Issue 42153 - import of RTF document causes crash
Summary: import of RTF document causes crash
Status: CLOSED FIXED
Alias: None
Product: Writer
Classification: Application
Component: open-import (show other issues)
Version: 680m75
Hardware: All Linux, all
: P3 Trivial (vote)
Target Milestone: ---
Assignee: michael.ruess
QA Contact: issues@sw
URL:
Keywords: crash, oooqa
Depends on:
Blocks:
 
Reported: 2005-02-06 16:37 UTC by rvojta
Modified: 2013-08-07 14:42 UTC (History)
2 users (show)

See Also:
Issue Type: DEFECT
Latest Confirmation in: ---
Developer Difficulty: ---

Attachments
RTF file generated from the Navision system (12.88 KB, text/rtf)
2005-02-06 16:39 UTC, rvojta 		no flags Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description rvojta 2005-02-06 16:37:07 UTC 
Hallo, try to open following document in the m75 version. Nothing happens
and immediate crash comes ... I can open this file in the 1.1.4 version
without problems.
Comment 1 rvojta 2005-02-06 16:39:06 UTC 
Created attachment 22263 [details]
RTF file generated from the Navision system
Comment 2 michael.ruess 2005-02-07 12:02:57 UTC 
MRU->FLR: I cannot see a crash, but the import process seems to abort at about
50% of the progress.
Comment 3 rvojta 2005-02-07 12:08:14 UTC 
Forget to mention that I'm using Linux version and now, without possibility
to try this RTF file on the Windows machine too.
Comment 4 andreas.martens 2005-02-18 10:24:10 UTC 
If it's not fixed in time for OOo2.0, it should be fixed for OOo2.0.1.
Comment 5 dankegel 2005-02-19 23:49:00 UTC 
Still crashing on Linux on 680m79.
Comment 6 dankegel 2005-02-20 00:32:48 UTC 
valgrind-2.2.0 finds the following suspicious activity closely
correlated with the problem (only happens when loading this file,
happens shortly after loading starts).  Given that valgrind is
pointing you right at something fishy, seems reasonable to
ask whether it could be fixed sooner rather than later.
(Yeah, you'll have to run it under valgrind yourself, since
I don't have a debug build, and my valgrind trace doesn't
have symbol names.  Still seems like a small thing to ask.)

