1. Download a gpl color palette extension, e.g. https://extensions.libreoffice.org/en/extensions/show/o2k10-color-palette 2. Start a debug build and install that extension 'for all users'. 3. Restart. 4. New text document. 5. Draw a shape and call its Area dialog. 6. Select one of the new palettes, e.g. "Office 2016". => Crash. Same problem with https://extensions.libreoffice.org/en/extensions/show/flatui-color-palette Working with a color palette extension works, if the palette has soc format, e.g. https://extensions.libreoffice.org/en/extensions/show/breeze-color-palette.
Created attachment 188193 [details] gdb backtrace Thanks Regina! Reproduced in debug build: Version: 24.2.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: e4e5fb4b2935e395c7e4b3a794d544a6f44709ce CPU threads: 8; OS: Linux 5.15; UI render: default; VCL: x11 Locale: en-AU (en_AU.UTF-8); UI: en-US Calc: threaded
On pc Debian x86-64 with master sources updated today, I could reproduce this. Here's the relevant part of the assertion: #5 0x00007f2f392533a2 in __assert_fail (assertion=0x7f2f32fdb6fb "index >= 0 && index < pData->length", file=0x7f2f3307795c "/home/julien/lo/libreoffice/include/rtl/strbuf.hxx", line=519, function=0x7f2f32fe77d6 "char &rtl::OStringBuffer::operator[](sal_Int32)") at ./assert/assert.c:101 #6 0x00007f2f33eb5b8d in rtl::OStringBuffer::operator[](int) (this=0x7fff2cb51638, index=0) at include/rtl/strbuf.hxx:519 #7 0x00007f2f33eb42fa in PaletteGPL::LoadPalette() (this=0x56260583ad90) at svx/source/tbxctrls/Palette.cxx:268 #8 0x00007f2f33eb40a0 in PaletteGPL::LoadColorSet(SvxColorValueSet&) (this=0x56260583ad90, rColorSet=...) at svx/source/tbxctrls/Palette.cxx:208 #9 0x00007f2f33ebb7f5 in PaletteManager::ReloadColorSet(SvxColorValueSet&) (this=0x5626059e3ef0, rColorSet=...) at svx/source/tbxctrls/PaletteManager.cxx:248 Now taking Office2016 palette, I see: 1 GIMP Palette 2 Name: Office 2016 3 Columns: 12 4 # 5 255 255 255 6 0 0 0 7 231 230 230 8 68 84 106 9 68 114 196 10 237 125 49 11 165 165 165 12 255 192 0 13 91 155 213 14 112 173 71 15 255 255 255 16 255 255 255 17 18 242 242 242 19 127 127 127 20 208 206 206 21 214 220 228 ... Notice that line 17 is empty. Now let's look at the code which loads GPL palette: 252 void PaletteGPL::LoadPalette() 253 { 254 if( mbLoadedPalette ) return; 255 mbLoadedPalette = true; 256 257 // TODO add error handling!!! 258 SvFileStream aFile(maFPath, StreamMode::READ); 259 mbValidPalette = ReadPaletteHeader( aFile ); 260 261 if( !mbValidPalette ) return; 262 263 OStringBuffer aLine; 264 do { 265 if (aLine[0] != '#' && aLine[0] != '\n') 266 { 267 // TODO check if r,g,b are 0<= x <=255, or just clamp? 268 sal_Int32 nIndex = 0; 269 OString token; So after having created "aLine" var line 263, we test aLine[0] line 265 but aLine is empty here. I've submitted this patch: https://gerrit.libreoffice.org/c/core/+/156421
Julien Nabet committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/2ee60cb3535937eb85b808977a020b55a7123a92 tdf#156126: fix crash when using gpl color palette It will be available in 24.2.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Cherry-pick into 7.6 branch here: https://gerrit.libreoffice.org/c/core/+/156439
Julien Nabet committed a patch related to this issue. It has been pushed to "libreoffice-7-6": https://git.libreoffice.org/core/commit/cddb28b591ca8d27a7ae9bc36cdb108f4ad021ee tdf#156126: fix crash when using gpl color palette It will be available in 7.6.2. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.