rDataSources = pDoc->GetExternalDataMapper().getDataSources();
/sc/source/filter/xml/xmltransformationi.cxx: 465 in 
ScXMLColumnNumberContext::ScXMLColumnNumberContext(ScXMLImport &, const 
rtl::Reference &)()
459 maType = sc::NUMBER_TRANSFORM_TYPE::IS_EVEN;
460 else if (aType == "odd")
461 maType = sc::NUMBER_TRANSFORM_TYPE::IS_ODD;
462 else if (aType == "sign")
463 maType = sc::NUMBER_TRANSFORM_TYPE::SIGN;
464 }
>>> CID 1438137:(UNINIT_CTOR)
>>> Non-static class member "maPrecision" is not initialized in this 
>>> constructor nor in any functions that it calls.
465 }
466 
467 ScXMLColumnNumberContext::~ScXMLColumnNumberContext()
468 {
469 ScDocument* pDoc = GetScImport().GetDocument();
470 auto& rDataSources = pDoc->GetExternalDataMapper().getDataSources();



New Defects reported by Coverity Scan for LibreOffice

2018-07-19 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

1 new defect(s) introduced to LibreOffice found with Coverity Scan.
14 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1438043:(DEADCODE)
/sw/source/core/layout/layact.cxx: 445 in 
SwLayAction::InternalAction(OutputDevice *)()
/sw/source/core/layout/layact.cxx: 448 in 
SwLayAction::InternalAction(OutputDevice *)()



*** CID 1438043:(DEADCODE)
/sw/source/core/layout/layact.cxx: 445 in 
SwLayAction::InternalAction(OutputDevice *)()
439 
440 IDocumentLayoutAccess& rLayoutAccess = 
m_pRoot->GetFormat()->getIDocumentLayoutAccess();
441 bool bNoLoop = pPage && SwLayouter::StartLoopControl( 
m_pRoot->GetFormat()->GetDoc(), pPage );
442 sal_uInt16 nPercentPageNum = 0;
443 while ( (pPage && !IsInterrupt()) || m_nCheckPageNum != USHRT_MAX )
444 {
>>> CID 1438043:(DEADCODE)
>>> Execution cannot reach the expression "pPage->GetPhyPageNum() >= 
>>> this->m_nCheckPageNum" inside this statement: "if (!pPage && 
>>> this->m_nChec...".
445 if ( !pPage && m_nCheckPageNum != USHRT_MAX &&
446  (!pPage || pPage->GetPhyPageNum() >= m_nCheckPageNum) )
447 {
448 if ( !pPage || pPage->GetPhyPageNum() > m_nCheckPageNum )
449 {
450 SwPageFrame *pPg = 
static_cast(m_pRoot->Lower());
/sw/source/core/layout/layact.cxx: 448 in 
SwLayAction::InternalAction(OutputDevice *)()
442 sal_uInt16 nPercentPageNum = 0;
443 while ( (pPage && !IsInterrupt()) || m_nCheckPageNum != USHRT_MAX )
444 {
445 if ( !pPage && m_nCheckPageNum != USHRT_MAX &&
446  (!pPage || pPage->GetPhyPageNum() >= m_nCheckPageNum) )
447 {
>>> CID 1438043:(DEADCODE)
>>> Execution cannot reach the expression "pPage->GetPhyPageNum() > 
>>> this->m_nCheckPageNum" inside this statement: "if (!pPage || 
>>> pPage->GetPhy...".
448 if ( !pPage || pPage->GetPhyPageNum() > m_nCheckPageNum )
449 {
450 SwPageFrame *pPg = 
static_cast(m_pRoot->Lower());
451 while ( pPg && pPg->GetPhyPageNum() < m_nCheckPageNum )
452 pPg = static_cast(pPg->GetNext());
453 if ( pPg )



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyaicp5raxBNRKMdrrCQSQrZBd26wIOlS495yuuhqd2DmKJELDyiPyCaNTVwiDTRBDRjo5qV1ZDbx9UnBpkNcK5-2FllXaGCndrpOMKzm0u3bnf3Yssfu14IAt9wNubS4rDzIxojtD-2FRKBvOgnfnlq6wEXNW6vb2q2gn5xAskYXDw2I-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-07-14 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

12 new defect(s) introduced to LibreOffice found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 12 of 12 defect(s)


** CID 1437962:(RESOURCE_LEAK)
/writerfilter/source/rtftok/rtfdocumentimpl.cxx: 1761 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchToggle(writerfilter::rtftok::RTFKeyword,
 bool, int)()
/writerfilter/source/rtftok/rtfdocumentimpl.cxx: 1789 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchToggle(writerfilter::rtftok::RTFKeyword,
 bool, int)()
/writerfilter/source/rtftok/rtfdocumentimpl.cxx: 1881 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchToggle(writerfilter::rtftok::RTFKeyword,
 bool, int)()



*** CID 1437962:(RESOURCE_LEAK)
/writerfilter/source/rtftok/rtfdocumentimpl.cxx: 1761 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchToggle(writerfilter::rtftok::RTFKeyword,
 bool, int)()
1755 }
1756 if (nSprm >= 0)
1757 {
1758 auto pValue
1759 = new RTFValue((!bParam || nParam != 0) ? nSprm : 
NS_ooxml::LN_Value_ST_Underline_none);
1760 
m_aStates.top().aCharacterAttributes.set(NS_ooxml::LN_CT_Underline_val, pValue);
>>> CID 1437962:(RESOURCE_LEAK)
>>> Variable "pBoolValue" going out of scope leaks the storage it points to.
1761 return RTFError::OK;
1762 }
1763 
1764 // Accent characters (over dot / over comma).
1765 switch (nKeyword)
1766 {
/writerfilter/source/rtftok/rtfdocumentimpl.cxx: 1789 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchToggle(writerfilter::rtftok::RTFKeyword,
 bool, int)()
1783 break;
1784 }
1785 if (nSprm >= 0)
1786 {
1787 auto pValue = new RTFValue((!bParam || nParam != 0) ? nSprm : 
0);
1788 
m_aStates.top().aCharacterSprms.set(NS_ooxml::LN_EG_RPrBase_em, pValue);
>>> CID 1437962:(RESOURCE_LEAK)
>>> Variable "pBoolValue" going out of scope leaks the storage it points to.
1789 return RTFError::OK;
1790 }
1791 
1792 // Trivial character sprms.
1793 switch (nKeyword)
1794 {
/writerfilter/source/rtftok/rtfdocumentimpl.cxx: 1881 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchToggle(writerfilter::rtftok::RTFKeyword,
 bool, int)()
1875 SAL_INFO("writerfilter.rtf",
1876  "TODO handle toggle '" << 
keywordToString(nKeyword) << "'");
1877 aSkip.setParsed(false);
1878 }
1879 break;
1880 }
>>> CID 1437962:(RESOURCE_LEAK)
>>> Variable "pBoolValue" going out of scope leaks the storage it points to.
1881 return RTFError::OK;
1882 }
1883 
1884 RTFError RTFDocumentImpl::pushState()
1885 {
1886 //SAL_INFO("writerfilter.rtf", OSL_THIS_FUNC << " before push: " 
<< m_pTokenizer->getGroup());

** CID 1437961:(RESOURCE_LEAK)
/writerfilter/source/rtftok/rtfdispatchvalue.cxx: 137 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchValue(writerfilter::rtftok::RTFKeyword,
 int)()
/writerfilter/source/rtftok/rtfdispatchvalue.cxx: 142 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchValue(writerfilter::rtftok::RTFKeyword,
 int)()
/writerfilter/source/rtftok/rtfdispatchvalue.cxx: 152 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchValue(writerfilter::rtftok::RTFKeyword,
 int)()
/writerfilter/source/rtftok/rtfdispatchvalue.cxx: 225 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchValue(writerfilter::rtftok::RTFKeyword,
 int)()
/writerfilter/source/rtftok/rtfdispatchvalue.cxx: 237 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchValue(writerfilter::rtftok::RTFKeyword,
 int)()
/writerfilter/source/rtftok/rtfdispatchvalue.cxx: 296 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchValue(writerfilter::rtftok::RTFKeyword,
 int)()
/writerfilter/source/rtftok/rtfdispatchvalue.cxx: 331 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchValue(writerfilter::rtftok::RTFKeyword,
 int)()
/writerfilter/source/rtftok/rtfdispatchvalue.cxx: 607 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchValue(writerfilter::rtftok::RTFKeyword,
 int)()
/writerfilter/source/rtftok/rtfdispatchvalue.cxx: 1606 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchValue(writerfilter::rtftok::RTFKeyword,
 int)()



*** CID 1437961:(RESOURCE_LEAK)
/writerfilter/source/rtftok/rtfdispatchvalue.cxx: 137 in 
writerfilter::rtftok::RTFDocumentImpl::dispatchValue(writerfilter::rtftok::RTFKeyword,
 int)()
131 nValue = NS_ooxml::LN_Value_ST_Jc_center;
132  

New Defects reported by Coverity Scan for LibreOffice

2018-06-25 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

3 new defect(s) introduced to LibreOffice found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1437527:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1437527:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/uibase/utlui/content.cxx: 695 in SwContentType::FillMemberList(bool 
*)()
689 if(nullptr != pbLevelOrVisibilityChanged)
690 {
691 // need to check visibility (and equal entry 
number) after
692 // creation due to a sorted list being used here 
(before,
693 // entries with same index were compared already at 
creation
694 // time what worked before a sorted list was used)
>>> CID 1437527:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing null pointer "pOldMember" to "checkVisibilityChanged", which 
>>> dereferences it.
695 *pbLevelOrVisibilityChanged = 
checkVisibilityChanged(
696 *pOldMember,
697 *pMember);
698 }
699 }
700 nMemberCount = pMember->size();

** CID 1437526:  Error handling issues  (CHECKED_RETURN)
/sc/source/filter/excel/xipivot.cxx: 1488 in XclImpPivotTable::Convert()()



*** CID 1437526:  Error handling issues  (CHECKED_RETURN)
/sc/source/filter/excel/xipivot.cxx: 1488 in XclImpPivotTable::Convert()()
1482 
1483 pDPObj->SetSaveData( aSaveData );
1484 pDPObj->SetSheetDesc( aDesc );
1485 pDPObj->SetOutRange( aOutRange );
1486 pDPObj->SetHeaderLayout( maPTViewEx9Info.mnGridLayout == 0 );
1487 
>>> CID 1437526:  Error handling issues  (CHECKED_RETURN)
>>> Calling "InsertNewTable" without checking return value (as is done 
>>> elsewhere 24 out of 27 times).
1488 GetDoc().GetDPCollection()->InsertNewTable(pDPObj);
1489 mpDPObj = pDPObj;
1490 
1491 ApplyFieldInfo();
1492 ApplyMergeFlags(aOutRange, aSaveData);
1493 }

** CID 1209000:  Error handling issues  (CHECKED_RETURN)
/sc/qa/unit/ucalc_pivottable.cxx: 270 in Test::testPivotTable()()



*** CID 1209000:  Error handling issues  (CHECKED_RETURN)
/sc/qa/unit/ucalc_pivottable.cxx: 270 in Test::testPivotTable()()
264 printRange(m_pDoc, ScRange(nCol1, nRow1, 0, nCol2, nRow2, 0), "Data 
sheet content (modified)");
265 
266 // Now, create a copy of the datapilot object for the updated 
table, but
267 // don't reload the cache which should force the copy to use the 
old data
268 // from the cache.
269 ScDPObject* pDPObj2 = new ScDPObject(*pDPObj);
>>> CID 1209000:  Error handling issues  (CHECKED_RETURN)
>>> Calling "InsertNewTable" without checking return value (as is done 
>>> elsewhere 24 out of 27 times).
270 pDPs->InsertNewTable(pDPObj2);
271 
272 aOutRange = pDPObj2->GetOutRange();
273 pDPObj2->ClearTableData();
274 pDPObj2->Output(aOutRange.aStart);
275 {



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyoWMum4BOPLCbZkP4ElPN2XL5LrZw5vnvCKuYPJxy8gIUr7rlwvayUt-2FCrYAUdNAECsYVNwsRTaTlzWt6WER5VQVXqk4CCYgDEjyskpCU4hJR4Ikq-2FtV7wY8p6Hb9aLkqcgXD4soOrM-2FKLkHqNcen6lUYf5hy8FgBsFCMgU7IIgA-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-06-19 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1437410:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1437410:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/docnode/ndtbl1.cxx: 93 in 
SwTableFormatCmp::~SwTableFormatCmp()()
87 }
88 
89 SwTableFormatCmp::~SwTableFormatCmp()
90 {
91 if (pOld)
92 pOld->Remove(this);
>>> CID 1437410:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing null pointer "this->pOld" to "HasWriterListeners", which 
>>> dereferences it.
93 if (!pOld->HasWriterListeners())
94 delete pOld;
95 }
96 
97 // static
98 SwFrameFormat* 
SwTableFormatCmp::FindNewFormat(std::vector>& 
rArr,

** CID 1437409:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1437409:  Null pointer dereferences  (FORWARD_NULL)
/sw/qa/extras/ww8export/ww8export2.cxx: 311 in testTdf70838::verify()()
305 CPPUNIT_ASSERT(xText->getSize().Width  > 11000);
306 }
307 
308 DECLARE_WW8EXPORT_TEST(testTdf70838, "tdf70838.odt")
309 {
310 SwXTextDocument* pTextDoc = dynamic_cast(mxComponent.get());
>>> CID 1437409:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing null pointer "pTextDoc" to "GetDocShell", which dereferences it.
311 SwDoc* pDoc = pTextDoc->GetDocShell()->GetDoc();
312 SdrPage* pPage = 
pDoc->getIDocumentDrawModelAccess().GetDrawModel()->GetPage(0);
313 tools::Rectangle aRect = pPage->GetObj(0)->GetSnapRect();
314 CPPUNIT_ASSERT( aRect.GetHeight() > aRect.GetWidth() );
315 }
316 

** CID 1437408:  Uninitialized members  (UNINIT_CTOR)
/svx/source/dialog/paraprev.cxx: 221 in ParaPrevWindow::ParaPrevWindow()()



*** CID 1437408:  Uninitialized members  (UNINIT_CTOR)
/svx/source/dialog/paraprev.cxx: 221 in ParaPrevWindow::ParaPrevWindow()()
215 nLeftMargin ( 0 ),
216 nRightMargin( 0 ),
217 eAdjust ( SvxAdjust::Left ),
218 eLastLine   ( SvxAdjust::Left )
219 {
220 aSize = Size(11905, 16837);
>>> CID 1437408:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "eLine" is not initialized in this constructor 
>>> nor in any functions that it calls.
221 }
222 
223 void ParaPrevWindow::SetDrawingArea(weld::DrawingArea* pDrawingArea)
224 {
225 Size 
aOptimalSize(getParagraphPreviewOptimalSize(pDrawingArea->get_ref_device()));
226 pDrawingArea->set_size_request(aOptimalSize.Width(), 
aOptimalSize.Height());

** CID 1437407:  FindBugs: Malicious code vulnerability  
(FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
/scripting/java/com/sun/star/script/framework/provider/ClassLoaderFactory.java: 
48 in 
com.sun.star.script.framework.provider.ClassLoaderFactory.getURLClassLoader(java.lang.ClassLoader,
 java.net.URL[])()



*** CID 1437407:  FindBugs: Malicious code vulnerability  
(FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
/scripting/java/com/sun/star/script/framework/provider/ClassLoaderFactory.java: 
48 in 
com.sun.star.script.framework.provider.ClassLoaderFactory.getURLClassLoader(java.lang.ClassLoader,
 java.net.URL[])()
42 
43 return getURLClassLoader(parent, classPath);
44 }
45 
46 public static ClassLoader getURLClassLoader(ClassLoader parent,
47 URL[] classpath) {
>>> CID 1437407:  FindBugs: Malicious code vulnerability  
>>> (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
>>> 
>>> com.sun.star.script.framework.provider.ClassLoaderFactory.getURLClassLoader(ClassLoader,
>>>  URL[]) creates a java.net.URLClassLoader classloader, which should be 
>>> performed within a doPrivileged block.
48 return new URLClassLoader(classpath, parent);
49 }



To view the defects in Coverity Scan visit, 

New Defects reported by Coverity Scan for LibreOffice

2018-06-12 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
13 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1436922:  Null pointer dereferences  (REVERSE_INULL)
/sw/source/core/text/txtfrm.cxx: 1987 in SwTextFrame::SwClientNotify(const 
SwModify &, const SfxHint &)()



*** CID 1436922:  Null pointer dereferences  (REVERSE_INULL)
/sw/source/core/text/txtfrm.cxx: 1987 in SwTextFrame::SwClientNotify(const 
SwModify &, const SfxHint &)()
1981 InvalidatePrt_();
1982 }
1983 
1984 const bool bMergeModify = (m_pMergedPara &&
1985 (m_pMergedPara->pParaPropsNode !=  ||
1986  m_pMergedPara->pFirstNode != ));
>>> CID 1436922:  Null pointer dereferences  (REVERSE_INULL)
>>> Null-checking "pNew" suggests that it may be null, but it has already 
>>> been dereferenced on all paths leading to the check.
1987 const bool bHasOldNew = pOld && pNew;
1988 if ((nClear || bMergeModify) && bHasOldNew)
1989 {
1990 SwAttrSetChg aOldSet( *static_cast(pOld) );
1991 SwAttrSetChg aNewSet( *static_cast(pNew) );
1992 

** CID 1436921:  Memory - illegal accesses  (WRAPPER_ESCAPE)
/vcl/unx/generic/app/sm.cxx: 73 in X11SalInstance::CreateSalSession()()



*** CID 1436921:  Memory - illegal accesses  (WRAPPER_ESCAPE)
/vcl/unx/generic/app/sm.cxx: 73 in X11SalInstance::CreateSalSession()()
67 
68 std::unique_ptr X11SalInstance::CreateSalSession()
69 {
70 SAL_INFO("vcl.sm", "X11SalInstance::CreateSalSession");
71 
72 std::unique_ptr p(new IceSalSession);
>>> CID 1436921:  Memory - illegal accesses  (WRAPPER_ESCAPE)
>>> The internal representation of local "p" escapes, but is destroyed when 
>>> it exits scope.
73 SessionManagerClient::open(p.get());
74 return p;
75 }
76 
77 void IceSalSession::queryInteraction()
78 {



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyXqpsGoC-2BHiF-2Bd8nuqU01dMYx-2FK7rMr7LJqVacKLBW2BYJH8puO4nTs7Z6LYrxkQ4Yq0hogRakLNsHFnhjVTrFKy8Fl1HS040jJylvu9fVG3PTqzvUSRW7nqWgJnFjYsRQ7cf7b3YFK-2FBqkfH9Hn2PnmNmBWIMGk700NfzJmosJs-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-06-09 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

7 new defect(s) introduced to LibreOffice found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 7 of 7 defect(s)


** CID 1436018:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1436018:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/text/txtfrm.cxx: 1991 in SwTextFrame::SwClientNotify(const 
SwModify &, const SfxHint &)()
1985 }
1986 
1987 if (nClear || (m_pMergedPara &&
1988 (m_pMergedPara->pParaPropsNode !=  ||
1989  m_pMergedPara->pFirstNode != )))
1990 {
>>> CID 1436018:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing null pointer "pOld" to "SwAttrSetChg", which dereferences it.
1991 SwAttrSetChg aOldSet( *static_cast(pOld) );
1992 SwAttrSetChg aNewSet( *static_cast(pNew) );
1993 
1994 if (m_pMergedPara && m_pMergedPara->pParaPropsNode 
!= )
1995 {
1996 for (sal_uInt16 i = RES_PARATR_BEGIN; i != 
RES_FRMATR_END; ++i)

** CID 1436017:  Control flow issues  (DEADCODE)
/sw/source/core/text/txtfrm.cxx: 1634 in SwTextFrame::SwClientNotify(const 
SwModify &, const SfxHint &)()



*** CID 1436017:  Control flow issues  (DEADCODE)
/sw/source/core/text/txtfrm.cxx: 1634 in SwTextFrame::SwClientNotify(const 
SwModify &, const SfxHint &)()
1628 // update merged before doing anything else
1629 nLen = UpdateMergedParaForDelete(*m_pMergedPara, false, 
rNode, nNPos, nNLen);
1630 const sal_Int32 m = -nNLen;
1631 if (nLen && IsIdxInside(nPos, nLen))
1632 {
1633 if (!nLen)
>>> CID 1436017:  Control flow issues  (DEADCODE)
>>> Execution cannot reach this statement: "this->InvalidateSize();".
1634 InvalidateSize();
1635 else
1636 InvalidateRange( SwCharRange(nPos, 
TextFrameIndex(1)), m );
1637 }
1638 lcl_SetWrong( *this, rNode, nNPos, m, true );
1639 if (nLen)

** CID 1436016:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1436016:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/crsr/crsrsh.cxx: 967 in SwCursorShell::TestCurrPam(const Point 
&, bool)()
961 do {
962 if( pCmp && pCmp->HasMark() &&
963 *pCmp->Start() <= aPtPos && *pCmp->End() > aPtPos )
964 {
965 return true;   // return without update
966 }
>>> CID 1436016:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing null pointer "pCmp" to "GetNext", which dereferences it.
967 } while( m_pCurrentCursor != ( pCmp = pCmp->GetNext() ) );
968 return false;
969 }
970 
971 void SwCursorShell::KillPams()
972 {

** CID 1436015:  Code maintainability issues  (UNUSED_VALUE)
/oox/source/drawingml/diagram/diagramlayoutatoms.cxx: 373 in 
oox::drawingml::AlgAtom::layoutShape(const 
std::shared_ptr &, const 
std::vector> &) const()



*** CID 1436015:  Code maintainability issues  (UNUSED_VALUE)
/oox/source/drawingml/diagram/diagramlayoutatoms.cxx: 373 in 
oox::drawingml::AlgAtom::layoutShape(const 
std::shared_ptr &, const 
std::vector> &) const()
367 aChildSize.Height /= (nCount+1);
368 
369 awt::Point aCurrPos(0, 0);
370 if (nIncX == -1)
371 aCurrPos.X = rShape->getSize().Width - aChildSize.Width;
372 if (nIncY == -1)
>>> CID 1436015:  Code maintainability issues  (UNUSED_VALUE)
>>> Assigning value from "rShape->getSize().Height - aChildSize.Height" to 
>>> "aCurrPos.Y" here, but that stored value is overwritten before it can be 
>>> used.
373 aCurrPos.Y = rShape->getSize().Height - 
aChildSize.Height;
374 
375 if(nCount <= 2 && nIncY == -1)
376 aCurrPos.Y = rShape->getSize().Height - 
aChildSize.Height*2;
377 else
378 aCurrPos.Y = rShape->getSize().Height - 
aChildSize.Height*(nCount+1);

** CID 1436014:  Null pointer dereferences  (NULL_RETURNS)



New Defects reported by Coverity Scan for LibreOffice

2018-06-01 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

12 new defect(s) introduced to LibreOffice found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 12 of 12 defect(s)


** CID 1435920:(RESOURCE_LEAK)
/sc/source/core/data/conditio.cxx: 1162 in ScConditionEntry::IsValidStr(const 
rtl::OUString &, const ScAddress &) const()
/sc/source/core/data/conditio.cxx: 1171 in ScConditionEntry::IsValidStr(const 
rtl::OUString &, const ScAddress &) const()
/sc/source/core/data/conditio.cxx: 1175 in ScConditionEntry::IsValidStr(const 
rtl::OUString &, const ScAddress &) const()
/sc/source/core/data/conditio.cxx: 1205 in ScConditionEntry::IsValidStr(const 
rtl::OUString &, const ScAddress &) const()
/sc/source/core/data/conditio.cxx: 1224 in ScConditionEntry::IsValidStr(const 
rtl::OUString &, const ScAddress &) const()



*** CID 1435920:(RESOURCE_LEAK)
/sc/source/core/data/conditio.cxx: 1162 in ScConditionEntry::IsValidStr(const 
rtl::OUString &, const ScAddress &) const()
1156 return false;
1157 
1158 OUString aUpVal1( aStrVal1 ); //TODO: As a member? (Also set in 
Interpret)
1159 OUString aUpVal2( aStrVal2 );
1160 
1161 if ( eOp == ScConditionMode::Between || eOp == 
ScConditionMode::NotBetween )
>>> CID 1435920:(RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "ScGlobal::GetCollator()" 
>>> leaks it.
1162 if (ScGlobal::GetCollator()->compareString( aUpVal1, aUpVal2 ) 
> 0)
1163 {
1164 // Right order for value range
1165 OUString aTemp( aUpVal1 ); aUpVal1 = aUpVal2; aUpVal2 = 
aTemp;
1166 }
1167 
/sc/source/core/data/conditio.cxx: 1171 in ScConditionEntry::IsValidStr(const 
rtl::OUString &, const ScAddress &) const()
1165 OUString aTemp( aUpVal1 ); aUpVal1 = aUpVal2; aUpVal2 = 
aTemp;
1166 }
1167 
1168 switch ( eOp )
1169 {
1170 case ScConditionMode::Equal:
>>> CID 1435920:(RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "ScGlobal::GetCollator()" 
>>> leaks it.
1171 bValid = (ScGlobal::GetCollator()->compareString(
1172 rArg, aUpVal1 ) == 0);
1173 break;
1174 case ScConditionMode::NotEqual:
1175 bValid = (ScGlobal::GetCollator()->compareString(
1176 rArg, aUpVal1 ) != 0);
/sc/source/core/data/conditio.cxx: 1175 in ScConditionEntry::IsValidStr(const 
rtl::OUString &, const ScAddress &) const()
1169 {
1170 case ScConditionMode::Equal:
1171 bValid = (ScGlobal::GetCollator()->compareString(
1172 rArg, aUpVal1 ) == 0);
1173 break;
1174 case ScConditionMode::NotEqual:
>>> CID 1435920:(RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "ScGlobal::GetCollator()" 
>>> leaks it.
1175 bValid = (ScGlobal::GetCollator()->compareString(
1176 rArg, aUpVal1 ) != 0);
1177 break;
1178 case ScConditionMode::TopPercent:
1179 case ScConditionMode::BottomPercent:
1180 case ScConditionMode::Top10:
/sc/source/core/data/conditio.cxx: 1205 in ScConditionEntry::IsValidStr(const 
rtl::OUString &, const ScAddress &) const()
1199 bValid = rArg.indexOf(aUpVal1) != -1;
1200 if(eOp == ScConditionMode::NotContainsText)
1201 bValid = !bValid;
1202 break;
1203 default:
1204 {
>>> CID 1435920:(RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "ScGlobal::GetCollator()" 
>>> leaks it.
1205 sal_Int32 nCompare = 
ScGlobal::GetCollator()->compareString(
1206 rArg, aUpVal1 );
1207 switch ( eOp )
1208 {
1209 case ScConditionMode::Greater:
1210 bValid = ( nCompare > 0 );
/sc/source/core/data/conditio.cxx: 1224 in ScConditionEntry::IsValidStr(const 
rtl::OUString &, const ScAddress &) const()
1218 case ScConditionMode::EqLess:
1219 bValid = ( nCompare <= 0 );
1220 break;
1221 case ScConditionMode::Between:
1222 case ScConditionMode::NotBetween:
1223 //  Test for NOTBETWEEN:
>>> CID 1435920:(RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "ScGlobal::GetCollator()" 
>>> leaks it.
1224 bValid = ( nCompare < 0 ||
1225 

Re: New Defects reported by Coverity Scan for LibreOffice

2018-05-28 Thread Caolán McNamara
On Sun, 2018-05-27 at 22:28 +, scan-ad...@coverity.com wrote:
> *** CID 1078573:  Null pointer dereferences  (FORWARD_NULL)
> /sw/source/core/docnode/swbaslnk.cxx

Since 7581730b2795a58d4fe6868e2f61572a91fde293 lcl_CallModify ends
up as...

bool bUpdate = false;
SwGrfNode* pSwGrfNode = nullptr;
if (m_pContentNode->IsGrfNode())
...
else if( m_pContentNode->IsOLENode() )
bUpdate = true;

if (bUpdate)
...
SetGrfFlySize(aGrfSz, pSwGrfNode, aOldSz)

so on the face of it, if its an ole node and not a graphic
SetGrfFlySize now derefs null pSwGrfNode.
___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-05-27 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1435839:  Uninitialized members  (UNINIT_CTOR)
/include/vcl/customweld.hxx: 21 in 
weld::CustomWidgetController::CustomWidgetController()()



*** CID 1435839:  Uninitialized members  (UNINIT_CTOR)
/include/vcl/customweld.hxx: 21 in 
weld::CustomWidgetController::CustomWidgetController()()
15 namespace weld
16 {
17 class VCL_DLLPUBLIC CustomWidgetController
18 {
19 private:
20 Size m_aSize;
>>> CID 1435839:  Uninitialized members  (UNINIT_CTOR)
>>> The compiler-generated constructor for this class does not initialize 
>>> "m_pDrawingArea".
21 weld::DrawingArea* m_pDrawingArea;
22 
23 public:
24 virtual void Paint(vcl::RenderContext& rRenderContext, const 
tools::Rectangle& rRect) = 0;
25 virtual void Resize() {}
26 virtual void MouseButtonDown(const MouseEvent&) {}

** CID 1435838:  Uninitialized members  (UNINIT_CTOR)
/svx/source/dialog/dlgctrl.cxx: 664 in RectCtl::RectCtl(SvxTabPage *, 
RectPoint, unsigned short, unsigned short)()



*** CID 1435838:  Uninitialized members  (UNINIT_CTOR)
/svx/source/dialog/dlgctrl.cxx: 664 in RectCtl::RectCtl(SvxTabPage *, 
RectPoint, unsigned short, unsigned short)()
658 , 
nRadius(Application::GetDefaultDevice()->LogicToPixel(Size(nCircle, 0), 
MapMode(MapUnit::Map100thMM)).Width())
659 , eDefRP(eRpt)
660 , pBitmap(nullptr)
661 , m_nState(CTL_STATE::NONE)
662 , mbCompleteDisable(false)
663 {
>>> CID 1435838:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "eRP" is not initialized in this constructor 
>>> nor in any functions that it calls.
664 }
665 
666 void RectCtl::SetDrawingArea(weld::DrawingArea* pDrawingArea)
667 {
668 
pDrawingArea->set_size_request(pDrawingArea->get_approximate_digit_width() * 25,
669pDrawingArea->get_text_height() * 5);

** CID 1435837:  Uninitialized members  (UNINIT_CTOR)
/svx/source/dialog/charmap.cxx: 80 in 
SvxShowCharSet::SvxShowCharSet(weld::ScrolledWindow *, const 
VclPtr &)()



*** CID 1435837:  Uninitialized members  (UNINIT_CTOR)
/svx/source/dialog/charmap.cxx: 80 in 
SvxShowCharSet::SvxShowCharSet(weld::ScrolledWindow *, const 
VclPtr &)()
74 , mbUpdateForeground(true)
75 , mbUpdateBackground(true)
76 {
77 init();
78 
79 mxScrollArea->set_user_managed_scrolling();
>>> CID 1435837:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "nY" is not initialized in this constructor nor 
>>> in any functions that it calls.
80 }
81 
82 void SvxShowCharSet::SetDrawingArea(weld::DrawingArea* pDrawingArea)
83 {
84 mxScrollArea->set_size_request(COLUMN_COUNT * 
pDrawingArea->get_approximate_digit_width() * 4,
85ROW_COUNT * 
pDrawingArea->get_text_height() * 2);

