Bug 159908 - LibreOffice crashes when using a constant as a loop variable in BASIC code, leading to data loss.
Summary: LibreOffice crashes when using a constant as a loop variable in BASIC code, l...
Status: RESOLVED FIXED
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: BASIC (show other bugs)
Version:
(earliest affected)
7.4.0.0 alpha0+
Hardware: All All
: medium normal
Assignee: Mike Kaganski
URL:
Whiteboard: target:24.8.0 target:7.6.6 target:24.2.2
Keywords:
Depends on:
Blocks:
 
Reported: 2024-02-26 14:32 UTC by Henrry John
Modified: 2024-02-27 12:39 UTC (History)
1 user (show)

See Also:
Crash report or crash signature: ["SbiSymDef::GetName()"]

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Henrry John 2024-02-26 14:32:27 UTC 
Description:
When attempting to use a constant as a loop variable in BASIC code within LibreOffice, the software crashes unexpectedly. This crash results in the loss of all unsaved data, including any BASIC code snippets related to the problematic code. This behavior occurs when the constant is used in a loop context where it is being modified, violating the immutability of constants.

LibreOffice should handle the attempt to modify a constant within a loop gracefully, displaying an appropriate error message instead of crashing. This would allow users to correct the code and prevent data loss.

(Note: The BASIC code snippet to reproduce the error is provided in the "Steps to Reproduce" section below.)

Steps to Reproduce:
Of note: It is crucial to be aware that reproducing this crash leads to severe data loss, as LibreOffice abruptly terminates, resulting in the deletion of all unsaved data and any BASIC code snippets related to the problematic code.

Exercise with caution when testing and reproducing this issue, and ensure that no critical or unsaved work is present to avoid unintended data loss.

1. Open LibreOffice and create a new Basic module.
2. Add the following Basic subroutine

```basic
REM Uncomment the following line to declare "index" as a constant and reproduce the crash. Otherwise, the code will result in an error ("Variable not defined").
REM Const index = 0
Sub Example
    Dim sum As Integer : sum = 0
    For index = 0 To 2
        sum = sum + 1
    Next index
End Sub

3. Compile and execute the subroutine.
4. LibreOffice will highlight the "index" and display the following error message: "BASIC syntax error. Variable expected." Clicking the OK button to close the message will result in the crash of all LibreOffice instances.

Actual Results:
LibreOffice crashes abruptly, resulting in the loss of all unsaved data. Any BASIC code snippets related to the problematic code are also deleted.

Expected Results:
When attempting to modify a constant within a loop, LibreOffice should display an appropriate error message indicating that constants cannot be modified. The software should gracefully handle the error without crashing, allowing users to correct the code and prevent data loss.


Reproducible: Always


User Profile Reset: Yes

Additional Info:
Version: 7.6.5.2 (X86_64) / LibreOffice Community
Build ID: 38d5f62f85355c192ef5f1dd47c5c0c0c6d6598b
CPU threads: 20; OS: Windows 10.0 Build 22631; UI render: Skia/Raster; VCL: win
Locale: en-US (en_US); UI: en-US
Calc: CL threaded Jumbo
Comment 1 Xisco Faulí 2024-02-26 15:57:24 UTC 
Reproduced in

Version: 24.8.0.0.alpha0+ (X86_64) / LibreOffice Community
Build ID: 4ac24a6b7ea3af2fa5fe82f779cfaa294bbc6b6d
CPU threads: 8; OS: Linux 6.1; UI render: default; VCL: gtk3
Locale: es-ES (es_ES.UTF-8); UI: en-US
Calc: threaded

and

Version: 7.3.0.0.alpha1+ / LibreOffice Community
Build ID: 229123ccc6f90ebf66b3e659bebbd53f8a9bdd3a
CPU threads: 8; OS: Linux 6.1; UI render: default; VCL: gtk3
Locale: fr-FR (es_ES.UTF-8); UI: en-US
Calc: threaded
Comment 2 Mike Kaganski 2024-02-27 07:47:18 UTC 
https://gerrit.libreoffice.org/c/core/+/164002
Comment 3 Commit Notification 2024-02-27 09:34:19 UTC 
Mike Kaganski committed a patch related to this issue.
It has been pushed to "master":

https://git.libreoffice.org/core/commit/8bbfbe92c01bff38ed2241da56560b84f7954beb

tdf#159908: return early to avoid nullptr dereference

It will be available in 24.8.0.

The patch should be included in the daily builds available at
https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
https://wiki.documentfoundation.org/Testing_Daily_Builds

Affected users are encouraged to test the fix and report feedback.
Comment 4 Commit Notification 2024-02-27 11:56:50 UTC 
Mike Kaganski committed a patch related to this issue.
It has been pushed to "libreoffice-7-6":

https://git.libreoffice.org/core/commit/398eaaa804961a54ef40d86bc3eee1c1f486500d

tdf#159908: return early to avoid nullptr dereference

It will be available in 7.6.6.

The patch should be included in the daily builds available at
https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
https://wiki.documentfoundation.org/Testing_Daily_Builds

Affected users are encouraged to test the fix and report feedback.
Comment 5 Commit Notification 2024-02-27 12:39:00 UTC 
Mike Kaganski committed a patch related to this issue.
It has been pushed to "libreoffice-24-2":

https://git.libreoffice.org/core/commit/dfbe587e1ef565225ceb4a66c23c76ae0e3a8329

tdf#159908: return early to avoid nullptr dereference

It will be available in 24.2.2.

The patch should be included in the daily builds available at
https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
https://wiki.documentfoundation.org/Testing_Daily_Builds

Affected users are encouraged to test the fix and report feedback.