https://bugs.documentfoundation.org/show_bug.cgi?id=161232
Bug ID: 161232
Summary: Crash opening a specific Writer document
Product: LibreOffice
Version: 7.1.0.3 release
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: medium
Component: Writer
Assignee: [email protected]
Reporter: [email protected]
Created attachment 194301
--> https://bugs.documentfoundation.org/attachment.cgi?id=194301&action=edit
A document crashing on opening
Open the attached document. It crashes on opening, starting from version 7.1.
The commit since it started crashing is
d336e6c26012255015d3fc0caf8e7fafe14bd8f2 (tdf#69647 sw layout: fix line spacing
with inline pictures, 2020-08-28); but the mentioned commit is not the real
problem, it simply changed layout in such a way, that the real unknown problem
in layout started to appear in this document.
Similarly, commit ae9e8f3f6d10b0be2fe5b9b238a531b17e0d67da (tdf#160526,
tdf#160549: fix split conditions at page start, 2024-04-07) caused attachment
128826 from bug 103059 to crash on Linux when converting to PDF in command
line. I guess, that these two are the same problem (the FODT that I attach here
is actually carefully cleared attachment 128826, and in the cleanup process, it
became apparent, that it also failed in earlier versions, and not only on
Linux, when layout is tweaked a bit). Likely, it maybe possible to tweak the
layout further to cause the same crash in earlier versions, too.
The problem seems to be use-after-free in SwTextFormatter::InsertPortion and/or
SwTextFormatter::NewPortion.
--
You are receiving this mail because:
You are the assignee for the bug.
