Hi, Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
7 new defect(s) introduced to LibreOffice found with Coverity Scan. 10 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 7 of 7 defect(s) ** CID 1255905: Buffer not null terminated (BUFFER_SIZE_WARNING) /vcl/opengl/x11/X11DeviceInfo.cxx: 242 in X11OpenGLDeviceInfo::GetData()() ** CID 1255906: Unchecked return value (CHECKED_RETURN) /sc/source/ui/optdlg/calcoptionsdlg.cxx: 1012 in <unnamed>::OpenCLTester::addTest(const <unnamed>::Area &)() ** CID 1195349: Argument cannot be negative (NEGATIVE_RETURNS) /vcl/unx/glxtest.cxx: 111 in glxtest() ** CID 1255907: Explicit null dereferenced (FORWARD_NULL) /vcl/source/opengl/OpenGLContext.cxx: 552 in <unnamed>::getFBConfig(_XDisplay *, unsigned long, int &, bool, bool)() ** CID 1255908: Resource leak (RESOURCE_LEAK) /sc/source/ui/optdlg/calcoptionsdlg.cxx: 1364 in ScCalcOptionsDialog::TestClickHdl(PushButton *)() ** CID 1255910: Uninitialized scalar field (UNINIT_CTOR) /sw/source/uibase/utlui/content.cxx: 847 in SwContentTree::SwContentTree(vcl::Window *, const ResId &)() ** CID 1255909: Uninitialized scalar field (UNINIT_CTOR) /include/vcl/salgtype.hxx: 50 in SalTwoRect::SalTwoRect()() ________________________________________________________________________________________________________ *** CID 1255905: Buffer not null terminated (BUFFER_SIZE_WARNING) /vcl/opengl/x11/X11DeviceInfo.cxx: 242 in X11OpenGLDeviceInfo::GetData()() 236 whereToReadVersionNumbers = maVersion.getStr(); 237 } 238 239 // read major.minor version numbers of the driver (not to be confused with the OpenGL version) 240 if (whereToReadVersionNumbers) { 241 // copy into writable buffer, for tokenization >>> CID 1255905: Buffer not null terminated (BUFFER_SIZE_WARNING) >>> Calling strncpy with a maximum size argument of 1024 bytes on >>> destination array "buf" of size 1024 bytes might leave the destination >>> string unterminated. 242 strncpy(buf, whereToReadVersionNumbers, buf_size); 243 bufptr = buf; 244 245 // now try to read major.minor version numbers. In case of failure, gracefully exit: these numbers have 246 // been initialized as 0 anyways 247 char *token = strtok_wrapper(".", &bufptr); ________________________________________________________________________________________________________ *** CID 1255906: Unchecked return value (CHECKED_RETURN) /sc/source/ui/optdlg/calcoptionsdlg.cxx: 1012 in <unnamed>::OpenCLTester::addTest(const <unnamed>::Area &)() 1006 1007 void addTest(const Area &rArea) 1008 { 1009 sc::AutoCalcSwitch aACSwitch(*mpDoc, true); 1010 1011 mnTestAreas++; >>> CID 1255906: Unchecked return value (CHECKED_RETURN) >>> Calling "InsertTable" without checking return value (as is done >>> elsewhere 5 out of 6 times). 1012 mpDocShell->GetDocFunc().InsertTable(mnTestAreas, rArea.msTitle, false, true); 1013 1014 rArea.addHeader(mpDoc, mnTestAreas); 1015 1016 for (int i = 0; i < rArea.mnRows; ++i) 1017 rArea.addRow(mpDoc, i, mnTestAreas); ________________________________________________________________________________________________________ *** CID 1195349: Argument cannot be negative (NEGATIVE_RETURNS) /vcl/unx/glxtest.cxx: 111 in glxtest() 105 // we want to redirect to /dev/null stdout, stderr, and while we're at it, 106 // any PR logging file descriptors. To that effect, we redirect all positive 107 // file descriptors up to what open() returns here. In particular, 1 is stdout and 2 is stderr. 