A crash while importing malformed .ppt file. According to valgrind (log attached) it is due to null pointer deref. Seem to be DoS only. Tested on Debian Stable.
Created attachment 109699 [details] Crasher
Created attachment 109700 [details] Valgrind log
Did you really report this bug against version 3.5.4? This version is very old and not maintained anymore. If it is the case, did you check if the problem is present in current stable versions and in master? If the problem is not present in the current versions, I fear we should close this bug report as WontFix. Set status to NEEDINFO. Please set it back to UNCONFIRMED once you have provided requested informations. Thank you for your understanding. Best regards. JBF
Precisely, 3.5.4 has been released more than 2 years ago, see https://wiki.documentfoundation.org/ReleasePlan#3.5_release Last stable LO version is now 4.3.4
Yes, I really mean version 3.5.4. It is shipped with Debian Stable and is used by a sizable number of people. I understand that this version is not supported upstream, so feel free to close the bug with any resolution you like. If the crash is present in the master I think it will be tracked by crashtest automatically.
(In reply to Julien Nabet from comment #4) > Precisely, 3.5.4 has been released more than 2 years ago, see Yes, and it is supposed to be supported in Debian for a couple of years more. If you take Ubuntu then Ubuntu 12.04 LTS includes 3.5.7 and is supposed to be supported until 2017-04.
(In reply to Alexander Cherepanov from comment #6) > (In reply to Julien Nabet from comment #4) > > Precisely, 3.5.4 has been released more than 2 years ago, see > > Yes, and it is supposed to be supported in Debian for a couple of years more. > If you take Ubuntu then Ubuntu 12.04 LTS includes 3.5.7 and is supposed to > be supported until 2017-04. I don't understand what do you expect. Even if we would have reproduced the problem with last sources (3.5 has been EOL since a long time) and would have fixed it, the LO version in these version distrib will be same. So it's Ubuntu/Debian issue if they don't backport recent version, not LO matter.
FTR: the crash is inside libwps. Hence it's probably not a bug in LO. Similar to bug 86446.
(In reply to Julien Nabet from comment #7) > I don't understand what do you expect. Even if we would have reproduced the > problem with last sources (3.5 has been EOL since a long time) and would > have fixed it, the LO version in these version distrib will be same. > So it's Ubuntu/Debian issue if they don't backport recent version, not LO > matter. I don't expect anything else from this PR. At least two goals are reached: - the crasher is uploaded to some bugzilla so that LO crashtest script will find it (IIUC it cannot work with Debian bugtracker); - there is a central place where downstreams could be pointed to regarding this issue. Further work (if any) is for downstreams.