________________________________
From: LibreOffice <[email protected]> on behalf of
[email protected]
<[email protected]>
Sent: July 13, 2025 7:00 AM
To: [email protected] <[email protected]>
Subject: LibreOffice Digest, Vol 179, Issue 14
Send LibreOffice mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.freedesktop.org/mailman/listinfo/libreoffice
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of LibreOffice digest..."
Today's Topics:
1. GSoC Weekly Report - Python Code Auto-completion - Week [8]
([06/07/2025] - [12/07/2025]) (Manish Bera)
2. New Defects reported by Coverity Scan for LibreOffice
([email protected])
----------------------------------------------------------------------
Message: 1
Date: Sat, 12 Jul 2025 22:45:49 +0530
From: Manish Bera <[email protected]>
To: [email protected]
Subject: GSoC Weekly Report - Python Code Auto-completion - Week [8]
([06/07/2025] - [12/07/2025])
Message-ID:
<cafmnohae_x23umla+hmp9nztdvrqx-ijzqkjpogbv4sbzlv...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Dear Libreoffice community,
Here's a brief summary of my progress for week 8,
*This Week?s Work:*
-
Added support for generating Python stubs for singletons types.
-
*Completed *the entire pythonmaker tool.
-
Expanded the unit tests to exceptions type.
*Next Steps:*
-
Continue expanding unit tests.
-
Create documentations for pythonmaker tools.
Best regards,
*Manish Bera*
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.freedesktop.org/archives/libreoffice/attachments/20250712/4f1ca06d/attachment-0001.htm>
------------------------------
Message: 2
Date: Sun, 13 Jul 2025 06:41:54 +0000 (UTC)
From: [email protected]
To: [email protected]
Subject: New Defects reported by Coverity Scan for LibreOffice
Message-ID:
<[email protected]>
Content-Type: text/plain; charset="us-ascii"
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found
with Coverity Scan.
10 new defect(s) introduced to LibreOffice found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent
build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 10 of 10 defect(s)
** CID 1659053: Null pointer dereferences (FORWARD_NULL)
_____________________________________________________________________________________________
*** CID 1659053: Null pointer dereferences (FORWARD_NULL)
/sw/source/ui/fldui/fldref.cxx: 332 in
SwFieldRefPage::TypeHdl(weld::TreeView &)()
326 {
327 // select positions
328 OUString sName;
329 sal_uInt16 nFlag = 0;
330
331 SwGetRefField* pRefField =
dynamic_cast<SwGetRefField*>(GetCurField());
>>> CID 1659053: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "pRefField" to "GetSubType", which dereferences it.
332 switch( pRefField->GetSubType() )
333 {
334 case ReferencesSubtype::Bookmark:
335 {
336 // #i83479#
337 if ( pRefField->IsRefToHeadingCrossRefBookmark() )
** CID 1659052: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
/sw/source/filter/md/wrtmd.cxx: 180 in
<unnamed>::OutFormattingChange(SwMDWriter &, <unnamed>::HintsAtPos &,
<unnamed>::HintsAtPos &, int, <unnamed>::FormattingStatus &)()
_____________________________________________________________________________________________
*** CID 1659052: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
/sw/source/filter/md/wrtmd.cxx: 180 in
<unnamed>::OutFormattingChange(SwMDWriter &, <unnamed>::HintsAtPos &,
<unnamed>::HintsAtPos &, int, <unnamed>::FormattingStatus &)()
174 rWrt.Strm().WriteUnicodeOrByteText(u"](");
175 rWrt.Strm().WriteUnicodeOrByteText(url);
176 rWrt.Strm().WriteUnicodeOrByteText(u")");
177 }
178 }
179
>>> CID 1659052: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
>>> "result" is copied in a call to copy assignment "operator =", when it
>>> could be moved instead.
180 current = result;
181 }
182
183 void OutEscapedChars(SwMDWriter& rWrt, std::u16string_view chars)
184 {
185 for (size_t pos = 0; pos < chars.size();)
** CID 1659051: Uninitialized members (UNINIT_CTOR)
/sw/source/filter/md/mdtab.cxx: 42 in
MDTable::MDTable(SwMarkdownParser *)()
_____________________________________________________________________________________________
*** CID 1659051: Uninitialized members (UNINIT_CTOR)
/sw/source/filter/md/mdtab.cxx: 42 in
MDTable::MDTable(SwMarkdownParser *)()
36 MDTable(SwMarkdownParser* pParser)
37 : m_pParser(pParser)
38 , m_nCurRow(-1)
39 , m_nCurCol(-1)
40 {
41 m_pParser->RegisterTable(this);
>>> CID 1659051: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_nCol" is not initialized in this constructor
>>> nor in any functions that it calls.