==16055== Invalid read of size 4
==16055==    at 0x21EF8098: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x21EF814F: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x22094648: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x2201785B: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x221ED701: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x221F7FA4: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x221FE6D9: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x22200449: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x1BCB6851: SvRTFParser::Continue(int) (in
/opt/openoffice.org1.9.79/program/libsvl680li.so)
==16055==    by 0x2066F4F7: SvxRTFParser::Continue(int) (in
/opt/openoffice.org1.9.79/program/libsvx680li.so)
==16055==    by 0x221FA8E5: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x1BCB66D3: SvRTFParser::CallParser() (in
/opt/openoffice.org1.9.79/program/libsvl680li.so)
==16055==    by 0x2066E242: SvxRTFParser::CallParser() (in
/opt/openoffice.org1.9.79/program/libsvx680li.so)
==16055==    by 0x221FB211: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x221FCA6F: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x22176B01: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x2231423F: (within /opt/openoffice.org1.9.79/program/libsw680li.so)
==16055==    by 0x1F10778A: SfxObjectShell::DoLoad(SfxMedium*) (in
/opt/openoffice.org1.9.79/program/libsfx680li.so)
==16055==    by 0x1F14EE4A:
SfxBaseModel::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue>
const&) (in /opt/openoffice.org1.9.79/program/libsfx680li.so)
==16055==    by 0x1F17B524: (within
/opt/openoffice.org1.9.79/program/libsfx680li.so)
==16055==    by 0x1FA8441B: (within
/opt/openoffice.org1.9.79/program/libfwk680li.so)
==16055==    by 0x1FA84E2A: (within
/opt/openoffice.org1.9.79/program/libfwk680li.so)
==16055==    by 0x1F968DB2: (within
/opt/openoffice.org1.9.79/program/libfwk680li.so)
==16055==    by 0x1F968762: (within
/opt/openoffice.org1.9.79/program/libfwk680li.so)
==16055==    by 0x1F05F438: (within
/opt/openoffice.org1.9.79/program/libsfx680li.so)
==16055==    by 0x1F063DB7: (within
/opt/openoffice.org1.9.79/program/libsfx680li.so)
==16055==    by 0x1F1B9F60: (within
/opt/openoffice.org1.9.79/program/libsfx680li.so)
==16055==    by 0x1F1BA295: (within
/opt/openoffice.org1.9.79/program/libsfx680li.so)
==16055==    by 0x1F1BA335: (within
/opt/openoffice.org1.9.79/program/libsfx680li.so)
==16055==    by 0x1F1D9DCA: (within
/opt/openoffice.org1.9.79/program/libsfx680li.so)
==16055==    by 0x1F1D9D87: (within
/opt/openoffice.org1.9.79/program/libsfx680li.so)
==16055==    by 0x1BB0A5D0: (within
/opt/openoffice.org1.9.79/program/libvcl680li.so)
==16055==    by 0x1D79B3E7: SalDisplay::DispatchInternalEvent() (in
/opt/openoffice.org1.9.79/program/libvclplug_gen680li.so)
==16055==    by 0x1D79B416: (within
/opt/openoffice.org1.9.79/program/libvclplug_gen680li.so)
==16055==    by 0x1D796220: (within
/opt/openoffice.org1.9.79/program/libvclplug_gen680li.so)
==16055==    by 0x1D7957EC: SalXLib::Yield(unsigned char) (in
/opt/openoffice.org1.9.79/program/libvclplug_gen680li.so)
==16055==    by 0x1D79CDD2: X11SalInstance::Yield(unsigned char) (in
/opt/openoffice.org1.9.79/program/libvclplug_gen680li.so)
==16055==    by 0x1B9870F5: Application::Yield() (in
/opt/openoffice.org1.9.79/program/libvcl680li.so)
==16055==    by 0x1B987138: Application::Execute() (in
/opt/openoffice.org1.9.79/program/libvcl680li.so)
==16055==    by 0x807574B: desktop::Desktop::Main() (in
/opt/openoffice.org1.9.79/program/soffice.bin)
==16055==    by 0x1B98C360: SVMain() (in
/opt/openoffice.org1.9.79/program/libvcl680li.so)
==16055==    by 0x8069BAA: sal_main (in
/opt/openoffice.org1.9.79/program/soffice.bin)
==16055==    by 0x1CC8F8C6: __libc_start_main (in /lib/libc-2.3.2.so)
==16055==    by 0x8069AA0: (within /opt/openoffice.org1.9.79/program/soffice.bin)
==16055==  Address 0x8 is not stack'd, malloc'd or (recently) free'd
Comment 7 erzielin 2005-02-20 21:21:30 UTC 
Duplicated the issue on Windows XP using build 680m79. Writer crashed
immediately after opening the document in attachment #22263 [details], and after being
prompted to recover, this hung the CPU at 100%, and after 5 minutes I ended the
soffice.bin process from Windows Task Manager. A crash report was then submitted
referencing this issue # in the description.

Windows XP Pro SP2, hotfixes to 2/05
Java JRE 1.4.2_06
Build 680m79
Comment 8 flr 2005-08-17 14:18:15 UTC 
flr:
The bugdoc touches a structural problem in the current RTF import filter.  The
bugdoc contains a fragment
{\pvpg\phpg\posx1260\posy628{\pict ... }} \cell
which means, that the APO properties have no effect, since they are not in the
scope of the  \cell. However, the RTF import filter creates a frame.

The second problem is, that the core can not handle selection which only contain
a table. This is why OOo crashes. 

Adjusted fix for #i52542# to avoid this problem (the crash) also. Unfortionately
the other problems can not be handled by the current import filter without
fixing the structural problem.
Comment 9 flr 2005-08-17 14:51:33 UTC 
flr:
Applied patch in cws javapatch:

Checking in rtffly.cxx;
/cvs/sw/sw/source/filter/rtf/rtffly.cxx,v  <--  rtffly.cxx
new revision: 1.19.324.3; previous revision: 1.19.324.2
done
Comment 10 flr 2005-08-17 17:38:55 UTC 
.
Comment 11 michael.ruess 2005-11-09 13:14:34 UTC 
Reassigned to MRU for verification in CWS.

re-open issue and reassign to mru@openoffice.org
Comment 12 michael.ruess 2005-11-09 13:14:43 UTC 
reassign to mru@openoffice.org
Comment 13 michael.ruess 2005-11-09 13:14:48 UTC 
reset resolution to FIXED
Comment 14 michael.ruess 2005-11-09 13:25:44 UTC 
Verified fix in CWS javapatch.
Comment 15 michael.ruess 2005-11-17 10:47:03 UTC 
Checked fix in build 680m140.