[Libreoffice-bugs] [Bug 41275] New: FILEOPEN writer crashes with SIGFPE when opening doc file

Tue, 27 Sep 2011 14:50:55 -0700 

https://bugs.freedesktop.org/show_bug.cgi?id=41275

           Summary: FILEOPEN writer crashes with SIGFPE when opening doc
                    file
           Product: LibreOffice
           Version: LibO 3.3.2 release
          Platform: x86 (IA32)
        OS/Version: Linux (All)
            Status: NEW
          Severity: critical
          Priority: medium
         Component: Writer
        AssignedTo: [email protected]
        ReportedBy: [email protected]


On an Ubuntu 11.04 live system, trying to open a certain doc file makes
LibreOffice crash while importing. Unfortunately, I cannot provide steps to
reproduce since I cannot publish the file. By the way, opening the file with
Wordpad on Windows XP also fails.

The problem seems to lie in the function SetDocumentGrid of libmswordli.so, as
reported by gdb:

Program received signal SIGFPE, Arithmetic exception.
0x061c9dc6 in SetDocumentGrid ()
   from /usr/lib/libreoffice/basis3.3/program/libmswordli.so
(gdb) bt
#0 0x061c9dc6 in SetDocumentGrid ()
   from /usr/lib/libreoffice/basis3.3/program/libmswordli.so
#1 0x0617f8ea in SetSegmentToPageDesc ()
   from /usr/lib/libreoffice/basis3.3/program/libmswordli.so
#2 0x0618ab4d in SetSwFmtPageDesc ()
   from /usr/lib/libreoffice/basis3.3/program/libmswordli.so
#3 0x0618b0d4 in InsertSegments ()
   from /usr/lib/libreoffice/basis3.3/program/libmswordli.so
#4 0x0618cef7 in CoreLoad ()
   from /usr/lib/libreoffice/basis3.3/program/libmswordli.so
#5 0x0618e8ee in LoadThroughDecryption ()
   from /usr/lib/libreoffice/basis3.3/program/libmswordli.so
#6 0x0618f41e in LoadDoc ()
   from /usr/lib/libreoffice/basis3.3/program/libmswordli.so
#7 0x0618f55e in Read ()
   from /usr/lib/libreoffice/basis3.3/program/libmswordli.so
#8 0x047d700c in Read ()
   from /usr/lib/libreoffice/program/../basis-link/program/libswli.so
#9 0x048bf7ef in ConvertFrom ()
   from /usr/lib/libreoffice/program/../basis-link/program/libswli.so
...

At first glance, I see only one line in the function in ww8par6.cxx that might
cause an arithmetic exception, namely line 311:

    aGrid.SetLines(writer_cast<sal_uInt16>(nTextareaHeight/nLinePitch));

Might nLinePitch being 0 be the problem?

Downstream bug report is here:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/860650

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
_______________________________________________
Libreoffice-bugs mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs

Reply via email to