Bug 577145 – Applix import crash

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 577145 - Applix import crash


Summary:	Applix import crash


Status:	RESOLVED FIXED

Product:	Gnumeric
Classification:	Applications
Component:	import/export Applix
Version:	git master
Hardware:	Other All

Importance:	Normal critical
Target Milestone:	---
Assigned To:	Jody Goldberg
QA Contact:	Jody Goldberg

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2009-03-29 01:06 UTC by sum1
Modified:	2009-03-29 02:40 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
fuzzed as file (5.44 KB, application/x-applix-spreadsheet) 2009-03-29 01:07 UTC, sum1	Details

Description sum1 2009-03-29 01:06:55 UTC

Version: r17248
OS: Ubuntu Intrepid

The upcoming file is a fuzzed version of Attachment 7101 [details] (.as file from Bug 74241).


Steps to reproduce:
- Import the upcoming attachment to trigger a crash


Valgrind log:

CRITICAL **: sheet_col_set_default_size_pixels: assertion `IS_SHEET (sheet)' failed
==9775== Invalid read of size 1
==9775==    at 0x410FC42: sheet_colrow_default_calc (sheet.c:4490)
==9775==    by 0x4110C5A: sheet_row_set_default_size_pixels (sheet.c:4837)
==9775==    by 0x7DECB52: applix_read_view (applix-read.c:1034)
==9775==    by 0x7DEE2B0: applix_read_impl (applix-read.c:1502)
==9775==    by 0x7DEEBE2: applix_read (applix-read.c:1657)
==9775==    by 0x7DEA75D: applix_file_open (boot.c:61)
==9775==    by 0x4492825: go_plugin_loader_module_func_file_open (go-plugin-loader-module.c:239)
==9775==    by 0x4494253: go_plugin_file_opener_open (go-plugin-service.c:476)
==9775==    by 0x4496BA3: go_file_opener_open (file.c:299)
==9775==    by 0x4157B85: wb_view_new_from_input (workbook-view.c:1058)
==9775==    by 0x4157D1B: wb_view_new_from_uri (workbook-view.c:1112)
==9775==    by 0x804C0FA: main (main-application.c:413)
==9775==  Address 0x5c is not stack'd, malloc'd or (recently) free'd
==9775== 
==9775== Process terminating with default action of signal 11 (SIGSEGV)
==9775==  Access not within mapped region at address 0x5C
==9775==    at 0x410FC42: sheet_colrow_default_calc (sheet.c:4490)
==9775==    by 0x4110C5A: sheet_row_set_default_size_pixels (sheet.c:4837)
==9775==    by 0x7DECB52: applix_read_view (applix-read.c:1034)
==9775==    by 0x7DEE2B0: applix_read_impl (applix-read.c:1502)
==9775==    by 0x7DEEBE2: applix_read (applix-read.c:1657)
==9775==    by 0x7DEA75D: applix_file_open (boot.c:61)
==9775==    by 0x4492825: go_plugin_loader_module_func_file_open (go-plugin-loader-module.c:239)
==9775==    by 0x4494253: go_plugin_file_opener_open (go-plugin-service.c:476)
==9775==    by 0x4496BA3: go_file_opener_open (file.c:299)
==9775==    by 0x4157B85: wb_view_new_from_input (workbook-view.c:1058)
==9775==    by 0x4157D1B: wb_view_new_from_uri (workbook-view.c:1112)
==9775==    by 0x804C0FA: main (main-application.c:413)

Comment 1 sum1 2009-03-29 01:07:45 UTC

Created attachment 131607 [details]
fuzzed as file

Comment 2 Morten Welinder 2009-03-29 02:40:21 UTC

This problem has been fixed in the development version. The fix will be available in the next major software release. Thank you for your bug report.