53025 – package: crash in retriving graphic from 1.1.3 password protected .sxw

Issue 53025 - package: crash in retriving graphic from 1.1.3 password protected .sxw

Summary: package: crash in retriving graphic from 1.1.3 password protected .sxw

Status:	CLOSED FIXED

Alias:	None

Product:	xml
Classification:	Code
Component:	code (show other issues)
Version:	680m122
Hardware:	All Linux, all

Importance:	P3 Trivial (vote)
Target Milestone:	OOo 2.0.1
Assignee:	michael.ruess
QA Contact:	issues@xml

URL:
Keywords:

Depends on:
Blocks:

Reported:	2005-08-08 09:18 UTC by caolanm
Modified:	2005-10-13 14:30 UTC (History)
CC List:	2 users (show)

See Also:
Issue Type:	DEFECT
Latest Confirmation in:	---
Developer Difficulty:	---

Attachments
example (12.71 KB, application/vnd.sun.xml.writer) 2005-08-08 09:19 UTC, caolanm	no flags	Details
The suggested patch. (5.06 KB, text/plain) 2005-08-15 13:22 UTC, mikhail.voytenko	no flags	Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description caolanm 2005-08-08 09:18:39 UTC

cmc->mru: In the password protected document that i'll send you the password
for, on loading the document and scrolling around a little then after a few
seconds there's a crash with stack...

0x5e4b96: /usr/lib/openoffice.org2.0/program/libuno_sal.so.3 + 0x1db96
0x5e53e4: /usr/lib/openoffice.org2.0/program/libuno_sal.so.3 + 0x1e3e4
0xe2f420:  + 0x420 (__kernel_sigreturn + 0x0)
0x9c6948: /lib/libc.so.6 + 0x29948 (abort + 0xf8)
0xdcad5e: /usr/lib/libstdc++.so.6 + 0xb7d5e (__gnu_cxx::
__verbose_terminate_handler() + 0x16e)
0xdc8a31: /usr/lib/libstdc++.so.6 + 0xb5a31
0xdc8a66: /usr/lib/libstdc++.so.6 + 0xb5a66
0xdc8b9a: /usr/lib/libstdc++.so.6 + 0xb5b9a (__cxa_rethrow + 0x0)
0x5b1de30: /usr/lib/openoffice.org2.0/program/libxstor.so + 0x16e30 
(OInputSeekStream::getLength() + 0x74)
0x7b56f2: /usr/lib/openoffice.org2.0/program/libutl680li.so + 0x3b6f2 (utl::
UcbLockBytes::Stat(SvLockBytesStat*, SvLockBytesStatFlag) const + 0x88)
0x29d4e0: /usr/lib/openoffice.org2.0/program/libtl680li.so + 0x604e0 (SvStream::
SeekPos(unsigned long) + 0x32)
0x29a8b2: /usr/lib/openoffice.org2.0/program/libtl680li.so + 0x5d8b2 (SvStream::
Seek(unsigned long) + 0xc0)
0x2e29105: /usr/lib/openoffice.org2.0/program/libsvt680li.so + 0x1e1105
0x2e2ae97: /usr/lib/openoffice.org2.0/program/libsvt680li.so + 0x1e2e97 
(GraphicFilter::ImpTestOrFindFormat(String const&, SvStream&, unsigned short&) + 
0x53)
0x2e2dcf4: /usr/lib/openoffice.org2.0/program/libsvt680li.so + 0x1e5cf4 
(GraphicFilter::ImportGraphic(Graphic&, String const&, SvStream&, unsigned 
short, unsigned short*, unsigned long) + 0x116)
0xb50ea0e3: /usr/lib/openoffice.org2.0/program/libsvx680li.so + 0x4cf0e3 
(SdrGrafObj::ImpSwapHdl(GraphicObject*) + 0x199)
0xb50ea214: /usr/lib/openoffice.org2.0/program/libsvx680li.so + 0x4cf214 
(SdrGrafObj::LinkStubImpSwapHdl(void*, void*) + 0x1a)
0x21f3920: /usr/lib/openoffice.org2.0/program/libgo680li.so + 0x5a920
0x21f0c2a: /usr/lib/openoffice.org2.0/program/libgo680li.so + 0x57c2a 
(GraphicObject::GetSwapStream() const + 0x1e)
0x21f0963: /usr/lib/openoffice.org2.0/program/libgo680li.so + 0x57963 
(GraphicObject::ImplAutoSwapIn() + 0x77)
0x21f0ef9: /usr/lib/openoffice.org2.0/program/libgo680li.so + 0x57ef9 
(GraphicObject::FireSwapInRequest() + 0x17)
0xb50e8a5d: /usr/lib/openoffice.org2.0/program/libsvx680li.so + 0x4cda5d 
(SdrGrafObj::ForceSwapIn() const + 0x21)
0xb50ab835: /usr/lib/openoffice.org2.0/program/libsvx680li.so + 0x490835
0xb50ab852: /usr/lib/openoffice.org2.0/program/libsvx680li.so + 0x490852
0xb50b0fb4: /usr/lib/openoffice.org2.0/program/libsvx680li.so + 0x495fb4
0xb50b0ff6: /usr/lib/openoffice.org2.0/program/libsvx680li.so + 0x495ff6
0x23934b8: /usr/lib/openoffice.org2.0/program/libvcl680li.so + 0x8e4b8
0xfb6fe5: /usr/lib/openoffice.org2.0/program/libvclplug_gen680li.so + 0x3efe5
0xfb6fd0: /usr/lib/openoffice.org2.0/program/libvclplug_gen680li.so + 0x3efd0 
(SalData::Timeout() const + 0x24)
0x1a2352: /usr/lib/openoffice.org2.0/program/libvclplug_gtk680li.so + 0xa352
0xf13f06: /usr/lib/libglib-2.0.so.0 + 0x24f06
0xf123ee: /usr/lib/libglib-2.0.so.0 + 0x233ee (g_main_context_dispatch + 0x1dc)
0xf153f6: /usr/lib/libglib-2.0.so.0 + 0x263f6
0xf158d8: /usr/lib/libglib-2.0.so.0 + 0x268d8 (g_main_context_iteration + 0x66)
0x1a2535: /usr/lib/openoffice.org2.0/program/libvclplug_gtk680li.so + 0xa535
0xfbdda1: /usr/lib/openoffice.org2.0/program/libvclplug_gen680li.so + 0x45da1 
(X11SalInstance::Yield(unsigned char) + 0x29)
0x238d91c: /usr/lib/openoffice.org2.0/program/libvcl680li.so + 0x8891c 
(Application::Yield() + 0x50)
0x238d95a: /usr/lib/openoffice.org2.0/program/libvcl680li.so + 0x8895a 
(Application::Execute() + 0x26)
0x8065670: /usr/lib/openoffice.org2.0/program/soffice.bin + 0x1d670 (desktop::
Desktop::Main() + 0x149a)
0x2392d49: /usr/lib/openoffice.org2.0/program/libvcl680li.so + 0x8dd49 (SVMain() 
+ 0x45)
0x8060723: /usr/lib/openoffice.org2.0/program/soffice.bin + 0x18723 (sal_main + 
0x47)
0x9b1de6: /lib/libc.so.6 + 0x14de6 (__libc_start_main + 0xc6)
0x8060659: /usr/lib/openoffice.org2.0/program/soffice.bin + 0x18659 (Window::
RequestHelp(HelpEvent const&) + 0x31)

Comment 1 caolanm 2005-08-08 09:19:05 UTC

Created attachment 28565 [details]
example

Comment 2 michael.ruess 2005-08-09 12:09:08 UTC

MRU->MBA: the problem is only reproducable with two conditions:
- document is password protected
- Platform Linux
When the document has been opened, the crash will occur when OO tries to show
the graphic.
The password will be forwarded by mail.

Comment 3 Mathias_Bauer 2005-08-12 09:54:22 UTC

reassigned to mav

Comment 4 mikhail.voytenko 2005-08-15 13:21:28 UTC

The problem is that the storage API is misused in the
"sw/source/core/graphics/ndgrf.cxx", the pictures substorage dies by refcount
immediatelly after the graphics stream is retrieved. In result when the stream
is read it is already closed.

Please see the suggested patch attached.

Comment 5 mikhail.voytenko 2005-08-15 13:22:59 UTC

Created attachment 28778 [details]
The suggested patch.

Comment 6 mikhail.voytenko 2005-08-15 13:28:55 UTC

Adding myself to CC.

Comment 7 Oliver-Rainer Wittmann 2005-08-17 10:58:27 UTC

fixed in cws swqbf35 - changed files:
/sw/inc/ndgrf.hxx, 1.15.34.1
/sw/source/core/graphic/ndgrf.cxx, 1.30.36.1

Comment 8 Oliver-Rainer Wittmann 2005-08-22 10:20:17 UTC

OD->MRU:
Checked in internal installation set of cws swqbf35 - please verify.

re-open issue and reassign to mru@openoffice.org

Comment 9 Oliver-Rainer Wittmann 2005-08-22 10:20:36 UTC

reassign to mru@openoffice.org

Comment 10 Oliver-Rainer Wittmann 2005-08-22 10:20:45 UTC

reset resolution to FIXED

Comment 11 michael.ruess 2005-08-25 07:40:40 UTC

Verified fix in CWS swqbf35.

Comment 12 michael.ruess 2005-10-13 14:30:44 UTC

Checked fix in 680m133.