Bug Summary

File:home/maarten/src/libreoffice/core/sw/source/ui/uno/swdetect.cxx
Warning:line 129, column 10
Potential leak of memory pointed to by 'aStorage.pObj'

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-unknown-linux-gnu -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name swdetect.cxx -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=cplusplus -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -mframe-pointer=all -fmath-errno -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -fno-split-dwarf-inlining -debugger-tuning=gdb -resource-dir /usr/lib64/clang/11.0.0 -D BOOST_ERROR_CODE_HEADER_ONLY -D BOOST_SYSTEM_NO_DEPRECATED -D CPPU_ENV=gcc3 -D LINUX -D OSL_DEBUG_LEVEL=1 -D SAL_LOG_INFO -D SAL_LOG_WARN -D UNIX -D UNX -D X86_64 -D _PTHREADS -D _REENTRANT -D EXCEPTIONS_ON -D LIBO_INTERNAL_ONLY -I /home/maarten/src/libreoffice/core/external/boost/include -I /home/maarten/src/libreoffice/core/workdir/UnpackedTarball/boost -I /home/maarten/src/libreoffice/core/include -I /usr/lib/jvm/java-11-openjdk-11.0.9.10-0.0.ea.fc33.x86_64/include -I /usr/lib/jvm/java-11-openjdk-11.0.9.10-0.0.ea.fc33.x86_64/include/linux -I /home/maarten/src/libreoffice/core/config_host -I /home/maarten/src/libreoffice/core/workdir/UnoApiHeadersTarget/udkapi/normal -I /home/maarten/src/libreoffice/core/workdir/UnoApiHeadersTarget/offapi/normal -internal-isystem /usr/bin/../lib/gcc/x86_64-redhat-linux/10/../../../../include/c++/10 -internal-isystem /usr/bin/../lib/gcc/x86_64-redhat-linux/10/../../../../include/c++/10/x86_64-redhat-linux -internal-isystem /usr/bin/../lib/gcc/x86_64-redhat-linux/10/../../../../include/c++/10/backward -internal-isystem /usr/local/include -internal-isystem /usr/lib64/clang/11.0.0/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -O0 -Wno-missing-braces -std=c++17 -fdeprecated-macro -fdebug-compilation-dir /home/maarten/src/libreoffice/core -ferror-limit 19 -fvisibility hidden -fvisibility-inlines-hidden -stack-protector 2 -fgnuc-version=4.2.1 -fcxx-exceptions -fexceptions -debug-info-kind=constructor -analyzer-output=html -faddrsig -o /home/maarten/tmp/wis/scan-build-libreoffice/output/report/2020-10-07-141433-9725-1 -x c++ /home/maarten/src/libreoffice/core/sw/source/ui/uno/swdetect.cxx
1/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2/*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20#include "swdetect.hxx"
21
22#include <cppuhelper/supportsservice.hxx>
23#include <com/sun/star/io/XInputStream.hpp>
24#include <com/sun/star/uno/XComponentContext.hpp>
25#include <sfx2/docfile.hxx>
26#include <sot/storage.hxx>
27#include <unotools/mediadescriptor.hxx>
28
29using namespace ::com::sun::star;
30using namespace ::com::sun::star::uno;
31using namespace ::com::sun::star::io;
32using namespace ::com::sun::star::task;
33using namespace ::com::sun::star::beans;
34using namespace ::com::sun::star::lang;
35using utl::MediaDescriptor;
36
37SwFilterDetect::SwFilterDetect()
38{
39}
40
41SwFilterDetect::~SwFilterDetect()
42{
43}
44
45OUString SAL_CALL SwFilterDetect::detect( Sequence< PropertyValue >& lDescriptor )
46{
47 MediaDescriptor aMediaDesc( lDescriptor );
48 OUString aTypeName = aMediaDesc.getUnpackedValueOrDefault( MediaDescriptor::PROP_TYPENAME(), OUString() );
49 uno::Reference< io::XInputStream > xInStream ( aMediaDesc[MediaDescriptor::PROP_INPUTSTREAM()], uno::UNO_QUERY );
50 if ( !xInStream.is() )
1
Taking false branch
51 return OUString();
52
53 SfxMedium aMedium;
54 aMedium.UseInteractionHandler( false );
55 aMedium.setStreamToLoadFrom( xInStream, true );
56
57 SvStream *pInStrm = aMedium.GetInStream();
58 if ( !pInStrm || pInStrm->GetError() )
2
Assuming 'pInStrm' is non-null