42 }
43
44 ~MDTable() { m_pParser->DeRegisterTable(this); }
45
46 const SwTable* GetTable() { return m_pTable; }
47 sal_Int32 GetCurRow() { return m_nCurRow; }
** CID 1659050: Uninitialized members (UNINIT_CTOR)
/sw/source/core/fields/fldbas.cxx: 861 in
SwValueField::SwValueField(const SwValueField&)()
_____________________________________________________________________________________________
*** CID 1659050: Uninitialized members (UNINIT_CTOR)
/sw/source/core/fields/fldbas.cxx: 861 in
SwValueField::SwValueField(const SwValueField&)()
855 }
856
857 SwValueField::SwValueField( const SwValueField& rField )
858 : SwField(rField)
859 , m_fValue(rField.GetValue())
860 {
>>> CID 1659050: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_nFormat" is not initialized in this
>>> constructor nor in any functions that it calls.
861 }
862
863 SwValueField::~SwValueField()
864 {
865 }
866
** CID 1659049: Resource leaks (RESOURCE_LEAK)
/sal/osl/unx/profile.cxx: 942 in openFileImpl(const char *, unsigned
int)()
_____________________________________________________________________________________________
*** CID 1659049: Resource leaks (RESOURCE_LEAK)
/sal/osl/unx/profile.cxx: 942 in openFileImpl(const char *,
unsigned int)()
936 {
937 int Flags;
938 osl_TFile* pFile = static_cast<osl_TFile*>(calloc(1,
sizeof(osl_TFile)));
939 bool bWriteable = false;
940
941 if ( isForbidden( pszFilename, osl_File_OpenFlag_Write ) )
>>> CID 1659049: Resource leaks (RESOURCE_LEAK)
>>> Variable "pFile" going out of scope leaks the storage it points to.
942 return nullptr;
943
944 if ( ProfileFlags & ( osl_Profile_WRITELOCK |
osl_Profile_FLUSHWRITE ) )
945 {
946 bWriteable = true;
947 }
** CID 1659048: Control flow issues (DEADCODE)
/sw/source/ui/fldui/flddok.cxx: 496 in
SwFieldDokPage::FillFormatLB(SwFieldTypesEnum)()
_____________________________________________________________________________________________
*** CID 1659048: Control flow issues (DEADCODE)
/sw/source/ui/fldui/flddok.cxx: 496 in
SwFieldDokPage::FillFormatLB(SwFieldTypesEnum)()
490 }
491
492 if (IsFieldEdit())
493 {
494 if (nTypeId == SwFieldTypesEnum::Author)
495 {
>>> CID 1659048: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "nFormat = o3tl::is_typed_fl...".
496 SwAuthorFormat nFormat = static_cast<const
SwAuthorField*>(GetCurField())->GetFormat() & ~SwAuthorFormat::Fixed;
497
m_xFormatLB->select_id(OUString::number(static_cast<sal_uInt32>(nFormat)));
498 }
499 else if (nTypeId == SwFieldTypesEnum::ExtendedUser)
500 {
501 SwAuthorFormat nFormat = static_cast<const
SwExtUserField*>(GetCurField())->GetFormat() & ~SwAuthorFormat::Fixed;
** CID 1659047: Security best practices violations (STRING_OVERFLOW)
/sal/osl/unx/file.cxx: 887 in
setAllowedPaths(std::basic_string_view<char16_t, std::char_traits<char16_t>>)()
_____________________________________________________________________________________________
*** CID 1659047: Security best practices violations (STRING_OVERFLOW)
/sal/osl/unx/file.cxx: 887 in
setAllowedPaths(std::basic_string_view<char16_t, std::char_traits<char16_t>>)()
881 isResolved = !!realpath(folderPath.getStr(), resolvedPath);
882 notExists = !isResolved && errno == ENOENT;
883
884 if (notExists || !isResolved || strlen(resolvedPath) +
aPath.getLength() - n + 1 >= PATH_MAX)
885 return; // too bad
886 else
>>> CID 1659047: Security best practices violations
>>> (STRING_OVERFLOW)
>>> You might overrun the 4096-character fixed-size string "resolvedPath"
>>> by copying "aPath.getStr() + n" without checking the length.