** CID 1078573:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1078573:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/docnode/swbaslnk.cxx: 174 in SwBaseLink::DataChanged(const 
rtl::OUString &, const com::sun::star::uno::Any &)()
168 
169 if ( !bUpdate || bFrameInPaint )
170 return SUCCESS;
171 
172 if (bUpdate)
173 {
>>> CID 1078573:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing null pointer "pSwGrfNode" to "SetGrfFlySize", which 
>>> dereferences it.
174 if (!SetGrfFlySize(aGrfSz, pSwGrfNode, aOldSz))
175 {
176 SwMsgPoolItem aMsgHint(RES_GRAPHIC_ARRIVED);
177 lcl_CallModify(*pSwGrfNode, aMsgHint);
178 return SUCCESS;
179 }



To view the defects in Coverity Scan visit, 

New Defects reported by Coverity Scan for LibreOffice

2018-05-23 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

3 new defect(s) introduced to LibreOffice found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1435749:  Error handling issues  (UNCAUGHT_EXCEPT)
/sw/source/core/unocore/unoobj2.cxx: 301 in 
UnoActionRemoveContext::~UnoActionRemoveContext()()



*** CID 1435749:  Error handling issues  (UNCAUGHT_EXCEPT)
/sw/source/core/unocore/unoobj2.cxx: 301 in 
UnoActionRemoveContext::~UnoActionRemoveContext()()
295 if (m_pDoc)
296 {
297 lcl_RemoveImpl(m_pDoc);
298 }
299 }
300 
>>> CID 1435749:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::DeploymentException" is 
>>> thrown but the throw list "throw()" doesn't allow it to be thrown. This 
>>> will cause a call to unexpected() which usually calls terminate().
301 UnoActionRemoveContext::~UnoActionRemoveContext()
302 {
303 if (m_pDoc)
304 {
305 SwRootFrame *const pRootFrame = 
m_pDoc->getIDocumentLayoutAccess().GetCurrentLayout();
306 if (pRootFrame)

** CID 1435748:  Error handling issues  (CHECKED_RETURN)
/sw/source/core/crsr/crstrvl.cxx: 995 in SwCursorShell::GotoPrevOutline()()



*** CID 1435748:  Error handling issues  (CHECKED_RETURN)
/sw/source/core/crsr/crstrvl.cxx: 995 in SwCursorShell::GotoPrevOutline()()
989 }
990 
991 SwCursor* pCursor = getShellCursor( true );
992 SwNode* pNd = &(pCursor->GetNode());
993 SwOutlineNodes::size_type nPos;
994 bool bRet = false;
>>> CID 1435748:  Error handling issues  (CHECKED_RETURN)
>>> Calling "Seek_Entry" without checking return value (as is done 
>>> elsewhere 13 out of 14 times).
995 rNds.GetOutLineNds().Seek_Entry(pNd, );
996 if ( nPos == 0 )
997 {
998 nPos = rNds.GetOutLineNds().size();
999 SvxSearchDialogWrapper::SetSearchLabel( 
SearchLabel::StartWrapped );
1000 }

** CID 1399120:  Error handling issues  (UNCAUGHT_EXCEPT)
/sw/source/core/crsr/callnk.cxx: 99 in SwCallLink::~SwCallLink()()



*** CID 1399120:  Error handling issues  (UNCAUGHT_EXCEPT)
/sw/source/core/crsr/callnk.cxx: 99 in SwCallLink::~SwCallLink()()
93 return;
94 }
95 }
96 }
97 }
98 
>>> CID 1399120:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::DeploymentException" is 
>>> thrown but the throw list "throw()" doesn't allow it to be thrown. This 
>>> will cause a call to unexpected() which usually calls terminate().
99 SwCallLink::~SwCallLink()
100 {
101 if( nNdTyp == SwNodeType::NONE || !rShell.m_bCallChgLnk ) // see 
ctor
102 return ;
103 
104 // If travelling over Nodes check formats and register them anew at 
the



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpy8xGl5gyG72PKEYksHTP-2BsN-2Fl4tx2dJYI9r1wBExVlY0fdiopRQPS17y51av41VL5KvO9Gw4yxbfkjSZ3rF9AdRnZEST-2Fjm61RX-2F95yJOA9Fiuikt0WsxaWcabmPiXv6vlAKrMx8lCjFZfBBmsc5YDw5625lPLlbO26TNKRAWq-2Fo-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-05-19 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

9 new defect(s) introduced to LibreOffice found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)


** CID 1435686:  Incorrect expression  (COPY_PASTE_ERROR)
/svx/source/xoutdev/_xoutbmp.cxx: 594 in XOutBitmap::GetContour(const Bitmap &, 
XOutFlags, const tools::Rectangle *)()



*** CID 1435686:  Incorrect expression  (COPY_PASTE_ERROR)
/svx/source/xoutdev/_xoutbmp.cxx: 594 in XOutBitmap::GetContour(const Bitmap &, 
XOutFlags, const tools::Rectangle *)()
588 pPoints1[ nPolyPos ] = Point( nX, nY );
589 nY = nStartY2;
590 
591 // this loop always breaks eventually as 
there is at least one pixel
592 while( true )
593 {
>>> CID 1435686:  Incorrect expression  (COPY_PASTE_ERROR)
>>> "nX" in "pAcc->GetPixelFromData(pScanline, nX)" looks like a copy-paste 
>>> error.
594 if( aBlack == pAcc->GetPixelFromData( 
pScanline, nX ) )
595 {
596 pPoints2[ nPolyPos ] = Point( nX, 
nY );
597 break;
598 }
599 

** CID 1435685:(CHECKED_RETURN)
/basegfx/test/genericclipper.cxx: 136 in 
basegfx2d::genericclipper::validateCrossover(const char *, const char *, const 
char *) const()
/basegfx/test/genericclipper.cxx: 137 in 
basegfx2d::genericclipper::validateCrossover(const char *, const char *, const 
char *) const()



*** CID 1435685:(CHECKED_RETURN)
/basegfx/test/genericclipper.cxx: 136 in 
basegfx2d::genericclipper::validateCrossover(const char *, const char *, const 
char *) const()
130const char* pValidSvgD) const
131 {
132 OUString aInput=OUString::createFromAscii(pInputSvgD);
133 OUString aValid=OUString::createFromAscii(pValidSvgD);
134 B2DPolyPolygon aInputPoly, aValidPoly;
135 
>>> CID 1435685:(CHECKED_RETURN)
>>> Calling "importFromSvgD" without checking return value (as is done 
>>> elsewhere 20 out of 25 times).
136 utils::importFromSvgD(aInputPoly, aInput, false, nullptr);
137 utils::importFromSvgD(aValidPoly, aValid, false, nullptr);
138 
139 CPPUNIT_ASSERT_EQUAL_MESSAGE(
140 pName,
141 aValid,
/basegfx/test/genericclipper.cxx: 137 in 
basegfx2d::genericclipper::validateCrossover(const char *, const char *, const 
char *) const()
131 {
132 OUString aInput=OUString::createFromAscii(pInputSvgD);
133 OUString aValid=OUString::createFromAscii(pValidSvgD);
134 B2DPolyPolygon aInputPoly, aValidPoly;
135 
136 utils::importFromSvgD(aInputPoly, aInput, false, nullptr);
>>> CID 1435685:(CHECKED_RETURN)
>>> Calling "importFromSvgD" without checking return value (as is done 
>>> elsewhere 20 out of 25 times).
137 utils::importFromSvgD(aValidPoly, aValid, false, nullptr);
138 
139 CPPUNIT_ASSERT_EQUAL_MESSAGE(
140 pName,
141 aValid,
142 basegfx::utils::exportToSvgD(

** CID 1435684:  Possible Control flow issues  (DEADCODE)
/cui/source/dialogs/SignSignatureLineDialog.cxx: 155 in 
SignSignatureLineDialog::Apply()()



*** CID 1435684:  Possible Control flow issues  (DEADCODE)
/cui/source/dialogs/SignSignatureLineDialog.cxx: 155 in 
SignSignatureLineDialog::Apply()()
149 
150 bool bSuccess = false; // TODO
151 
152 if (bSuccess)
153 {
154 // Read svg and replace placeholder texts
>>> CID 1435684:  Possible Control flow issues  (DEADCODE)
>>> Execution cannot reach this statement: "aSvgImage = this->getSignat...".
155 OUString aSvgImage(getSignatureImage());
156 aSvgImage = aSvgImage.replaceAll("[SIGNER_NAME]", 
getCDataString(m_aSuggestedSignerName));
157 aSvgImage = aSvgImage.replaceAll("[SIGNER_TITLE]", 
getCDataString(m_aSuggestedSignerTitle));
158 
159 aSvgImage = aSvgImage.replaceAll("[SIGNATURE]", 
getCDataString(m_xEditName->get_text()));
160 OUString aIssuerLine = 
CuiResId(RID_SVXSTR_SIGNATURELINE_SIGNED_BY)

** CID 1435683:  Error handling issues  (CHECKED_RETURN)

Re: New Defects reported by Coverity Scan for LibreOffice

2018-05-15 Thread Caolán McNamara
On Fri, 2018-05-11 at 21:33 +0200, Khaled Hosny wrote:
> No idea why this is now triggering an issue, but FreetypeFont
> constructor have been unconditionally accessing rFSD.mpFontInstance
> since forever.

Yeah, I just reworked it a little to avoid the warning, so its gone
again in the current scan.
___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-05-15 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

1 new defect(s) introduced to LibreOffice found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1435605:  Error handling issues  (CHECKED_RETURN)
/vcl/source/control/field2.cxx: 2517 in TimeFormatter::Reformat()()



*** CID 1435605:  Error handling issues  (CHECKED_RETURN)
/vcl/source/control/field2.cxx: 2517 in TimeFormatter::Reformat()()
2511 if ( !bOK )
2512 return;
2513 
2514 if ( !aStr.isEmpty() )
2515 {
2516 ImplSetText( aStr );
>>> CID 1435605:  Error handling issues  (CHECKED_RETURN)
>>> Calling "TextToTime" without checking return value (as is done 
>>> elsewhere 4 out of 5 times).
2517 TextToTime( aStr, maLastTime, GetFormat(), IsDuration(), 
ImplGetLocaleDataWrapper() );
2518 }
2519 else
2520 SetTime( maLastTime );
2521 }
2522 



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpynDFdIcUfUswokbyAGcbF-2FWDngPYX6n0Nm8gsqGdPqHR8Px2hpxiGMBNE3k3rKCe8r3ElG7a5qYuOjB9JWwiFcobp5NL6FygSaUmMM-2FCwxlhllp5X8lBTvicA-2BznfCGEYVIeb4KjJUp37DQuv7G7vO2MZOBIjSHlwElWNq-2FZajZo-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


Re: New Defects reported by Coverity Scan for LibreOffice

2018-05-11 Thread Khaled Hosny
On Fri, May 11, 2018 at 01:52:50PM +, scan-ad...@coverity.com wrote:
> ** CID 1435548:  Null pointer dereferences  (FORWARD_NULL)
> 
> 
> 
> *** CID 1435548:  Null pointer dereferences  (FORWARD_NULL)
> /vcl/unx/generic/glyphs/freetype_glyphcache.cxx: 350 in 
> FreetypeManager::CreateFont(const FontSelectPattern &)()
> 344 if( it != maFontList.end() )
> 345 pFontInfo = it->second;
> 346 
> 347 if( !pFontInfo )
> 348 return nullptr;
> 349 
> >>> CID 1435548:  Null pointer dereferences  (FORWARD_NULL)
> >>> Passing "rFSD" to "FreetypeFont", which dereferences null 
> >>> "rFSD.mpFontInstance".
> 350 FreetypeFont* pNew = new FreetypeFont( rFSD, pFontInfo );
> 351 
> 352 return pNew;
> 353 }
> 354 
> 355 FreetypeFontFace::FreetypeFontFace( FreetypeFontInfo* pFI, const 
> FontAttributes& rDFA )

No idea why this is now triggering an issue, but FreetypeFont
constructor have been unconditionally accessing rFSD.mpFontInstance
since forever.

Regards,
Khaled
___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-05-11 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

1 new defect(s) introduced to LibreOffice found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1435548:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1435548:  Null pointer dereferences  (FORWARD_NULL)
/vcl/unx/generic/glyphs/freetype_glyphcache.cxx: 350 in 
FreetypeManager::CreateFont(const FontSelectPattern &)()
344 if( it != maFontList.end() )
345 pFontInfo = it->second;
346 
347 if( !pFontInfo )
348 return nullptr;
349 
>>> CID 1435548:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing "rFSD" to "FreetypeFont", which dereferences null 
>>> "rFSD.mpFontInstance".
350 FreetypeFont* pNew = new FreetypeFont( rFSD, pFontInfo );
351 
352 return pNew;
353 }
354 
355 FreetypeFontFace::FreetypeFontFace( FreetypeFontInfo* pFI, const 
FontAttributes& rDFA )



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpycS-2F92O8orO4Q-2Fk01A7bIGoYhrD6AZcwiPgULuUrraH7MqyTaIXy1oCfqtMvTRernhWugNKbTjbCcEc6NLE29wpRR3d3y6vPUYw1tkS1fVyqnQee6DNhe3-2F9SqpSP9nhQUtProLUDUFzMSb0ZoPjNbLMur81Kku-2BFgfeCK-2FUBolM-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-05-05 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

11 new defect(s) introduced to LibreOffice found with Coverity Scan.
8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 11 of 11 defect(s)


** CID 1435443:  API usage errors  (SWAPPED_ARGUMENTS)



*** CID 1435443:  API usage errors  (SWAPPED_ARGUMENTS)
/svx/source/accessibility/svxrectctaccessiblecontext.cxx: 854 in 
RectCtlAccessibleContext::FireChildFocus(RectPoint)()
848 }
849 else
850 {
851 Any aOld;
852 Any aNew;
853 aNew <<= AccessibleStateType::FOCUSED;
>>> CID 1435443:  API usage errors  (SWAPPED_ARGUMENTS)
>>> The positions of arguments in the call to "NotifyAccessibleEvent" do 
>>> not match the ordering of the parameters:
* "aNew" is passed to "_rOldValue"
* "aOld" is passed to "_rNewValue"
854 NotifyAccessibleEvent(AccessibleEventId::STATE_CHANGED, 
aNew, aOld);
855 }
856 }
857 else
858 mnSelectedChild = NOCHILDSELECTED;
859 }

** CID 1435442:  Error handling issues  (CHECKED_RETURN)
/vcl/source/image/ImplImageTree.cxx: 611 in ImplImageTree::getNameAccess()()



*** CID 1435442:  Error handling issues  (CHECKED_RETURN)
/vcl/source/image/ImplImageTree.cxx: 611 in ImplImageTree::getNameAccess()()
605 }
606 return rNameAccess.is();
607 }
608 
609 css::uno::Reference const & 
ImplImageTree::getNameAccess()
610 {
>>> CID 1435442:  Error handling issues  (CHECKED_RETURN)
>>> Calling "checkPathAccess" without checking return value (as is done 
>>> elsewhere 4 out of 5 times).
611 checkPathAccess();
612 return getCurrentIconSet().maNameAccess;
613 }
614 

** CID 1435441:(UNINIT_CTOR)
/usr/include/c++/7/bits/regex.h: 2460 in 
std::__cxx11::regex_iterator<__gnu_cxx::__normal_iterator, 
std::allocator>>, wchar_t, 
std::__cxx11::regex_traits>::regex_iterator()()
/usr/include/c++/7/bits/regex.h: 2460 in 
std::__cxx11::regex_iterator<__gnu_cxx::__normal_iterator, 
std::allocator>>, char, 
std::__cxx11::regex_traits>::regex_iterator()()



*** CID 1435441:(UNINIT_CTOR)
/usr/include/c++/7/bits/regex.h: 2460 in 
std::__cxx11::regex_iterator<__gnu_cxx::__normal_iterator, 
std::allocator>>, wchar_t, 
std::__cxx11::regex_traits>::regex_iterator()()
2454   /**
2455* @brief Provides a singular iterator, useful for indicating
2456* one-past-the-end of a range.
2457*/
2458   regex_iterator()
2459   : _M_pregex()
>>> CID 1435441:(UNINIT_CTOR)
>>> Non-static class member "_M_flags" is not initialized in this 
>>> constructor nor in any functions that it calls.
2460   { }
2461 
2462   /**
2463* Constructs a %regex_iterator...
2464* @param __a  [IN] The start of a text range to search.
2465* @param __b  [IN] One-past-the-end of the text range to search.
/usr/include/c++/7/bits/regex.h: 2460 in 
std::__cxx11::regex_iterator<__gnu_cxx::__normal_iterator, 
std::allocator>>, char, 
std::__cxx11::regex_traits>::regex_iterator()()
2454   /**
2455* @brief Provides a singular iterator, useful for indicating
2456* one-past-the-end of a range.
2457*/
2458   regex_iterator()
2459   : _M_pregex()
>>> CID 1435441:(UNINIT_CTOR)
>>> Non-static class member "_M_flags" is not initialized in this 
>>> constructor nor in any functions that it calls.
2460   { }
2461 
2462   /**
2463* Constructs a %regex_iterator...
2464* @param __a  [IN] The start of a text range to search.
2465* @param __b  [IN] One-past-the-end of the text range to search.

** CID 1435440:  FindBugs: Dodgy code  (FB.URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD)
/qadevOOo/tests/java/ifc/chart/_ChartDataPointProperties.java: 71 in ()



*** CID 1435440:  FindBugs: Dodgy code  
(FB.URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD)
/qadevOOo/tests/java/ifc/chart/_ChartDataPointProperties.java: 71 in ()
65 if (Line == null) throw new StatusException(Status.failed
66 ("Relation 'LINE' not found"));
67 
68 doc.setDiagram(Line);
69 }
70 
>>> CID 1435440:  FindBugs: Dodgy code  
>>> 

New Defects reported by Coverity Scan for LibreOffice

2018-05-03 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

8 new defect(s) introduced to LibreOffice found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)


** CID 1435279:  Uninitialized members  (UNINIT_CTOR)
/vcl/source/gdi/pdfwriter_impl.hxx: 606 in 
vcl::PDFWriterImpl::PDFGlyph::PDFGlyph(const Point &, const GlyphItem *, int, 
int, unsigned char, int)()



*** CID 1435279:  Uninitialized members  (UNINIT_CTOR)
/vcl/source/gdi/pdfwriter_impl.hxx: 606 in 
vcl::PDFWriterImpl::PDFGlyph::PDFGlyph(const Point &, const GlyphItem *, int, 
int, unsigned char, int)()
600   sal_Int32 nFontId,
601   sal_uInt8 nMappedGlyphId,
602   int nCharPos )
603 : m_aPos( rPos ), m_pGlyph(pGlyph), m_nNativeWidth( 
nNativeWidth ),
604   m_nMappedFontId( nFontId ), m_nMappedGlyphId( nMappedGlyphId 
),
605   m_nCharPos(nCharPos)
>>> CID 1435279:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "m_nCharCount" is not initialized in this 
>>> constructor nor in any functions that it calls.
606 {}
607 };
608 
609 static const sal_Char* getStructureTag( PDFWriter::StructElement );
610 static const sal_Char* getAttributeTag( PDFWriter::StructAttribute 
eAtr );
611 static const sal_Char* getAttributeValueTag( 
PDFWriter::StructAttributeValue eVal );

** CID 1435278:  Resource leaks  (RESOURCE_LEAK)
/vcl/source/bitmap/BitmapMosaicFilter.cxx: 179 in 
BitmapMosaicFilter::execute(const BitmapEx &)()



*** CID 1435278:  Resource leaks  (RESOURCE_LEAK)
/vcl/source/bitmap/BitmapMosaicFilter.cxx: 179 in 
BitmapMosaicFilter::execute(const BitmapEx &)()
173 
174 aBitmap = *pNewBmp;
175 
176 aBitmap.SetPrefMapMode(aMap);
177 aBitmap.SetPrefSize(aPrefSize);
178 }
>>> CID 1435278:  Resource leaks  (RESOURCE_LEAK)
>>> Variable "pWriteAcc" going out of scope leaks the storage it points to.
179 }
180 
181 if (bRet)
182 return rBitmapEx;
183 
184 return BitmapEx();
185 }
186 

** CID 1435277:  Control flow issues  (DEADCODE)
/svl/source/numbers/zforfind.cxx: 1217 in 
ImpSvNumberInputScan::IsAcceptedDatePattern(unsigned short)()



*** CID 1435277:  Control flow issues  (DEADCODE)
/svl/source/numbers/zforfind.cxx: 1217 in 
ImpSvNumberInputScan::IsAcceptedDatePattern(unsigned short)()
1211 xLocaleData.changeLocale( aSaveLocale);
1212 // When concatenating don't care about duplicates, 
combining
1213 // weeding those out reallocs yet another time and 
probably doesn't
1214 // take less time than looping over two additional 
patterns below..
1215 switch (eEDF)
1216 {
>>> CID 1435277:  Control flow issues  (DEADCODE)
>>> Execution cannot reach this statement: "case NF_EVALDATEFORMAT_FORMAT:".
1217 case NF_EVALDATEFORMAT_FORMAT:
1218 assert(!"shouldn't reach here");
1219 break;
1220 case NF_EVALDATEFORMAT_INTL:
1221 sDateAcceptancePatterns = aLocalePatterns;
1222 break;

** CID 1435276:  Resource leaks  (RESOURCE_LEAK)
/vcl/source/bitmap/BitmapMosaicFilter.cxx: 179 in 
BitmapMosaicFilter::execute(const BitmapEx &)()



*** CID 1435276:  Resource leaks  (RESOURCE_LEAK)
/vcl/source/bitmap/BitmapMosaicFilter.cxx: 179 in 
BitmapMosaicFilter::execute(const BitmapEx &)()
173 
174 aBitmap = *pNewBmp;
175 
176 aBitmap.SetPrefMapMode(aMap);
177 aBitmap.SetPrefSize(aPrefSize);
178 }
>>> CID 1435276:  Resource leaks  (RESOURCE_LEAK)
>>> Variable "pNewBmp" going out of scope leaks the storage it points to.
179 }
180 
181 if (bRet)
182 return rBitmapEx;
183 
184 return BitmapEx();
185 }
186 

** CID 1435275:  Uninitialized members  (UNINIT_CTOR)
/sfx2/source/sidebar/SidebarDockingWindow.cxx: 50 in 
sfx2::sidebar::SidebarDockingWindow::SidebarDockingWindow(SfxBindings *, 
sfx2::sidebar::SidebarChildWindow &, vcl::Window *, long)()



New Defects reported by Coverity Scan for LibreOffice

2018-04-17 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

19 new defect(s) introduced to LibreOffice found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 19 of 19 defect(s)


** CID 1434905:  Error handling issues  (NEGATIVE_RETURNS)
/dbaccess/source/ui/tabledesign/TEditControl.cxx: 1519 in 
dbaui::OTableEditorCtrl::SetPrimaryKey(bool)()



*** CID 1434905:  Error handling issues  (NEGATIVE_RETURNS)
/dbaccess/source/ui/tabledesign/TEditControl.cxx: 1519 in 
dbaui::OTableEditorCtrl::SetPrimaryKey(bool)()
1513 if( bSet )
1514 {
1515 long nIndex = FirstSelectedRow();
1516 while( nIndex != SFX_ENDOFSELECTION )
1517 {
1518 // Set the key
>>> CID 1434905:  Error handling issues  (NEGATIVE_RETURNS)
>>> "nIndex" is passed to a parameter that cannot be negative. [Note: The 
>>> source code implementation of the function has been overridden by a builtin 
>>> model.]
1519  std::shared_ptr  pRow = (*m_pRowList)[nIndex];
1520 OFieldDescription* pFieldDescr = pRow->GetActFieldDescr();
1521 if(pFieldDescr)
1522 
AdjustFieldDescription(pFieldDescr,aInsertedPrimKeys,nIndex,false,true);
1523 
1524 nIndex = NextSelectedRow();

** CID 1434904:  Error handling issues  (NEGATIVE_RETURNS)
/dbaccess/source/ui/tabledesign/TEditControl.cxx: 1283 in 
dbaui::OTableEditorCtrl::IsPrimaryKeyAllowed(long)()



*** CID 1434904:  Error handling issues  (NEGATIVE_RETURNS)
/dbaccess/source/ui/tabledesign/TEditControl.cxx: 1283 in 
dbaui::OTableEditorCtrl::IsPrimaryKeyAllowed(long)()
1277 // - No Memo or Image entries
1278 // - DROP is not permitted (see above) and the column is not 
Required (not null flag is not set).
1279 long nIndex = FirstSelectedRow();
1280  std::shared_ptr  pRow;
1281 while( nIndex != SFX_ENDOFSELECTION )
1282 {
>>> CID 1434904:  Error handling issues  (NEGATIVE_RETURNS)
>>> "nIndex" is passed to a parameter that cannot be negative. [Note: The 
>>> source code implementation of the function has been overridden by a builtin 
>>> model.]
1283 pRow = (*m_pRowList)[nIndex];
1284 OFieldDescription* pFieldDescr = pRow->GetActFieldDescr();
1285 if(!pFieldDescr)
1286 return false;
1287 else
1288 {

** CID 1434903:  Error handling issues  (NEGATIVE_RETURNS)
/dbaccess/source/ui/tabledesign/TEditControl.cxx: 1519 in 
dbaui::OTableEditorCtrl::SetPrimaryKey(bool)()



*** CID 1434903:  Error handling issues  (NEGATIVE_RETURNS)
/dbaccess/source/ui/tabledesign/TEditControl.cxx: 1519 in 
dbaui::OTableEditorCtrl::SetPrimaryKey(bool)()
1513 if( bSet )
1514 {
1515 long nIndex = FirstSelectedRow();
1516 while( nIndex != SFX_ENDOFSELECTION )
1517 {
1518 // Set the key
>>> CID 1434903:  Error handling issues  (NEGATIVE_RETURNS)
>>> "nIndex" is passed to a parameter that cannot be negative. [Note: The 
>>> source code implementation of the function has been overridden by a builtin 
>>> model.]
1519  std::shared_ptr  pRow = (*m_pRowList)[nIndex];
1520 OFieldDescription* pFieldDescr = pRow->GetActFieldDescr();
1521 if(pFieldDescr)
1522 
AdjustFieldDescription(pFieldDescr,aInsertedPrimKeys,nIndex,false,true);
1523 
1524 nIndex = NextSelectedRow();

** CID 1434902:  Error handling issues  (NEGATIVE_RETURNS)
/dbaccess/source/ui/tabledesign/TableUndo.cxx: 170 in 
dbaui::OTableEditorDelUndoAct::OTableEditorDelUndoAct(dbaui::OTableEditorCtrl 
*)()



*** CID 1434902:  Error handling issues  (NEGATIVE_RETURNS)
/dbaccess/source/ui/tabledesign/TableUndo.cxx: 170 in 
dbaui::OTableEditorDelUndoAct::OTableEditorDelUndoAct(dbaui::OTableEditorCtrl 
*)()
164 sal_Int32 nIndex = pOwner->FirstSelectedRow();
165  std::shared_ptr  pOriginalRow;
166  std::shared_ptr  pNewRow;
167 
168 while( nIndex != SFX_ENDOFSELECTION )
169 {
>>> CID 1434902:  Error handling issues  (NEGATIVE_RETURNS)
>>> "nIndex" is passed to a parameter that cannot be negative. [Note: The 
>>> source code implementation of the function has been overridden by a builtin 
>>> model.]
170 

New Defects reported by Coverity Scan for LibreOffice

2018-04-11 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

3 new defect(s) introduced to LibreOffice found with Coverity Scan.
25 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1434221:  Uninitialized variables  (UNINIT)
/sw/qa/extras/accessibility/accessible_relation_set.cxx: 225 in 
AccessibleRelationSet::contents_flows_to_and_from()()



*** CID 1434221:  Uninitialized variables  (UNINIT)
/sw/qa/extras/accessibility/accessible_relation_set.cxx: 225 in 
AccessibleRelationSet::contents_flows_to_and_from()()
219 else
220 {
221 CPPUNIT_FAIL("didn't gain correct relation type");
222 }
223 }
224 
>>> CID 1434221:  Uninitialized variables  (UNINIT)
>>> Using uninitialized value "relationtypes[0]" when calling "operator 
>>> []". [Note: The source code implementation of the function has been 
>>> overridden by a builtin model.]
225 CPPUNIT_ASSERT_EQUAL_MESSAGE("didn't gain correct relation type for 
paragraph 1", types[1],
226  types[relationtypes[0]]);
227 
228 css::uno::Reference 
paraText1(para1, uno::UNO_QUERY_THROW);
229 CPPUNIT_ASSERT_EQUAL_MESSAGE("didn't gain correct target 
paragraph", atargets[0]->getText(),
230  paraText1->getText());

** CID 1434220:  Resource leaks  (RESOURCE_LEAK)
/sw/source/core/layout/fly.cxx: 2554 in 
SwFlyFrame::GetContour(tools::PolyPolygon &, bool) const()



*** CID 1434220:  Resource leaks  (RESOURCE_LEAK)
/sw/source/core/layout/fly.cxx: 2554 in 
SwFlyFrame::GetContour(tools::PolyPolygon &, bool) const()
2548 if( !aClip.Height() )
2549 aClip.Height( 1 );
2550 rContour.Clip( aClip.SVRect() );
2551 rContour.Optimize(PolyOptimizeFlags::CLOSE);
2552 bRet = true;
2553 }
>>> CID 1434220:  Resource leaks  (RESOURCE_LEAK)
>>> Variable "pGrfObj" going out of scope leaks the storage it points to.
2554 }
2555 else
2556 {
2557 const SwFlyFreeFrame* pSwFlyFreeFrame(dynamic_cast< const 
SwFlyFreeFrame* >(this));
2558 
2559 if(nullptr != pSwFlyFreeFrame &&

** CID 1434219:  Error handling issues  (UNCAUGHT_EXCEPT)
/usr/include/c++/7/bits/move.h: 47 in std::__addressof(T1 &)()



*** CID 1434219:  Error handling issues  (UNCAUGHT_EXCEPT)
/usr/include/c++/7/bits/move.h: 47 in std::__addressof(T1 &)()
41   /**
42*  @brief Same as C++11 std::addressof
43*  @ingroup utilities
44*/
45   template
46 inline _GLIBCXX_CONSTEXPR _Tp*
>>> CID 1434219:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::DeploymentException" is 
>>> thrown but the throw list "throw()" doesn't allow it to be thrown. This 
>>> will cause a call to unexpected() which usually calls terminate().
47 __addressof(_Tp& __r) _GLIBCXX_NOEXCEPT
48 { return __builtin_addressof(__r); }
49 
50 _GLIBCXX_END_NAMESPACE_VERSION
51 } // namespace
52 



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyr5nHbeZSL2sWOLUKZwewgvqWe7lWucDuTjZeZ9rsv94sLwNEAy81QW-2Fvaw-2FXuLt-2FYRMgSQhs-2F0q-2B3DU3FbUSRBc1QeQbDuBLriUERs3YtZWN8IMALiPZShwAqoy4H3-2BJuYMscXmLwZ6mEsJS0AkkUmJjCYGtH4ne9p2dtMp2S74-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-04-10 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

25 new defect(s) introduced to LibreOffice found with Coverity Scan.
21 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 20 of 25 defect(s)


** CID 1434186:  Error handling issues  (UNCAUGHT_EXCEPT)
/svx/source/unodraw/unoshape.cxx: 980 in SvxShape::Notify(SfxBroadcaster &, 
const SfxHint &)()



*** CID 1434186:  Error handling issues  (UNCAUGHT_EXCEPT)
/svx/source/unodraw/unoshape.cxx: 980 in SvxShape::Notify(SfxBroadcaster &, 
const SfxHint &)()
974 
975 uno::Sequence< sal_Int8 > SAL_CALL SvxShape::getImplementationId()
976 {
977 return css::uno::Sequence();
978 }
979 
>>> CID 1434186:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
980 void SvxShape::Notify( SfxBroadcaster&, const SfxHint& rHint ) throw()
981 {
982 DBG_TESTSOLARMUTEX();
983 if( !HasSdrObject() )
984 return;
985 

** CID 1434185:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/filter/source/graphicfilter/ios2met/ios2met.cxx: 2041 in 
OS2METReader::ReadOrder(unsigned short, unsigned short)()



*** CID 1434185:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/filter/source/graphicfilter/ios2met/ios2met.cxx: 2041 in 
OS2METReader::ReadOrder(unsigned short, unsigned short)()
2035 case GOrdSChCel: {
2036 sal_uInt8 nbyte;
2037 sal_uInt16 nLen=nOrderLen;
2038 auto nWidth = ReadCoord(bCoord32);
2039 auto nHeight = ReadCoord(bCoord32);
2040 if (nWidth < 0 || nHeight < 0 ||
>>> CID 1434185:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>> "nWidth > 2147483647 /* std::numeric_limits::max() */" is always 
>>> false regardless of the values of its operands. This occurs as the logical 
>>> second operand of "||".
2041 nWidth > std::numeric_limits::max() 
||
2042 nHeight > 
std::numeric_limits::max())
2043 {
2044 aAttr.aChrCellSize = aDefAttr.aChrCellSize;
2045 }
2046 else

** CID 1434184:  Error handling issues  (UNCAUGHT_EXCEPT)
/sc/source/core/data/postit.cxx: 875 in ScPostIt::~ScPostIt()()



*** CID 1434184:  Error handling issues  (UNCAUGHT_EXCEPT)
/sc/source/core/data/postit.cxx: 875 in ScPostIt::~ScPostIt()()
869 {
870 mnPostItId = nPostItId == 0 ? mnLastPostItId++ : nPostItId;
871 if( bAlwaysCreateCaption || maNoteData.mbShown )
872 CreateCaptionFromInitData( rPos );
873 }
874 
>>> CID 1434184:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
875 ScPostIt::~ScPostIt()
876 {
877 RemoveCaption();
878 }
879 
880 ScPostIt* ScPostIt::Clone( const ScAddress& rOwnPos, ScDocument& 
rDestDoc, const ScAddress& rDestPos, bool bCloneCaption ) const

** CID 1434183:  Error handling issues  (UNCAUGHT_EXCEPT)
/connectivity/source/commontools/statementcomposer.cxx: 243 in 
dbtools::StatementComposer::~StatementComposer()()



*** CID 1434183:  Error handling issues  (UNCAUGHT_EXCEPT)
/connectivity/source/commontools/statementcomposer.cxx: 243 in 
dbtools::StatementComposer::~StatementComposer()()
237 m_pData->sCommand = _rCommand;
238 m_pData->nCommandType = _nCommandType;
239 m_pData->bEscapeProcessing = _bEscapeProcessing;
240 }
241 
242 
>>> CID 1434183:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
243 StatementComposer::~StatementComposer()
244 {
245 lcl_resetComposer( *m_pData );
246 }
247 
248 

** CID 1434182:  Error handling issues  (UNCAUGHT_EXCEPT)

New Defects reported by Coverity Scan for LibreOffice

2018-04-04 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

20 new defect(s) introduced to LibreOffice found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 20 of 20 defect(s)


** CID 1433797:  Integer handling issues  (SIGN_EXTENSION)
/starmath/source/node.cxx: 727 in SmRootNode::Arrange(OutputDevice &, const 
SmFormat &)()



*** CID 1433797:  Integer handling issues  (SIGN_EXTENSION)
/starmath/source/node.cxx: 727 in SmRootNode::Arrange(OutputDevice &, const 
SmFormat &)()
721 
722 pBody->Arrange(rDev, rFormat);
723 
724 long  nHeight,
725   nVerOffset;
726 lcl_GetHeightVerOffset(*pBody, nHeight, nVerOffset);
>>> CID 1433797:  Integer handling issues  (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "rFormat->GetDistance(2)" with type 
>>> "sal_uInt16" (16 bits, unsigned) is promoted in "rFormat->GetDistance(2) * 
>>> this->GetFont()->GetFontSize()->Height()" to type "int" (32 bits, signed), 
>>> then sign-extended to type "long" (64 bits, signed).  If 
>>> "rFormat->GetDistance(2) * this->GetFont()->GetFontSize()->Height()" is 
>>> greater than 0x7FFF, the upper bits of the result will all be 1.
727 nHeight += rFormat.GetDistance(DIS_ROOT)
728* GetFont().GetFontSize().Height() / 100L;
729 
730 // font specialist advised to change the width first
731 pRootSym->AdaptToY(rDev, nHeight);
732 pRootSym->AdaptToX(rDev, pBody->GetItalicWidth());

** CID 1433796:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/vcl/source/filter/jpeg/JpegReader.cxx: 196 in JPEGReader::CreateBitmap(const 
JPEGCreateBitmapParam &)()



*** CID 1433796:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/vcl/source/filter/jpeg/JpegReader.cxx: 196 in JPEGReader::CreateBitmap(const 
JPEGCreateBitmapParam &)()
190 
191 Size aSize(rParam.nWidth, rParam.nHeight);
192 bool bGray = rParam.bGray;
193 
194 mpBitmap.reset(new Bitmap());
195 
>>> CID 1433796:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "aSize.Width() * aSize.Height()" 
>>> with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and 
>>> then used in a context that expects an expression of type "sal_uInt64" (64 
>>> bits, unsigned).
196 sal_uInt64 nSize = aSize.Width() * aSize.Height();
197 
198 if (nSize > SAL_MAX_INT32 / (bGray?1:3))
199 return false;
200 
201 if( bGray )

** CID 1433795:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/toolkit/source/awt/animatedimagespeer.cxx: 233 in 
toolkitlcl_updateImageList_nothrow(toolkit::AnimatedImagesPeer_Data
 &)()



*** CID 1433795:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/toolkit/source/awt/animatedimagespeer.cxx: 233 in 
toolkitlcl_updateImageList_nothrow(toolkit::AnimatedImagesPeer_Data
 &)()
227 )
228 // do not use an image set which doesn't 
fit into the window
229 continue;
230 
231 const sal_Int64 distance =
232 ( aWindowSizePixel.Width() - 
check->Width ) * ( aWindowSizePixel.Width() - check->Width )
>>> CID 1433795:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "(aWindowSizePixel.Height() - 
>>> check->Height) * (aWindowSizePixel.Height() - check->Height)" with type 
>>> "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used 
>>> in a context that expects an expression of type "sal_Int64 const" (64 bits, 
>>> signed).
233 +   ( aWindowSizePixel.Height() - 
check->Height ) * ( aWindowSizePixel.Height() - check->Height );
234 if ( distance < nMinimalDistance )
235 {
236 nMinimalDistance = distance;
237 nPreferredSet = check - aImageSizes.begin();
238 }

** CID 1433794:  Integer handling issues  (SIGN_EXTENSION)
/sw/source/core/txtnode/fntcache.cxx: 155 in SwFntObj::CreatePrtFont(const 
OutputDevice &)()



*** CID 1433794:  Integer handling issues  (SIGN_EXTENSION)
/sw/source/core/txtnode/fntcache.cxx: 155 in SwFntObj::CreatePrtFont(const 

New Defects reported by Coverity Scan for LibreOffice

2018-04-03 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1433774:(CHECKED_RETURN)
/dbaccess/qa/unit/hsql_binary_import.cxx: 63 in 
HsqlBinaryImportTest::testBinaryImport()()
/dbaccess/qa/unit/hsql_binary_import.cxx: 77 in 
HsqlBinaryImportTest::testBinaryImport()()



*** CID 1433774:(CHECKED_RETURN)
/dbaccess/qa/unit/hsql_binary_import.cxx: 63 in 
HsqlBinaryImportTest::testBinaryImport()()
57   "\"Birth_date\" FROM \"TestTable\" ORDER BY \"ID\"" };
58 
59 uno::Reference xRes = statement->executeQuery(sql);
60 uno::Reference xRow(xRes, UNO_QUERY_THROW);
61 
62 // assert first row
>>> CID 1433774:(CHECKED_RETURN)
>>> Calling "next" without checking return value (as is done elsewhere 189 
>>> out of 197 times).
63 xRes->next();
64 constexpr sal_Int16 idExpected = 1;
65 CPPUNIT_ASSERT_EQUAL(idExpected, xRow->getShort(1));
66 CPPUNIT_ASSERT_EQUAL(OUString{ "45.32" }, xRow->getString(2)); // 
numeric
67 CPPUNIT_ASSERT_EQUAL(OUString{ "laser eye" }, xRow->getString(3)); 
// varchar
68 CPPUNIT_ASSERT(xRow->getBoolean(4)); // boolean
/dbaccess/qa/unit/hsql_binary_import.cxx: 77 in 
HsqlBinaryImportTest::testBinaryImport()()
71 
72 CPPUNIT_ASSERT_EQUAL(sal_uInt16{ 15 }, date.Day);
73 CPPUNIT_ASSERT_EQUAL(sal_uInt16{ 1 }, date.Month);
74 CPPUNIT_ASSERT_EQUAL(sal_Int16{ 1996 }, date.Year);
75 
76 // assert second row
>>> CID 1433774:(CHECKED_RETURN)
>>> Calling "next" without checking return value (as is done elsewhere 189 
>>> out of 197 times).
77 xRes->next();
78 constexpr sal_Int16 secondIdExpected = 2;
79 CPPUNIT_ASSERT_EQUAL(secondIdExpected, xRow->getShort(1)); // ID
80 CPPUNIT_ASSERT_EQUAL(OUString{ "54.12" }, xRow->getString(2)); // 
numeric
81 CPPUNIT_ASSERT_EQUAL(OUString{ "telekinesis" }, xRow->getString(3)); 
// varchar
82 CPPUNIT_ASSERT(!xRow->getBoolean(4)); // boolean

** CID 1433773:  Incorrect expression  (USELESS_CALL)



*** CID 1433773:  Incorrect expression  (USELESS_CALL)
/connectivity/source/drivers/firebird/Driver.cxx: 78 in 
connectivity::firebird::FirebirdDriver::FirebirdDriver(const 
com::sun::star::uno::Reference &)()
72 , m_firebirdTMPDirectory(nullptr, true)
73 , m_firebirdLockDirectory(nullptr, true)
74 {
75 // Note: TempFile caches the URL on first access; call this here so 
that
76 // ~FirebirdDriver is not the first access, because that is called
77 // when the ServiceManager is disposing, so GetURL() would fail!
>>> CID 1433773:  Incorrect expression  (USELESS_CALL)
>>> Calling "this->m_firebirdTMPDirectory.GetURL()" is only useful for its 
>>> return value, which is ignored.
78 m_firebirdTMPDirectory.GetURL();
79 m_firebirdLockDirectory.GetURL();
80 
81 // ::utl::TempFile uses a unique temporary directory (subdirectory of
82 // /tmp or other user specific tmp directory) per instance in which
83 // we can create directories for firebird at will.



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyKOs2EWMysHn-2BF3l1lJPbURuQ4c2MzhsdYRdsjrDsJyp-2FzdfDcKaH94ZSGcV9J-2BzDBfdfNJpAN4E6kTP1IVhdPbF1IDccRI6cZ9nmnkXINkl39Qy5i0KyE-2F6ZBBD3Cbj-2FBDtqd6XhiPLwdWtQ1RfBzWFpvhmpNoPGtrTf9wqx-2B58-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-03-29 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

7 new defect(s) introduced to LibreOffice found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 7 of 7 defect(s)


** CID 1433648:  Error handling issues  (CHECKED_RETURN)
/sc/source/filter/xml/xmldrani.cxx: 447 in 
ScXMLDatabaseRangeContext::endFastElement(int)()



*** CID 1433648:  Error handling issues  (CHECKED_RETURN)
/sc/source/filter/xml/xmldrani.cxx: 447 in 
ScXMLDatabaseRangeContext::endFastElement(int)()
441 {
442 ::std::unique_ptr 
pData(ConvertToDBData(sDatabaseRangeName));
443 
444 if (pData.get())
445 {
446 setAutoFilterFlags(*pDoc, *pData);
>>> CID 1433648:  Error handling issues  (CHECKED_RETURN)
>>> Calling "insert" without checking return value (as is done elsewhere 13 
>>> out of 15 times).
447 
pDoc->GetDBCollection()->getNamedDBs().insert(pData.release());
448 }
449 }
450 }
451 
452 ScXMLSourceSQLContext::ScXMLSourceSQLContext( ScXMLImport& rImport,

** CID 1433647:  Error handling issues  (CHECKED_RETURN)
/sfx2/qa/cppunit/test_misc.cxx: 174 in ::MiscTest::testHardLinks()()



*** CID 1433647:  Error handling issues  (CHECKED_RETURN)
/sfx2/qa/cppunit/test_misc.cxx: 174 in ::MiscTest::testHardLinks()()
168 CPPUNIT_ASSERT(xComponent.is());
169 
170 uno::Reference xStorable(xComponent, 
uno::UNO_QUERY);
171 xStorable->store();
172 
173 struct stat buf;
>>> CID 1433647:  Error handling issues  (CHECKED_RETURN)
>>> Calling "stat(aOld.getStr(), )" without checking return value. This 
>>> library function may fail and return an error code. [Note: The source code 
>>> implementation of the function has been overridden by a builtin model.]
174 stat(aOld.getStr(), );
175 // This failed: hard link count was 1, the hard link broke on store.
176 CPPUNIT_ASSERT(buf.st_nlink > 1);
177 
178 xComponent->dispose();
179 #endif

** CID 1433646:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1433646:  Null pointer dereferences  (FORWARD_NULL)
/sd/source/ui/slidesorter/controller/SlsClipboard.cxx: 446 in 
sd::slidesorter::controller::Clipboard::CreateSlideTransferable(vcl::Window *, 
bool)()
440 
441 if (bDrag)
442 SD_MOD()->pTransferDrag = pTransferable;
443 else
444 SD_MOD()->pTransferClip = pTransferable;
445 
>>> CID 1433646:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing null pointer "pDocument" to "CreatingDataObj", which 
>>> dereferences it.
446 pDocument->CreatingDataObj (pTransferable);
447 
pTransferable->SetWorkDocument(pDocument->AllocSdDrawDocument());
448 std::unique_ptr pObjDesc(new 
TransferableObjectDescriptor);
449 pTransferable->GetWorkDocument()->GetDocSh()
450 ->FillTransferableObjectDescriptor (*pObjDesc);
451 

** CID 1433645:  Memory - illegal accesses  (OVERRUN)
/sw/source/core/access/accpara.cxx: 2855 in 
SwAccessibleParagraph::setAttributes(int, int, const 
com::sun::star::uno::Sequence &)()



*** CID 1433645:  Memory - illegal accesses  (OVERRUN)
/sw/source/core/access/accpara.cxx: 2855 in 
SwAccessibleParagraph::setAttributes(int, int, const 
com::sun::star::uno::Sequence &)()
2849 sal_Int32 nLength = rAttributeSet.getLength();
2850 const PropertyValue* pPairs = rAttributeSet.getConstArray();
2851 sal_Int32* pIndices = new sal_Int32[nLength];
2852 sal_Int32 i;
2853 for( i = 0; i < nLength; i++ )
2854 pIndices[i] = i;
>>> CID 1433645:  Memory - illegal accesses  (OVERRUN)
>>> Overrunning dynamic array "pIndices" at offset corresponding to index 
>>> variable "nLength".
2855 sort( [0], [nLength], IndexCompare(pPairs) );
2856 
2857 // create sorted sequences according to index array
2858 uno::Sequence< OUString > aNames( nLength );
2859 OUString* pNames = aNames.getArray();
2860 uno::Sequence< uno::Any > aValues( nLength );

** CID 1433644:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1433644:  Null pointer dereferences  (FORWARD_NULL)

New Defects reported by Coverity Scan for LibreOffice

2018-03-21 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

5 new defect(s) introduced to LibreOffice found with Coverity Scan.
32 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 1430232:  Null pointer dereferences  (REVERSE_INULL)
/cui/source/tabpages/transfrm.cxx: 668 in SvxSlantTabPage::Reset(const 
SfxItemSet *)()



*** CID 1430232:  Null pointer dereferences  (REVERSE_INULL)
/cui/source/tabpages/transfrm.cxx: 668 in SvxSlantTabPage::Reset(const 
SfxItemSet *)()
662 m_pMtrAngle->SaveValue();
663 
664 bool bSelectionIsSdrObjCustomShape(false);
665 
666 while(true)
667 {
>>> CID 1430232:  Null pointer dereferences  (REVERSE_INULL)
>>> Null-checking "this->pView" suggests that it may be null, but it has 
>>> already been dereferenced on all paths leading to the check.
668 if(nullptr == pView)
669 {
670 break;
671 }
672 
673 if(1 != pView->GetMarkedObjectList().GetMarkCount())

** CID 1430231:  Error handling issues  (CHECKED_RETURN)
/filter/source/pdf/pdfinteract.cxx: 65 in 
PDFInteractionHandler::handleInteractionRequest(const 
com::sun::star::uno::Reference &)()



*** CID 1430231:  Error handling issues  (CHECKED_RETURN)
/filter/source/pdf/pdfinteract.cxx: 65 in 
PDFInteractionHandler::handleInteractionRequest(const 
com::sun::star::uno::Reference &)()
59 sal_Int32 nCodes = aExc.ErrorCodes.getLength();
60 for( sal_Int32 i = 0; i < nCodes; i++ )
61 aCodes.insert( 
static_cast(aExc.ErrorCodes.getConstArray()[i]) );
62 
63 VclPtr xParent(VCLUnoHelper::GetWindow(m_xParent));
64 ImplErrorDialog aDlg(xParent ? xParent->GetFrameWeld() : 
nullptr, aCodes);
>>> CID 1430231:  Error handling issues  (CHECKED_RETURN)
>>> Calling "run" without checking return value (as is done elsewhere 52 
>>> out of 65 times).
65 aDlg.run();
66 bHandled = true;
67 }
68 return bHandled;
69 }
70 

** CID 1430230:  Error handling issues  (CHECKED_RETURN)
/cui/source/customize/cfg.cxx: 3319 in 
SvxIconSelectorDialog::ImportGraphics(const 
com::sun::star::uno::Sequence &)()



*** CID 1430230:  Error handling issues  (CHECKED_RETURN)
/cui/source/customize/cfg.cxx: 3319 in 
SvxIconSelectorDialog::ImportGraphics(const 
com::sun::star::uno::Sequence &)()
3313 for ( sal_Int32 i = 0; i < rejectedCount; ++i )
3314 {
3315 message += fPath + rejected[i] + "\n";
3316 }
3317 
3318 SvxIconChangeDialog aDialog(GetFrameWeld(), message);
>>> CID 1430230:  Error handling issues  (CHECKED_RETURN)
>>> Calling "run" without checking return value (as is done elsewhere 52 
>>> out of 65 times).
3319 aDialog.run();
3320 }
3321 }
3322 
3323 bool SvxIconSelectorDialog::ImportGraphic( const OUString& aURL )
3324 {

** CID 1430229:  Error handling issues  (CHECKED_RETURN)
/sw/source/ui/dbui/mmoutputtypepage.cxx: 551 in 
SwSendMailDialog::DocumentSent(const 
com::sun::star::uno::Reference &, bool, 
const rtl::OUString *)()



*** CID 1430229:  Error handling issues  (CHECKED_RETURN)
/sw/source/ui/dbui/mmoutputtypepage.cxx: 551 in 
SwSendMailDialog::DocumentSent(const 
com::sun::star::uno::Reference &, bool, 
const rtl::OUString *)()
545 
546 UpdateTransferStatus( );
547 
548 if (pError)
549 {
550 SwSendWarningBox_Impl aDlg(GetFrameWeld(), *pError);
>>> CID 1430229:  Error handling issues  (CHECKED_RETURN)
>>> Calling "run" without checking return value (as is done elsewhere 52 
>>> out of 65 times).
551 aDlg.run();
552 }
553 }
554 
555 void SwSendMailDialog::UpdateTransferStatus()
556 {

** CID 1430228:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1430228:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/doc/docftn.cxx: 192 in SwEndNoteInfo::SwClientNotify(const 
SwModify &, const SfxHint &)()
186 {
187 const sal_uInt16 nWhich = pLegacyHint->m_pOld ? 
pLegacyHint->m_pOld->Which() : pLegacyHint->m_pNew ? 
pLegacyHint->m_pNew->Which() : 0 ;
188 if( RES_ATTRSET_CHG == nWhich ||
189   

New Defects reported by Coverity Scan for LibreOffice

2018-03-18 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

50 new defect(s) introduced to LibreOffice found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 20 of 50 defect(s)


** CID 1430104:  API usage errors  (SWAPPED_ARGUMENTS)



*** CID 1430104:  API usage errors  (SWAPPED_ARGUMENTS)
/editeng/source/editeng/impedit.cxx: 621 in ImpEditView::GetWindowPos(const 
tools::Rectangle &) const()
615 {
616 aRect = tools::Rectangle( aPos, aSz );
617 }
618 else
619 {
620 Point aNewPos( aPos.X()-aSz.Height(), aPos.Y() );
>>> CID 1430104:  API usage errors  (SWAPPED_ARGUMENTS)
>>> The positions of arguments in the constructor for "Size" do not match 
>>> the ordering of the parameters:
* "aSz.Height()" is passed to "nWidth"
* "aSz.Width()" is passed to "nHeight"
621 aRect = tools::Rectangle( aNewPos, Size( aSz.Height(), 
aSz.Width() ) );
622 }
623 return aRect;
624 }
625 
626 void ImpEditView::SetSelectionMode( EESelectionMode eNewMode )

** CID 1430103:  Integer handling issues  (DIVIDE_BY_ZERO)
/sc/source/ui/StatisticsDialogs/SamplingDialog.cxx: 204 in 
ScSamplingDialog::PerformPeriodicSampling(ScDocShell *)()



*** CID 1430103:  Integer handling issues  (DIVIDE_BY_ZERO)
/sc/source/ui/StatisticsDialogs/SamplingDialog.cxx: 204 in 
ScSamplingDialog::PerformPeriodicSampling(ScDocShell *)()
198 for (SCCOL inCol = aStart.Col(); inCol <= aEnd.Col(); inCol++)
199 {
200 sal_Int64 i = 0;
201 outRow = mOutputAddress.Row();
202 for (SCROW inRow = aStart.Row(); inRow <= aEnd.Row(); 
inRow++)
203 {
>>> CID 1430103:  Integer handling issues  (DIVIDE_BY_ZERO)
>>> In expression "i % aPeriod", modulo by expression "aPeriod" which may 
>>> be zero has undefined behavior.
204 if (i % aPeriod == aPeriod - 1 ) // Sample the last of 
period
205 {
206 double aValue = 
mDocument->GetValue(ScAddress(inCol, inRow, inTab));
207 
pDocShell->GetDocFunc().SetValueCell(ScAddress(outCol, outRow, outTab), aValue, 
true);
208 outRow++;
209 }

** CID 1430102:(DIVIDE_BY_ZERO)
/sw/source/ui/misc/pggrid.cxx: 389 in 
SwTextGridPage::CharorLineChangedHdl(SpinField &)()
/sw/source/ui/misc/pggrid.cxx: 410 in 
SwTextGridPage::CharorLineChangedHdl(SpinField &)()
/sw/source/ui/misc/pggrid.cxx: 420 in 
SwTextGridPage::CharorLineChangedHdl(SpinField &)()



*** CID 1430102:(DIVIDE_BY_ZERO)
/sw/source/ui/misc/pggrid.cxx: 389 in 
SwTextGridPage::CharorLineChangedHdl(SpinField &)()
383 {
384 //if in squared mode
385 if ( m_bSquaredMode )
386 {
387 if(m_pCharsPerLineNF == )
388 {
>>> CID 1430102:(DIVIDE_BY_ZERO)
>>> In expression "this->m_aPageSize.Width() / 
>>> this->m_pCharsPerLineNF->GetValue()", division by expression 
>>> "this->m_pCharsPerLineNF->GetValue()" which may be zero has undefined 
>>> behavior.
389 long nWidth = static_cast(m_aPageSize.Width() / 
m_pCharsPerLineNF->GetValue());
390 m_pTextSizeMF->SetValue(m_pTextSizeMF->Normalize(nWidth), 
FUNIT_TWIP);
391 //prevent rounding errors in the MetricField by saving the 
used value
392 m_nRubyUserValue = nWidth;
393 m_bRubyUserValue = true;
394 
/sw/source/ui/misc/pggrid.cxx: 410 in 
SwTextGridPage::CharorLineChangedHdl(SpinField &)()
404 SetLinesOrCharsRanges( *m_pCharsRangeFT , 
m_pCharsPerLineNF->GetMax() );
405 }
406 else//in normal mode
407 {
408 if(m_pLinesPerPageNF == )
409 {
>>> CID 1430102:(DIVIDE_BY_ZERO)
>>> In expression "this->m_aPageSize.Height() / 
>>> this->m_pLinesPerPageNF->GetValue()", division by expression 
>>> "this->m_pLinesPerPageNF->GetValue()" which may be zero has undefined 
>>> behavior.
410 long nHeight = static_cast< sal_Int32 
>(m_aPageSize.Height() / m_pLinesPerPageNF->GetValue());
411 m_pTextSizeMF->SetValue(m_pTextSizeMF->Normalize(nHeight), 
FUNIT_TWIP);
412 m_pRubySizeMF->SetValue(0, FUNIT_TWIP);
413 SetLinesOrCharsRanges( *m_pLinesRangeFT , 
m_pLinesPerPageNF->GetMax() );
414 
415 m_nRubyUserValue = nHeight;
/sw/source/ui/misc/pggrid.cxx: 420 in 

New Defects reported by Coverity Scan for LibreOffice

2018-02-13 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

1 new defect(s) introduced to LibreOffice found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1429470:  Error handling issues  (UNCAUGHT_EXCEPT)
/sfx2/source/view/viewfrm.cxx: 298 in SfxViewFrame::ExecReload_Impl(SfxRequest 
&)::ReadOnlyUIGuard::~ReadOnlyUIGuard()()



*** CID 1429470:  Error handling issues  (UNCAUGHT_EXCEPT)
/sfx2/source/view/viewfrm.cxx: 298 in SfxViewFrame::ExecReload_Impl(SfxRequest 
&)::ReadOnlyUIGuard::~ReadOnlyUIGuard()()
292 // Only change read-only UI and remove info bar when we 
succeed
293 struct ReadOnlyUIGuard
294 {
295 SfxViewFrame* m_pFrame;
296 SfxObjectShell* m_pSh;
297 bool m_bSetRO;
>>> CID 1429470:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
298 ~ReadOnlyUIGuard()
299 {
300 if (m_bSetRO != m_pSh->IsReadOnlyUI())
301 {
302 m_pSh->SetReadOnlyUI(m_bSetRO);
303 if (!m_bSetRO)



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyj7BYMPlC0wzu-2F1Daoc3KAPG-2BQloFQOV0R19n57CKdazJbcAhF5oPMvbRvh5p4RiqFm9hwtLWs-2FASwENjShsXKpkYgMhXRPXrXg3NlUFmRrnl9slO3bpq-2Ftdk4VA4nGOURU1-2FS3av0fE3LOCqwa4UDnfpspcJTicOTEvqtz2n-2BiI-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


Re: New Defects reported by Coverity Scan for LibreOffice

2018-02-12 Thread Szymon Kłos

Hi,

It wasn't intentional. My fix is already on gerrit: 
https://gerrit.libreoffice.org/#/c/49592/


Regards,

Szymon


W dniu 10.02.2018 o 18:13, Caolán McNamara pisze:

On Fri, 2018-02-09 at 18:50 +, scan-ad...@coverity.com wrote:

Hi,

Please find the latest report on new defect(s) introduced to
LibreOffice found with Coverity Scan.

_
___
*** CID 1429181:(DEADCODE)
/sd/source/filter/eppt/pptx-epptooxml.cxx: 816 in
oox::core::PowerPointExport::WriteTransition(const
std::shared_ptr &)()

since...

commit fa85592c0efba65f4a1b09fea950ec1c311bdd4c
Author: Szymon Kłos 
Date:   Mon Feb 5 12:41:58 2018 +0100

 tdf#115394 export custom transition time in PPTX

bool isAdvanceTimingSet = advanceTiming != -1;

was added, but its above the line which might change advanceTiming away
from its default of -1 (i.e. mAny >>= advanceTiming) is that
intentional or is there something to be fixed ?