3
Taking false branch
59 return OUString();
60
61 bool bIsDetected = false;
62
63 if ( aTypeName == "writer_Rich_Text_Format" )
4
Taking false branch
64 {
65 pInStrm->Seek( STREAM_SEEK_TO_BEGIN0L );
66 bIsDetected = ( read_uInt8s_ToOString( *pInStrm, 5 ) == "{\\rtf" );
67 }
68 else if ( aTypeName == "writer_MS_WinWord_5" )
5
Taking false branch
69 {
70 pInStrm->Seek( STREAM_SEEK_TO_BEGIN0L );
71 const sal_uInt8 nBufSize = 3;
72 sal_uInt8 nBuffer[ nBufSize ];
73 if (pInStrm->ReadBytes(nBuffer, nBufSize) < nBufSize)
74 return OUString();
75
76 bIsDetected = (nBuffer[0] == 0x9B && nBuffer[1] == 0xA5 && nBuffer[2] == 0x21) // WinWord 1
77 || (nBuffer[0] == 0x9C && nBuffer[1] == 0xA5 && nBuffer[2] == 0x21) // PMWord 1
78 || (nBuffer[0] == 0xDB && nBuffer[1] == 0xA5 && nBuffer[2] == 0x2D) // WinWord 2
79 || (nBuffer[0] == 0xDC && nBuffer[1] == 0xA5 && nBuffer[2] == 0x65); // WinWord 6.0/95, as a single stream file
80 }
81 else
82 {
83 // Do not attempt to create an SotStorage on a
84 // 0-length stream as that would create the compound
85 // document header on the stream and effectively write to
86 // disk!
87 pInStrm->Seek( STREAM_SEEK_TO_BEGIN0L );
88 if ( pInStrm->remainingSize() == 0 )
6
Assuming the condition is false
7
Taking false branch
89 return OUString();
90
91 try
92 {
93 tools::SvRef<SotStorage> aStorage = new SotStorage ( pInStrm, false );
8
Memory is allocated
94 if ( !aStorage->GetError() )
9
Taking false branch
95 {
96 bIsDetected = aStorage->IsContained( "WordDocument" );
97 if ( bIsDetected && aTypeName.startsWith( "writer_MS_Word_97" ) )
98 {
99 bIsDetected = ( aStorage->IsContained("0Table") || aStorage->IsContained("1Table") );
100
101 // If we are checking the template type, and the document is not a .dot, don't
102 // mis-detect it.
103 if ( bIsDetected && aTypeName == "writer_MS_Word_97_Vorlage" )
104 {
105 // Super ugly hack, but we don't want to use the whole WW8Fib thing here in
106 // the swd library, apparently. We know (do we?) that the "aBits1" byte, as
107 // the variable is called in WW8Fib::WW8Fib(SvStream&,sal_uInt8,sal_uInt32),
108 // is at offset 10 in the WordDocument stream. The fDot bit is bit 0x01 of
109 // that byte.
110 tools::SvRef<SotStorageStream> xWordDocument = aStorage->OpenSotStream("WordDocument", StreamMode::STD_READ);
111 xWordDocument->Seek( 10 );
112 if ( xWordDocument->Tell() == 10 )
113 {
114 sal_uInt8 aBits1;
115 xWordDocument->ReadUChar( aBits1 );
116 // Check fDot bit
117 bIsDetected = ((aBits1 & 0x01) == 0x01);
118 }
119 }
120 }
121 }
122 }
123 catch (...)
124 {
125 bIsDetected = false;
126 }
127 }
128
129 if ( bIsDetected )
10
Potential leak of memory pointed to by 'aStorage.pObj'
130 return aTypeName;
131
132 return OUString();
133}
134
135/* XServiceInfo */
136OUString SAL_CALL SwFilterDetect::getImplementationName()
137{
138 return "com.sun.star.comp.writer.FormatDetector";
139}
140
141/* XServiceInfo */
142sal_Bool SAL_CALL SwFilterDetect::supportsService( const OUString& sServiceName )
143{
144 return cppu::supportsService(this, sServiceName);
145}
146
147/* XServiceInfo */
148Sequence< OUString > SAL_CALL SwFilterDetect::getSupportedServiceNames()
149{
150 return { "com.sun.star.frame.ExtendedTypeDetection", "com.sun.star.text.FormatDetector", "com.sun.star.text.W4WFormatDetector" };
151}
152
153extern "C" SAL_DLLPUBLIC_EXPORT__attribute__ ((visibility("default"))) css::uno::XInterface*
154com_sun_star_comp_writer_FormatDetector_get_implementation(css::uno::XComponentContext*,
155 css::uno::Sequence<css::uno::Any> const &)
156{
157 return cppu::acquire(new SwFilterDetect());
158}
159
160/* vim:set shiftwidth=4 softtabstop=4 expandtab: */