New Defects reported by Coverity Scan for LibreOffice

Wed, 13 Aug 2025 03:09:07 -0700 

Hi,

Please find the latest report on new defect(s) introduced to LibreOffice found 
with Coverity Scan.

2 new defect(s) introduced to LibreOffice found with Coverity Scan.
29 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1662706:       Insecure data handling  (TAINTED_SCALAR)


_____________________________________________________________________________________________
*** CID 1662706:         Insecure data handling  (TAINTED_SCALAR)
/sw/source/filter/ww8/docxattributeoutput.cxx: 7636             in 
DocxAttributeOutput::EmbedFontStyle(std::basic_string_view<char16_t, 
std::char_traits<char16_t>>, int, FontFamily, FontItalic, FontWeight, 
FontPitch)()
7630                     xOutStream->closeOutput();
7631                     return false;
7632                 }
7633                 if( readSize == 0 )
7634                     break;
7635                 // coverity[overrun-buffer-arg : FALSE] - coverity has 
difficulty with css::uno::Sequence
>>>     CID 1662706:         Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted expression "buffer" to "Sequence", which uses it as a 
>>> loop boundary.
7636                 xOutStream->writeBytes( uno::Sequence< sal_Int8 >( 
reinterpret_cast< const sal_Int8* >( buffer ), readSize ));
7637             }
7638             xOutStream->closeOutput();
7639             EmbeddedFontRef ref;
7640             ref.relId = OUStringToOString( 
GetExport().GetFilter().addRelation( m_pSerializer->getOutputStream(),
7641                 oox::getRelationship(Relationship::FONT),

** CID 1662705:       Insecure data handling  (TAINTED_SCALAR)


_____________________________________________________________________________________________
*** CID 1662705:         Insecure data handling  (TAINTED_SCALAR)
/xmloff/source/style/XMLFontAutoStylePool.cxx: 651             in 
SvXMLExport::embedFontFile(const rtl::OUString &, const rtl::OUString &)()
645                     outputStream->closeOutput();
646                     return OUString();
647                 }
648                 if( readSize == 0 )
649                     break;
650                 // coverity[overrun-buffer-arg : FALSE] - coverity has 
difficulty with css::uno::Sequence
>>>     CID 1662705:         Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted expression "buffer" to "Sequence", which uses it as a 
>>> loop boundary.
651                 outputStream->writeBytes(uno::Sequence<sal_Int8>(buffer, 
readSize));
652             }
653             outputStream->closeOutput();
654             if( storage.is() )
655             {
656                 Reference< embed::XTransactedObject > transaction( storage, 
UNO_QUERY );


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, 
https://scan.coverity.com/projects/libreoffice?tab=overview

Reply via email to