OK, this is the same pattern as the case handled in:
git show 4bcf1872 oox/source/drawingml/chart/typegroupconverter.cxx
There might similar bugs hanging around. In a nutshell, some fallback
code in the importer forgot to init some part of the structure. This was
fine until we moved from relying on the element count to relying on the
last element index.
Here is a tentative fix: https://gerrit.libreoffice.org/30838
Le 11/11/2016 à 17:20, Caolán McNamara a écrit :
On Thu, 2016-11-10 at 21:38 +0100, Jean-Tiare LE BIGOT wrote:
Thanks for the explanations ! Unfortunately, I can't access
https://bugzilla.novell.com/show_bug.cgi?id=403458.
Can someone grant access to 'yadutaf' / ad...@jtlebi.fr or send me
privately a copy of this file to troubleshoot ?
I tried to reproduce the crashes with some of the files I have access
to:
- fdo58197-1.pptx
fdo58197-1.pptx will do fine to reproduce it, they're all the same
issue.
They all seem to crash somewhere in libxmlreaderlo.so. It seems
unlikely to be related to commit
4bcf1872bbe9db1388769485a7e4c0cbcce3d53c
It crashes in libxmlreaderlo.so because an unexpected std::length_error
exception is thrown and it dies through std::terminate. My commit
"fixes" this by making those methods allow std::exception derived
exceptions to be thrown through them, so it doesn't crash.
if you...
gdb --args ./instdir/program/soffice.bin --headless --convert-to pdf
fdo58197-1.pptx
(gdb) catch throw std::length_error
(gdb) run
(gdb) up... a bunch of times until you get to chartconverter.cxx
you'll see that chartconverter.cxx:136 is
Matrix< Any > aMatrix( rDataSeq.mnPointCount, 1 )
and rDataSeq.mnPointCount is -1, which doesn't make sense as a length
argument to vector::resize
C.
--
Jean-Tiare LE BIGOT
_______________________________________________
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice
