Bug 161899

Summary: Crash when opening certain files produced by GRAMPS
Product: [Fedora] Fedora Reporter: Julio Sanchez Fernandez <julio.sanchez>
Component: openoffice.orgAssignee: Caolan McNamara <caolanm>
Status: CLOSED UPSTREAM QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 4   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-06-28 10:55:00 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Document that makes oowriter crash none

Description Julio Sanchez Fernandez 2005-06-28 10:39:30 UTC 
Description of problem:

GRAMPS is a genealogy program that creates reports in a variety of formats,
including OpenOffice.org.  Some files created by GRAMPS make OpenOffice.org crash.

The output from GRAMPS may be invalid, but OpenOffice.org should not crash.
This may have security implications, but they have not been explored.

Version-Release number of selected component (if applicable):

openoffice.org-writer-1.9.109-6.2.0.fc5 (I updated from the fc4 version to get
the crash_report script, the fc4 version crashed as well, but gave no info)

How reproducible:

Everytime with the right file.  Other files, even if produced by GRAMPS, do not
induce a crash.

Steps to Reproduce:
1. Load in oowriter the attached file
2.
3.
  
Actual results:

oowriter crashes, output from crash_report is:

0xae2afe: /usr/lib/openoffice.org2.0/program/libuno_sal.so.3 + 0x1dafe
0xae334c: /usr/lib/openoffice.org2.0/program/libuno_sal.so.3 + 0x1e34c
0xf98420:  + 0x420 (__kernel_sigreturn + 0x0)
0x27c4ba6: /usr/lib/openoffice.org2.0/program/libxo680li.so + 0x165ba6
0x26be2c1: /usr/lib/openoffice.org2.0/program/libxo680li.so + 0x5f2c1
(SvXMLImport::startElement(rtl::OUString const&,
com::sun::star::uno::Reference<com::sun::star::xml::sax::XAttributeList> const&)
+ 0x387)
0x184c9c5: /usr/lib/openoffice.org2.0/program/libxof680li.so + 0x219c5
0x185585d: /usr/lib/openoffice.org2.0/program/libxof680li.so + 0x2a85d
0x10da2f7: /usr/lib/openoffice.org2.0/program/sax.uno.so + 0x92f7
0x81de03: /usr/lib/libexpat.so.0 + 0x8e03
0x81ec6d: /usr/lib/libexpat.so.0 + 0x9c6d
0x81cab2: /usr/lib/libexpat.so.0 + 0x7ab2
0x81d73d: /usr/lib/libexpat.so.0 + 0x873d
0x8177e9: /usr/lib/libexpat.so.0 + 0x27e9 (XML_ParseBuffer + 0x75)
0x819d9b: /usr/lib/libexpat.so.0 + 0x4d9b (XML_Parse + 0x143)
0x10da46f: /usr/lib/openoffice.org2.0/program/sax.uno.so + 0x946f
0x10dad05: /usr/lib/openoffice.org2.0/program/sax.uno.so + 0x9d05
0xb521c181: /usr/lib/openoffice.org2.0/program/libsw680li.so + 0x541181
0xb521c5ef: /usr/lib/openoffice.org2.0/program/libsw680li.so + 0x5415ef
0xb521d8e8: /usr/lib/openoffice.org2.0/program/libsw680li.so + 0x5428e8
0xb50fa4b8: /usr/lib/openoffice.org2.0/program/libsw680li.so + 0x41f4b8
0xb525af61: /usr/lib/openoffice.org2.0/program/libsw680li.so + 0x57ff61
0x865646d: /usr/lib/openoffice.org2.0/program/libsfx680li.so + 0x11846d
(SfxObjectShell::LoadOwnFormat(SfxMedium&) + 0xe5)
0x865a71e: /usr/lib/openoffice.org2.0/program/libsfx680li.so + 0x11c71e
(SfxObjectShell::DoLoad(SfxMedium*) + 0x430)
0x8688db6: /usr/lib/openoffice.org2.0/program/libsfx680li.so + 0x14adb6
(SfxBaseModel::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue>
const&) + 0x302)
0x86a4071: /usr/lib/openoffice.org2.0/program/libsfx680li.so + 0x166071
0x127f4b2: /usr/lib/openoffice.org2.0/program/libfwk680li.so + 0xe04b2
0x127f675: /usr/lib/openoffice.org2.0/program/libfwk680li.so + 0xe0675
0x127f72e: /usr/lib/openoffice.org2.0/program/libfwk680li.so + 0xe072e
0x11d36fb: /usr/lib/openoffice.org2.0/program/libfwk680li.so + 0x346fb
0x8072879: /usr/lib/openoffice.org2.0/program/soffice.bin + 0x48879
(desktop::DispatchWatcher::executeDispatchRequests(_STL::vector<desktop::DispatchWatcher::DispatchRequest,
_STL::allocator<desktop::DispatchWatcher::DispatchRequest> > const&) + 0xf27)
0x806c59b: /usr/lib/openoffice.org2.0/program/soffice.bin + 0x4259b
(desktop::OfficeIPCThread::ExecuteCmdLineRequests(desktop::ProcessDocumentsRequest&)
+ 0x10b)
0x8062f27: /usr/lib/openoffice.org2.0/program/soffice.bin + 0x38f27
(desktop::Desktop::OpenClients() + 0x38b)
0x8066e03: /usr/lib/openoffice.org2.0/program/soffice.bin + 0x3ce03
(desktop::Desktop::OpenClients_Impl(void*) + 0x25)
0x5e044e2: /usr/lib/openoffice.org2.0/program/libvcl680li.so + 0x824e2
0x5f58853: /usr/lib/openoffice.org2.0/program/libvcl680li.so + 0x1d6853
0xf0611c: /usr/lib/openoffice.org2.0/program/libvclplug_gen680li.so + 0x2211c
0xf2b27b: /usr/lib/openoffice.org2.0/program/libvclplug_gen680li.so + 0x4727b
(SalDisplay::DispatchInternalEvent() + 0xad)
0xe438b3: /usr/lib/openoffice.org2.0/program/libvclplug_gtk680li.so + 0xa8b3
0xe80650: /usr/lib/libglib-2.0.so.0 + 0x25650
0xe7e3ee: /usr/lib/libglib-2.0.so.0 + 0x233ee (g_main_context_dispatch + 0x1dc)
0xe813f6: /usr/lib/libglib-2.0.so.0 + 0x263f6
0xe818d8: /usr/lib/libglib-2.0.so.0 + 0x268d8 (g_main_context_iteration + 0x66)
0xe434d9: /usr/lib/openoffice.org2.0/program/libvclplug_gtk680li.so + 0xa4d9
0xf2cf41: /usr/lib/openoffice.org2.0/program/libvclplug_gen680li.so + 0x48f41
(X11SalInstance::Yield(unsigned char) + 0x29)
0x5e0a850: /usr/lib/openoffice.org2.0/program/libvcl680li.so + 0x88850
(Application::Yield() + 0x50)
0x5e0a88e: /usr/lib/openoffice.org2.0/program/libvcl680li.so + 0x8888e
(Application::Execute() + 0x26)
0x80667c7: /usr/lib/openoffice.org2.0/program/soffice.bin + 0x3c7c7
(desktop::Desktop::Main() + 0x14a3)
0x5e0fc73: /usr/lib/openoffice.org2.0/program/libvcl680li.so + 0x8dc73 (SVMain()
+ 0x45)
0x80618cb: /usr/lib/openoffice.org2.0/program/soffice.bin + 0x378cb (sal_main +
0x47)
0x557de6: /lib/libc.so.6 + 0x14de6 (__libc_start_main + 0xc6)
0x8061801: /usr/lib/openoffice.org2.0/program/soffice.bin + 0x37801
(Window::RequestHelp(HelpEvent const&) + 0x31)

Expected results:


Additional info:
Comment 1 Julio Sanchez Fernandez 2005-06-28 10:39:31 UTC 
Created attachment 116050 [details]
Document that makes oowriter crash
Comment 2 Caolan McNamara 2005-06-28 10:55:00 UTC 
I see it, affects all ooo varients. Logging upstream as
http://qa.openoffice.org/issues/show_bug.cgi?id=51301