Bug 871012
Summary: | file, which is created as inkscape svg in Ubuntu, does not open with "out of memory" error. large background bitmap seems to be the problem. | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Alexander Onic <np> | ||||
Component: | libxml2 | Assignee: | Daniel Veillard <veillard> | ||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | unspecified | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 17 | CC: | c.david86, duffy, gwync, lkundrak, veillard | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | x86_64 | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2012-12-20 15:33:04 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Alexander Onic
2012-10-29 12:08:19 UTC
Can you attach the file, please? Created attachment 635043 [details]
svg files that show the described behavior
This is not the original file, but a cleaned out one.
error output is here >>
bugreport.svg:2142: error: xmlSAX2Characters: huge text node: out of memory
id="flowPara3740" /></flowRoot> <image
^
bugreport.svg:2142: parser error : Extra content at the end of the document
id="flowPara3740" /></flowRoot> <image
^
Filed upstream: https://bugs.launchpad.net/inkscape/+bug/1073315 Occurs on Fedora 18 as well, with libxml2 2.9.0. Confirmed, basically the image <image xlink:href="data:image/tiff;base64,SUkqAAgAAAAXAP4AB .... TokrxM8 2U881Ziy+9XLeaZUMMYnr3OSqzN66gRKnVlLHtPnbBYDYS0kBazkppTeeKtxIwsRt/bOYyAg AwAB oAMAAQAAAP//AAACoAQAAQAAALAJAAADoAQAAQAAALMNAAAAAAAAAAA= " width="2434.2515" height="2721.7761" id="image5766" x="35.433308" y="471.49432" style="fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:3.54330707 ;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none" /> consists of a single text node of more than 10 megabytes. The problem is that it was one way to generate DoS attacks against services parsing XML unchecked input, you can reproduce this with xmllint command line tool: thinkpad:~ -> /usr/bin/xmllint --noout Desktop/Download/bugreport.svg Desktop/Download/bugreport.svg:2142: parser error : internal error: Huge input lookup P0HuuQ+uIcMyu8HqHiHyHKHhnyHDQIwGk136hjmLlya2Kko wJUhYH33/OAMWL+yMSbgatZl1mQmU3sI ^ Desktop/Download/bugreport.svg:2142: parser error : xmlSAX2Characters: huge text node id="flowPara3740" /></flowRoot> <image ^ Desktop/Download/bugreport.svg:2142: parser error : Extra content at the end of the document id="flowPara3740" /></flowRoot> <image ^ thinkpad:~ -> There is a parser option to disable those kind of sanity checks thinkpad:~ -> /usr/bin/xmllint --noout --huge Desktop/Download/bugreport.svg thinkpad:~ -> this could be 'fixed' in two ways: - reduce your image size slightly to fit in 10MB uuencoded (inkscape at saving time could do that kind of checking and warn the user). - in inkscape code where the XML is loaded add the XML_PARSE_HUGE option which would disable those checks. It's probably safe in inkscape code. Daniel Another option might be to switch the background image type from tiff which is huge to an equivalent lossless format but compressed like gif or png, Daniel inkscape-0.48.3.1-2.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/inkscape-0.48.3.1-2.fc18 inkscape-0.48.3.1-2.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/inkscape-0.48.3.1-2.fc17 Package inkscape-0.48.3.1-2.fc18: * should fix your issue, * was pushed to the Fedora 18 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing inkscape-0.48.3.1-2.fc18' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-17442/inkscape-0.48.3.1-2.fc18 then log in and leave karma (feedback). I just looked at inkscape-0.48.3.1-hugexml.patch and yes that looks exactly the right fix, thanks for the fast reaction, let's make sure the patch is pushed upstream (they use bazaar, which i'm not used to, so didn't checked myself) Daniel No worries, it's from upstream. Great guys, that was fast. I can't test it at the moment, but I believe it should do it. What a satisfying bug reporting experience! :) inkscape-0.48.3.1-2.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report. |