Re: [PUSHED] Re: input for fdo#45779 from a basegfx knowledgeable person needed
Pierre-André Jacquod wrote: > So here the patch... > Thanks for a review and an ack before I push it. > Looks good, thanks a lot - pushed it right away. Cheers, -- Thorsten pgpph39MLsIeY.pgp Description: PGP signature ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
Re: [PATCH] Re: input for fdo#45779 from a basegfx knowledgeable person needed
Hello, On 05/03/2012 11:30 AM, Thorsten Behrens wrote: So what I suggest is a more defensive fix (or some larger review across the code is in order): make GetLineArrow() return the B2DPolyPolygon right away, and have *that one* be empty (i.e. not a Since I do not intend to become a specialist of this kind of elements, I choose your more defensive proposition. So here the patch... Thanks for a review and an ack before I push it. Regards Pierre-André >From b77f2a21d222607edff535d3a069b8c30d4d2664 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pierre-Andr=C3=A9=20Jacquod?= Date: Thu, 17 May 2012 17:51:33 +0200 Subject: [PATCH] fdo#45779 avoiding creation of inconsistent B2DPolygon this avoid the root cause of this bug, avoiding creating a B2DPlygon which contains no points. It seems the code relies somehow on an null B2DPolyPolygon, hence the change done here. Better would be to have time to look how to remove this fact. But currently it seems the code relies on a rSet.Put( XLineStartItem( aArrowName, aPolyPoly) where aPolyPoly is not defined in certain cases. Change-Id: I61b75d925090d1c9a0da96ce1a6eea50a2d60e5a --- filter/source/msfilter/msdffimp.cxx | 29 +++-- 1 files changed, 15 insertions(+), 14 deletions(-) diff --git a/filter/source/msfilter/msdffimp.cxx b/filter/source/msfilter/msdffimp.cxx index 80785fa..3d9efa7 100644 --- a/filter/source/msfilter/msdffimp.cxx +++ b/filter/source/msfilter/msdffimp.cxx @@ -1099,12 +1099,13 @@ void SvxMSDffManager::SolveSolver( const SvxMSDffSolverContainer& rSolver ) -static basegfx::B2DPolygon GetLineArrow( const sal_Int32 nLineWidth, const MSO_LineEnd eLineEnd, +static basegfx::B2DPolyPolygon GetLineArrow( const sal_Int32 nLineWidth, const MSO_LineEnd eLineEnd, const MSO_LineEndWidth eLineWidth, const MSO_LineEndLength eLineLenght, sal_Int32& rnArrowWidth, sal_Bool& rbArrowCenter, rtl::OUString& rsArrowName, sal_Bool bScaleArrow ) { -basegfx::B2DPolygon aRetval; +basegfx::B2DPolyPolygon aRetPolyPoly; + double fLineWidth = nLineWidth < 70 ? 70.0 : nLineWidth; double fLenghtMul, fWidthMul; sal_Int32 nLineNumber; @@ -1140,7 +1141,7 @@ static basegfx::B2DPolygon GetLineArrow( const sal_Int32 nLineWidth, const MSO_L aTriangle.append(basegfx::B2DPoint( fWidthMul * fLineWidth, fLenghtMul * fLineWidth )); aTriangle.append(basegfx::B2DPoint( 0.0, fLenghtMul * fLineWidth )); aTriangle.setClosed(true); -aRetval = aTriangle; +aRetPolyPoly = basegfx::B2DPolyPolygon(aTriangle); aArrowName.appendAscii(RTL_CONSTASCII_STRINGPARAM("msArrowEnd ")); } break; @@ -1169,7 +1170,7 @@ static basegfx::B2DPolygon GetLineArrow( const sal_Int32 nLineWidth, const MSO_L aTriangle.append(basegfx::B2DPoint( fWidthMul * fLineWidth * 0.15, fLenghtMul * fLineWidth )); aTriangle.append(basegfx::B2DPoint( 0.0, fLenghtMul * fLineWidth * 0.91 )); aTriangle.setClosed(true); -aRetval = aTriangle; +aRetPolyPoly = basegfx::B2DPolyPolygon(aTriangle); aArrowName.appendAscii(RTL_CONSTASCII_STRINGPARAM("msArrowOpenEnd ")); } break; @@ -1181,7 +1182,7 @@ static basegfx::B2DPolygon GetLineArrow( const sal_Int32 nLineWidth, const MSO_L aTriangle.append(basegfx::B2DPoint( fWidthMul * fLineWidth * 0.50 , fLenghtMul * fLineWidth * 0.60 )); aTriangle.append(basegfx::B2DPoint( 0.0, fLenghtMul * fLineWidth )); aTriangle.setClosed(true); -aRetval = aTriangle; +aRetPolyPoly = basegfx::B2DPolyPolygon(aTriangle); aArrowName.appendAscii(RTL_CONSTASCII_STRINGPARAM("msArrowStealthEnd ")); } break; @@ -1193,16 +1194,16 @@ static basegfx::B2DPolygon GetLineArrow( const sal_Int32 nLineWidth, const MSO_L aTriangle.append(basegfx::B2DPoint( fWidthMul * fLineWidth * 0.50 , fLenghtMul * fLineWidth )); aTriangle.append(basegfx::B2DPoint( 0.0, fLenghtMul * fLineWidth * 0.50 )); aTriangle.setClosed(true); -aRetval = aTriangle; +aRetPolyPoly = basegfx::B2DPolyPolygon(aTriangle); rbArrowCenter = sal_True; aArrowName.appendAscii(RTL_CONSTASCII_STRINGPARAM("msArrowDiamondEnd ")); } break; case mso_lineArrowOvalEnd : { -aRetval = XPolygon( Point( (sal_Int32)( fWidthMul * fLineWidth * 0.50 ), 0 ), +aRetPolyPoly = basegfx::B2DPolyPolygon( XPolygon( Point( (sal_Int32)( fWidthMul * fLineWidth * 0.50 ), 0 ), (sal_Int32)( fWidthMul * fLineWidth * 0.50 ), -(sal_Int32)( fLenghtMul * fLineWidth * 0.50 ), 0, 3600 ).getB2DPolygon(); +(sal_
Re: [PATCH] Re: input for fdo#45779 from a basegfx knowledgeable person needed
Pierre-André Jacquod wrote: > back again after a while. > Hi Pierre-André, welcome back! :) > It happens that basegfx::GetLineArrow(...) (also defined within > msdffimp.cxx, line 1102) does not create a valid polygon when > eLineEnd has the value mso_lineNoEnd... > In the switch(eLineEnd), this goes to > > default: break; > without creating any polygon, letting the return value undefined. > > So I propose to skip the creation these incorrect polygons if > eLineEnd has the value mso_lineNoEnd. But since I do not understand > well the import / translation from msformat, I may also have missed > a big point. Hence thanks for reviewing this patch, before I push > it. > Ah, great analysis - true, generating items for stuff that is not there does not look too sensible. Canonical place that interprets this for rendering is svx/source/sdr/primitive2d/sdrattributecreator.cxx:298 , which is already gated by the StartWidth item - so I'd think we need to set at least that one, in any case. Digging a bit deeper, though, e.g. sd/source/core/drawdoc4.cxx:175 sets a curious aNullPolyPolygon, so with a bit of bad luck, code will rely on XLineStartItem/XLineEndItem being set to empty at other places (counted some 90-odd places where XLineStartItem is used). So what I suggest is a more defensive fix (or some larger review across the code is in order): make GetLineArrow() return the B2DPolyPolygon right away, and have *that one* be empty (i.e. not a non-empty B2DPolyPolygon with an empty B2DPolygon, as it is now). That matches the defaults the Impress core sets, so we should be rather safe. ;) Cheers, -- Thorsten pgpm40m47PVIV.pgp Description: PGP signature ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
[PATCH] Re: input for fdo#45779 from a basegfx knowledgeable person needed
Hello, back again after a while. On 02/15/2012 11:30 AM, Thorsten Behrens wrote: Fixed with d37abad97d72bae0fd0269de12e94c7a7d3fd7e1 - but, if you like, would be cool to chase down why in the first place the ppt import creates polygons with empty sub-paths, that looks like a worthwhile optimization - code is around filter/source/msfilter/msdffimp.cxx probably. It happens that basegfx::GetLineArrow(...) (also defined within msdffimp.cxx, line 1102) does not create a valid polygon when eLineEnd has the value mso_lineNoEnd... In the switch(eLineEnd), this goes to > default: break; without creating any polygon, letting the return value undefined. So I propose to skip the creation these incorrect polygons if eLineEnd has the value mso_lineNoEnd. But since I do not understand well the import / translation from msformat, I may also have missed a big point. Hence thanks for reviewing this patch, before I push it. I hope it helps. Regards Pierre-André >From ec4bf50361f3d2c75e2de20fdb1ddebddba8d406 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pierre-Andr=C3=A9=20Jacquod?= Date: Sat, 28 Apr 2012 18:57:02 +0200 Subject: [PATCH] impress ms import filter avoid b2dpolygon with 0 b2dpoints when the lineEnd value is mso_lineNoEnd, the created polygon was incomplete and with no points, then disabling it. --- filter/source/msfilter/msdffimp.cxx | 44 +++--- 1 files changed, 25 insertions(+), 19 deletions(-) diff --git a/filter/source/msfilter/msdffimp.cxx b/filter/source/msfilter/msdffimp.cxx index 80785fa..f208dd9 100644 --- a/filter/source/msfilter/msdffimp.cxx +++ b/filter/source/msfilter/msdffimp.cxx @@ -1329,17 +1329,20 @@ void DffPropertyReader::ApplyLineAttributes( SfxItemSet& rSet, const MSO_SPT eSh if ( IsProperty( DFF_Prop_lineStartArrowhead ) ) { MSO_LineEnd eLineEnd = (MSO_LineEnd)GetPropertyValue( DFF_Prop_lineStartArrowhead ); -MSO_LineEndWidtheWidth = (MSO_LineEndWidth)GetPropertyValue( DFF_Prop_lineStartArrowWidth, mso_lineMediumWidthArrow ); -MSO_LineEndLength eLenght = (MSO_LineEndLength)GetPropertyValue( DFF_Prop_lineStartArrowLength, mso_lineMediumLenArrow ); -sal_Int32 nArrowWidth; -sal_BoolbArrowCenter; -rtl::OUString aArrowName; -basegfx::B2DPolygon aPoly(GetLineArrow( nLineWidth, eLineEnd, eWidth, eLenght, nArrowWidth, bArrowCenter, aArrowName, bScaleArrows )); +if ( eLineEnd != mso_lineNoEnd ) +{ +MSO_LineEndWidtheWidth = (MSO_LineEndWidth)GetPropertyValue( DFF_Prop_lineStartArrowWidth, mso_lineMediumWidthArrow ); +MSO_LineEndLength eLenght = (MSO_LineEndLength)GetPropertyValue( DFF_Prop_lineStartArrowLength, mso_lineMediumLenArrow ); +sal_Int32 nArrowWidth; +sal_BoolbArrowCenter; +rtl::OUString aArrowName; +basegfx::B2DPolygon aPoly(GetLineArrow( nLineWidth, eLineEnd, eWidth, eLenght, nArrowWidth, bArrowCenter, aArrowName, bScaleArrows )); -rSet.Put( XLineStartWidthItem( nArrowWidth ) ); -rSet.Put( XLineStartItem( aArrowName, basegfx::B2DPolyPolygon(aPoly) ) ); -rSet.Put( XLineStartCenterItem( bArrowCenter ) ); +rSet.Put( XLineStartWidthItem( nArrowWidth ) ); +rSet.Put( XLineStartItem( aArrowName, basegfx::B2DPolyPolygon(aPoly) ) ); +rSet.Put( XLineStartCenterItem( bArrowCenter ) ); +} } / // LineEnd // @@ -1347,17 +1350,20 @@ void DffPropertyReader::ApplyLineAttributes( SfxItemSet& rSet, const MSO_SPT eSh if ( IsProperty( DFF_Prop_lineEndArrowhead ) ) { MSO_LineEnd eLineEnd = (MSO_LineEnd)GetPropertyValue( DFF_Prop_lineEndArrowhead ); -MSO_LineEndWidtheWidth = (MSO_LineEndWidth)GetPropertyValue( DFF_Prop_lineEndArrowWidth, mso_lineMediumWidthArrow ); -MSO_LineEndLength eLenght = (MSO_LineEndLength)GetPropertyValue( DFF_Prop_lineEndArrowLength, mso_lineMediumLenArrow ); +if ( eLineEnd != mso_lineNoEnd) +{ +MSO_LineEndWidtheWidth = (MSO_LineEndWidth)GetPropertyValue( DFF_Prop_lineEndArrowWidth, mso_lineMediumWidthArrow ); +MSO_LineEndLength eLenght = (MSO_LineEndLength)GetPropertyValue( DFF_Prop_lineEndArrowLength, mso_lineMediumLenArrow ); -sal_Int32 nArrowWidth; -sal_BoolbArrowCenter; -rtl::OUString aArrowName; -basegfx::B2DPolygon aPoly(GetLineArrow( nLineWidth, eLineEnd, eWidth, eLenght, nArrowWidth, bArrowCenter, aArrowName, bScaleArrows )); +sal_Int32 nArrowWidth; +sal_BoolbAr