108 int fd = open("/dev/null", O_WRONLY); 109 for (int i = 1; i < fd; i++) 110 dup2(fd, i); >>> CID 1195349: Argument cannot be negative (NEGATIVE_RETURNS) >>> "fd" is passed to a parameter that cannot be negative. 111 close(fd); 112 113 if (getenv("MOZ_AVOID_OPENGL_ALTOGETHER")) 114 fatal_error("The MOZ_AVOID_OPENGL_ALTOGETHER environment variable is defined"); 115 116 ///// Open libGL and load needed symbols ///// ________________________________________________________________________________________________________ *** CID 1255907: Explicit null dereferenced (FORWARD_NULL) /vcl/source/opengl/OpenGLContext.cxx: 552 in <unnamed>::getFBConfig(_XDisplay *, unsigned long, int &, bool, bool)() 546 } 547 548 int best_num_samp = -1; 549 for(int i = 0; i < fbCount; ++i) 550 { 551 XVisualInfo* pVi = glXGetVisualFromFBConfig( dpy, pFBC[i] ); >>> CID 1255907: Explicit null dereferenced (FORWARD_NULL) >>> Dereferencing null pointer "xattr.visual". 552 if(pVi && (!bWithSameVisualID || pVi->visualid == xattr.visual->visualid) ) 553 { 554 // pick the one with the most samples per pixel 555 int nSampleBuf = 0; 556 int nSamples = 0; 557 glXGetFBConfigAttrib( dpy, pFBC[i], GLX_SAMPLE_BUFFERS, &nSampleBuf ); ________________________________________________________________________________________________________ *** CID 1255908: Resource leak (RESOURCE_LEAK) /sc/source/ui/optdlg/calcoptionsdlg.cxx: 1364 in ScCalcOptionsDialog::TestClickHdl(PushButton *)() 1358 pTestDocument->addTest(Reduction("Product", "PRODUCT", 500, 0, 0.1, 2.5, 3e-10, 1359 [] (double nAccum, double nArg) 1360 { 1361 return (nAccum * nArg); 1362 })); 1363 >>> CID 1255908: Resource leak (RESOURCE_LEAK) >>> Variable "pTestDocument" going out of scope leaks the storage it points >>> to. 1364 return 0; 1365 } 1366 ________________________________________________________________________________________________________ *** CID 1255910: Uninitialized scalar field (UNINIT_CTOR) /sw/source/uibase/utlui/content.cxx: 847 in SwContentTree::SwContentTree(vcl::Window *, const ResId &)() 841 nActiveBlock = pConfig->GetActiveBlock(); 842 aUpdTimer.SetTimeoutHdl(LINK(this, SwContentTree, TimerUpdate)); 843 aUpdTimer.SetTimeout(1000); 844 Clear(); 845 EnableContextMenuHandling(); 846 SetStyle( GetStyle() | WB_QUICK_SEARCH ); >>> CID 1255910: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "m_bActiveDocModified" is not initialized in >>> this constructor nor in any functions that it calls. 847 } 848 849 SwContentTree::~SwContentTree() 850 { 851 Clear(); // If applicable erase content types previously. 852 bIsInDrag = false; ________________________________________________________________________________________________________ *** CID 1255909: Uninitialized scalar field (UNINIT_CTOR) /include/vcl/salgtype.hxx: 50 in SalTwoRect::SalTwoRect()() 44 long mnSrcHeight; 45 long mnDestX; 46 long mnDestY; 47 long mnDestWidth; 48 long mnDestHeight; 49 >>> CID 1255909: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "mnDestHeight" is not initialized in this >>> constructor nor in any functions that it calls. 50 SalTwoRect() {} 51 52 SalTwoRect(long nSrcX, long nSrcY, long nSrcWidth, long nSrcHeight, long nDestX, long nDestY, long nDestWidth, long nDestHeight) 53 : mnSrcX(nSrcX), mnSrcY(nSrcY), mnSrcWidth(nSrcWidth), mnSrcHeight(nSrcHeight), mnDestX(nDestX), mnDestY(nDestY), mnDestWidth(nDestWidth), mnDestHeight(nDestHeight) 54 { 55 } ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/211?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py _______________________________________________ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice