Bug 69510 - crash in writer with Arabic strings followed by more than 2 numbers
Summary: crash in writer with Arabic strings followed by more than 2 numbers
Status: RESOLVED FIXED
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Writer (show other bugs)
Version:
(earliest affected)
4.2.0.0.alpha0+ Master
Hardware: Other All
: high critical
Assignee: Caolán McNamara
URL:
Whiteboard: target:4.2.0 target:4.1.4
Keywords:
Depends on:
Blocks:
 
Reported: 2013-09-18 07:56 UTC by Abdulaziz Ayed
Modified: 2013-10-29 12:27 UTC (History)
5 users (show)

See Also:
Crash report or crash signature:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Abdulaziz Ayed 2013-09-18 07:56:57 UTC 
Hi all ;

there is a crash when you write RTL string followed by 2 numbers.

when I bibsect the core I find one patch with the id 0d9ddccd8810a81a6f4d737870969d0dcf367d23
from (Zolnai Tamás) cause crash, then I told him about that, then he revert it with id  835d9e0da9416c7e586766ad734f45d048886e0a

but still the crash happen.

last log messeage date from my core is 15 sep 2013.
Comment 1 Abdulaziz Ayed 2013-09-18 08:16:51 UTC 
sorry :
after revert its fixied but after 2-3 days its again happend.

steps to reproduce:

1-put text direction to LTR.
2-write Arabic strings "عبدالعزيز" followed by more than 2 numbers.
Comment 2 abdulmajeed 2013-09-18 08:38:32 UTC 
Can reproduce in master linux 64bit 



Note:
Tested it in 3.6.2 works fine
Comment 3 Lior Kaplan 2013-09-18 11:00:20 UTC 
Is this bug only relevant for master, or is it also reproducible in 4.1.1?
Comment 4 Abdulaziz Ayed 2013-09-18 11:33:21 UTC 
(In reply to comment #3)
> Is this bug only relevant for master, or is it also reproducible in 4.1.1?

not reproducible in 4.1.1
Comment 5 ⁨خالد حسني⁩ 2013-09-19 09:37:07 UTC 
I can’t reproduce this in master, do you have a backtrace?
Comment 6 Abdulaziz Ayed 2013-09-19 11:36:53 UTC 
(In reply to comment #5)
> I can’t reproduce this in master, do you have a backtrace?

this is backtrace log

http://pastebin.ca/2454686
Comment 7 ⁨خالد حسني⁩ 2013-09-19 13:34:59 UTC 
Looks like an assertion failure in of of the string classes, may be related to the current wave of String → OUString conversions.
Comment 8 Commit Notification 2013-10-29 11:21:29 UTC 
Caolan McNamara committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=47690627565bec866ea2de74b5504160479cff74

Resolves: fdo#69510 don't access beyond end of string



The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 9 Caolán McNamara 2013-10-29 11:21:56 UTC 
proposed this as a 4-1 fix in gerrit
Comment 10 Commit Notification 2013-10-29 12:27:07 UTC 
Caolan McNamara committed a patch related to this issue.
It has been pushed to "libreoffice-4-1":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=66edf3c164176180c15dc768ce2b4518a9178183&h=libreoffice-4-1

Resolves: fdo#69510 don't access beyond end of string


It will be available in LibreOffice 4.1.4.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.