___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


Re: New Defects reported by Coverity Scan for LibreOffice

2018-02-10 Thread Caolán McNamara
On Fri, 2018-02-09 at 18:50 +, scan-ad...@coverity.com wrote:
> Hi,
> 
> Please find the latest report on new defect(s) introduced to
> LibreOffice found with Coverity Scan.
> 
> _
> ___
> *** CID 1429181:(DEADCODE)
> /sd/source/filter/eppt/pptx-epptooxml.cxx: 816 in
> oox::core::PowerPointExport::WriteTransition(const
> std::shared_ptr &)()

since...

commit fa85592c0efba65f4a1b09fea950ec1c311bdd4c
Author: Szymon Kłos 
Date:   Mon Feb 5 12:41:58 2018 +0100

tdf#115394 export custom transition time in PPTX

bool isAdvanceTimingSet = advanceTiming != -1;

was added, but its above the line which might change advanceTiming away
from its default of -1 (i.e. mAny >>= advanceTiming) is that
intentional or is there something to be fixed ?
___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-02-09 Thread scan-admin
Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

5 new defect(s) introduced to LibreOffice found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 1429182:  Null pointer dereferences  (FORWARD_NULL)



*** CID 1429182:  Null pointer dereferences  (FORWARD_NULL)
/sw/qa/extras/tiledrendering/tiledrendering.cxx: 2099 in 
SwTiledRenderingTest::testIMESupport()()
2093 void SwTiledRenderingTest::testIMESupport()
2094 {
2095 comphelper::LibreOfficeKit::setActive();
2096 SwXTextDocument* pXTextDocument = createDoc("dummy.fodt");
2097 
2098 SwView* pView = dynamic_cast(SfxViewShell::Current());
>>> CID 1429182:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing null pointer "pView" to "GetWrtShellPtr", which dereferences it.
2099 SwWrtShell* pWrtShell = pView->GetWrtShellPtr();
2100 
2101 // sequence of chinese IME compositions when 'nihao' is typed in 
an IME
2102 const std::vector aUtf8Inputs{ "", "", "", "", "", "" };
2103 std::vector aInputs;
2104 std::transform(aUtf8Inputs.begin(), aUtf8Inputs.end(),

** CID 1429181:(DEADCODE)
/sd/source/filter/eppt/pptx-epptooxml.cxx: 816 in 
oox::core::PowerPointExport::WriteTransition(const 
std::shared_ptr &)()
/sd/source/filter/eppt/pptx-epptooxml.cxx: 831 in 
oox::core::PowerPointExport::WriteTransition(const 
std::shared_ptr &)()



*** CID 1429181:(DEADCODE)
/sd/source/filter/eppt/pptx-epptooxml.cxx: 816 in 
oox::core::PowerPointExport::WriteTransition(const 
std::shared_ptr &)()
810 
811 pFS->startElement(FSNS(XML_mc, XML_AlternateContent), FSEND);
812 pFS->startElement(FSNS(XML_mc, XML_Choice), XML_Requires, 
pRequiresNS, FSEND);
813 
814 if(isTransitionDurationSet && isAdvanceTimingSet)
815 {
>>> CID 1429181:(DEADCODE)
>>> Execution cannot reach the expression "pFS->startElementNS(3797, 5384, 
>>> 4862, speed, _INTERNAL_18_pptx_epptooxml_cxx_80469f54::oox::XML_advTm, 
>>> sal_Char const *(rtl::OString(I32S_(advanceTiming * 1000)).getStr()), 
>>> int(248907708), sal_Char const 
>>> *(rtl::OString(I32S_(nTransitionDuration)).getStr()), FSEND)" inside this 
>>> statement: "pFS->startElementNS(3797, 5...".
816 pFS->startElementNS(XML_p, XML_transition,
817 XML_spd, speed,
818 XML_advTm, I32S(advanceTiming * 1000),
819 FSNS(XML_p14, XML_dur), I32S(nTransitionDuration),
820 FSEND);
821 }
/sd/source/filter/eppt/pptx-epptooxml.cxx: 831 in 
oox::core::PowerPointExport::WriteTransition(const 
std::shared_ptr &)()
825 XML_spd, speed,
826 FSNS(XML_p14, XML_dur), I32S(nTransitionDuration),
827 FSEND);
828 }
829 else if(isAdvanceTimingSet)
830 {
>>> CID 1429181:(DEADCODE)
>>> Execution cannot reach the expression "pFS->startElementNS(3797, 5384, 
>>> 4862, speed, _INTERNAL_18_pptx_epptooxml_cxx_80469f54::oox::XML_advTm, 
>>> sal_Char const *(rtl::OString(I32S_(advanceTiming * 1000)).getStr()), 
>>> FSEND)" inside this statement: "pFS->startElementNS(3797, 5...".
831 pFS->startElementNS(XML_p, XML_transition,
832 XML_spd, speed,
833 XML_advTm, I32S(advanceTiming * 1000),
834 FSEND);
835 }
836 else

** CID 1429180:  Incorrect expression  (COPY_PASTE_ERROR)
/svx/source/xoutdev/_xoutbmp.cxx: 598 in XOutBitmap::GetContour(const Bitmap &, 
XOutFlags, unsigned char, const tools::Rectangle *)()



*** CID 1429180:  Incorrect expression  (COPY_PASTE_ERROR)
/svx/source/xoutdev/_xoutbmp.cxx: 598 in XOutBitmap::GetContour(const Bitmap &, 
XOutFlags, unsigned char, const tools::Rectangle *)()
592 pPoints1[ nPolyPos ] = Point( nX, nY );
593 nY = nStartY2;
594 
595 // this loop always breaks eventually as 
there is at least one pixel
596 while( true )
597 {
>>> CID 1429180:  Incorrect expression  (COPY_PASTE_ERROR)
>>> "nX" in "pAcc->GetPixelFromData(pScanline, nX)" looks like a copy-paste 
>>> error.
598 if( aBlack == pAcc->GetPixelFromData( 
pScanline, nX ) )
599 {
600 pPoints2[ nPolyPos ] = Point( nX, 
nY );
601  

New Defects reported by Coverity Scan for LibreOffice

2018-01-30 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

3 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1428737:  Null pointer dereferences  (NULL_RETURNS)
/sd/source/ui/view/drviews2.cxx: 887 in 
sd::DrawViewShell::FuTemporary(SfxRequest &)()



*** CID 1428737:  Null pointer dereferences  (NULL_RETURNS)
/sd/source/ui/view/drviews2.cxx: 887 in 
sd::DrawViewShell::FuTemporary(SfxRequest &)()
881 case SID_ATTR_ZOOMSLIDER:
882 {
883 const SfxItemSet* pArgs = rReq.GetArgs();
884 
885 if (pArgs && pArgs->Count () == 1 )
886 {
>>> CID 1428737:  Null pointer dereferences  (NULL_RETURNS)
>>> Assigning: "pScale" = null return value from "GetArg".
887 const SfxUInt16Item* pScale = 
rReq.GetArg(SID_ATTR_ZOOMSLIDER);
888 if (CHECK_RANGE (5, pScale->GetValue (), 3000))
889 {
890 SetZoom (pScale->GetValue ());
891 
892 SfxBindings& rBindings = 
GetViewFrame()->GetBindings();

** CID 1428736:  Null pointer dereferences  (NULL_RETURNS)
/sd/source/ui/view/outlnvs2.cxx: 122 in 
sd::OutlineViewShell::FuTemporary(SfxRequest &)()



*** CID 1428736:  Null pointer dereferences  (NULL_RETURNS)
/sd/source/ui/view/outlnvs2.cxx: 122 in 
sd::OutlineViewShell::FuTemporary(SfxRequest &)()
116 case SID_ATTR_ZOOMSLIDER:
117 {
118 const SfxItemSet* pArgs = rReq.GetArgs();
119 
120 if (pArgs && pArgs->Count () == 1 )
121 {
>>> CID 1428736:  Null pointer dereferences  (NULL_RETURNS)
>>> Assigning: "pScale" = null return value from "GetArg".
122 const SfxUInt16Item* pScale = 
rReq.GetArg(SID_ATTR_ZOOMSLIDER);
123 if (CHECK_RANGE (5, pScale->GetValue (), 3000))
124 {
125 SetZoom (pScale->GetValue ());
126 
127 SfxBindings& rBindings = 
GetViewFrame()->GetBindings();

** CID 1428735:  Insecure data handling  (TAINTED_SCALAR)
/comphelper/source/misc/lok.cxx: 129 in 
comphelper::LibreOfficeKit::isWhitelistedLanguage(const rtl::OUString &)()



*** CID 1428735:  Insecure data handling  (TAINTED_SCALAR)
/comphelper/source/misc/lok.cxx: 129 in 
comphelper::LibreOfficeKit::isWhitelistedLanguage(const rtl::OUString &)()
123 static std::vector aWhitelist;
124 if (!bInitialized)
125 {
126 const char* pWhitelist = getenv("LOK_WHITELIST_LANGUAGES");
127 if (pWhitelist)
128 {
>>> CID 1428735:  Insecure data handling  (TAINTED_SCALAR)
>>> Call to function "basic_string" with tainted argument "pWhitelist" 
>>> transitively taints "". [Note: The source code implementation of 
>>> the function has been overridden by a builtin model.]
129 std::stringstream stream(pWhitelist);
130 std::string s;
131 
132 std::cerr << "Whitelisted languages: ";
133 while (getline(stream, s, ' ')) {
134 if (s.length() == 0)



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyWgcZ-2BwRrtaVyMvosh7y3DtBYd4go3-2BkZ4ooT4JKqRPlHTVqq0xGVhnj2cYydQMhmuBnU5SQZET-2Fo2uCm1djMwumNHK37f0WbMfteMRbWuub-2FjLVl9fNbGLkS12vMWiy9arh9Rh6QVDAs9uL1THnIm-2BUffw9al8FdRARNSb-2FA-2FyI-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyWgcZ-2BwRrtaVyMvosh7y3DuQQfynOZXMJI6FG-2By4kzxKYh5zkJVvvNsoIkLywn-2BhZGoBWxh7l2M-2BzEIiiZzOfaz9ws21QLZlB1lx5ps1sBdq81XDsnYdqV5btvUT2ywf8rUhw9boTiyGXuJbWAb1aqxyfJl1Tyw7VekVictvaBeA-3D

___
LibreOffice mailing list

New Defects reported by Coverity Scan for LibreOffice

2018-01-27 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1428661:  Uninitialized members  (UNINIT_CTOR)
/sc/source/ui/inc/imoptdlg.hxx: 40 in 
ScImportOptions::ScImportOptions(char16_t, char16_t, unsigned short)()



*** CID 1428661:  Uninitialized members  (UNINIT_CTOR)
/sc/source/ui/inc/imoptdlg.hxx: 40 in 
ScImportOptions::ScImportOptions(char16_t, char16_t, unsigned short)()
34 public:
35 ScImportOptions( const OUString& rStr );
36 
37 ScImportOptions( sal_Unicode nFieldSep, sal_Unicode nTextSep, 
rtl_TextEncoding nEnc )
38 : nFieldSepCode(nFieldSep), nTextSepCode(nTextSep),
39 bFixedWidth(false), bSaveAsShown(false), 
bQuoteAllText(false), bSaveFormulas(false)
>>> CID 1428661:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "bRemoveSpace" is not initialized in this 
>>> constructor nor in any functions that it calls.
40 { SetTextEncoding( nEnc ); }
41 
42 ScImportOptions& operator=( const ScImportOptions& rCpy )
43 {
44 nFieldSepCode   = rCpy.nFieldSepCode;
45 nTextSepCode= rCpy.nTextSepCode;

** CID 1417678:  Error handling issues  (UNCAUGHT_EXCEPT)
/sw/source/uibase/dbui/dbmgr.cxx: 804 in SwDBManager::~SwDBManager()()



*** CID 1417678:  Error handling issues  (UNCAUGHT_EXCEPT)
/sw/source/uibase/dbui/dbmgr.cxx: 804 in SwDBManager::~SwDBManager()()
798 , pImpl(new SwDBManager_Impl(*this))
799 , pMergeEvtSrc(nullptr)
800 , m_pDoc(pDoc)
801 {
802 }
803 
>>> CID 1417678:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::DeploymentException" is 
>>> thrown but the throw list "throw()" doesn't allow it to be thrown. This 
>>> will cause a call to unexpected() which usually calls terminate().
804 SwDBManager::~SwDBManager()
805 {
806 RevokeLastRegistrations();
807 
808 // copy required, m_DataSourceParams can be modified while 
disposing components
809 std::vector aCopiedConnections;



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyztsWTHUMzASkW18PQD-2BNGQWlG2AHu76S-2BtfMD7ZAhDeGPdmf2uX3iRsdVmiL-2FizQ9iOq91wCpRZEuvaqC-2BhUpKFhz9gtby02zxTOItZLwG2cWXplJpjKfx-2FLjo1cCVE2IngzqWyJ9lgq31DQ7SC0PRrM4i3JMJsJaiaoMVdPUPQ-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyztsWTHUMzASkW18PQD-2BNGbf5qhDRBpGC6rCYTzENoT2tKtKYCPmdXpM59BNA1fRZ2kbsK7ceX9CLwaYHzUnQFrvfQFC97jS0lMyX-2BgYZ5J0YzgglD54W4wPUccMh2005udb4BQv1hukVMpRq2SOA2y4D-2FQaGMLo-2FIc1akxEwIO0-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-01-26 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

7 new defect(s) introduced to LibreOffice found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 7 of 7 defect(s)


** CID 1428613:  Error handling issues  (CHECKED_RETURN)
/sc/source/core/data/documen3.cxx: 226 in 
ScDocument::IsAddressInRangeName(RangeNameScope, ScAddress &)()



*** CID 1428613:  Error handling issues  (CHECKED_RETURN)
/sc/source/core/data/documen3.cxx: 226 in 
ScDocument::IsAddressInRangeName(RangeNameScope, ScAddress &)()
220 pRangeNames= GetRangeName(rAddress.Tab());
221 
222 ScRangeName::iterator itrBegin = pRangeNames->begin(), itrEnd = 
pRangeNames->end();
223 
224 for (ScRangeName::iterator itr = itrBegin; itr != itrEnd; ++itr)
225 {
>>> CID 1428613:  Error handling issues  (CHECKED_RETURN)
>>> Calling "IsValidReference" without checking return value (as is done 
>>> elsewhere 14 out of 15 times).
226 itr->second->IsValidReference(aNameRange);
227 bRet = aNameRange.In(rAddress);
228 if (!bRet)
229 continue;
230 else
231 break;

** CID 1428612:  Error handling issues  (CHECKED_RETURN)
/desktop/source/lib/init.cxx: 3685 in preloadData()()



*** CID 1428612:  Error handling issues  (CHECKED_RETURN)
/desktop/source/lib/init.cxx: 3685 in preloadData()()
3679 ImageTree  = ImageTree::get();
3680 images.getImageUrl("forcefed.png", "style", "FO_oo");
3681 
3682 std::cerr << "Preload languages\n";
3683 // force load language singleton
3684 SvtLanguageTable::HasLanguageType(LANGUAGE_SYSTEM);
>>> CID 1428612:  Error handling issues  (CHECKED_RETURN)
>>> Calling "isValidBcp47" without checking return value (as is done 
>>> elsewhere 6 out of 7 times).
3685 LanguageTag::isValidBcp47("foo", nullptr);
3686 }
3687 
3688 static int lo_initialize(LibreOfficeKit* pThis, const char* pAppPath, 
const char* pUserProfileUrl)
3689 {
3690 enum {

** CID 1428611:  Null pointer dereferences  (NULL_RETURNS)
/sc/source/ui/unoobj/cellsuno.cxx: 6420 in ScCellObj::GetResultType_Impl()()



*** CID 1428611:  Null pointer dereferences  (NULL_RETURNS)
/sc/source/ui/unoobj/cellsuno.cxx: 6420 in ScCellObj::GetResultType_Impl()()
6414 sal_Int32 eRet = sheet::FormulaResult::STRING;
6415 ScDocShell* pDocSh = GetDocShell();
6416 if (pDocSh)
6417 {
6418 if (pDocSh->GetDocument().GetCellType(aCellPos) == 
CELLTYPE_FORMULA)
6419 {
>>> CID 1428611:  Null pointer dereferences  (NULL_RETURNS)
>>> Assigning: "pFCell" = null return value from "GetFormulaCell".
6420 ScFormulaCell* pFCell = 
pDocSh->GetDocument().GetFormulaCell(aCellPos);
6421 if (pFCell->GetErrCode() != FormulaError::NONE )
6422 {
6423 eRet = sheet::FormulaResult::ERROR;
6424 }
6425 else if (pFCell->IsValue())

** CID 1428610:  Integer handling issues  (SIGN_EXTENSION)
/vcl/source/filter/igif/gifread.cxx: 665 in GIFReader::CreateNewBitmaps()()



*** CID 1428610:  Integer handling issues  (SIGN_EXTENSION)
/vcl/source/filter/igif/gifread.cxx: 665 in GIFReader::CreateNewBitmaps()()
659 else if( nGCDisposalMethod == 3 )
660 aAnimBmp.eDisposal = Disposal::Previous;
661 else
662 aAnimBmp.eDisposal = Disposal::Not;
663 
664 nAnimationByteSize += aAnimBmp.aBmpEx.GetSizeBytes();
>>> CID 1428610:  Integer handling issues  (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "this->nImageWidth" with type 
>>> "sal_uInt16" (16 bits, unsigned) is promoted in "this->nImageWidth * 
>>> this->nImageHeight / 2560" to type "int" (32 bits, signed), then 
>>> sign-extended to type "unsigned long" (64 bits, unsigned).  If 
>>> "this->nImageWidth * this->nImageHeight / 2560" is greater than 0x7FFF, 
>>> the upper bits of the result will all be 1.
665 nAnimationMinFileData += nImageWidth * nImageHeight / 2560;
666 aAnimation.Insert( aAnimBmp );
667 
668 if( aAnimation.Count() == 1 )
669 {
670 aAnimation.SetDisplaySizePixel( Size( nGlobalWidth, 
nGlobalHeight ) );

** CID 1428609:  Integer handling issues  (SIGN_EXTENSION)

New Defects reported by Coverity Scan for LibreOffice

2018-01-18 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1427648:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/uibase/shells/textsh1.cxx: 192 in sw_CharDialog(SwWrtShell &, bool, 
unsigned short, const SfxItemSet *, SfxRequest *)()



*** CID 1427648:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/uibase/shells/textsh1.cxx: 192 in sw_CharDialog(SwWrtShell &, bool, 
unsigned short, const SfxItemSet *, SfxRequest *)()
186 if (nSlot == FN_INSERT_HYPERLINK)
187 pDlg->SetCurPageId("hyperlink");
188 else if (nSlot == SID_CHAR_DLG_EFFECT)
189 pDlg->SetCurPageId("fonteffects");
190 else if (nSlot == SID_ATTR_CHAR_FONT || nSlot == 
SID_CHAR_DLG_FOR_PARAGRAPH)
191 pDlg->SetCurPageId("font");
>>> CID 1427648:  Null pointer dereferences  (FORWARD_NULL)
>>> Comparing "pReq" to null implies that "pReq" might be null.
192 else if (pReq)
193 {
194 const SfxStringItem* pItem = 
(*pReq).GetArg(FN_PARAM_1);
195 if (pItem)
196 pDlg->SetCurPageId(OUStringToOString(pItem->GetValue(), 
RTL_TEXTENCODING_UTF8));
197 }

** CID 1427647:  Resource leaks  (RESOURCE_LEAK)
/sal/osl/all/log.cxx: 170 in ::getLogFile()()



*** CID 1427647:  Resource leaks  (RESOURCE_LEAK)
/sal/osl/all/log.cxx: 170 in ::getLogFile()()
164 return nullptr;
165 #endif
166 
167 // stays until process exits
168 static std::ofstream file(logFile, std::ios::app | std::ios::out);
169 
>>> CID 1427647:  Resource leaks  (RESOURCE_LEAK)
>>> Variable "logFile" going out of scope leaks the storage it points to.
170 return 
171 }
172 
173 void maybeOutputTimestamp(std::ostringstream ) {
174 static char const * env = getLogLevel();
175 if (env == nullptr)



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyc4udzmiJSzBsEwGwPEI3Br1-2ByP3I2cYgk-2BF32r-2FgVSbcONIOBWuER3Fg1puDScBcSz0en4hExWDy3rmle0b2Q-2BeXy8vq9UgsfHazjpDXBW0g-2FySnGWJpjJ9bJzcCPyMKJt8j3cAB3HCyArJhJz22tft7kNEPpWwJ-2FhDu2-2F7hwj0-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyc4udzmiJSzBsEwGwPEI3Bqu0RuL61-2FwJRxIBjAqii3JT007zywK2RrZriqRFyCuIQoDcjQe7Vdlnoisyat7Mf-2BEnhC2nEYgcBBj1zWw38l8H48rxh6sgkh7vxrDC2gaw8EqV3HQsisqO3dSfAr76cBxhIkUpZ6EHBo6kqDvVHag-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2018-01-17 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

7 new defect(s) introduced to LibreOffice found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 7 of 7 defect(s)


** CID 1427633:  Resource leaks  (CTOR_DTOR_LEAK)
/idlc/source/idlc.cxx: 212 in Idlc::Idlc(Options *)()



*** CID 1427633:  Resource leaks  (CTOR_DTOR_LEAK)
/idlc/source/idlc.cxx: 212 in Idlc::Idlc(Options *)()
206 , m_warningCount(0)
207 , m_lineNumber(0)
208 , m_offsetStart(0)
209 , m_offsetEnd(0)
210 , m_parseState(PS_NoState)
211 {
>>> CID 1427633:  Resource leaks  (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_pScopes" of "Idlc" but the 
>>> destructor and whatever functions it calls do not free it.
212 m_pScopes = new AstStack();
213 // init root object after construction
214 m_pRoot = nullptr;
215 m_bGenerateDoc = m_pOptions->isValid("-C");
216 }
217 

** CID 1427632:  API usage errors  (INVALIDATE_ITERATOR)
/dbaccess/source/ui/tabledesign/TableUndo.cxx: 212 in 
dbaui::OTableEditorDelUndoAct::Redo()()



*** CID 1427632:  API usage errors  (INVALIDATE_ITERATOR)
/dbaccess/source/ui/tabledesign/TableUndo.cxx: 212 in 
dbaui::OTableEditorDelUndoAct::Redo()()
206 sal_uLong nPos;
207 std::vector< std::shared_ptr >* pOriginalRows = 
pTabEdCtrl->GetRowList();
208 
209 for (auto const& deletedRow : m_aDeletedRows)
210 {
211 nPos = deletedRow->GetPos();
>>> CID 1427632:  API usage errors  (INVALIDATE_ITERATOR)
>>> Using invalid iterator "std::vector>> std::allocator 
>>> >::const_iterator(pOriginalRows->begin() + nPos)".
212 pOriginalRows->erase( pOriginalRows->begin()+nPos );
213 }
214 
215 pTabEdCtrl->DisplayData(pTabEdCtrl->GetCurRow());
216 pTabEdCtrl->Invalidate();
217 OTableEditorUndoAct::Redo();

** CID 1427631:(DEADCODE)
/sfx2/source/dialog/filedlghelper.cxx: 2699 in sfx2::RequestPassword(const 
std::shared_ptr &, const rtl::OUString &, SfxItemSet *)()
/sfx2/source/dialog/filedlghelper.cxx: 2736 in sfx2::RequestPassword(const 
std::shared_ptr &, const rtl::OUString &, SfxItemSet *)()



*** CID 1427631:(DEADCODE)
/sfx2/source/dialog/filedlghelper.cxx: 2699 in sfx2::RequestPassword(const 
std::shared_ptr &, const rtl::OUString &, SfxItemSet *)()
2693 if ( pPasswordRequest->getPassword().getLength() )
2694 {
2695 // TODO/LATER: The filters should show the password dialog 
themself in future
2696 if ( bMSType )
2697 {
2698 // Check if filter supports OOXML encryption
>>> CID 1427631:(DEADCODE)
>>> Execution cannot reach this statement: "if (sfx2lclSup...".
2699 if ( lclSupportsOOXMLEncryption( 
pCurrentFilter->GetFilterName() ) )
2700 {
2701 ::comphelper::SequenceAsHashMap aHashData;
2702 aHashData[ OUString( "OOXPassword"  ) ] <<= 
pPasswordRequest->getPassword();
2703 pSet->Put( SfxUnoAnyItem( SID_ENCRYPTIONDATA, 
uno::makeAny( aHashData.getAsConstNamedValueList() ) ) );
2704 }
/sfx2/source/dialog/filedlghelper.cxx: 2736 in sfx2::RequestPassword(const 
std::shared_ptr &, const rtl::OUString &, SfxItemSet *)()
2730 if ( pPasswordRequest->getRecommendReadOnly() )
2731 pSet->Put( SfxBoolItem( SID_RECOMMENDREADONLY, true ) );
2732 
2733 if ( bMSType )
2734 {
2735 // the empty password has 0 as Hash
>>> CID 1427631:(DEADCODE)
>>> Execution cannot reach this statement: "nHash = SfxMedium::CreatePa...".
2736 sal_Int32 nHash = SfxMedium::CreatePasswordToModifyHash( 
pPasswordRequest->getPasswordToModify(),
2737  
pCurrentFilter->GetServiceName() == "com.sun.star.text.TextDocument" );
2738 if ( nHash )
2739 pSet->Put( SfxUnoAnyItem( SID_MODIFYPASSWORDINFO, 
uno::makeAny( nHash ) ) );
2740 }
2741 else

** CID 1427630:(CHECKED_RETURN)
/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx: 428 in 
XMLSignature_GpgImpl::validate(const 
com::sun::star::uno::Reference
 &, const 
com::sun::star::uno::Reference
 &)()

New Defects reported by Coverity Scan for LibreOffice

2018-01-06 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1427251:  Uninitialized members  (UNINIT_CTOR)
/connectivity/source/drivers/jdbc/JConnection.cxx: 272 in 
connectivity::java_sql_Connection::java_sql_Connection(const 
connectivity::java_sql_Driver &)()



*** CID 1427251:  Uninitialized members  (UNINIT_CTOR)
/connectivity/source/drivers/jdbc/JConnection.cxx: 272 in 
connectivity::java_sql_Connection::java_sql_Connection(const 
connectivity::java_sql_Driver &)()
266 ,m_pDriverClassLoader()
267 ,m_Driver_theClass(nullptr)
268 ,m_aLogger( _rDriver.getLogger() )
269 ,m_bIgnoreDriverPrivileges(true)
270 ,m_bIgnoreCurrency(false)
271 {
>>> CID 1427251:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "m_bParameterSubstitution" is not initialized 
>>> in this constructor nor in any functions that it calls.
272 }
273 
274 java_sql_Connection::~java_sql_Connection()
275 {
276 ::rtl::Reference< jvmaccess::VirtualMachine > xTest = 
java_lang_Object::getVM();
277 if ( xTest.is() )

** CID 1427250:  Null pointer dereferences  (NULL_RETURNS)
/sw/qa/extras/ooxmlexport/ooxmlexport4.cxx: 806 in 
testTdf104707_urlComment::verify()()



*** CID 1427250:  Null pointer dereferences  (NULL_RETURNS)
/sw/qa/extras/ooxmlexport/ooxmlexport4.cxx: 806 in 
testTdf104707_urlComment::verify()()
800 sal_Int32 idInCommentXml = 
getXPath(pXmlComm,"/w:comments/w:comment[1]","id").toInt32();
801 CPPUNIT_ASSERT_EQUAL( idInDocXml, idInCommentXml );
802 }
803 
804 DECLARE_OOXMLEXPORT_TEST(testTdf104707_urlComment, 
"tdf104707_urlComment.odt")
805 {
>>> CID 1427250:  Null pointer dereferences  (NULL_RETURNS)
>>> Assigning: "pXmlComm" = null return value from "parseExport".
806 xmlDocPtr pXmlComm = parseExport("word/comments.xml");
807 CPPUNIT_ASSERT_EQUAL( 
OUString("https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0Tc8gAcas411Gi1txyZnn7YswN71V4IhbLCbQegCHHLkJYRPrHMDrO-2BOqQwP6z6D-2FO8zq48MJPziLAbATyEbwPw-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpymIwK6ENxnZuG32BrAYYwdSVvvX8Fy3IrPUyqBJAlVHyaOC2ne439PrfeyeJBkubXpOXoJ7kNW2-2BhqEMUC8xVYABOIHsyuRcSV9zb-2F6sI9XgvJE-2F0ECknP5gcEUGJs0D-2B546jqKG-2BTiqw4sBqUca5aYPzUuEJIvhawe57CWVOrbM-3D;),
 getXPathContent(pXmlComm,"/w:comments/w:comment/w:p/w:hyperlink/w:r/w:t") );
808 }
809 
810 DECLARE_OOXMLEXPORT_TEST(testOLEObjectinHeader, "2129393649.docx")
811 {

** CID 1427249:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/include/tools/bigint.hxx: 150 in BigInt::operator int() const()



*** CID 1427249:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/include/tools/bigint.hxx: 150 in BigInt::operator int() const()
144 assert(false && "out of range");
145 return 0;
146 }
147 
148 inline BigInt::operator sal_Int32() const
149 {
>>> CID 1427249:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>> "this->nVal >= -2147483648 /* (sal_Int32)(-2147483647 - 1) */" is 
>>> always true regardless of the values of its operands. This occurs as the 
>>> logical second operand of "&&".
150 if ( !bIsBig && nVal >= SAL_MIN_INT32 && nVal <= SAL_MAX_INT32 )
151 return (sal_Int32)nVal;
152 assert(false && "out of range");
153 return 0;
154 }
155 

** CID 1427248:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/include/tools/bigint.hxx: 168 in BigInt::operator long() const()



*** CID 1427248:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/include/tools/bigint.hxx: 168 in BigInt::operator long() const()
162 }
163 
164 #if SAL_TYPES_SIZEOFLONG == 8
165 inline BigInt::operator long() const
166 {
167 // Clamp to int32 since long is int32 on Windows.
>>> CID 1427248:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>> "this->nVal >= -2147483648 /* (sal_Int32)(-2147483647 - 1) */" is 
>>> always true regardless of the values of its operands. This occurs as the 
>>> logical second operand of "&&".
168 if ( !bIsBig && nVal >= SAL_MIN_INT32 && nVal <= SAL_MAX_INT32 )
169 return (long)nVal;
170 assert(false 

New Defects reported by Coverity Scan for LibreOffice

2017-12-29 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1427009:  Uninitialized members  (UNINIT_CTOR)
/connectivity/source/drivers/firebird/Blob.cxx: 48 in 
connectivity::firebird::Blob::Blob(unsigned int *, unsigned int *, const 
GDS_QUAD_t &)()



*** CID 1427009:  Uninitialized members  (UNINIT_CTOR)
/connectivity/source/drivers/firebird/Blob.cxx: 48 in 
connectivity::firebird::Blob::Blob(unsigned int *, unsigned int *, const 
GDS_QUAD_t &)()
42 m_blobHandle(nullptr),
43 #endif
44 m_bBlobOpened(false),
45 m_nBlobLength(0),
46 m_nBlobPosition(0)
47 {
>>> CID 1427009:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "m_nMaxSegmentSize" is not initialized in this 
>>> constructor nor in any functions that it calls.
48 }
49 
50 void Blob::ensureBlobIsOpened()
51 {
52 MutexGuard aGuard(m_aMutex);
53 

** CID 1427008:  Incorrect expression  (UNINTENDED_INTEGER_DIVISION)
/sw/source/filter/html/svxcss1.cxx: 2300 in ParseCSS1_margin(const 
CSS1Expression *, SfxItemSet &, SvxCSS1PropertyInfo &, const SvxCSS1Parser &)()



*** CID 1427008:  Incorrect expression  (UNINTENDED_INTEGER_DIVISION)
/sw/source/filter/html/svxcss1.cxx: 2300 in ParseCSS1_margin(const 
CSS1Expression *, SfxItemSet &, SvxCSS1PropertyInfo &, const SvxCSS1Parser &)()
2294 bSetThis = true;
2295 }
2296 break;
2297 case CSS1_PIXLENGTH:
2298 {
2299 auto fMargin = pExpr->GetNumber();
>>> CID 1427008:  Incorrect expression  (UNINTENDED_INTEGER_DIVISION)
>>> Dividing integer expressions "2147483647" and "2", and then converting 
>>> the integer quotient to type "double". Any remainder, or fractional part of 
>>> the quotient, is ignored.
2300 if (fMargin < SAL_MAX_INT32/2 && fMargin > 
SAL_MIN_INT32/2)
2301 {
2302 nMargin =  (long)fMargin;
2303 long nPWidth = 0;
2304 SvxCSS1Parser::PixelToTwip( nPWidth, nMargin );
2305 bSetThis = true;



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyHJYV0YMSfoRZm0xr2Uel7f935lkD8zh2972P6qw5APgOZFHwoXgvAzxhbNmqEt3-2BAw5dux9CYTKSQXDOvqATIPAa96HPyPAbSBIa8gRk12MfyiblOXHy1GwnaDkLcXVcMfTDTWaVQ7qDQXCZm2IWYBbUBE-2FsEE-2BzGrCq5uZuYUE-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyHJYV0YMSfoRZm0xr2Uel7aJcR2FdC-2FMGuWC-2BmD5WnU8x9MHRZQdD84lErTpPmq3RfA3uNrN3do7-2F1Ebpxcw7MyNdgqbA0S5II0HmyoXwbiUoTV49gui0ee-2BPa1qwIOrbhSSkyYi5-2FBIi-2B2XF0s5VT0ZZgtmVVQOGhB7s7sGKpQM-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-12-25 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1426946:  Error handling issues  (CHECKED_RETURN)
/sw/source/core/table/swtable.cxx: 2235 in SwTableBoxFormat::Modify(const 
SfxPoolItem *, const SfxPoolItem *)()



*** CID 1426946:  Error handling issues  (CHECKED_RETURN)
/sw/source/core/table/swtable.cxx: 2235 in SwTableBoxFormat::Modify(const 
SfxPoolItem *, const SfxPoolItem *)()
2229 if( SfxItemState::SET != GetItemState( 
RES_BOXATR_VALUE, false ))
2230 pNewFormat = nullptr;
2231 }
2232 else
2233 {
2234 // fetch the current Item
>>> CID 1426946:  Error handling issues  (CHECKED_RETURN)
>>> Calling "GetItemState" without checking return value (as is done 
>>> elsewhere 71 out of 73 times).
2235 GetItemState( RES_BOXATR_FORMAT, false,
2236 reinterpret_cast() );
2237 nOldFormat = GetTableBoxNumFormat().GetValue();
2238 nNewFormat = pNewFormat ? 
pNewFormat->GetValue() : nOldFormat;
2239 }
2240 

