Bug 169622 - FILEOPEN PPTX: Impress crashes trying to open a file that has a PNG with CRC errors
Summary: FILEOPEN PPTX: Impress crashes trying to open a file that has a PNG with CRC ...
Status: NEW
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Impress (show other bugs)
Version:
(earliest affected)
26.2.0.0 alpha0+ master
Hardware: All All
: medium normal
Assignee: Not Assigned
URL:
Whiteboard:
Keywords: bibisectRequest, regression
Depends on:
Blocks:
 
Reported: 2025-11-23 01:36 UTC by Gerald Pfeifer
Modified: 2025-11-24 10:39 UTC (History)
2 users (show)

See Also:
Crash report or crash signature:

Attachments
Document that triggers the crash (PPTX) (17.88 MB, application/vnd.ms-powerpoint)
2025-11-23 01:36 UTC, Gerald Pfeifer 		Details
PNG with CRC errors (47.51 KB, image/png)
2025-11-23 14:04 UTC, Buovjaga 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Gerald Pfeifer 2025-11-23 01:36:20 UTC 
Created attachment 204213 [details]
Document that triggers the crash (PPTX)

This looks remarkably similar to bug #168126 which after a couple of
builds went away magically (and reappeared apparently).

This is a regression between 

   Version: 25.8.3.2 (X86_64) / LibreOffice Community
   Build ID: 580(Build:2)
   CPU threads: 12; OS: Linux 6.17; UI render: default; VCL: gtk3
   Locale: en-US (en_US.UTF-8); UI: en-US

and

   Version: 25.8.3.2 (X86_64) / LibreOffice Community
   Build ID: 580(Build:2)
   CPU threads: 12; OS: Linux 6.17; UI render: default; VCL: gtk3
   Locale: en-US (en_US.UTF-8); UI: en-US
Comment 1 Buovjaga 2025-11-23 08:08:44 UTC 
No crash observed.

Gerald: if you indeed reproduce this in Safe Mode as well, please bibisect this with linux-64-26.2 repository.

Arch Linux 64-bit
Version: 25.8.3.2 (X86_64) / LibreOffice Community
Build ID: 580(Build:2)
CPU threads: 8; OS: Linux 6.17; UI render: default; VCL: gtk3
Locale: fi-FI (fi_FI.UTF-8); UI: en-US
25.8.3-1
Calc: CL threaded
Comment 2 Saburo 2025-11-23 09:48:05 UTC 
reproduce with 
Version: 26.2.0.0.alpha1+ (X86_64) / LibreOffice Community
Build ID: 02b0772b31fe83f8dc5c6f196a82aea77a8db34f
CPU threads: 4; OS: Linux 6.14; UI render: default; VCL: kf5 (cairo+xcb)
Locale: ja-JP (ja_JP.UTF-8); UI: en-US
Calc: threaded

not reproduce(linux-64-26.2)
Version: 26.2 .0.0.alpha0+ (X86_64) / LibreOffice Community
Build ID: 177b3d2a88afb2dfd3e89025624d8bf62b36cda4
CPU threads: 4; OS: Linux 6.14; UI render: default; VCL: kf5 (cairo+xcb)
Locale: ja-JP (ja_JP.UTF-8); UI: en-US
Calc: threaded

pngcheck
image3.png  CRC error in chunk iCCP (computed bc21deab, expected b892a448)

For some reason, this problem cannot be reproduced in bibisect-repo. 
However, there seems to be a problem with image3.png.
Comment 3 Buovjaga 2025-11-23 14:01:28 UTC 
(In reply to Saburo from comment #2)
> pngcheck
> image3.png  CRC error in chunk iCCP (computed bc21deab, expected b892a448)

Indeed, with a debug build I see this in the console:

libpng warning: iCCP: CRC error
libpng warning: izXt: CRC error
libpng warning: iCCP: CRC error
libpng warning: izXt: CRC error
libpng error: Stream read: no data read from the stream.
Comment 4 Buovjaga 2025-11-23 14:04:27 UTC 
Created attachment 204227 [details]
PNG with CRC errors

Output from `pngcheck -c -v`:
chunk IHDR at offset 0x0000c, length 13
  591 x 591 image, 32-bit RGB+alpha, non-interlaced
chunk zTXt at offset 0x00025, length 12497, keyword: Raw profile type exif
chunk iCCP at offset 0x03102, length 388
  profile name = ICC PROFILE, compression method = 0 (deflate)
  compressed profile = 375 bytes
CRC error in chunk iCCP (computed bc21deab, expected b892a448)

https://github.com/pnggroup/pngcheck
Comment 5 Xisco Faulí 2025-11-24 10:39:20 UTC 
not reproduced in

Version: 26.2.0.0.alpha1+ (X86_64) / LibreOffice Community
Build ID: 6cb040379ff0721c1e447baaa4a31aa7e3ae4ca6
CPU threads: 8; OS: Linux 6.1; UI render: default; VCL: gtk3
Locale: es-ES (es_ES.UTF-8); UI: en-US
Calc: threaded

with a debug build