Okay thanks that's what I needed to know. So I can either create the receiving address from the off-line machine or from the read only part of the wallet which is online?
As far as possible, try to check the addresses on both your main and offline instances; just the first and last few characters will be sufficient.
Master public key will provide zero deviation from both your wallets provided the same parameters but as I have mentioned, nothing can stop a malware on your online computer to change the addresses on it. The addresses that is displayed on your cold wallet will always be correct, but there are still quite a few attack vectors present on your online computer. I'm not sure if I'm being overly concerned about this or not.
You might need to increase the gap limit on your offline computer if someday you don't see the addresses being displayed on your offline computer.