** CID 1426945:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/doc/docfmt.cxx: 1030 in lcl_SetTextFormatColl(SwNode *const &, 
void *)()



*** CID 1426945:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/doc/docfmt.cxx: 1030 in lcl_SetTextFormatColl(SwNode *const &, 
void *)()
1024 if ( pPara->bResetListAttrs &&
1025  pFormat != pCNd->GetFormatColl() &&
1026  pFormat->GetItemState( RES_PARATR_NUMRULE ) == 
SfxItemState::SET )
1027 {
1028 // Check, if the list style of the paragraph will change.
1029 bool bChangeOfListStyleAtParagraph( true );
>>> CID 1426945:  Null pointer dereferences  (FORWARD_NULL)
>>> Assigning: "pTNd" = "dynamic_cast (pCNd)".
1030 SwTextNode* pTNd( dynamic_cast(pCNd) );
1031 OSL_ENSURE( pTNd, " - text node 
expected -> crash" );
1032 {
1033 SwNumRule* pNumRuleAtParagraph( pTNd->GetNumRule() );
1034 if ( pNumRuleAtParagraph )
1035 {



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpy4UTlAndyjnp2ewsrCt-2BFF-2BAXtMKHu5y-2BbinOMjmUxpzPtjBN0EOez-2F-2BSqIJ3Lp0OavZ5MZAZC8l38PR3H75p-2FQRmqqn-2BSHw1myAo7XeslQqiPZzvLtoP54Pira4ljZEekV8cxSfxgkWksR-2BqrO3qw4zDWcKPm6ZheOLUJ1pQydQ-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpy4UTlAndyjnp2ewsrCt-2BFF6YBxWC-2Fs8jPePKytyv7tMxa40glroO4Og-2FIqol8CthioKYLh4OmyLj-2Bw1EU-2Bsqkyeb8FIUg2onczwtfwADIbD7m-2Bd4oYVehQC6TKuBvz5wtBjxivAnHuQcFeZ1aRyZqhjNg-2B3xGMUAuHJJAcDecDV8-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-12-23 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1426924:  Memory - illegal accesses  (RETURN_LOCAL)
/svx/source/items/svxerr.cxx: 30 in SvxErrorHandler::SvxErrorHandler()()



*** CID 1426924:  Memory - illegal accesses  (RETURN_LOCAL)
/svx/source/items/svxerr.cxx: 30 in SvxErrorHandler::SvxErrorHandler()()
24 #include 
25 
26 SvxErrorHandler::SvxErrorHandler() :
27   SfxErrorHandler(
28   getRID_SVXERRCODE(), ErrCodeArea::Svx, ErrCodeArea::Svx, 
SvxResLocale())
29 {
>>> CID 1426924:  Memory - illegal accesses  (RETURN_LOCAL)
>>> Returning here.
30 }
31 
32 namespace
33 {
34 class theSvxErrorHandler
35 : public rtl::Static {};

** CID 1426923:  Memory - illegal accesses  (RETURN_LOCAL)
/oox/source/ppt/pptimport.cxx: 165 in 
oox::ppt::PowerPointImport::importDocument()()



*** CID 1426923:  Memory - illegal accesses  (RETURN_LOCAL)
/oox/source/ppt/pptimport.cxx: 165 in 
oox::ppt::PowerPointImport::importDocument()()
159 bool bRet = importFragment(xPresentationFragmentHandler);
160 
161 if (mbMissingExtDrawing)
162 {
163 // Construct a warning message.
164 INetURLObject aURL(getFileUrl());
>>> CID 1426923:  Memory - illegal accesses  (RETURN_LOCAL)
>>> Temporary variable of type "std::locale" goes out of scope.
165 SfxErrorContext aContext(ERRCTX_SFX_OPENDOC, 
aURL.getName(INetURLObject::LAST_SEGMENT, true, 
INetURLObject::DecodeMechanism::WithCharset), nullptr, getRID_ERRCTX());
166 OUString aWarning;
167 aContext.GetString(ERRCODE_NONE.MakeWarning(), aWarning);
168 aWarning += ":\n";
169 aWarning += SvxResId(RID_SVXSTR_WARN_MISSING_SMARTART);
170 

** CID 1426922:  Uninitialized members  (UNINIT_CTOR)
/sc/source/ui/dbgui/asciiopt.cxx: 40 in ScAsciiOptions::ScAsciiOptions()()



*** CID 1426922:  Uninitialized members  (UNINIT_CTOR)
/sc/source/ui/dbgui/asciiopt.cxx: 40 in ScAsciiOptions::ScAsciiOptions()()
34 cTextSep( cDefaultTextSep ),
35 eCharSet( osl_getThreadTextEncoding() ),
36 eLang   ( LANGUAGE_SYSTEM ),
37 bCharSetSystem  ( false ),
38 nStartRow   ( 1 )
39 {
>>> CID 1426922:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "bSkipEmptyCells" is not initialized in this 
>>> constructor nor in any functions that it calls.
40 }
41 
42 ScAsciiOptions::~ScAsciiOptions()
43 {
44 }
45 

** CID 1426921:  Uninitialized members  (UNINIT_CTOR)
/vcl/source/gdi/jobset.cxx: 87 in ImplJobSetup::ImplJobSetup(const 
ImplJobSetup&)()



*** CID 1426921:  Uninitialized members  (UNINIT_CTOR)
/vcl/source/gdi/jobset.cxx: 87 in ImplJobSetup::ImplJobSetup(const 
ImplJobSetup&)()
81 {
82 mpDriverData = static_cast(rtl_allocateMemory( 
mnDriverDataLen ));
83 memcpy( mpDriverData, rJobSetup.GetDriverData(), mnDriverDataLen 
);
84 }
85 else
86 mpDriverData = nullptr;
>>> CID 1426921:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "meSetupMode" is not initialized in this 
>>> constructor nor in any functions that it calls.
87 }
88 
89 ImplJobSetup::~ImplJobSetup()
90 {
91 rtl_freeMemory( mpDriverData );
92 }



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyVi6LaJRNxumUOWFZyK3iTlSSlqB-2B1h6hcejEQniHdEEhWxujP210umaRtY9TEOCuogSEBMQfMRpxeZRfZM-2BzIJA1tSxOsd8py3dVy1fDrYlnUrpYnKCKNG7eGSRwI3YcB6HRkEKP5SARUO080HXSiPyE-2BJGKaiJgxyH3J-2Bo08SE-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 

New Defects reported by Coverity Scan for LibreOffice

2017-12-22 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

9 new defect(s) introduced to LibreOffice found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)


** CID 1426881:  Integer handling issues  (SIGN_EXTENSION)
/starmath/source/ooxmlexport.cxx: 446 in SmOoxmlExport::HandleMatrix(const 
SmMatrixNode *, int)()



*** CID 1426881:  Integer handling issues  (SIGN_EXTENSION)
/starmath/source/ooxmlexport.cxx: 446 in SmOoxmlExport::HandleMatrix(const 
SmMatrixNode *, int)()
440 for( int row = 0; row < pNode->GetNumRows(); ++row )
441 {
442 m_pSerializer->startElementNS( XML_m, XML_mr, FSEND );
443 for( int col = 0; col < pNode->GetNumCols(); ++col )
444 {
445 m_pSerializer->startElementNS( XML_m, XML_e, FSEND );
>>> CID 1426881:  Integer handling issues  (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "pNode->GetNumCols()" with type 
>>> "sal_uInt16" (16 bits, unsigned) is promoted in "row * pNode->GetNumCols() 
>>> + col" to type "int" (32 bits, signed), then sign-extended to type 
>>> "unsigned long" (64 bits, unsigned).  If "row * pNode->GetNumCols() + col" 
>>> is greater than 0x7FFF, the upper bits of the result will all be 1.
446 if( const SmNode* node = pNode->GetSubNode( row * 
pNode->GetNumCols() + col ))
447 HandleNode( node, nLevel + 1 );
448 m_pSerializer->endElementNS( XML_m, XML_e );
449 }
450 m_pSerializer->endElementNS( XML_m, XML_mr );
451 }

** CID 1426880:  Integer handling issues  (SIGN_EXTENSION)
/starmath/source/visitors.cxx: 1069 in 
SmCaretPosGraphBuildingVisitor::Visit(SmMatrixNode *)()



*** CID 1426880:  Integer handling issues  (SIGN_EXTENSION)
/starmath/source/visitors.cxx: 1069 in 
SmCaretPosGraphBuildingVisitor::Visit(SmMatrixNode *)()
1063 SmCaretPosGraphEntry *left  = mpRightMost,
1064  *right = mpGraph->Add( SmCaretPos( pNode, 1 ) 
);
1065 
1066 for ( sal_uInt16 i = 0;  i < pNode->GetNumRows( ); i++ ) {
1067 SmCaretPosGraphEntry* r = left;
1068 for ( sal_uInt16 j = 0;  j < pNode->GetNumCols( ); j++ ){
>>> CID 1426880:  Integer handling issues  (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "pNode->GetNumCols()" with type 
>>> "sal_uInt16" (16 bits, unsigned) is promoted in "i * pNode->GetNumCols() + 
>>> j" to type "int" (32 bits, signed), then sign-extended to type "unsigned 
>>> long" (64 bits, unsigned).  If "i * pNode->GetNumCols() + j" is greater 
>>> than 0x7FFF, the upper bits of the result will all be 1.
1069 SmNode* pSubNode = pNode->GetSubNode( i * 
pNode->GetNumCols( ) + j );
1070 
1071 mpRightMost = mpGraph->Add( SmCaretPos( pSubNode, 0 ), r );
1072 if( j != 0 || ( pNode->GetNumRows( ) - 1 ) / 2 == i )
1073 r->SetRight( mpRightMost );
1074 

** CID 1426879:  Integer handling issues  (SIGN_EXTENSION)
/starmath/source/node.cxx: 2211 in 
SmMatrixNode::CreateTextFromNode(rtl::OUString &)()



*** CID 1426879:  Integer handling issues  (SIGN_EXTENSION)
/starmath/source/node.cxx: 2211 in 
SmMatrixNode::CreateTextFromNode(rtl::OUString &)()
2205 {
2206 rText += "matrix {";
2207 for (sal_uInt16 i = 0;  i < mnNumRows; i++)
2208 {
2209 for (sal_uInt16 j = 0;  j < mnNumCols; j++)
2210 {
>>> CID 1426879:  Integer handling issues  (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "this->mnNumCols" with type 
>>> "sal_uInt16" (16 bits, unsigned) is promoted in "i * this->mnNumCols + j" 
>>> to type "int" (32 bits, signed), then sign-extended to type "unsigned long" 
>>> (64 bits, unsigned).  If "i * this->mnNumCols + j" is greater than 
>>> 0x7FFF, the upper bits of the result will all be 1.
2211 SmNode *pNode = GetSubNode(i * mnNumCols + j);
2212 if (pNode)
2213 pNode->CreateTextFromNode(rText);
2214 if (j != mnNumCols-1)
2215 rText += "# ";
2216 }

** CID 1426878:  Integer handling issues  (SIGN_EXTENSION)
/starmath/source/visitors.cxx: 2286 in SmNodeToTextVisitor::Visit(SmMatrixNode 
*)()



*** CID 1426878:  Integer handling issues  (SIGN_EXTENSION)

New Defects reported by Coverity Scan for LibreOffice

2017-12-20 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

10 new defect(s) introduced to LibreOffice found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 10 of 10 defect(s)


** CID 1426744:  Uninitialized variables  (UNINIT)
/oox/source/export/drawingml.cxx: 2417 in 
oox::drawingml::DrawingML::WriteText(const 
com::sun::star::uno::Reference &, const 
rtl::OUString &, bool, bool, int)()



*** CID 1426744:  Uninitialized variables  (UNINIT)
/oox/source/export/drawingml.cxx: 2417 in 
oox::drawingml::DrawingML::WriteText(const 
com::sun::star::uno::Reference &, const 
rtl::OUString &, bool, bool, int)()
2411 delete pParaObj;
2412 }
2413 return;
2414 }
2415 
2416 bool bOverridingCharHeight = false;
>>> CID 1426744:  Uninitialized variables  (UNINIT)
>>> Declaring variable "nCharHeight" without initializer.
2417 sal_Int32 nCharHeight;
2418 
2419 while( enumeration->hasMoreElements() )
2420 {
2421 Reference< XTextContent > paragraph;
2422 Any any ( enumeration->nextElement() );

** CID 1426743:  Uninitialized members  (UNINIT_CTOR)
/sc/source/filter/orcus/interface.cxx: 184 in 
ScOrcusFactory::CellStoreToken::CellStoreToken(const ScAddress &, 
ScOrcusFactory::CellStoreToken::Type)()



*** CID 1426743:  Uninitialized members  (UNINIT_CTOR)
/sc/source/filter/orcus/interface.cxx: 184 in 
ScOrcusFactory::CellStoreToken::CellStoreToken(const ScAddress &, 
ScOrcusFactory::CellStoreToken::Type)()
178 }
179 
180 ScOrcusFactory::CellStoreToken::CellStoreToken( const ScAddress& rPos, 
Type eType ) :
181 maPos(rPos), meType(eType)
182 {
183 rtl::math::setNan();
>>> CID 1426743:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "meGrammar" is not initialized in this 
>>> constructor nor in any functions that it calls.
184 }
185 
186 ScOrcusFactory::CellStoreToken::CellStoreToken( const ScAddress& rPos, 
double fValue ) :
187 maPos(rPos), meType(Type::Numeric), mfValue(fValue) {}
188 
189 ScOrcusFactory::CellStoreToken::CellStoreToken( const ScAddress& rPos, 
uint32_t nIndex ) :

** CID 1426742:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/frmedt/feshview.cxx: 1571 in SwFEShell::GetBestObject(bool, 
GotoObjFlags, bool, const svx::ISdrObjectFilter *)()



*** CID 1426742:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/frmedt/feshview.cxx: 1571 in SwFEShell::GetBestObject(bool, 
GotoObjFlags, bool, const svx::ISdrObjectFilter *)()
1565 default: break;
1566 }
1567 }
1568 aCurPos = pFly->getFrameArea().Pos();
1569 }
1570 else
>>> CID 1426742:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing null pointer "pObj" to "GetCurrentBoundRect", which 
>>> dereferences it. (The dereference happens because this is a virtual 
>>> function call.)
1571 aCurPos = pObj->GetCurrentBoundRect().TopLeft();
1572 
1573 // Special case if another object is on same Y.
1574 if( aCurPos != aPos &&  // only when it is not me
1575 aCurPos.getY() == aPos.getY() &&  // Y positions equal
1576 (bNext? (aCurPos.getX() > aPos.getX()) :  // lies next 
to me

** CID 1426741:  Uninitialized members  (UNINIT_CTOR)
/sc/source/filter/orcus/interface.cxx: 193 in 
ScOrcusFactory::CellStoreToken::CellStoreToken(const ScAddress &, unsigned 
int)()



*** CID 1426741:  Uninitialized members  (UNINIT_CTOR)
/sc/source/filter/orcus/interface.cxx: 193 in 
ScOrcusFactory::CellStoreToken::CellStoreToken(const ScAddress &, unsigned 
int)()
187 maPos(rPos), meType(Type::Numeric), mfValue(fValue) {}
188 
189 ScOrcusFactory::CellStoreToken::CellStoreToken( const ScAddress& rPos, 
uint32_t nIndex ) :
190 maPos(rPos), meType(Type::String), mnIndex1(nIndex)
191 {
192 rtl::math::setNan();
>>> CID 1426741:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "meGrammar" is not initialized in this 
>>> constructor nor in any functions that it calls.
193 }
194 
195 ScOrcusFactory::CellStoreToken::CellStoreToken(
196 const ScAddress& rPos, const OUString& 

New Defects reported by Coverity Scan for LibreOffice

2017-12-17 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1426315:  Control flow issues  (DEADCODE)
/sw/source/core/layout/flylay.cxx: 720 in SwFlyLayFrame::Modify(const 
SfxPoolItem *, const SfxPoolItem *)()



*** CID 1426315:  Control flow issues  (DEADCODE)
/sw/source/core/layout/flylay.cxx: 720 in SwFlyLayFrame::Modify(const 
SfxPoolItem *, const SfxPoolItem *)()
714 void SwFlyLayFrame::Modify( const SfxPoolItem* pOld, const SfxPoolItem 
*pNew )
715 {
716 const SwFormatAnchor *pAnch = nullptr;
717 
718 if (pNew)
719 {
>>> CID 1426315:  Control flow issues  (DEADCODE)
>>> Execution cannot reach the expression "0" inside this statement: 
>>> "nWhich = (pNew ? pNew->Whic...".
720 const sal_uInt16 nWhich = pNew ? pNew->Which() : 0;
721 if( RES_ATTRSET_CHG == nWhich && SfxItemState::SET ==
722 static_cast(pNew)->GetChgSet()->GetItemState( RES_ANCHOR, false,
723 reinterpret_cast() ))
724 ; // GetItemState sets the anchor pointer!
725 

** CID 1426314:  Resource leaks  (RESOURCE_LEAK)
/vcl/unx/generic/plugadapt/salplug.cxx: 130 in tryInstance(const rtl::OUString 
&, bool)()



*** CID 1426314:  Resource leaks  (RESOURCE_LEAK)
/vcl/unx/generic/plugadapt/salplug.cxx: 130 in tryInstance(const rtl::OUString 
&, bool)()
124 }
125 else
126 {
127 SAL_INFO("vcl.plugadapt", "could not load shared object " << 
aModule);
128 }
129 
>>> CID 1426314:  Resource leaks  (RESOURCE_LEAK)
>>> Variable "aMod" going out of scope leaks the storage it points to.
130 return pInst;
131 }
132 
133 #if !defined(ANDROID)
134 
135 namespace {

** CID 1426313:  Error handling issues  (CHECKED_RETURN)
/vcl/source/window/builder.cxx: 1645 in VclBuilder::makeObject(vcl::Window *, 
const rtl::OString &, const rtl::OString &, std::map> &)()



*** CID 1426313:  Error handling issues  (CHECKED_RETURN)
/vcl/source/window/builder.cxx: 1645 in VclBuilder::makeObject(vcl::Window *, 
const rtl::OString &, const rtl::OString &, std::map> &)()
1639 pModule->loadRelative(, sMergedModule);
1640 if (!pModule->getFunctionSymbol(sFunction))
1641 {
1642 pModule->loadRelative(, sModule);
1643 }
1644 #else
>>> CID 1426313:  Error handling issues  (CHECKED_RETURN)
>>> Calling "loadRelative" without checking return value (as is done 
>>> elsewhere 4 out of 5 times).
1645 pModule->loadRelative(, sModule);
1646 #endif
1647 aI = m_aModuleMap.insert(std::make_pair(sModule, 
std::unique_ptr(pModule))).first;
1648 }
1649 customMakeWidget pFunction = 
reinterpret_cast(aI->second->getFunctionSymbol(sFunction));
1650 #else

** CID 1426312:  Error handling issues  (CHECKED_RETURN)
/desktop/source/deployment/gui/dp_gui_updateinstalldialog.cxx: 600 in 
dp_gui::UpdateInstallDialog::Thread::download(const rtl::OUString &, 
dp_gui::UpdateData &)()



*** CID 1426312:  Error handling issues  (CHECKED_RETURN)
/desktop/source/deployment/gui/dp_gui_updateinstalldialog.cxx: 600 in 
dp_gui::UpdateInstallDialog::Thread::download(const rtl::OUString &, 
dp_gui::UpdateData &)()
594 destFolder += "_";
595 
596 ::ucbhelper::Content destFolderContent;
597 dp_misc::create_folder( , destFolder, 
m_updateCmdEnv.get() );
598 
599 ::ucbhelper::Content sourceContent;
>>> CID 1426312:  Error handling issues  (CHECKED_RETURN)
>>> Calling "create_ucb_content" without checking return value (as is done 
>>> elsewhere 5 out of 6 times).
600 dp_misc::create_ucb_content( , sDownloadURL, 
m_updateCmdEnv.get() );
601 
602 const OUString sTitle( StrTitle::getTitle( sourceContent ) );
603 
604 if (destFolderContent.transferContent(
605 sourceContent, ::ucbhelper::InsertOperation::Copy,



New Defects reported by Coverity Scan for LibreOffice

2017-12-15 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

10 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 10 of 10 defect(s)


** CID 1426171:(FORWARD_NULL)
/sw/qa/extras/tiledrendering/tiledrendering.cxx: 1916 in 
SwTiledRenderingTest::testDocumentRepair()()
/sw/qa/extras/tiledrendering/tiledrendering.cxx: 1917 in 
SwTiledRenderingTest::testDocumentRepair()()
/sw/qa/extras/tiledrendering/tiledrendering.cxx: 1932 in 
SwTiledRenderingTest::testDocumentRepair()()
/sw/qa/extras/tiledrendering/tiledrendering.cxx: 1933 in 
SwTiledRenderingTest::testDocumentRepair()()



*** CID 1426171:(FORWARD_NULL)
/sw/qa/extras/tiledrendering/tiledrendering.cxx: 1916 in 
SwTiledRenderingTest::testDocumentRepair()()
1910 std::unique_ptr pItem1;
1911 std::unique_ptr pItem2;
1912 
pView1->GetViewFrame()->GetBindings().QueryState(SID_DOC_REPAIR, pItem1);
1913 
pView2->GetViewFrame()->GetBindings().QueryState(SID_DOC_REPAIR, pItem2);
1914 CPPUNIT_ASSERT(dynamic_cast< const SfxBoolItem* 
>(pItem1.get()));
1915 CPPUNIT_ASSERT(dynamic_cast< const SfxBoolItem* 
>(pItem2.get()));
>>> CID 1426171:(FORWARD_NULL)
>>> Dynamic cast to pointer "dynamic_cast >> *>(pItem1.get())" can return "NULL".
1916 CPPUNIT_ASSERT_EQUAL(false, dynamic_cast< const SfxBoolItem* 
>(pItem1.get())->GetValue());
1917 CPPUNIT_ASSERT_EQUAL(false, dynamic_cast< const SfxBoolItem* 
>(pItem2.get())->GetValue());
1918 }
1919 
1920 // Insert a character in the second view.
1921 SfxLokHelper::setView(nView2);
/sw/qa/extras/tiledrendering/tiledrendering.cxx: 1917 in 
SwTiledRenderingTest::testDocumentRepair()()
1911 std::unique_ptr pItem2;
1912 
pView1->GetViewFrame()->GetBindings().QueryState(SID_DOC_REPAIR, pItem1);
1913 
pView2->GetViewFrame()->GetBindings().QueryState(SID_DOC_REPAIR, pItem2);
1914 CPPUNIT_ASSERT(dynamic_cast< const SfxBoolItem* 
>(pItem1.get()));
1915 CPPUNIT_ASSERT(dynamic_cast< const SfxBoolItem* 
>(pItem2.get()));
1916 CPPUNIT_ASSERT_EQUAL(false, dynamic_cast< const SfxBoolItem* 
>(pItem1.get())->GetValue());
>>> CID 1426171:(FORWARD_NULL)
>>> Dynamic cast to pointer "dynamic_cast >> *>(pItem2.get())" can return "NULL".
1917 CPPUNIT_ASSERT_EQUAL(false, dynamic_cast< const SfxBoolItem* 
>(pItem2.get())->GetValue());
1918 }
1919 
1920 // Insert a character in the second view.
1921 SfxLokHelper::setView(nView2);
1922 pXTextDocument->postKeyEvent(LOK_KEYEVENT_KEYINPUT, 'u', 0);
/sw/qa/extras/tiledrendering/tiledrendering.cxx: 1932 in 
SwTiledRenderingTest::testDocumentRepair()()
1926 std::unique_ptr pItem1;
1927 std::unique_ptr pItem2;
1928 
pView1->GetViewFrame()->GetBindings().QueryState(SID_DOC_REPAIR, pItem1);
1929 
pView2->GetViewFrame()->GetBindings().QueryState(SID_DOC_REPAIR, pItem2);
1930 CPPUNIT_ASSERT(dynamic_cast< const SfxBoolItem* 
>(pItem1.get()));
1931 CPPUNIT_ASSERT(dynamic_cast< const SfxBoolItem* 
>(pItem2.get()));
>>> CID 1426171:(FORWARD_NULL)
>>> Dynamic cast to pointer "dynamic_cast >> *>(pItem1.get())" can return "NULL".
1932 CPPUNIT_ASSERT_EQUAL(true, dynamic_cast< const SfxBoolItem* 
>(pItem1.get())->GetValue());
1933 CPPUNIT_ASSERT_EQUAL(true, dynamic_cast< const SfxBoolItem* 
>(pItem2.get())->GetValue());
1934 }
1935 
1936 comphelper::LibreOfficeKit::setActive(false);
1937 }
/sw/qa/extras/tiledrendering/tiledrendering.cxx: 1933 in 
SwTiledRenderingTest::testDocumentRepair()()
1927 std::unique_ptr pItem2;
1928 
pView1->GetViewFrame()->GetBindings().QueryState(SID_DOC_REPAIR, pItem1);
1929 
pView2->GetViewFrame()->GetBindings().QueryState(SID_DOC_REPAIR, pItem2);
1930 CPPUNIT_ASSERT(dynamic_cast< const SfxBoolItem* 
>(pItem1.get()));
1931 CPPUNIT_ASSERT(dynamic_cast< const SfxBoolItem* 
>(pItem2.get()));
1932 CPPUNIT_ASSERT_EQUAL(true, dynamic_cast< const SfxBoolItem* 
>(pItem1.get())->GetValue());
>>> CID 1426171:(FORWARD_NULL)
>>> Dynamic cast to pointer "dynamic_cast >> *>(pItem2.get())" can return "NULL".
1933 CPPUNIT_ASSERT_EQUAL(true, dynamic_cast< const SfxBoolItem* 
>(pItem2.get())->GetValue());
1934 }
1935 
1936 comphelper::LibreOfficeKit::setActive(false);
1937 }
1938 

** CID 1426170:(FORWARD_NULL)
/sc/qa/unit/tiledrendering/tiledrendering.cxx: 1449 in 

New Defects reported by Coverity Scan for LibreOffice

2017-12-05 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

3 new defect(s) introduced to LibreOffice found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1425725:  Incorrect expression  (MIXED_ENUMS)
/sw/source/uibase/config/modcfg.cxx: 258 in 
SwRevisionConfig::SwRevisionConfig()()



*** CID 1425725:  Incorrect expression  (MIXED_ENUMS)
/sw/source/uibase/config/modcfg.cxx: 258 in 
SwRevisionConfig::SwRevisionConfig()()
252 aInsertAttr.m_nAttr = LINESTYLE_SINGLE;
253 aInsertAttr.m_nColor = COL_TRANSPARENT;
254 aDeletedAttr.m_nItemId = SID_ATTR_CHAR_STRIKEOUT;
255 aDeletedAttr.m_nAttr = STRIKEOUT_SINGLE;
256 aDeletedAttr.m_nColor = COL_TRANSPARENT;
257 aFormatAttr.m_nItemId = SID_ATTR_CHAR_WEIGHT;
>>> CID 1425725:  Incorrect expression  (MIXED_ENUMS)
>>> Mixing enum types "FontLineStyle" and "FontWeight" for "m_nAttr".
258 aFormatAttr.m_nAttr = WEIGHT_BOLD;
259 aFormatAttr.m_nColor = COL_BLACK;
260 
261 Load();
262 }
263 

** CID 1425724:  Incorrect expression  (MIXED_ENUMS)
/sw/source/uibase/config/modcfg.cxx: 255 in 
SwRevisionConfig::SwRevisionConfig()()



*** CID 1425724:  Incorrect expression  (MIXED_ENUMS)
/sw/source/uibase/config/modcfg.cxx: 255 in 
SwRevisionConfig::SwRevisionConfig()()
249 ConfigItemMode::DelayedUpdate|ConfigItemMode::ReleaseTree)
250 {
251 aInsertAttr.m_nItemId = SID_ATTR_CHAR_UNDERLINE;
252 aInsertAttr.m_nAttr = LINESTYLE_SINGLE;
253 aInsertAttr.m_nColor = COL_TRANSPARENT;
254 aDeletedAttr.m_nItemId = SID_ATTR_CHAR_STRIKEOUT;
>>> CID 1425724:  Incorrect expression  (MIXED_ENUMS)
>>> Mixing enum types "FontLineStyle" and "FontStrikeout" for "m_nAttr".
255 aDeletedAttr.m_nAttr = STRIKEOUT_SINGLE;
256 aDeletedAttr.m_nColor = COL_TRANSPARENT;
257 aFormatAttr.m_nItemId = SID_ATTR_CHAR_WEIGHT;
258 aFormatAttr.m_nAttr = WEIGHT_BOLD;
259 aFormatAttr.m_nColor = COL_BLACK;
260 

** CID 1425723:  Memory - illegal accesses  (WRAPPER_ESCAPE)
/sc/source/filter/xml/xmlcondformat.cxx: 340 in 
ScXMLConditionalFormatContext::endFastElement(int)()



*** CID 1425723:  Memory - illegal accesses  (WRAPPER_ESCAPE)
/sc/source/filter/xml/xmlcondformat.cxx: 340 in 
ScXMLConditionalFormatContext::endFastElement(int)()
334 if (aCacheEntry.mnAge > nOldestAge)
335 {
336 nOldestAge = aCacheEntry.mnAge;
337 nIndexOfOldest = ( - 
());
338 }
339 }
>>> CID 1425723:  Memory - illegal accesses  (WRAPPER_ESCAPE)
>>> The internal representation of local "pFormat" escapes into 
>>> "this->mrParent.maCache[nIndexOfOldest].mpFormat", but is destroyed when it 
>>> exits scope.
340 mrParent.maCache[nIndexOfOldest].mpFormat = pFormat.get();
341 mrParent.maCache[nIndexOfOldest].mbSingleRelativeReference = 
bSingleRelativeReference;
342 mrParent.maCache[nIndexOfOldest].mpTokens.reset(pTokens);
343 mrParent.maCache[nIndexOfOldest].mnAge = 0;
344 }
345 



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpygVWKkSaWNlrIEDKn7TRhHPiZynzUYWzqxDsB0RAMNA43EGS3SV1G3Y027u7b0RMtw4s4m96fd4iurSGHLRE-2Faq1NoAPwKfy0bGqx7FL-2FsEjQwKq8cJJQkWQxEYxU9kBGvBKulw6u7UinLL6qh5dte5HvPPR5VZmlUy4ldJIpTfU-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpygVWKkSaWNlrIEDKn7TRhHFbcvhnUVKi91KPiJPKgnGk-2BB6O-2FQnU9go-2B5FJ4eQYowNKtS-2BuuNnlwHo2bKrVS16LV3ehetIf6awq6JCifJ5jw-2Fk4cM3tXMjp5SvSlQ-2BjcBtTz6s-2BPvgbssFuup22wLqwb65140RQ3mpzFazgT5hiA-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org

New Defects reported by Coverity Scan for LibreOffice

2017-12-02 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1424910:  Error handling issues  (UNCAUGHT_EXCEPT)
/editeng/source/uno/unotext2.cxx: 378 in 
SvxUnoTextRangeEnumeration::SvxUnoTextRangeEnumeration(const SvxUnoTextBase &, 
int, const ESelection &)()



*** CID 1424910:  Error handling issues  (UNCAUGHT_EXCEPT)
/editeng/source/uno/unotext2.cxx: 378 in 
SvxUnoTextRangeEnumeration::SvxUnoTextRangeEnumeration(const SvxUnoTextBase &, 
int, const ESelection &)()
372 }
373 
374 
375 //  class SvxUnoTextRangeEnumeration
376 
377 
>>> CID 1424910:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
378 SvxUnoTextRangeEnumeration::SvxUnoTextRangeEnumeration( const 
SvxUnoTextBase& rText, sal_Int32 nPara, const ESelection& rSel ) throw()
379 :   mxParentText(  const_cast() ),
380 mrParentText( rText ),
381 mnParagraph( nPara ),
382 mnNextPortion( 0 ),
383 mnSel( rSel )

** CID 1424909:  Error handling issues  (UNCAUGHT_EXCEPT)
/sd/source/ui/unoidl/unosrch.cxx: 444 in SdUnoSearchReplaceShape::Search(const 
com::sun::star::uno::Reference &, 
SdUnoSearchReplaceDescriptor *)()



*** CID 1424909:  Error handling issues  (UNCAUGHT_EXCEPT)
/sd/source/ui/unoidl/unosrch.cxx: 444 in SdUnoSearchReplaceShape::Search(const 
com::sun::star::uno::Reference &, 
SdUnoSearchReplaceDescriptor *)()
438 }
439 }
440 
441 return xFound;
442 }
443 
>>> CID 1424909:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
444 uno::Reference< text::XTextRange >  SdUnoSearchReplaceShape::Search( 
const uno::Reference< text::XTextRange >&  xText, SdUnoSearchReplaceDescriptor* 
pDescr ) throw()
445 {
446 if(!xText.is())
447 return uno::Reference< text::XTextRange > ();
448 
449 uno::Reference< text::XText > xParent( xText->getText() );



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyZIrWGlkG2EmM0G4ZOzbXTB-2FdWm4I2H4TVEhLEpQIysMguRptRh4-2BDIGH8mVdRokjyf35QmdEQZgAy5ZmB-2BuWWrnD3HDIZq1oIlkipkluARRH4goLwSTEQL8zs-2BFkJCuEwkaEf0YC-2BRAqdRUySEQ3Cexb-2BOwxpYRH2v3naLJdtuU-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyZIrWGlkG2EmM0G4ZOzbXTAB6DDmR1OOEsf5RFKYKuQlhqMggsR29WYWochYrIl1xsQMD6D1HKp267zi7uXnBlVOF8Y0xcK6BF3VRs2cOyg4Cu2v3HFOvaVp1-2BYw0LVzaSApES5Fql-2BGABJH75eJoUOWN6uUKD-2BcuXw-2BNS0MFgZs-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-12-01 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

1 new defect(s) introduced to LibreOffice found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1424880:(UNCAUGHT_EXCEPT)
/svx/source/unodraw/unomod.cxx: 690 in SvxCreateNumRule(SdrModel *)()
/svx/source/unodraw/unomod.cxx: 690 in SvxCreateNumRule(SdrModel *)()



*** CID 1424880:(UNCAUGHT_EXCEPT)
/svx/source/unodraw/unomod.cxx: 690 in SvxCreateNumRule(SdrModel *)()
684 {
685 OUString aService( "com.sun.star.drawing.DrawPages" );
686 uno::Sequence< OUString > aSeq( , 1 );
687 return aSeq;
688 }
689 
>>> CID 1424880:(UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
690 css::uno::Reference< css::container::XIndexReplace > SvxCreateNumRule( 
SdrModel* pModel ) throw()
691 {
692 const SvxNumRule* pDefaultRule = nullptr;
693 if( pModel )
694 {
695 const SvxNumBulletItem* pItem = 
pModel->GetItemPool().GetSecondaryPool()->GetPoolDefaultItem(EE_PARA_NUMBULLET);
/svx/source/unodraw/unomod.cxx: 690 in SvxCreateNumRule(SdrModel *)()
684 {
685 OUString aService( "com.sun.star.drawing.DrawPages" );
686 uno::Sequence< OUString > aSeq( , 1 );
687 return aSeq;
688 }
689 
>>> CID 1424880:(UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
690 css::uno::Reference< css::container::XIndexReplace > SvxCreateNumRule( 
SdrModel* pModel ) throw()
691 {
692 const SvxNumRule* pDefaultRule = nullptr;
693 if( pModel )
694 {
695 const SvxNumBulletItem* pItem = 
pModel->GetItemPool().GetSecondaryPool()->GetPoolDefaultItem(EE_PARA_NUMBULLET);



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyCsxuTVTf6JjzjKL0D6zBFXLrFZmb1jsbYVTC3Y5FgQMgW-2BLqhyzscTchRKk9bFcCL4C7tLuAq64nlrF-2BVoVWZEkV-2BhaYODHCMvkZNGiaKtdcwNrrbFiUWYTSeLod-2BV-2FAk9ds1d1RUOIjhn6zPolJuXvo0Tstmxdlxoo0vkGUSN0-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyCsxuTVTf6JjzjKL0D6zBFUUkBiifps1rkcExAHFnCbC-2FaZm77-2F2a-2FtOgWWutt1iDyJOmOE6w2-2Bx6xh96N4n2fJ0ONNZ2pbpBytXVG9FynM-2B7KyCfpzq2kk-2B7AoYCTl40af8LRqD1ZwBACyWkknZimvFmni7ob-2BfYNeSiCv-2FX270-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-11-29 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

5 new defect(s) introduced to LibreOffice found with Coverity Scan.
24 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 1424325:  Uninitialized members  (UNINIT_CTOR)
/svx/source/svdraw/svdograf.cxx: 378 in SdrGrafObj::SdrGrafObj(const Graphic &, 
const tools::Rectangle &)()



*** CID 1424325:  Uninitialized members  (UNINIT_CTOR)
/svx/source/svdraw/svdograf.cxx: 378 in SdrGrafObj::SdrGrafObj(const Graphic &, 
const tools::Rectangle &)()
372 mbLineIsOutsideGeometry = true;
373 mbInsidePaint = false;
374 mbIsPreview = false;
375 
376 // #i25616#
377 mbSupportTextIndentingOnLineWidthChange = false;
>>> CID 1424325:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "mbIsSignatureLineCanAddComment" is not 
>>> initialized in this constructor nor in any functions that it calls.
378 }
379 
380 SdrGrafObj::SdrGrafObj( const Graphic& rGrf )
381 :   SdrRectObj(),
382 pGraphicLink( nullptr ),
383 bMirrored   ( false )

** CID 1424324:(UNCAUGHT_EXCEPT)
/editeng/source/uno/unonrule.cxx: 476 in SvxCreateNumRule(const SvxNumRule *)()
/editeng/source/uno/unonrule.cxx: 476 in SvxCreateNumRule(const SvxNumRule *)()



*** CID 1424324:(UNCAUGHT_EXCEPT)
/editeng/source/uno/unonrule.cxx: 476 in SvxCreateNumRule(const SvxNumRule *)()
470 if( pRule == nullptr )
471 throw IllegalArgumentException();
472 
473 return pRule->getNumRule();
474 }
475 
>>> CID 1424324:(UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
476 css::uno::Reference< css::container::XIndexReplace > SvxCreateNumRule( 
const SvxNumRule* pRule ) throw()
477 {
478 DBG_ASSERT( pRule, "No default SvxNumRule!" );
479 if( pRule )
480 {
481 return new SvxUnoNumberingRules( *pRule );
/editeng/source/uno/unonrule.cxx: 476 in SvxCreateNumRule(const SvxNumRule *)()
470 if( pRule == nullptr )
471 throw IllegalArgumentException();
472 
473 return pRule->getNumRule();
474 }
475 
>>> CID 1424324:(UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
476 css::uno::Reference< css::container::XIndexReplace > SvxCreateNumRule( 
const SvxNumRule* pRule ) throw()
477 {
478 DBG_ASSERT( pRule, "No default SvxNumRule!" );
479 if( pRule )
480 {
481 return new SvxUnoNumberingRules( *pRule );

** CID 1424323:  Uninitialized members  (UNINIT_CTOR)
/svx/source/svdraw/svdograf.cxx: 402 in SdrGrafObj::SdrGrafObj(const Graphic 
&)()



*** CID 1424323:  Uninitialized members  (UNINIT_CTOR)
/svx/source/svdraw/svdograf.cxx: 402 in SdrGrafObj::SdrGrafObj(const Graphic 
&)()
396 mbLineIsOutsideGeometry = true;
397 mbInsidePaint = false;
398 mbIsPreview = false;
399 
400 // #i25616#
401 mbSupportTextIndentingOnLineWidthChange = false;
>>> CID 1424323:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "mbIsSignatureLineCanAddComment" is not 
>>> initialized in this constructor nor in any functions that it calls.
402 }
403 
404 SdrGrafObj::~SdrGrafObj()
405 {
406 delete pGraphic;
407 delete mpReplacementGraphic;

** CID 1424322:  Uninitialized members  (UNINIT_CTOR)
/oox/source/vml/vmlshape.cxx: 260 in oox::vml::ShapeModel::ShapeModel()()



*** CID 1424322:  Uninitialized members  (UNINIT_CTOR)
/oox/source/vml/vmlshape.cxx: 260 in oox::vml::ShapeModel::ShapeModel()()
254 {
255 }
256 
257 ShapeModel::ShapeModel() :
258 mbIsSignatureLine(false)
259 {
>>> CID 1424322:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "mbSignatureLineCanAddComment" is not 
>>> initialized in this constructor nor in any functions that it calls.
260 }
261 
262 ShapeModel::~ShapeModel()
263 {
264 }
265 

** CID 1424321:  Null pointer 

Re: New Defects reported by Coverity Scan for LibreOffice

2017-11-28 Thread Stephan Bergmann

On 11/28/2017 11:49 AM, Caolán McNamara wrote:

On Tue, 2017-11-28 at 08:58 +0100, Stephan Bergmann wrote:

That's apparently a bug in Coverity Scan; std::functions's

template function(F f);

constructor template is eligible here


I imagine the trigger is that we default to c++17 where available


Ah, right (I'd just assumed that was brand new code in sc); lets see if 
 "Avoid C++17 mode for 
Coverity Scan" will help.

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


Re: New Defects reported by Coverity Scan for LibreOffice

2017-11-28 Thread Caolán McNamara
On Tue, 2017-11-28 at 08:58 +0100, Stephan Bergmann wrote:
> That's apparently a bug in Coverity Scan; std::functions's
> 
>template function(F f);
> 
> constructor template is eligible here

I imagine the trigger is that we default to c++17 where available
___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


Re: New Defects reported by Coverity Scan for LibreOffice

2017-11-27 Thread Stephan Bergmann

On 11/28/2017 04:30 AM, scan-ad...@coverity.com wrote:

** CID 1424265:  Parse warnings  (PARSE_ERROR)
/sc/source/ui/miscdlgs/dataproviderdlg.cxx: 223 in ()



*** CID 1424265:  Parse warnings  (PARSE_ERROR)
/sc/source/ui/miscdlgs/dataproviderdlg.cxx: 223 in ()
217 { 1, "Cancel & Quit", ::cancelAndQuit }
218 };
219
220 MenuData aColumnData[] = {
221 { 0, "Delete Column", ::deleteColumn },
222 { 1, "Split Column", ::splitColumn },

 CID 1424265:  Parse warnings  (PARSE_ERROR)
 no suitable constructor exists to convert from "void (ScDataProviderDlg::*)()" to 
"std::function"

223 { 2, "Merge Columns", ::mergeColumns },
224 };
225
226 class ScDataTransformationBaseControl : public VclContainer,
227 public VclBuilderContainer
228 {


That's apparently a bug in Coverity Scan; std::functions's

  template function(F f);

constructor template is eligible here, as void (ScDataProviderDlg::*)() 
is Lvalue-Callable for argument types ScDataProviderDlg* and return type 
void.

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-11-25 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

1 new defect(s) introduced to LibreOffice found with Coverity Scan.
21 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1423309:  Error handling issues  (UNCAUGHT_EXCEPT)
/sd/source/ui/unoidl/SdUnoDrawView.cxx: 95 in 
sd::SdUnoDrawView::getActiveLayer()()



*** CID 1423309:  Error handling issues  (UNCAUGHT_EXCEPT)
/sd/source/ui/unoidl/SdUnoDrawView.cxx: 95 in 
sd::SdUnoDrawView::getActiveLayer()()
89 mrDrawViewShell.ChangeEditMode (
90 mrDrawViewShell.GetEditMode(),
91 bLayerMode);
92 }
93 }
94 
>>> CID 1423309:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
95 Reference SdUnoDrawView::getActiveLayer() throw ()
96 {
97 Reference xCurrentLayer;
98 
99 do
100 {



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyCUHqvh-2F4bYa-2BfV9m86WqrQgdp8cEgI-2FpmJ4QclW3n-2BIOTQ9woZZynnTNobrko1kTVe3O45n61MQ-2FlsN9ZdeF5ZGn5JVn3D1x5k99aiiXqxvjwNjZAcAvT2-2F7Bgn-2BytwKT1LAN0phmWim5ixDRlbLwtNxTMCjbhj4h6zfcouAhxg-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyCUHqvh-2F4bYa-2BfV9m86WqrUfrjrPmpXtojMrhkdgmHAIWCbDIq8bpUQwD2kT58S7YccfW9jXghYKOicM45kMhVtM9A1FXlvrRvQfyuoalDn2iYyafBfSrFrW4g86sWAhvqimjlne616-2FmYF2w9518fPXFxr3RSoLfJwU-2Bvc-2Fyz7g-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-11-22 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

1 new defect(s) introduced to LibreOffice found with Coverity Scan.
7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1401344:  Error handling issues  (UNCAUGHT_EXCEPT)
/usr/include/c++/7/bits/shared_ptr_base.h: 375 in 
std::_Sp_counted_ptr::_M_dispose()()



*** CID 1401344:  Error handling issues  (UNCAUGHT_EXCEPT)
/usr/include/c++/7/bits/shared_ptr_base.h: 375 in 
std::_Sp_counted_ptr::_M_dispose()()
369 public:
370   explicit
371   _Sp_counted_ptr(_Ptr __p) noexcept
372   : _M_ptr(__p) { }
373 
374   virtual void
>>> CID 1401344:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::DeploymentException" is 
>>> thrown but the throw list "throw()" doesn't allow it to be thrown. This 
>>> will cause a call to unexpected() which usually calls terminate().
375   _M_dispose() noexcept
376   { delete _M_ptr; }
377 
378   virtual void
379   _M_destroy() noexcept
380   { delete this; }



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyqm-2BPyB9atMFKJ1KqKFTtUxUvFX9eoB51-2FtHTFv-2B6uEPzkBHdOQgVGN2qkgxuwqJUN1BTYHkvXqZP3T0KaIk61YsAXkXolnCBPMhVFYr9VOEYAlpiZTk0-2FjktQKjQ6S3z098afMvG4BMqVTs5b7fz9rWiPi1A5l2JBrvhxtFIZds-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyqm-2BPyB9atMFKJ1KqKFTtU4p8U3aPJLQtzqLS1ZugLNwqsz5mDknqY2SJFxp44bLgEH4MNABkWfaNRmveG7TdzX7zOCO8X7w3gLsghWRB-2B2HwAwbguTlgHpt10-2FZRYTSKojXd53XwBeTGB-2BTTMKzLfLbqdHbaJosV-2Bwq9rys25eU-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-11-20 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
18 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1422233:  Error handling issues  (CHECKED_RETURN)
/sw/source/core/txtnode/thints.cxx: 1292 in SwTextNode::InsertHint(SwTextAttr 
*, SetAttrMode)()



*** CID 1422233:  Error handling issues  (CHECKED_RETURN)
/sw/source/core/txtnode/thints.cxx: 1292 in SwTextNode::InsertHint(SwTextAttr 
*, SetAttrMode)()
1286 // Need to insert char first, because SetAnchor() 
reads
1287 // GetStart().
1288 //JP 11.05.98: if the anchor is already set 
correctly,
1289 // fix it after inserting the char, so that 
clients don't
1290 // have to worry about it.
1291 const SwFormatAnchor* pAnchor = nullptr;
>>> CID 1422233:  Error handling issues  (CHECKED_RETURN)
>>> Calling "GetItemState" without checking return value (as is done 
>>> elsewhere 71 out of 74 times).
1292 pFormat->GetItemState( RES_ANCHOR, false,
1293 reinterpret_cast() );
1294 
1295 SwIndex aIdx( this, pAttr->GetStart() );
1296 const OUString c(GetCharOfTextAttr(*pAttr));
1297 OUString const ins( InsertText(c, aIdx, 
nInsertFlags) );

** CID 1422232:(NEGATIVE_RETURNS)
/sc/source/ui/unoobj/chart2uno.cxx: 756 in 
::Chart2Positioner::createPositionMap()()
/sc/source/ui/unoobj/chart2uno.cxx: 756 in 
::Chart2Positioner::createPositionMap()()
/sc/source/ui/unoobj/chart2uno.cxx: 756 in 
::Chart2Positioner::createPositionMap()()



*** CID 1422232:(NEGATIVE_RETURNS)
/sc/source/ui/unoobj/chart2uno.cxx: 756 in 
::Chart2Positioner::createPositionMap()()
750 (*pCols)[ nInsCol ] = pCol;
751 }
752 else
753 pCol = it->second;
754 
755 sal_uInt32 nInsRow = static_cast(bNoGlue ? 
nNoGlueRow : nRow1);
>>> CID 1422232:(NEGATIVE_RETURNS)
>>> Unsigned variable "nInsRow" is incremented, which might cause an 
>>> integer overflow.
756 for (SCROW nRow = nRow1; nRow <= nRow2; ++nRow, 
++nInsRow)
757 {
758 ScSingleRefData aCellData;
759 aCellData.InitFlags();
760 aCellData.SetFlag3D(true);
761 aCellData.SetColRel(false);
/sc/source/ui/unoobj/chart2uno.cxx: 756 in 
::Chart2Positioner::createPositionMap()()
750 (*pCols)[ nInsCol ] = pCol;
751 }
752 else
753 pCol = it->second;
754 
755 sal_uInt32 nInsRow = static_cast(bNoGlue ? 
nNoGlueRow : nRow1);
>>> CID 1422232:(NEGATIVE_RETURNS)
>>> Unsigned variable "nInsRow" is incremented, which might cause an 
>>> integer overflow.
756 for (SCROW nRow = nRow1; nRow <= nRow2; ++nRow, 
++nInsRow)
757 {
758 ScSingleRefData aCellData;
759 aCellData.InitFlags();
760 aCellData.SetFlag3D(true);
761 aCellData.SetColRel(false);
/sc/source/ui/unoobj/chart2uno.cxx: 756 in 
::Chart2Positioner::createPositionMap()()
750 (*pCols)[ nInsCol ] = pCol;
751 }
752 else
753 pCol = it->second;
754 
755 sal_uInt32 nInsRow = static_cast(bNoGlue ? 
nNoGlueRow : nRow1);
>>> CID 1422232:(NEGATIVE_RETURNS)
>>> Unsigned variable "nInsRow" is incremented, which might cause an 
>>> integer overflow.
756 for (SCROW nRow = nRow1; nRow <= nRow2; ++nRow, 
++nInsRow)
757 {
758 ScSingleRefData aCellData;
759 aCellData.InitFlags();
760 aCellData.SetFlag3D(true);
761 aCellData.SetColRel(false);



To view the defects in Coverity Scan visit, 

Re: New Defects reported by Coverity Scan for LibreOffice

2017-11-17 Thread Eike Rathke
Hi,

On Friday, 2017-11-17 11:11:07 +, scan-ad...@coverity.com wrote:

> ** CID 1422192:  Memory - corruptions  (OVERRUN)
> /sc/source/core/tool/token.cxx: 361 in ScRawToken::SetExternal(const char16_t 
> *)()

A fallout from
https://cgit.freedesktop.org/libreoffice/core/commit/?id=280a5166ad4032a618c5e29db701330f7dbdfbff
fixed with
https://cgit.freedesktop.org/libreoffice/core/commit/?id=2337797936eb53ac088ad7b5243d5fd8dfbfa31e

  Eike

-- 
LibreOffice Calc developer. Number formatter stricken i18n transpositionizer.
GPG key 0x6A6CD5B765632D3A - 2265 D7F3 A7B0 95CC 3918  630B 6A6C D5B7 6563 2D3A
Care about Free Software, support the FSFE https://fsfe.org/support/?erack


signature.asc
Description: PGP signature
___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-11-17 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

1 new defect(s) introduced to LibreOffice found with Coverity Scan.
16 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1422192:  Memory - corruptions  (OVERRUN)
/sc/source/core/tool/token.cxx: 361 in ScRawToken::SetExternal(const char16_t 
*)()



*** CID 1422192:  Memory - corruptions  (OVERRUN)
/sc/source/core/tool/token.cxx: 361 in ScRawToken::SetExternal(const char16_t 
*)()
355 eType = svExternal;
356 sal_Int32 nLen = GetStrLen( pStr ) + 1;
357 if( nLen > MAXSTRLEN )
358 nLen = MAXSTRLEN;
359 // Leave space for byte parameter!
360 memcpy( cStr+1, pStr, nLen * sizeof(sal_Unicode) );
>>> CID 1422192:  Memory - corruptions  (OVERRUN)
>>> Overrunning array "(*this).cStr" of 1025 2-byte elements at element 
>>> index 1025 (byte offset 2050) using index "nLen + 1" (which evaluates to 
>>> 1025).
361 cStr[ nLen+1 ] = 0;
362 }
363 
364 bool ScRawToken::IsValidReference() const
365 {
366 switch (eType)



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpywv9lPUd-2B6VylT8WRwLWGXaQBtlBs1fPXn7p64Y10JvK8YFkrTv6NPbmEhqm3sN6aFlQfSiks3Z3tc6u0osL612aFbsrFn9Rj8xJf5PFbZ6Y-2BaNH9BzPJwANGcBB-2BInWftQuMTPPt2TzbSINb-2BcPtk4knsu-2FraPvAasxKEInWRjU-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpywv9lPUd-2B6VylT8WRwLWGXSerh7O1tz96SyeZQZtgW-2B4-2Bhes3HdNMVFOzS4y-2BIfVZL5NibSm-2FKEZK-2F9CrC926wD7djVCMlqnjhl0F-2F58TDonzSPgo5Q83WpLJoCUBkXxPpUWIl4nFt28B8tc0cHU31rb4y-2B5CxVIWCfdvt0u0S-2FM-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


Re: New Defects reported by Coverity Scan for LibreOffice

2017-11-15 Thread Caolán McNamara
On Wed, 2017-11-15 at 02:55 +, scan-ad...@coverity.com wrote:
> Hi,
> 
> Please find the latest report on new defect(s) introduced to
> LibreOffice found with Coverity Scan.
> 
> 121 new defect(s) introduced to LibreOffice found with Coverity Scan.
> 19 defect(s), reported by Coverity Scan earlier, were marked fixed in
> the recent build analyzed by Coverity Scan.

Due to a tragic accident involved the rm command I had lost my usual
coverity docker image so had to create a new one, based on fedora 27,
and the latest version of coverity. Hence the exciting new status.
___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-11-14 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

121 new defect(s) introduced to LibreOffice found with Coverity Scan.
19 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 20 of 121 defect(s)


** CID 1421169:  Error handling issues  (UNCAUGHT_EXCEPT)
/connectivity/source/inc/java/GlobalRef.hxx: 58 in 
connectivity::jdbc::GlobalRef<_jobject *>::~GlobalRef()()



*** CID 1421169:  Error handling issues  (UNCAUGHT_EXCEPT)
/connectivity/source/inc/java/GlobalRef.hxx: 58 in 
connectivity::jdbc::GlobalRef<_jobject *>::~GlobalRef()()
52 
53 SDBThreadAttach t;
54 set( t.env(), _source.get() );
55 return *this;
56 }
57 
>>> CID 1421169:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type 
>>> "jvmaccess::VirtualMachine::AttachGuard::CreationException" is thrown but 
>>> the throw list "throw()" doesn't allow it to be thrown. This will cause a 
>>> call to unexpected() which usually calls terminate().
58 ~GlobalRef()
59 {
60 reset();
61 }
62 
63 void reset()

** CID 1421168:  Error handling issues  (UNCAUGHT_EXCEPT)
/starmath/source/tmpdevice.hxx: 37 in SmTmpDevice::~SmTmpDevice()()



*** CID 1421168:  Error handling issues  (UNCAUGHT_EXCEPT)
/starmath/source/tmpdevice.hxx: 37 in SmTmpDevice::~SmTmpDevice()()
31 SmTmpDevice& operator=(const SmTmpDevice&) = delete;
32 
33 Color   Impl_GetColor( const Color& rColor );
34 
35 public:
36 SmTmpDevice(OutputDevice , bool bUseMap100th_mm);
>>> CID 1421168:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type 
>>> "boost::exception_detail::clone_impl>>  >" is thrown but the throw list "throw()" doesn't allow it to be thrown. 
>>> This will cause a call to unexpected() which usually calls terminate().
37 ~SmTmpDevice()  { rOutDev.Pop(); }
38 
39 void SetFont(const vcl::Font );
40 
41 void SetLineColor( const Color& rColor ){ rOutDev.SetLineColor( 
Impl_GetColor(rColor) ); }
42 void SetFillColor( const Color& rColor ){ rOutDev.SetFillColor( 
Impl_GetColor(rColor) ); }

** CID 1421167:  Error handling issues  (UNCAUGHT_EXCEPT)
/svx/source/unodraw/unoshap3.cxx: 60 in 
Svx3DSceneObject::Svx3DSceneObject(SdrObject *, SvxDrawPage *)()



*** CID 1421167:  Error handling issues  (UNCAUGHT_EXCEPT)
/svx/source/unodraw/unoshap3.cxx: 60 in 
Svx3DSceneObject::Svx3DSceneObject(SdrObject *, SvxDrawPage *)()
54 using namespace ::com::sun::star::container;
55 
56 #define QUERYINT( xint ) \
57 if( rType == cppu::UnoType::get() ) \
58 aAny <<= Reference< xint >(this)
59 
>>> CID 1421167:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
60 Svx3DSceneObject::Svx3DSceneObject( SdrObject* pObj, SvxDrawPage* 
pDrawPage ) throw()
61 :   SvxShape( pObj, getSvxMapProvider().GetMap(SVXMAP_3DSCENEOBJECT), 
getSvxMapProvider().GetPropertySet(SVXMAP_3DSCENEOBJECT, 
SdrObject::GetGlobalDrawObjectItemPool()) )
62 ,   mxPage( pDrawPage )
63 {
64 }
65 

** CID 1421166:  Error handling issues  (UNCAUGHT_EXCEPT)
/svx/source/unodraw/unoshap4.cxx: 66 in SvxOle2Shape::SvxOle2Shape(SdrObject 
*)()



*** CID 1421166:  Error handling issues  (UNCAUGHT_EXCEPT)
/svx/source/unodraw/unoshap4.cxx: 66 in SvxOle2Shape::SvxOle2Shape(SdrObject 
*)()
60 using namespace ::com::sun::star::uno;
61 using namespace ::com::sun::star::lang;
62 using namespace ::com::sun::star::container;
63 using namespace ::com::sun::star::beans;
64 
65 
>>> CID 1421166:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
66 SvxOle2Shape::SvxOle2Shape( SdrObject* pObject ) throw()
67 : SvxShapeText( pObject, getSvxMapProvider().GetMap(SVXMAP_OLE2),
68 

New Defects reported by Coverity Scan for LibreOffice

2017-11-02 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1420539:  Control flow issues  (DEADCODE)
/sal/osl/unx/file_error_transl.cxx: 37 in oslTranslateFileError(int)()



*** CID 1420539:  Control flow issues  (DEADCODE)
/sal/osl/unx/file_error_transl.cxx: 37 in oslTranslateFileError(int)()
31the reason that we do this here */
32 if (Errno == 0)
33 return osl_error;
34 
35 switch(Errno)
36 {
>>> CID 1420539:  Control flow issues  (DEADCODE)
>>> Execution cannot reach this statement: "case 0:".
37 case 0:
38 osl_error = osl_File_E_None;
39 break;
40 
41 case EPERM:
42 osl_error = osl_File_E_PERM;

** CID 1420538:  Incorrect expression  (COPY_PASTE_ERROR)
/filter/source/graphicfilter/ieps/ieps.cxx: 768 in ipsGraphicImport()



*** CID 1420538:  Incorrect expression  (COPY_PASTE_ERROR)
/filter/source/graphicfilter/ieps/ieps.cxx: 768 in ipsGraphicImport()
762 }
763 bool bFail = nSecurityCount == 0;
764 long nWidth(0), nHeight(0);
765 if (!bFail)
766 bFail = o3tl::checked_sub(nNumb[2], nNumb[0], 
nWidth) || o3tl::checked_add(nWidth, 1L, nWidth);
767 if (!bFail)
>>> CID 1420538:  Incorrect expression  (COPY_PASTE_ERROR)
>>> "nWidth" in "o3tl::checked_add(nWidth, 1L, nHeight)" looks like a 
>>> copy-paste error.
768 bFail = o3tl::checked_sub(nNumb[3], nNumb[1], 
nHeight) || o3tl::checked_add(nWidth, 1L, nHeight);
769 if (!bFail && nWidth > 0 && nHeight > 0)
770 {
771 GDIMetaFile aMtf;
772 
773 // if there is no preview -> try with gs to make one

** CID 1420537:  Uninitialized members  (UNINIT_CTOR)
/i18npool/source/characterclassification/cclass_unicode.cxx: 53 in 
i18npool::cclass_Unicode::cclass_Unicode(const 
com::sun::star::uno::Reference &)()



*** CID 1420537:  Uninitialized members  (UNINIT_CTOR)
/i18npool/source/characterclassification/cclass_unicode.cxx: 53 in 
i18npool::cclass_Unicode::cclass_Unicode(const 
com::sun::star::uno::Reference &)()
47 nContTypes( 0 ),
48 eState( ssGetChar ),
49 cGroupSep( ',' ),
50 cDecimalSep( '.' )
51 {
52 trans = new Transliteration_casemapping();
>>> CID 1420537:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "cDecimalSepAlt" is not initialized in this 
>>> constructor nor in any functions that it calls.
53 }
54 
55 cclass_Unicode::~cclass_Unicode() {
56 destroyParserTable();
57 delete trans;
58 }

** CID 1420536:  Null pointer dereferences  (FORWARD_NULL)
/sd/source/ui/view/drviews2.cxx: 317 in 
sd::ClassificationCollector::iterateSectionsAndCollect(const 
std::vector &, const 
EditTextObject &)()



*** CID 1420536:  Null pointer dereferences  (FORWARD_NULL)
/sd/source/ui/view/drviews2.cxx: 317 in 
sd::ClassificationCollector::iterateSectionsAndCollect(const 
std::vector &, const 
EditTextObject &)()
311 m_aResults.push_back({ 
svx::ClassificationType::PARAGRAPH, sWeightProperty, sBlank });
312 }
313 
314 const SvxFieldItem* pFieldItem = findField(rSection);
315 if (pFieldItem)
316 {
>>> CID 1420536:  Null pointer dereferences  (FORWARD_NULL)
>>> Assigning: "pCustomPropertyField" = "dynamic_cast 
>>> (pFieldItem->GetField())".
317 const auto* pCustomPropertyField = dynamic_cast(pFieldItem->GetField());
318 OUString aKey = pCustomPropertyField->GetName();
319 if (aKeyCreator.isMarkingTextKey(aKey))
320 {
321 OUString aValue = 
lcl_getProperty(xPropertyContainer, aKey);
322 m_aResults.push_back({ 
svx::ClassificationType::TEXT, aValue, sBlank });



To view the defects in 

New Defects reported by Coverity Scan for LibreOffice

2017-10-26 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

3 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1420317:  Null pointer dereferences  (FORWARD_NULL)
/sd/source/ui/view/drviews2.cxx: 330 in sd::ClassificationCollector::collect()()