Re: input for fdo#45779 from a basegfx knowledgeable person needed
hello, Fixed with d37abad97d72bae0fd0269de12e94c7a7d3fd7e1 - but, if you thanks import creates polygons with empty sub-paths, that looks like a worthwhile optimization - code is around filter/source/msfilter/msdffimp.cxx probably. as soon as I have more spare time, I will have a try. Regards Pierre-André ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
Re: input for fdo#45779 from a basegfx knowledgeable person needed
> > Or should I look higher in the hierarchy, saying that a NULL point > > in a B2DPolygon has nothing to do and disallow it ? > > > Yes, the calling code somehow accesses invalid elements. Let me have > a look. > Fixed with d37abad97d72bae0fd0269de12e94c7a7d3fd7e1 - but, if you like, would be cool to chase down why in the first place the ppt import creates polygons with empty sub-paths, that looks like a worthwhile optimization - code is around filter/source/msfilter/msdffimp.cxx probably. Cheers, -- Thorsten pgp0hONMhEPAI.pgp Description: PGP signature ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
Re: input for fdo#45779 from a basegfx knowledgeable person needed
Pierre-André Jacquod wrote: > B2DTuple(const B2DTuple& rTup) > ... > Here you dereference the null pointer, which crash. > > Ok, the basic attitude would be to let B2DTuple be Null-pointer > consistent: (checking that rTup is not NULL), but is it really a > good idea? > Hi Pierre-André, no, what's passed is a reference, which by definition is always de-referencable - so the bug is in the calling code. > Or should I look higher in the hierarchy, saying that a NULL point > in a B2DPolygon has nothing to do and disallow it ? > Yes, the calling code somehow accesses invalid elements. Let me have a look. Cheers, -- Thorsten pgplfBS1Fa9aK.pgp Description: PGP signature ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
input for fdo#45779 from a basegfx knowledgeable person needed
hello, I have quickly investigated the crash in fdo#45779 when saving an impress document. The reason of the crash is in basegfx/inc/basegfx/point/b2dpoint.hxx (line 82) where this is called: 2DPoint::B2DPoint (this=0xbfffc850, rPoint=...) : B2DTuple(rPoint) (from back-trace) It turns out that in this case, rPoint is 0x0, the null pointer. and B2DTuple does not support it B2DTuple(const B2DTuple& rTup) : mfX( rTup.mfX ), mfY( rTup.mfY ) {} Here you dereference the null pointer, which crash. Ok, the basic attitude would be to let B2DTuple be Null-pointer consistent: (checking that rTup is not NULL), but is it really a good idea? What is a NULL B2DTuple ? Or should the caller (this is called due to basegfx/source/polygon/b2dpolygon.cxx:1257) take care of the case, returning either the value, ... or NULL ? B2DPoint B2DPolygon::getB2DPoint(sal_uInt32 nIndex) const { OSL_ENSURE(nIndex < mpPolygon->count(), "B2DPolygon a return mpPolygon->getPoint(nIndex); } Or should I look higher in the hierarchy, saying that a NULL point in a B2DPolygon has nothing to do and disallow it ? As far as I could seee, this polygon had 4 elements / points, all with NULL data at the time of the crash :-/ What would be the right (and most meaningfull) approach ? Thanks & regards Pierre-André ___ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice