https://issues.apache.org/ooo/show_bug.cgi?id=124338
Oliver-Rainer Wittmann <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Crash when opening user |Crash when opening ODF |guides from LibreOffice |document containing | |combination of alphabetical | |index mark and bookmark at | |a paragraph --- Comment #10 from Oliver-Rainer Wittmann <[email protected]> --- The found defect is a general one when deleting a certain mark (1). The code for deleting a mark relies on the fact that the internal used containers for the marks are sorted. The sorting is based on the mark's starting position. The sorting 'got lost' in the following use case: - There is a mark M1 at certain position X in paragraph P. It marks the position, not a text range - There is another mark M2 which marks text range X..X+n in paragraph P. - As M1's and M2's start position is X sorting in the internal containers is not relevant. As M2 is created after M1 the containers hold M2 before M1. - Now, a character is inserted at position X in paragraph P. --> mark M1 still marks position X in paragraph P, while M2 marks now text range X+1..X+1+n in paragraph P, but the internal containers holding M2 and M1 are not sorted. - Now, delete M1 --> crash, because deleting code assumes sorted container and thus, does not found corresponding mark in the containers. In the given documents M1 is a UNO mark and M2 is a Bookmark. The inserted character is a place-holder character inserted for the alphabetical index after M1 and M2 has been created. The UNO mark holding certain text positions for the ODF import is deleted afterwards and this caused the crash. A manual use case is that M1 and M2 are both Bookmarks created by the user in a new or existing text document. The inserted character is also inserted by the user after the creation of M1 and M2. Afterwards M1 has to be deleted manually by the user. This use case also causes a crash in former OpenOffice versions, but not whose which are using STLport as STLport seems to be fault-tolerant when erasing 'end' iterators from a container. Thus, AOO 4.0.0 and AOO 4.0.1 are crashing. Former version on non-Windows platform may be crashing. The crash becomes more visible in 4.1.0 code line as for the annotation marks further internal mark containers had been introduced. Footnotes: (1) Internally, OpenOffice Writer has certain mark types. These are: - Bookmarks - Cross-reference marks - Fieldmarks - Navigator reminders - DDE marks - UNO marks (also used during the ODF import) - Annotation marks -- You are receiving this mail because: You are on the CC list for the bug. You are watching all bug changes.