*** CID 1420317:  Null pointer dereferences  (FORWARD_NULL)
/sd/source/ui/view/drviews2.cxx: 330 in sd::ClassificationCollector::collect()()
324 m_pRectObject = pRectObject;
325 for (editeng::Section const & rSection : 
aSections)
326 {
327 const SvxFieldItem* pFieldItem = 
findField(rSection);
328 if (pFieldItem)
329 {
>>> CID 1420317:  Null pointer dereferences  (FORWARD_NULL)
>>> Assigning: "pCustomPropertyField" = "dynamic_cast 
>>> (pFieldItem->GetField())".
330 const auto* pCustomPropertyField = 
dynamic_cast(pFieldItem->GetField());
331 OUString aKey = 
pCustomPropertyField->GetKey();
332 if (aKey.startsWith(sPolicy + 
"Marking:Text:"))
333 {
334 OUString aValue = 
lcl_getProperty(xPropertyContainer, aKey);
335 m_aResults.push_back({ 
svx::ClassificationType::TEXT, aValue, nParagraph });

** CID 1420316:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/sal/osl/unx/file.cxx: 1155 in ::exceedsMinOffT(T1)()



*** CID 1420316:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/sal/osl/unx/file.cxx: 1155 in ::exceedsMinOffT(T1)()
1149 namespace {
1150 
1151 //coverity[result_independent_of_operands]
1152 template bool exceedsMaxOffT(T n) { return n > MAX_OFF_T; }
1153 
1154 template bool exceedsMinOffT(T n)
>>> CID 1420316:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>> "n < -9223372036854775808L" is always false regardless of the values of 
>>> its operands. This occurs as a return value.
1155 { return n < std::numeric_limits::min(); }
1156 
1157 }
1158 
1159 oslFileError SAL_CALL osl_mapFile(
1160 oslFileHandle Handle,

** CID 1420315:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/draw/dflyobj.cxx: 403 in SwVirtFlyDrawObj::Rotate(const Point 
&, long, double, double)()



*** CID 1420315:  Null pointer dereferences  (FORWARD_NULL)
/sw/source/core/draw/dflyobj.cxx: 403 in SwVirtFlyDrawObj::Rotate(const Point 
&, long, double, double)()
397 
398 if(0 != nAngle)
399 {
400 // RotGrfFlyFrame: Add transformation to placeholder object
401 Size aSize;
402 const sal_uInt16 
nOldRot(SwVirtFlyDrawObj::getPossibleRotationFromFraphicFrame(aSize));
>>> CID 1420315:  Null pointer dereferences  (FORWARD_NULL)
>>> Assigning: "pSh" = "dynamic_cast >> *>(this->GetFlyFrame()->getRootFrame()->GetCurrShell())".
403 SwWrtShell *pSh = dynamic_cast( 
GetFlyFrame()->getRootFrame()->GetCurrShell() );
404 SwFlyFrameAttrMgr aMgr(false, pSh, Frmmgr_Type::NONE);
405 
406 aMgr.SetRotation(nOldRot, (nOldRot + 
static_cast(nAngle)) % 3600, aSize);
407 }
408 }



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyj3JREHMjT-2FcUjmeJVZmXXu3BZlD6CRytoojjZYLmROzpvaZQMQXpwXrUpC67CWoCi-2FnTZ6wCHOPgcXHYTa6hykQmJF5NxDBz-2BwD79sbKBsovpNyn2jDEuuLNSna5GUYxrQwkVcg-2BVWLkv2cKqI7nuGJJ4yQv1K2pOl2cpPkx9to-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 

New Defects reported by Coverity Scan for LibreOffice

2017-10-20 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1419948:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/sal/osl/unx/file.cxx: 1151 in ::exceedsOffT(T1)()



*** CID 1419948:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/sal/osl/unx/file.cxx: 1151 in ::exceedsOffT(T1)()
1145 }
1146 
1147 const off_t MAX_OFF_T = std::numeric_limits< off_t >::max();
1148 
1149 namespace {
1150 
>>> CID 1419948:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>> "n > 9223372036854775807L /* MAX_OFF_T */" is always false regardless 
>>> of the values of its operands. This occurs as a return value.
1151 template bool exceedsOffT(T n) { return n > MAX_OFF_T; }
1152 
1153 }
1154 
1155 oslFileError SAL_CALL osl_mapFile(
1156 oslFileHandle Handle,

** CID 705523:(NULL_RETURNS)
/sw/source/uibase/utlui/content.cxx: 2071 in 
SwContentTree::HasContentChanged()()
/sw/source/uibase/utlui/content.cxx: 2141 in 
SwContentTree::HasContentChanged()()
/sw/source/uibase/utlui/content.cxx: 2180 in 
SwContentTree::HasContentChanged()()
/sw/source/uibase/utlui/content.cxx: 2191 in 
SwContentTree::HasContentChanged()()



*** CID 705523:(NULL_RETURNS)
/sw/source/uibase/utlui/content.cxx: 2071 in 
SwContentTree::HasContentChanged()()
2065 bRepaint = true;
2066 else
2067 {
2068 const size_t nChildCount = 
GetChildCount(pEntry);
2069 for(size_t j = 0; j < nChildCount; ++j)
2070 {
>>> CID 705523:(NULL_RETURNS)
>>> Assigning: "pEntry" = null return value from "Next".
2071 pEntry = Next(pEntry);
2072 const SwContent* pCnt = 
pArrType->GetMember(j);
2073 pEntry->SetUserData(const_cast(pCnt));
2074 OUString sEntryText = GetEntryText(pEntry);
2075 if( sEntryText != pCnt->GetName() &&
2076 !(sEntryText == m_sSpace && 
pCnt->GetName().isEmpty()))
/sw/source/uibase/utlui/content.cxx: 2141 in 
SwContentTree::HasContentChanged()()
2135 if(nChildCount != pArrType->GetMemberCount())
2136 bRepaint = true;
2137 else
2138 {
2139 for(size_t j = 0; j < nChildCount; ++j)
2140 {
>>> CID 705523:(NULL_RETURNS)
>>> Assigning: "pEntry" = null return value from "Next".
2141 pEntry = Next(pEntry);
2142 bNext = false;
2143 const SwContent* pCnt = 
pArrType->GetMember(j);
2144 pEntry->SetUserData(const_cast(pCnt));
2145 OUString sEntryText = GetEntryText(pEntry);
2146 if( sEntryText != pCnt->GetName() &&
/sw/source/uibase/utlui/content.cxx: 2180 in 
SwContentTree::HasContentChanged()()
2174 const SwContent* pCnt = 
pArrType->GetMember(j);
2175 pChild->SetUserData(const_cast(pCnt));
2176 OUString sEntryText = GetEntryText(pChild);
2177 if( sEntryText != pCnt->GetName() &&
2178 !(sEntryText == m_sSpace && 
pCnt->GetName().isEmpty()))
2179 bRemoveChildren = true;
>>> CID 705523:(NULL_RETURNS)
>>> Assigning: "pChild" = null return value from "Next".
2180 pChild = Next(pChild);
2181 }
2182 }
2183 if(bRemoveChildren)
2184 {
2185 SvTreeListEntry* pChild = FirstChild(pEntry);
/sw/source/uibase/utlui/content.cxx: 2191 in 
SwContentTree::HasContentChanged()()
2185 SvTreeListEntry* pChild = FirstChild(pEntry);
2186 SvTreeListEntry* pRemove = pChild;
2187 for(size_t j = 0; j < nChildCount; ++j)
2188 {
2189 pChild = Next(pRemove);
2190  

New Defects reported by Coverity Scan for LibreOffice

2017-10-15 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1419773:  Uninitialized members  (UNINIT_CTOR)
/vcl/source/window/dialog.cxx: 498 in Dialog::Dialog(WindowType)()



*** CID 1419773:  Uninitialized members  (UNINIT_CTOR)
/vcl/source/window/dialog.cxx: 498 in Dialog::Dialog(WindowType)()
492 
493 Dialog::Dialog( WindowType nType )
494 : SystemWindow( nType )
495 , mnInitFlag(InitFlag::Default)
496 {
497 ImplInitDialogData();
>>> CID 1419773:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "mbForceBorderWindow" is not initialized in 
>>> this constructor nor in any functions that it calls.
498 }
499 
500 void VclBuilderContainer::disposeBuilder()
501 {
502 if (m_pUIBuilder)
503 m_pUIBuilder->disposeBuilder();

** CID 1401342:  Error handling issues  (UNCAUGHT_EXCEPT)
/usr/include/c++/6.3.1/bits/shared_ptr_base.h: 527 in 
std::_Sp_counted_ptr_inplace::_M_dispose()()



*** CID 1401342:  Error handling issues  (UNCAUGHT_EXCEPT)
/usr/include/c++/6.3.1/bits/shared_ptr_base.h: 527 in 
std::_Sp_counted_ptr_inplace::_M_dispose()()
521   std::forward<_Args>(__args)...); // might throw
522 }
523 
524   ~_Sp_counted_ptr_inplace() noexcept { }
525 
526   virtual void
>>> CID 1401342:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
527   _M_dispose() noexcept
528   {
529 allocator_traits<_Alloc>::destroy(_M_impl._M_alloc(), _M_ptr());
530   }
531 
532   // Override because the allocator needs to know the dynamic type



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyY3rJftnkY1zqIpu9BzdDNR955xgx01Ooe8j5DnxPauPHut6gW1VRRsuh3O-2Bw33gT-2FnzfpPQtazVALyn2UyFq-2B9VmPMn2nHfYJfrHAjRtqmnRF8i588huaoegCdX83VIH6xtR7gz59NxNwe2oTxkc83qBD99Zz3v3IlFZ8dkE3us-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyY3rJftnkY1zqIpu9BzdDNXeGHv5USKm5BTjj4Mn-2FWNJfRMJj530AM3zJX7CgkY8Q-2FHefSAbOEBsQBApZJc-2FUwu7lZgWirBNhvY78wl3AeoeNho3DJiNfxPUZG6wLjSDkg442D8QMzW3W4NOOoEvcZ5xit7M5dmqULocWnnNjIQI-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-10-07 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

3 new defect(s) introduced to LibreOffice found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1418980:(RESOURCE_LEAK)
/sw/source/filter/ww8/docxexport.cxx: 1068 in DocxExport::WriteSettings()()
/sw/source/filter/ww8/docxexport.cxx: 1068 in DocxExport::WriteSettings()()



*** CID 1418980:(RESOURCE_LEAK)
/sw/source/filter/ww8/docxexport.cxx: 1068 in DocxExport::WriteSettings()()
1062 
1063 sax_fastparser::XFastAttributeListRef 
xAttributeList(pAttributeList);
1064 pFS->singleElementNS(XML_w, 
XML_documentProtection, xAttributeList);
1065 
1066 hasProtectionProperties = true;
1067 }
>>> CID 1418980:(RESOURCE_LEAK)
>>> Variable "pAttributeList" going out of scope leaks the storage it 
>>> points to.
1068 }
1069 }
1070 }
1071 
1072 // Protect form
1073 // Section-specific write protection
/sw/source/filter/ww8/docxexport.cxx: 1068 in DocxExport::WriteSettings()()
1062 
1063 sax_fastparser::XFastAttributeListRef 
xAttributeList(pAttributeList);
1064 pFS->singleElementNS(XML_w, 
XML_documentProtection, xAttributeList);
1065 
1066 hasProtectionProperties = true;
1067 }
>>> CID 1418980:(RESOURCE_LEAK)
>>> Variable "pAttributeList" going out of scope leaks the storage it 
>>> points to.
1068 }
1069 }
1070 }
1071 
1072 // Protect form
1073 // Section-specific write protection

** CID 1418979:  API usage errors  (INVALIDATE_ITERATOR)
/sw/source/core/edit/edfcol.cxx: 1232 in 
SwUndoParagraphSigning::SwUndoParagraphSigning(const SwPosition &, const 
com::sun::star::uno::Reference &, const 
com::sun::star::uno::Reference &, bool)()



*** CID 1418979:  API usage errors  (INVALIDATE_ITERATOR)
/sw/source/core/edit/edfcol.cxx: 1232 in 
SwUndoParagraphSigning::SwUndoParagraphSigning(const SwPosition &, const 
com::sun::star::uno::Reference &, const 
com::sun::star::uno::Reference &, bool)()
1226 const auto it = aStatements.find(ParagraphSignatureRDFName);
1227 if (it != aStatements.end())
1228 m_signature = it->second;
1229 
1230 const auto it2 = aStatements.find(ParagraphSignatureUsageRDFName);
1231 if (it2 != aStatements.end())
>>> CID 1418979:  API usage errors  (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "it" though it is already past the end of its 
>>> container.
1232 m_usage = it->second;
1233 
1234 uno::Reference xText(m_xField, 
uno::UNO_QUERY);
1235 m_display = xText->getString();
1236 }
1237 

** CID 1418978:  Incorrect expression  (COPY_PASTE_ERROR)
/sw/source/core/edit/edfcol.cxx: 1232 in 
SwUndoParagraphSigning::SwUndoParagraphSigning(const SwPosition &, const 
com::sun::star::uno::Reference &, const 
com::sun::star::uno::Reference &, bool)()



*** CID 1418978:  Incorrect expression  (COPY_PASTE_ERROR)
/sw/source/core/edit/edfcol.cxx: 1232 in 
SwUndoParagraphSigning::SwUndoParagraphSigning(const SwPosition &, const 
com::sun::star::uno::Reference &, const 
com::sun::star::uno::Reference &, bool)()
1226 const auto it = aStatements.find(ParagraphSignatureRDFName);
1227 if (it != aStatements.end())
1228 m_signature = it->second;
1229 
1230 const auto it2 = aStatements.find(ParagraphSignatureUsageRDFName);
1231 if (it2 != aStatements.end())
>>> CID 1418978:  Incorrect expression  (COPY_PASTE_ERROR)
>>> "it" looks like a copy-paste error.
1232 m_usage = it->second;
1233 
1234 uno::Reference xText(m_xField, 
uno::UNO_QUERY);
1235 m_display = xText->getString();
1236 }
1237 



To view the defects in Coverity Scan visit, 

New Defects reported by Coverity Scan for LibreOffice

2017-10-05 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

8 new defect(s) introduced to LibreOffice found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)


** CID 1418967:  Uninitialized variables  (UNINIT)



*** CID 1418967:  Uninitialized variables  (UNINIT)
/sc/source/ui/view/viewdata.cxx: 572 in ScViewData::ScViewData(ScDocShell *, 
ScTabViewShell *)()
566 if (pDoc)
567 {
568 SCTAB nTableCount = pDoc->GetTableCount();
569 EnsureTabDataSize(nTableCount);
570 }
571 
>>> CID 1418967:  Uninitialized variables  (UNINIT)
>>> Using uninitialized value "this->nPPTY" when calling "CalcPPT".
572 CalcPPT();
573 }
574 
575 ScViewData::ScViewData( const ScViewData& rViewData ) :
576 maTabData( rViewData.maTabData ),
577 mpMarkData(new ScMarkData(*rViewData.mpMarkData)),

** CID 1418966:  Null pointer dereferences  (FORWARD_NULL)
/vcl/source/control/ctrl.cxx: 430 in Control::LogicInvalidate(const 
tools::Rectangle *)()



*** CID 1418966:  Null pointer dereferences  (FORWARD_NULL)
/vcl/source/control/ctrl.cxx: 430 in Control::LogicInvalidate(const 
tools::Rectangle *)()
424 // If parent is a floating window, trigger an invalidate there
425 vcl::Window* pWindow = this;
426 while (pWindow)
427 {
428 if (pWindow->ImplIsFloatingWindow())
429 {
>>> CID 1418966:  Null pointer dereferences  (FORWARD_NULL)
>>> Passing null pointer "dynamic_cast (pWindow)" to 
>>> "LogicInvalidate", which dereferences it. (The dereference happens because 
>>> this is a virtual function call.)
430 
dynamic_cast(pWindow)->LogicInvalidate(nullptr);
431 return;
432 }
433 
434 pWindow = pWindow->GetParent();
435 }

** CID 1418965:  Uninitialized members  (UNINIT_CTOR)
/sc/source/ui/view/tabview.cxx: 2346 in 
BoundsProvider::BoundsProvider(ScDocument *, short)()



*** CID 1418965:  Uninitialized members  (UNINIT_CTOR)
/sc/source/ui/view/tabview.cxx: 2346 in 
BoundsProvider::BoundsProvider(ScDocument *, short)()
2340 long nSecondPositionPx;
2341 
2342 public:
2343 BoundsProvider(ScDocument* pD, SCTAB nT)
2344 : pDoc(pD)
2345 , nTab(nT)
>>> CID 1418965:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "nSecondPositionPx" is not initialized in this 
>>> constructor nor in any functions that it calls.
2346 {}
2347 
2348 void GetStartIndexAndPosition(index_type& nIndex, long& nPosition) 
const
2349 {
2350 nIndex = nFirstIndex;
2351 nPosition = nFirstPositionPx;

** CID 1418964:  Incorrect expression  (COPY_PASTE_ERROR)
/sc/source/ui/view/viewdata.cxx: 221 in 
ScPositionHelper::getNearestByPosition(long) const()



*** CID 1418964:  Incorrect expression  (COPY_PASTE_ERROR)
/sc/source/ui/view/viewdata.cxx: 221 in 
ScPositionHelper::getNearestByPosition(long) const()
215 if (posUB == mData.begin())
216 {
217 return *posUB;
218 }
219 
220 auto posLB = std::prev(posUB);
>>> CID 1418964:  Incorrect expression  (COPY_PASTE_ERROR)
>>> "posUB" looks like a copy-paste error.
221 if (posUB == mData.end())
222 {
223 return *posLB;
224 }
225 
226 long nDiffUB = posUB->second - nPos;

** CID 1418963:  Uninitialized members  (UNINIT_CTOR)
/sc/source/ui/view/tabview.cxx: 2346 in 
BoundsProvider::BoundsProvider(ScDocument *, short)()



*** CID 1418963:  Uninitialized members  (UNINIT_CTOR)
/sc/source/ui/view/tabview.cxx: 2346 in 
BoundsProvider::BoundsProvider(ScDocument *, short)()
2340 long nSecondPositionPx;
2341 
2342 public:
2343 BoundsProvider(ScDocument* pD, SCTAB nT)
2344 : pDoc(pD)
2345 , nTab(nT)
>>> CID 1418963:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "nSecondPositionPx" is not initialized in this 
>>> constructor nor in any functions that it calls.
2346 {}
2347 
2348 void GetStartIndexAndPosition(index_type& nIndex, long& 

New Defects reported by Coverity Scan for LibreOffice

2017-09-30 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

1 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1418672:  Null pointer dereferences  (FORWARD_NULL)
/sot/source/sdstor/stgio.cxx: 100 in StgIo::SetupStreams()()



*** CID 1418672:  Null pointer dereferences  (FORWARD_NULL)
/sot/source/sdstor/stgio.cxx: 100 in StgIo::SetupStreams()()
94 sal_Int32 nFatStrmSize;
95 if (o3tl::checked_multiply(m_aHdr.GetFATSize(), 
nPhysPageSize, nFatStrmSize))
96 {
97 SAL_WARN("sot", "Error: " << m_aHdr.GetFATSize() << " * " << 
nPhysPageSize << " would overflow");
98 SetError(SVSTREAM_FILEFORMAT_ERROR);
99 m_pFAT = nullptr;
>>> CID 1418672:  Null pointer dereferences  (FORWARD_NULL)
>>> Assigning: "this->m_pTOC" = "NULL".
100 m_pTOC = nullptr;
101 }
102 else
103 {
104 m_pFAT = new StgFATStrm(*this, nFatStrmSize);
105 m_pTOC = new StgDirStrm( *this );



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyjHImzuEmcnYXTs-2Fi-2FFXWLe7SqrO7BzRy-2F1FLdrLyL0UVr2KXSsrfVKsB8Jr7WvWyJ1hY3Gi1KXq8qwXZ7UBQcJh3C-2FOnhXv7CQrDVnxpSUN8FCkvsriyU0nSD72Jufr03KTX2lAvKvUkWXWdOkln0TS6CsENzlZG6PYEbPMNR14-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyjHImzuEmcnYXTs-2Fi-2FFXWLUm1MW8M1WyS3e6Frw5HyguY2G5klSfneBCGMWBj5LHXdSB0gh7aLKEDUfSIal5UIUTnJe2ioeeJSZ7bMlNAYY7UGMMeuSDxmz8RNV5fL8YEDBFSQhz7Az0z7ci-2Fg8kaKCsdCQ1o-2FKUeiad16knw4JU-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-09-24 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

1 new defect(s) introduced to LibreOffice found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1417678:  Error handling issues  (UNCAUGHT_EXCEPT)
/sw/source/uibase/dbui/dbmgr.cxx: 805 in SwDBManager::~SwDBManager()()



*** CID 1417678:  Error handling issues  (UNCAUGHT_EXCEPT)
/sw/source/uibase/dbui/dbmgr.cxx: 805 in SwDBManager::~SwDBManager()()
799 , pImpl(new SwDBManager_Impl(*this))
800 , pMergeEvtSrc(nullptr)
801 , m_pDoc(pDoc)
802 {
803 }
804 
>>> CID 1417678:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::DeploymentException" is 
>>> thrown but the throw list "throw()" doesn't allow it to be thrown. This 
>>> will cause a call to unexpected() which usually calls terminate().
805 SwDBManager::~SwDBManager()
806 {
807 RevokeLastRegistrations();
808 
809 // copy required, m_DataSourceParams can be modified while 
disposing components
810 std::vector aCopiedConnections;



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyiAzi-2BqiP-2Fn0GhZ6XMoxLNyoKPGshfD1uM1PypPY9M-2F5f1bZDKVSQrvyuRHbqdJQPwoTl8MPwPr4unUNVvPs1HkkQDWZAvNI-2BejQFv93g4DzkzXtzNq7s31qo8Ayuva9vChXGvWsDewrjsUHa-2FezMxCZj-2BcPgPOq5gqCyxjqEyMc-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyiAzi-2BqiP-2Fn0GhZ6XMoxLNzu6kMKbrG1No7X1McLLYrBf-2Fh-2FZnWSHLpHQ8CeUn6S7vYuDVDf7IcovXIlanQVgO0vJjUY-2BphIDCrXzaXZyTU4F6Pp8PK95-2FsJB9zLXD8yu0EeuOynh3L8d3pKVqjYEB8W1cOnB6QRMvCAwyiUPFDA-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-09-22 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

7 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 7 of 7 defect(s)


** CID 1418341:  Null pointer dereferences  (FORWARD_NULL)
/sc/source/core/data/fillinfo.cxx: 441 in ScDocument::FillInfo(ScTableInfo &, 
short, int, short, int, short, double, double, bool, bool, const ScMarkData *)()



*** CID 1418341:  Null pointer dereferences  (FORWARD_NULL)
/sc/source/core/data/fillinfo.cxx: 441 in ScDocument::FillInfo(ScTableInfo &, 
short, int, short, int, short, double, double, bool, bool, const ScMarkData *)()
435 //  to nRotMax due to nRotateDir Flag
436 initCellInfo(pRowInfo, nArrCount, nRotMax, pDefShadow);
437 
438 initColWidths(pRowInfo, this, fColScale, nTab, nCol2, nRotMax);
439 
440 ScConditionalFormatList* pCondFormList = GetCondFormList(nTab);
>>> CID 1418341:  Null pointer dereferences  (FORWARD_NULL)
>>> Comparing "pCondFormList" to null implies that "pCondFormList" might be 
>>> null.
441 if(pCondFormList)
442 pCondFormList->startRendering();
443 
444 for (SCCOL nArrCol=0; nArrCol<=nCol2+2; nArrCol++)  
  // left & right + 1
445 {
446 SCCOL nX = (nArrCol>0) ? nArrCol-1 : MAXCOL+1;  
  // negative -> invalid

** CID 1418340:  Integer handling issues  (DIVIDE_BY_ZERO)
/sw/source/uibase/docvw/PostItMgr.cxx: 1065 in SwPostItMgr::AutoScroll(const 
sw::annotation::SwAnnotationWin *, unsigned long)()



*** CID 1418340:  Integer handling issues  (DIVIDE_BY_ZERO)
/sw/source/uibase/docvw/PostItMgr.cxx: 1065 in SwPostItMgr::AutoScroll(const 
sw::annotation::SwAnnotationWin *, unsigned long)()
1059 if ( !(bBottom && bTop))
1060 {
1061 const long aDiff = bBottom ? 
mpEditWin->LogicToPixel(Point(0,mPages[aPage-1]->mPageRect.Top() + 
aSidebarheight)).Y() - pPostIt->GetPosPixel().Y() :
1062 
mpEditWin->LogicToPixel(Point(0,mPages[aPage-1]->mPageRect.Bottom() - 
aSidebarheight)).Y() - 
(pPostIt->GetPosPixel().Y()+pPostIt->GetSizePixel().Height());
1063 // this just adds the missing value to get the next a* 
GetScrollSize() after aDiff
1064 // e.g aDiff= 61 POSTIT_SCROLL=50 --> lScroll = 100
>>> CID 1418340:  Integer handling issues  (DIVIDE_BY_ZERO)
>>> In expression "aDiff % this->GetScrollSize()", modulo by expression 
>>> "this->GetScrollSize()" which may be zero has undefined behavior.
1065 const long lScroll = bBottom ? (aDiff + ( GetScrollSize() 
- (aDiff % GetScrollSize( : (aDiff - (GetScrollSize() + (aDiff % 
GetScrollSize(;
1066 Scroll(lScroll, aPage);
1067 }
1068 }
1069 }
1070 

** CID 1418339:(RESOURCE_LEAK)
/vcl/unx/generic/printer/cpdmgr.cxx: 424 in 
psp::CPDManager::createCPDParser(const rtl::OUString &)()
/vcl/unx/generic/printer/cpdmgr.cxx: 439 in 
psp::CPDManager::createCPDParser(const rtl::OUString &)()
/vcl/unx/generic/printer/cpdmgr.cxx: 456 in 
psp::CPDManager::createCPDParser(const rtl::OUString &)()



*** CID 1418339:(RESOURCE_LEAK)
/vcl/unx/generic/printer/cpdmgr.cxx: 424 in 
psp::CPDManager::createCPDParser(const rtl::OUString &)()
418 aValueName = OStringToOUString( "", aEncoding );
419 pValue = pKey->insertValue( aValueName, eQuoted );
420 if( pValue )
421 pValue->m_aValue = aValueName;
422 pKey -> m_pDefaultValue = pValue;
423 
>>> CID 1418339:(RESOURCE_LEAK)
>>> Overwriting "pKey" in "pKey = new psp::PPDKey(rtl::OUString 
>>> const("NickName", rtl::libreoffice_internal::Dummy({})))" leaks the storage 
>>> that "pKey" points to.
424 pKey = new PPDKey("NickName");
425 aValueName = OStringToOUString( pDest -> name, aEncoding );
426 pValue = pKey->insertValue( aValueName, eQuoted );
427 if( pValue )
428 pValue->m_aValue = aValueName;
429 pKey -> m_pDefaultValue = pValue;
/vcl/unx/generic/printer/cpdmgr.cxx: 439 in 
psp::CPDManager::createCPDParser(const rtl::OUString &)()
433 PPDContext& rContext = m_aDefaultContexts[ aPrinter ];
434 rContext.setParser( pNewParser );
435 setDefaultPaper( rContext );
436 

New Defects reported by Coverity Scan for LibreOffice

2017-09-11 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1417678:  Error handling issues  (UNCAUGHT_EXCEPT)
/sw/source/uibase/dbui/dbmgr.cxx: 805 in SwDBManager::~SwDBManager()()



*** CID 1417678:  Error handling issues  (UNCAUGHT_EXCEPT)
/sw/source/uibase/dbui/dbmgr.cxx: 805 in SwDBManager::~SwDBManager()()
799 , pImpl(new SwDBManager_Impl(*this))
800 , pMergeEvtSrc(nullptr)
801 , m_pDoc(pDoc)
802 {
803 }
804 
>>> CID 1417678:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::DeploymentException" is 
>>> thrown but the throw list "throw()" doesn't allow it to be thrown. This 
>>> will cause a call to unexpected() which usually calls terminate().
805 SwDBManager::~SwDBManager()
806 {
807 RevokeLastRegistrations();
808 
809 // copy required, m_DataSourceParams can be modified while 
disposing components
810 std::vector aCopiedConnections;

** CID 1078469:  Error handling issues  (CHECKED_RETURN)
/reportdesign/source/ui/inspection/GeometryHandler.cxx: 1899 in 
rptui::GeometryHandler::impl_isDefaultFunction_nothrow(const 
com::sun::star::uno::Reference &, 
rtl::OUString &, rtl::OUString &) const()



*** CID 1078469:  Error handling issues  (CHECKED_RETURN)
/reportdesign/source/ui/inspection/GeometryHandler.cxx: 1899 in 
rptui::GeometryHandler::impl_isDefaultFunction_nothrow(const 
com::sun::star::uno::Reference &, 
rtl::OUString &, rtl::OUString &) const()
1893 sal_Int32 start = 0;
1894 sal_Int32 end = sFormula.getLength();
1895 if ( aTextSearch.SearchForward(sFormula,,) && 
start == 0 && end == sFormula.getLength()) // default function found
1896 {
1897 aSearchOptions.searchString = 
"\\[[:alpha:]+([:space:]*[:alnum:]*)*\\]";
1898 utl::TextSearch aDataSearch( aSearchOptions);
>>> CID 1078469:  Error handling issues  (CHECKED_RETURN)
>>> Calling "SearchForward" without checking return value (as is done 
>>> elsewhere 20 out of 25 times).
1899 aDataSearch.SearchForward(sFormula,, );
1900 ++start;
1901 _rDataField = sFormula.copy(start,end-start-1);
1902 _rsDefaultFunctionName = aIter->m_sName;
1903 break;
1904 }



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpy2qWdtUsJf5fe18Sf2m7v2a7mVo5Djp6ZB1Dvuk1bdOiShrFLckprT8FAJNm-2FYVtWjWCW4S7u2m6yqGwWakpq8eqyouAk-2Fi6BH9s7pHvRCd4uqNCVEZPCoUdfxXwxUm8rpVSCE8zqJ7cJK2Ik4t4FORAv2VhG4uk3xgQnJ-2BYh6Ck-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpy2qWdtUsJf5fe18Sf2m7v2b5YLdN1BxyJmusGLsCZqitEPJmdxciRSNbPuQ8YmtIkmnw01Q3UpGR8Lu1SuSLUKcSBXWaQs-2B9Q6mltlw1nev6bInseqI6VPOQbcxA5LbCK6RcDWIpFb5KRaYW6dlvN4Clz5Y-2BKyZ0POZptv02gyts-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-09-03 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1417293:  Possible Control flow issues  (DEADCODE)
/filter/source/msfilter/eschesdo.cxx: 614 in 
ImplEESdrWriter::ImplWriteShape(ImplEESdrObject &, EscherSolverContainer &, 
bool)()