887 strcat(resolvedPath, aPath.getStr() + n);
888 }
889
890 if (isResolved)
891 {
892 OString aPushPath(resolvedPath, strlen(resolvedPath));
** CID 1659046: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
/sw/source/filter/md/mdtab.cxx: 70 in
SwMarkdownParser::StartTable(int, int)()
_____________________________________________________________________________________________
*** CID 1659046: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
/sw/source/filter/md/mdtab.cxx: 70 in
SwMarkdownParser::StartTable(int, int)()
64 if (m_pPam->GetPoint()->GetContentIndex())
65 AppendTextNode(AM_SPACE);
66 else
67 AddParSpace();
68
69 std::shared_ptr<MDTable> xTable = std::make_shared<MDTable>(this);
>>> CID 1659046: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
>>> "xTable" is copied in a call to copy assignment "operator =", when it
>>> could be moved instead.
70 m_xTable = xTable;
71
72 const SwTable* pTable
73 =
m_xDoc->InsertTable(SwInsertTableOptions(SwInsertTableFlags::All, 1),
*m_pPam->GetPoint(),
74 nRow, nCol, text::HoriOrientation::FULL);
75 m_xTable->SetTable(pTable, nRow, nCol);
** CID 1659045: Security best practices violations (STRING_OVERFLOW)
/sal/osl/unx/file.cxx: 931 in isForbidden(const rtl::OString &,
unsigned int)()
_____________________________________________________________________________________________
*** CID 1659045: Security best practices violations (STRING_OVERFLOW)
/sal/osl/unx/file.cxx: 931 in isForbidden(const rtl::OString &,
unsigned int)()
925 bool notExists = !isResolved && errno == ENOENT;
926 if (notExists) // folder doesn't exist, check parent, in the
end of chain checks "."
927 return isForbidden(folderPath, nFlags);
928 else if (!isResolved || strlen(resolvedPath) +
filePath.getLength() - n + 1 >= PATH_MAX)
929 return true; // too bad
930 else
>>> CID 1659045: Security best practices violations
>>> (STRING_OVERFLOW)
>>> You might overrun the 4096-character fixed-size string "resolvedPath"
>>> by copying "filePath->getStr() + n" without checking the length.
931 strcat(resolvedPath, filePath.getStr() + n);
932 }
933
934 const std::vector<OString> *pCheckPaths = &allowedPathsRead;
935 if (nFlags & osl_File_OpenFlag_Write ||
936 nFlags & osl_File_OpenFlag_Create)
** CID 1659044: Resource leaks (RESOURCE_LEAK)
/sal/osl/unx/pipe.cxx: 211 in osl_psz_createPipe(const char *,
unsigned int, void *)()
_____________________________________________________________________________________________
*** CID 1659044: Resource leaks (RESOURCE_LEAK)
/sal/osl/unx/pipe.cxx: 211 in osl_psz_createPipe(const char *,
unsigned int, void *)()
205
206 memset(&addr, 0, sizeof(addr));
207
208 SAL_INFO("sal.osl.pipe", "new pipe on fd " << pPipe->m_Socket << "
'" << name << "'");
209
210 if (isForbidden(name, osl_File_OpenFlag_Create))
>>> CID 1659044: Resource leaks (RESOURCE_LEAK)
>>> Variable "pPipe" going out of scope leaks the storage it points to.
211 return nullptr;
212
213 addr.sun_family = AF_UNIX;
214 // coverity[fixed_size_dest : FALSE] - safe, see check above
215 strcpy(addr.sun_path, name.getStr());
216 #if defined(FREEBSD)
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://scan.coverity.com/projects/libreoffice?tab=overview
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.freedesktop.org/archives/libreoffice/attachments/20250713/35957e68/attachment-0001.htm>
------------------------------
Subject: Digest Footer
_______________________________________________
LibreOffice mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/libreoffice
------------------------------
End of LibreOffice Digest, Vol 179, Issue 14
********************************************