*** CID 1417293:  Possible Control flow issues  (DEADCODE)
/filter/source/msfilter/eschesdo.cxx: 614 in 
ImplEESdrWriter::ImplWriteShape(ImplEESdrObject &, EscherSolverContainer &, 
bool)()
608 aPropOpt.AddOpt( ESCHER_Prop_hspMaster, 0 );
609 }
610 else
611 {
612 //2do: could be made an option in HostAppData whether 
OLE object should be written or not
613 bool bAppOLE = true;
>>> CID 1417293:  Possible Control flow issues  (DEADCODE)
>>> Execution cannot reach the expression "ShapeFlag::NONE" inside this 
>>> statement: "addShape(75, (o3tl::is_type...".
614 addShape( ESCHER_ShpInst_PictureFrame,
615 ShapeFlag::HaveShapeProperty | 
ShapeFlag::HaveAnchor | (bAppOLE ? ShapeFlag::OLEShape : ShapeFlag::NONE) );
616 if ( aPropOpt.CreateOLEGraphicProperties( 
rObj.GetShapeRef() ) )
617 {
618 if ( bAppOLE )
619 {   // snooped from Xcl hex dump, nobody knows the 
trouble I have seen

** CID 1399392:  Error handling issues  (UNCAUGHT_EXCEPT)
/sw/source/core/doc/list.cxx: 99 in SwListImpl::~SwListImpl()()



*** CID 1399392:  Error handling issues  (UNCAUGHT_EXCEPT)
/sw/source/core/doc/list.cxx: 99 in SwListImpl::~SwListImpl()()
93 pNode = rNodes[nIndex];
94 }
95 }
96 while ( pNode != () );
97 }
98 
>>> CID 1399392:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> An exception of type "com::sun::star::uno::RuntimeException" is thrown 
>>> but the throw list "throw()" doesn't allow it to be thrown. This will cause 
>>> a call to unexpected() which usually calls terminate().
99 SwListImpl::~SwListImpl()
100 {
101 tListTrees::iterator aNumberTreeIter;
102 for ( aNumberTreeIter = maListTrees.begin();
103   aNumberTreeIter != maListTrees.end();
104   ++aNumberTreeIter )



To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBnDJeNb0HijxaS4JNJPxk3kpyAm2AYqo71yXmnOxB72ibeUH-2F-2F1Lhi9AZq3dRu-2F4-3D_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyLaWi5RDWzLUOtSPr5Wfjo-2BrrSyRB-2FVRUkzs8dblygNPH7X9vTGsU3KvBWLkt1MgesMsTRWortyCEcOhdYO05ceiexkKqyAAa0JqBV5kRo7fz2uuUiRMbtu2YRoMR7Kz5-2Bi7turNrXxZBLvv-2BbKHl-2Bx6EK924YOCGG-2BnScRtSS34-3D

To manage Coverity Scan email notifications for 
"libreoffice@lists.freedesktop.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4k1FZJSDV-2FTHi5VQof9xGafB4oBwGYxuHHknceo2QLpCrZ44Ciy7AqBR2QyX6OCB5lwWgMDuK-2FivqaohkU3M9kT-2Fww10Qt2GoaCJAOQCa0Wv4ijH4oV8jCt0XXa7QeAwh_g-2BrHdvqzaBa155F-2F8AmPhpJzY63UzWDisJV95WUBpGhqFw1ICExHG8aMaV2EoFpyLaWi5RDWzLUOtSPr5Wfjo0qnUxPay-2FbNb3QIsn-2F8iv-2B50qIDzxegAAJn8XSx7LytUINoBsVG7SQbJcFYPkaioRjUec8pgmUlxOBh6UexXm6YH0Qdl9wR5s4AYd0w8hiQqnIfbLOhsXlBzoVKTUaevSZpQ6SD3dtt5v7UonX454E-3D

___
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice


New Defects reported by Coverity Scan for LibreOffice

2017-08-26 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
10 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1416886:  Null pointer dereferences  (FORWARD_NULL)
/sw/qa/extras/ooxmlexport/ooxmlexport9.cxx: 1002 in 
testWatermarkLayer::verify()()



*** CID 1416886:  Null pointer dereferences  (FORWARD_NULL)
/sw/qa/extras/ooxmlexport/ooxmlexport9.cxx: 1002 in 
testWatermarkLayer::verify()()
996 }
997 
998 DECLARE_OOXMLEXPORT_TEST(testWatermarkLayer, "watermark-layer.docx")
999 {
1000 // Watermark was not visible if page background was set.
1001 
>>> CID 1416886:  Null pointer dereferences  (FORWARD_NULL)
>>> Assigning: "pTextDoc" = "dynamic_cast >> *>(this->mxComponent.get())".
1002 SwXTextDocument* pTextDoc = 
dynamic_cast(mxComponent.get());
1003 SdrPage* pPage = 
pTextDoc->GetDocShell()->GetDoc()->getIDocumentDrawModelAccess().GetDrawModel()->GetPage(0);
1004 SdrObject* pObject = pPage->GetObj(0);
1005 
1006 CPPUNIT_ASSERT(pObject);
1007 CPPUNIT_ASSERT_EQUAL(static_cast(1), 
pObject->GetLayer().get());

** CID 1416885:(NEGATIVE_RETURNS)



*** CID 1416885:(NEGATIVE_RETURNS)
/sc/source/ui/docshell/externalrefmgr.cxx: 2335 in 
ScExternalRefManager::getRangeNameTokensFromSrcDoc(unsigned short, const 
ScDocument *, rtl::OUString &)()
2329 switch (pToken->GetType())
2330 {
2331 case svSingleRef:
2332 {
2333 const ScSingleRefData& rRef = *pToken->GetSingleRef();
2334 OUString aTabName;
>>> CID 1416885:(NEGATIVE_RETURNS)
>>> "rRef->Tab()" is passed to a parameter that cannot be negative.
2335 pSrcDoc->GetName(rRef.Tab(), aTabName);
2336 ScExternalSingleRefToken aNewToken(nFileId, 
svl::SharedString( aTabName),   // string not interned
2337 *pToken->GetSingleRef());
2338 pNew->AddToken(aNewToken);
2339 bTokenAdded = true;
2340 }
/sc/source/ui/docshell/externalrefmgr.cxx: 2346 in 
ScExternalRefManager::getRangeNameTokensFromSrcDoc(unsigned short, const 
ScDocument *, rtl::OUString &)()
2340 }
2341 break;
2342 case svDoubleRef:
2343 {
2344 const ScSingleRefData& rRef = *pToken->GetSingleRef();
2345 OUString aTabName;
>>> CID 1416885:(NEGATIVE_RETURNS)
>>> "rRef->Tab()" is passed to a parameter that cannot be negative.
2346 pSrcDoc->GetName(rRef.Tab(), aTabName);
2347 ScExternalDoubleRefToken aNewToken(nFileId, 
svl::SharedString( aTabName),   // string not interned
2348 *pToken->GetDoubleRef());
2349 pNew->AddToken(aNewToken);
2350 bTokenAdded = true;
2351 }

** CID 1416884:  Memory - corruptions  (OVERRUN)



*** CID 1416884:  Memory - corruptions  (OVERRUN)
/toolkit/source/awt/vclxtoolkit.cxx: 1112 in 
::VCLXToolkit::ImplCreateWindow(VCLXWindow **, const 
com::sun::star::awt::WindowDescriptor &, vcl::Window *, long, MessBoxStyle)()
1106 if (xSystemDepParent.is())
1107 {
1108 sal_Int8 processID[16];
1109 
1110 rtl_getGlobalProcessId( 
reinterpret_cast(processID) );
 
>>> CID 1416884:  Memory - corruptions  (OVERRUN)
>>> Overrunning array "processID" of 2 8-byte elements by passing it to a 
>>> function which accesses it at element index 15 (byte offset 120) using 
>>> argument "16".
1112 css::uno::Sequence 
processIdSeq(processID, 16);
1113 
1114 css::uno::Any anyHandle = 
xSystemDepParent->getWindowHandle(processIdSeq, SYSTEM_DEPENDENT_TYPE);
1115 
1116 // use sal_Int64 here to accommodate 
all int types
1117 // uno::Any shift operator whill 
upcast if necessary

** CID 1416883:(USELESS_CALL)



*** CID 1416883:(USELESS_CALL)

New Defects reported by Coverity Scan for LibreOffice

2017-08-19 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

3 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1416669:  Uninitialized members  (UNINIT_CTOR)
/sc/source/ui/dataprovider/dataprovider.cxx: 65 in 
sc::ExternalDataSource::ExternalDataSource(const rtl::OUString &, const 
rtl::OUString &, ScDocument *)()



*** CID 1416669:  Uninitialized members  (UNINIT_CTOR)
/sc/source/ui/dataprovider/dataprovider.cxx: 65 in 
sc::ExternalDataSource::ExternalDataSource(const rtl::OUString &, const 
rtl::OUString &, ScDocument *)()
59 ExternalDataSource::ExternalDataSource(const OUString& rURL,
60 const OUString& rProvider, ScDocument* pDoc):
61 maURL(rURL),
62 maProvider(rProvider),
63 mpDoc(pDoc)
64 {
>>> CID 1416669:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "mnUpdateFrequency" is not initialized in this 
>>> constructor nor in any functions that it calls.
65 }
66 
67 ExternalDataSource::~ExternalDataSource()
68 {
69 }
70 

** CID 1416668:  Error handling issues  (UNCAUGHT_EXCEPT)
/vcl/source/salmain/salmain.cxx: 35 in main()



*** CID 1416668:  Error handling issues  (UNCAUGHT_EXCEPT)
/vcl/source/salmain/salmain.cxx: 35 in main()
29 #include "salinst.hxx"
30 
31 #if defined( UNX ) && !defined MACOSX && !defined IOS && !defined 
ANDROID && !defined LIBO_HEADLESS
32 #include "opengl/x11/glxtest.hxx"
33 #endif
34 
>>> CID 1416668:  Error handling issues  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "com::sun::star::uno::RuntimeException" is thrown and never caught.
35 SAL_IMPLEMENT_MAIN() {
36 #if defined( UNX ) && !defined MACOSX && !defined IOS && !defined 
ANDROID && !defined LIBO_HEADLESS
37 fire_glxtest_process();
38 #endif
39 tools::extendApplicationEnvironment();
40 vclmain::createApplication();
41 return SVMain();
42 }
43 

** CID 1416667:(FORWARD_NULL)
/sw/qa/extras/ww8export/ww8export2.cxx: 62 in 
testTdf55427_footnote2endnote::verify()()
/sw/qa/extras/ooxmlexport/ooxmlexport9.cxx: 603 in 
testTdf55427_footnote2endnote::verify()()



*** CID 1416667:(FORWARD_NULL)
/sw/qa/extras/ww8export/ww8export2.cxx: 62 in 
testTdf55427_footnote2endnote::verify()()
56 {
57 uno::Reference 
xPageStyle(getStyles("ParagraphStyles")->getByName("Footnote"), uno::UNO_QUERY);
58 CPPUNIT_ASSERT_EQUAL_MESSAGE( "Footnote style is rose color", 
sal_Int32(0xFF007F), getProperty< sal_Int32 >(xPageStyle, "CharColor") );
59 xPageStyle.set(getStyles("ParagraphStyles")->getByName("Endnote"), 
uno::UNO_QUERY);
60 CPPUNIT_ASSERT_EQUAL_MESSAGE( "Endnote style is cyan3 color", 
sal_Int32(0x2BD0D2), getProperty< sal_Int32 >(xPageStyle, "CharColor") );
61 
>>> CID 1416667:(FORWARD_NULL)
>>> Assigning: "pTextDoc" = "dynamic_cast >> *>(this->mxComponent.get())".
62 SwXTextDocument* pTextDoc = 
dynamic_cast(mxComponent.get());
63 SwDoc* pDoc = pTextDoc->GetDocShell()->GetDoc();
64 // The footnote numbering type of ARABIC will not transfer over when 
those footnotes are converted to endnotes.
65 CPPUNIT_ASSERT_EQUAL_MESSAGE( "Footnote numbering type", 
SVX_NUM_ARABIC, pDoc->GetFootnoteInfo().aFormat.GetNumberingType() );
66 // The original document has a real endnote using ROMAN_LOWER 
numbering, so that setting MUST remain unchanged.
67 CPPUNIT_ASSERT_EQUAL_MESSAGE( "Endnote numbering type", 
SVX_NUM_ROMAN_LOWER, pDoc->GetEndNoteInfo().aFormat.GetNumberingType() );
/sw/qa/extras/ooxmlexport/ooxmlexport9.cxx: 603 in 
testTdf55427_footnote2endnote::verify()()
597 {
598 uno::Reference 
xPageStyle(getStyles("ParagraphStyles")->getByName("Footnote"), uno::UNO_QUERY);
599 CPPUNIT_ASSERT_EQUAL_MESSAGE( "Footnote style is rose color", 
sal_Int32(0xFF007F), getProperty< sal_Int32 >(xPageStyle, "CharColor") );
600 xPageStyle.set(getStyles("ParagraphStyles")->getByName("Endnote"), 
uno::UNO_QUERY);
601 CPPUNIT_ASSERT_EQUAL_MESSAGE( "Endnote style is cyan3 color", 
sal_Int32(0x2BD0D2), getProperty< sal_Int32 >(xPageStyle, "CharColor") );
602 
>>> CID 1416667:(FORWARD_NULL)
>>> Assigning: "pTextDoc" = "dynamic_cast >> *>(this->mxComponent.get())".
603 SwXTextDocument* pTextDoc = 

New Defects reported by Coverity Scan for LibreOffice

2017-08-04 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

9 new defect(s) introduced to LibreOffice found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)


** CID 1416138:  Control flow issues  (MISSING_RESTORE)
/connectivity/source/drivers/component/CTable.cxx: 211 in 
connectivity::component::OComponentTable::seekRow(connectivity::IResultSetHelper::Movement,
 int, int &)()



*** CID 1416138:  Control flow issues  (MISSING_RESTORE)
/connectivity/source/drivers/component/CTable.cxx: 211 in 
connectivity::component::OComponentTable::seekRow(connectivity::IResultSetHelper::Movement,
 int, int &)()
205 m_nFilePos = 0;
206 break;
207 case IResultSetHelper::BOOKMARK:
208 m_nFilePos = nTempPos;   // previous position
209 }
210 //  aStatus.Set(SDB_STAT_NO_DATA_FOUND);
>>> CID 1416138:  Control flow issues  (MISSING_RESTORE)
>>> Value of non-local "this->m_nFilePos" that was saved in "nTempPos" is 
>>> not restored as it was along other paths.
211 return false;
212 
213 End:
214 nCurPos = m_nFilePos;
215 return true;
216 }

** CID 1416137:  Null pointer dereferences  (FORWARD_NULL)
/sc/source/ui/view/drawvie4.cxx: 204 in ::getOleSourceRanges(const 
SdrMarkList &, bool &, bool &, std::vector *, 
ScDocument *)()



*** CID 1416137:  Null pointer dereferences  (FORWARD_NULL)
/sc/source/ui/view/drawvie4.cxx: 204 in ::getOleSourceRanges(const 
SdrMarkList &, bool &, bool &, std::vector *, 
ScDocument *)()
198 return;
199 }
200 
201 // Get all cell ranges that are referenced by the selected chart 
objects.
202 void getOleSourceRanges(const SdrMarkList& rMarkList, bool& rAnyOle, 
bool& rOneOle, std::vector* pRanges = nullptr, ScDocument* pDoc = 
nullptr )
203 {
>>> CID 1416137:  Null pointer dereferences  (FORWARD_NULL)
>>> Comparing "pDoc" to null implies that "pDoc" might be null.
204 bool bCalcSourceRanges = pRanges && pDoc;
205 std::vector aRangeReps;
206 rAnyOle = rOneOle = false;
207 const size_t nCount = rMarkList.GetMarkCount();
208 for (size_t i=0; i *, 
ScDocument *)()
/sc/source/ui/view/drawvie4.cxx: 204 in ::getOleSourceRanges(const 
SdrMarkList &, bool &, bool &, std::vector *, 
ScDocument *)()



*** CID 1416135:(FORWARD_NULL)
/sc/source/ui/view/drawvie4.cxx: 204 in ::getOleSourceRanges(const 
SdrMarkList &, bool &, bool &, std::vector *, 
ScDocument *)()
198 return;
199 }
200 
201 // Get all cell ranges that are referenced by the selected chart 
objects.
202 void getOleSourceRanges(const SdrMarkList& rMarkList, bool& rAnyOle, 
bool& rOneOle, std::vector* pRanges = nullptr, ScDocument* pDoc = 
nullptr )
203 {
>>> CID 1416135:(FORWARD_NULL)
>>> Comparing "pRanges" to null implies that "pRanges" might be null.
204 bool bCalcSourceRanges = pRanges && pDoc;
205 std::vector aRangeReps;
206 rAnyOle = rOneOle = false;
207 const size_t nCount = rMarkList.GetMarkCount();
208 for (size_t i=0; i *, 
ScDocument *)()
198 return;
199 }
200 
201 // Get all cell ranges that are referenced by the selected chart 
objects.
202 void getOleSourceRanges(const SdrMarkList& rMarkList, bool& rAnyOle, 
bool& rOneOle, std::vector* pRanges = nullptr, ScDocument* pDoc = 
nullptr )
203 {
>>> CID 1416135:(FORWARD_NULL)
>>> Comparing "pRanges" to null implies that "pRanges" might be null.
204 bool bCalcSourceRanges = pRanges && pDoc;
205 std::vector aRangeReps;
206 rAnyOle = rOneOle = false;
207 const size_t nCount = rMarkList.GetMarkCount();
208 for (size_t i=0; i

New Defects reported by Coverity Scan for LibreOffice

2017-07-23 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

12 new defect(s) introduced to LibreOffice found with Coverity Scan.
13 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 12 of 12 defect(s)


** CID 1415622:  Memory - illegal accesses  (RETURN_LOCAL)
/uui/source/iahndl.cxx: 1197 in 
UUIInteractionHelper::handleBrokenPackageRequest(const 
std::vector &, const 
com::sun::star::uno::Sequence
 &, bool, bool &, rtl::OUString &)()



*** CID 1415622:  Memory - illegal accesses  (RETURN_LOCAL)
/uui/source/iahndl.cxx: 1197 in 
UUIInteractionHelper::handleBrokenPackageRequest(const 
std::vector &, const 
com::sun::star::uno::Sequence
 &, bool, bool &, rtl::OUString &)()
1191 }
1192 else
1193 return;
1194 
1195 OUString aMessage;
1196 {
>>> CID 1415622:  Memory - illegal accesses  (RETURN_LOCAL)
>>> Temporary variable of type "std::locale" goes out of scope.
1197 ErrorResource aErrorResource(RID_UUI_ERRHDL, 
Translate::Create("uui", Application::GetSettings().GetUILanguageTag()));
1198 if (!aErrorResource.getString(nErrorCode, aMessage))
1199 return;
1200 }
1201 
1202 aMessage = replaceMessageWithArguments( aMessage, rArguments );

** CID 1415621:  Memory - illegal accesses  (OVERRUN)
/sw/source/core/layout/pagedesc.cxx: 382 in SwPageDesc::GetByName(SwDoc &, 
const rtl::OUString &)()



*** CID 1415621:  Memory - illegal accesses  (OVERRUN)
/sw/source/core/layout/pagedesc.cxx: 382 in SwPageDesc::GetByName(SwDoc &, 
const rtl::OUString &)()
376 return pDsc;
377 }
378 }
379 
380 for (size_t i = 0; i <= SAL_N_ELEMENTS(STR_POOLPAGE); ++i)
381 {
>>> CID 1415621:  Memory - illegal accesses  (OVERRUN)
>>> Overrunning array "STR_POOLPAGE" of 10 8-byte elements at element index 
>>> 10 (byte offset 80) using index "i" (which evaluates to 10).
382 if (rName == SwResId(STR_POOLPAGE[i]))
383 {
384 return 
rDoc.getIDocumentStylePoolAccess().GetPageDescFromPool( static_cast< sal_uInt16 
>(
385 i + RES_POOLPAGE_BEGIN) );
386 }
387 }

** CID 1415620:  Error handling issues  (CHECKED_RETURN)
/sc/source/core/data/attrib.cxx: 874 in 
ScViewObjectModeItem::GetPresentation(SfxItemPresentation, MapUnit, MapUnit, 
rtl::OUString &, const IntlWrapper *) const()



*** CID 1415620:  Error handling issues  (CHECKED_RETURN)
/sc/source/core/data/attrib.cxx: 874 in 
ScViewObjectModeItem::GetPresentation(SfxItemPresentation, MapUnit, MapUnit, 
rtl::OUString &, const IntlWrapper *) const()
868 break;
869 
870 default: break;
871 }
872 SAL_FALLTHROUGH;
873 case SfxItemPresentation::Nameless:
>>> CID 1415620:  Error handling issues  (CHECKED_RETURN)
>>> Calling "GetValue" without checking return value (as is done elsewhere 
>>> 6 out of 7 times).
874 rText += 
ScGlobal::GetRscString(STR_VOBJ_MODE_SHOW+GetValue());
875 return true;
876 break;
877 
878 default: break;
879 // added to avoid warnings

** CID 1415619:  Null pointer dereferences  (FORWARD_NULL)
/sc/source/core/data/global.cxx: 359 in 
ScGlobal::GetLongErrorString(FormulaError)()



*** CID 1415619:  Null pointer dereferences  (FORWARD_NULL)
/sc/source/core/data/global.cxx: 359 in 
ScGlobal::GetLongErrorString(FormulaError)()
353 OUString ScGlobal::GetLongErrorString(FormulaError nErr)
354 {
355 const char* pErrNumber;
356 switch (nErr)
357 {
358 case FormulaError::NONE:
>>> CID 1415619:  Null pointer dereferences  (FORWARD_NULL)
>>> Assigning: "pErrNumber" = "NULL".
359 pErrNumber = nullptr;
360 break;
361 case FormulaError::IllegalArgument:
362 pErrNumber = STR_LONG_ERR_ILL_ARG;
363 break;
364 case FormulaError::IllegalFPOperation:

** CID 1415618:  Null pointer dereferences  (FORWARD_NULL)
/vcl/source/gdi/bitmap3.cxx: 597 in Bitmap::ImplConvertDown(unsigned short, 
const Color *)()



New Defects reported by Coverity Scan for LibreOffice

2017-07-18 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

4 new defect(s) introduced to LibreOffice found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1415515:  Incorrect expression  (DIVIDE_BY_ZERO)
/drawinglayer/source/tools/emfphelperdata.cxx: 367 in 
emfplushelper::EmfPlusHelperData::EmfPlusHelperData(SvMemoryStream &, 
wmfemfhelper::TargetHolders &, wmfemfhelper::PropertyHolders &)()



*** CID 1415515:  Incorrect expression  (DIVIDE_BY_ZERO)
/drawinglayer/source/tools/emfphelperdata.cxx: 367 in 
emfplushelper::EmfPlusHelperData::EmfPlusHelperData(SvMemoryStream &, 
wmfemfhelper::TargetHolders &, wmfemfhelper::PropertyHolders &)()
361 mnHDPI(0),
362 mnVDPI(0),
363 mnFrameLeft(0),
364 mnFrameTop(0),
365 mnFrameRight(0),
366 mnFrameBottom(0),
>>> CID 1415515:  Incorrect expression  (DIVIDE_BY_ZERO)
>>> Assigning: "this->mnPixX" = "0".
367 mnPixX(0),
368 mnPixY(0),
369 mnMmX(0),
370 mnMmY(0),
371 mbMultipart(false),
372 mMFlags(0),

** CID 1415514:(FORWARD_NULL)
/sw/source/core/layout/sectfrm.cxx: 1730 in SwFrame::GetPrevSctLeaf()()
/sw/source/core/layout/sectfrm.cxx: 1730 in SwFrame::GetPrevSctLeaf()()



*** CID 1415514:(FORWARD_NULL)
/sw/source/core/layout/sectfrm.cxx: 1730 in SwFrame::GetPrevSctLeaf()()
1724 }
1725 
1726 if( bJump ) // Did we skip a blank page?
1727 SwFlowFrame::SetMoveBwdJump( true );
1728 
1729 SwSectionFrame *pSect = FindSctFrame();
>>> CID 1415514:(FORWARD_NULL)
>>> Comparing "pSect" to null implies that "pSect" might be null.
1730 if (!pCol && pSect && IsInTab() && !IsInTableInSection(this))
1731 {
1732 // We don't have a previous section yet, and we're in a
1733 // section-in-table.
1734 if (SwFlowFrame* pPrecede = pSect->GetPrecede())
1735 {
/sw/source/core/layout/sectfrm.cxx: 1730 in SwFrame::GetPrevSctLeaf()()
1724 }
1725 
1726 if( bJump ) // Did we skip a blank page?
1727 SwFlowFrame::SetMoveBwdJump( true );
1728 
1729 SwSectionFrame *pSect = FindSctFrame();
>>> CID 1415514:(FORWARD_NULL)
>>> Comparing "pSect" to null implies that "pSect" might be null.
1730 if (!pCol && pSect && IsInTab() && !IsInTableInSection(this))
1731 {
1732 // We don't have a previous section yet, and we're in a
1733 // section-in-table.
1734 if (SwFlowFrame* pPrecede = pSect->GetPrecede())
1735 {

** CID 1415513:  Incorrect expression  (DIVIDE_BY_ZERO)
/drawinglayer/source/tools/emfphelperdata.cxx: 368 in 
emfplushelper::EmfPlusHelperData::EmfPlusHelperData(SvMemoryStream &, 
wmfemfhelper::TargetHolders &, wmfemfhelper::PropertyHolders &)()



*** CID 1415513:  Incorrect expression  (DIVIDE_BY_ZERO)
/drawinglayer/source/tools/emfphelperdata.cxx: 368 in 
emfplushelper::EmfPlusHelperData::EmfPlusHelperData(SvMemoryStream &, 
wmfemfhelper::TargetHolders &, wmfemfhelper::PropertyHolders &)()
362 mnVDPI(0),
363 mnFrameLeft(0),
364 mnFrameTop(0),
365 mnFrameRight(0),
366 mnFrameBottom(0),
367 mnPixX(0),
>>> CID 1415513:  Incorrect expression  (DIVIDE_BY_ZERO)
>>> Assigning: "this->mnPixY" = "0".
368 mnPixY(0),
369 mnMmX(0),
370 mnMmY(0),
371 mbMultipart(false),
372 mMFlags(0),
373 mMStream(),

** CID 1415512:  Error handling issues  (CHECKED_RETURN)
/xmlsecurity/source/helper/xsecverify.cxx: 316 in 
XSecController::setDate(rtl::OUString &)()



*** CID 1415512:  Error handling issues  (CHECKED_RETURN)
/xmlsecurity/source/helper/xsecverify.cxx: 316 in 
XSecController::setDate(rtl::OUString &)()
310 if (m_vInternalSignatureInformations.empty())
311 {
312 SAL_INFO("xmlsecurity.helper","XSecController::setDate: no 
signature");
313 return;
314 }
315 InternalSignatureInformation  = 
m_vInternalSignatureInformations.back();
>>> CID 1415512:  Error handling issues  (CHECKED_RETURN)
>>> Calling "ISO8601parseDateTime" without checking return value (as is 
>>> done elsewhere 6 out of 

New Defects reported by Coverity Scan for LibreOffice

2017-07-14 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

7 new defect(s) introduced to LibreOffice found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 7 of 7 defect(s)


** CID 1415097:  Uninitialized members  (UNINIT_CTOR)
/sw/source/core/unocore/unoframe.cxx: 1259 in SwXFrame::SwXFrame(SwFrameFormat 
&, FlyCntType, const SfxItemPropertySet *)()



*** CID 1415097:  Uninitialized members  (UNINIT_CTOR)
/sw/source/core/unocore/unoframe.cxx: 1259 in SwXFrame::SwXFrame(SwFrameFormat 
&, FlyCntType, const SfxItemPropertySet *)()
1253 eType(eSet),
1254 pProps(nullptr),
1255 bIsDescriptor(false),
1256 m_pCopySource(nullptr)
1257 {
1258 
>>> CID 1415097:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "m_nDrawAspect" is not initialized in this 
>>> constructor nor in any functions that it calls.
1259 }
1260 
1261 SwXFrame::~SwXFrame()
1262 {
1263 SolarMutexGuard aGuard;
1264 delete m_pCopySource;

** CID 1415096:  Null pointer dereferences  (FORWARD_NULL)
/sd/source/ui/sidebar/SlideBackground.cxx: 782 in 
sd::sidebar::SlideBackground::NotifyItemUpdate(unsigned short, SfxItemState, 
const SfxPoolItem *, bool)()



*** CID 1415096:  Null pointer dereferences  (FORWARD_NULL)
/sd/source/ui/sidebar/SlideBackground.cxx: 782 in 
sd::sidebar::SlideBackground::NotifyItemUpdate(unsigned short, SfxItemState, 
const SfxPoolItem *, bool)()
776 
777 case SID_ATTR_PAGE_ULSPACE:
778 {
779 const SvxLongULSpaceItem* pULItem = nullptr;
780 if (eState >= SfxItemState::DEFAULT)
781 {
>>> CID 1415096:  Null pointer dereferences  (FORWARD_NULL)
>>> Assigning: "pULItem" = "dynamic_cast >> *>(pState)".
782 pULItem = dynamic_cast(pState);
783 m_nPageTopMargin = pULItem->GetUpper();
784 m_nPageBottomMargin = pULItem->GetLower();
785 SetFieldUnit(*m_pTopMarginEdit, meFieldUnit, true);
786 SetMetricValue(*m_pTopMarginEdit.get(), 
m_nPageTopMargin, meUnit);
787 SetFieldUnit(*m_pBottomMarginEdit, meFieldUnit, true);

** CID 1415095:  Program hangs  (INFINITE_LOOP)
/vcl/qa/cppunit/timer.cxx: 322 in TimerTest::testAutoTimerStop()()



*** CID 1415095:  Program hangs  (INFINITE_LOOP)
/vcl/qa/cppunit/timer.cxx: 322 in TimerTest::testAutoTimerStop()()
316 
317 void TimerTest::testAutoTimerStop()
318 {
319 sal_Int32 nTimerCount = 0;
320 const sal_Int32 nMaxCount = 5;
321 AutoTimerCount aAutoTimer( 0, nTimerCount, nMaxCount );
>>> CID 1415095:  Program hangs  (INFINITE_LOOP)
>>> If "5 != nTimerCount" is initially true then it will remain true.
322 while ( nMaxCount != nTimerCount )
323 Application::Yield();
324 CPPUNIT_ASSERT( !aAutoTimer.IsActive() );
325 CPPUNIT_ASSERT( !Application::Reschedule() );
326 }
327 

** CID 1415093:  Program hangs  (SLEEP)



*** CID 1415093:  Program hangs  (SLEEP)
/vcl/source/uitest/uno/uiobject_uno.cxx: 103 in 
::ExecuteWrapper::ExecuteActionHdl(Timer *)()
97 }
98 
99 Scheduler::ProcessEventsToSignal(mbSignal);
100 std::unique_lock lock(mMutex);
101 while (!mbSignal)
102 {
>>> CID 1415093:  Program hangs  (SLEEP)
>>> Call to "sleep_for" might sleep while holding lock "this->mMutex".
103 std::this_thread::sleep_for(std::chrono::milliseconds(5));
104 }
105 }
106 delete this;
107 }
108 

** CID 1415092:  Control flow issues  (DEADCODE)
/sc/source/filter/xml/XMLTrackedChangesContext.cxx: 1409 in 
ScXMLDeletionContext::ScXMLDeletionContext(ScXMLImport &, int, const 
com::sun::star::uno::Reference &, 
ScXMLChangeTrackingImportHelper *)()



*** CID 1415092:  Control flow issues  (DEADCODE)
/sc/source/filter/xml/XMLTrackedChangesContext.cxx: 1409 in 
ScXMLDeletionContext::ScXMLDeletionContext(ScXMLImport &, int, const 
com::sun::star::uno::Reference &, 
ScXMLChangeTrackingImportHelper *)()
1403 if (IsXMLToken( aIter, XML_ROW ))
1404 {
1405 nActionType = 

  1   2   3   4   >