Apache OpenOffice (AOO) Bugzilla – Issue 66244
Crash when viewing slideshow of a PPT imported file
Last modified: 2006-08-02 11:58:12 UTC
Presentation crashes when one particular slide is displayed in a slideshow. I can view the slide in normal mode, but when I press F5 OO crashes. Backtrace attached. I cannot attach the file itself, because it's confidential. The slide in question has no slide transition, no custom animation efects. There's only text and MS drawing. My system is: IBM T43 laptop RHEL4u3 KDE3.5.2 OO.org 2.0.2
Created attachment 37007 [details] copy-paste from the crash window
Pls. attach a sample document. If it contains confidential contents, you can send it to me by email.
Reassigned.
Please attach a bugdoc.
Please have a look to the attached stacktrace.
this looks like a font issue, the vcl canvas crashes while font rendering. Please delete all slides except the one that crashes and replace text with garbish if it is confidential but keep the formating intact CL->THB: Is this crash nown? See stack CL->Herber, as Thorsten is on vacation, have you seen this error before? If you don't know about this issue please ask Phillip or send issue back to Thorsten
Created attachment 37029 [details] The slide that crashes Presentation
.
The font request for a stretched font with a pixel height=15 and a pixel width=1244635489 doesn't look sane to me...
This was probably caused by this bogus AffineTransform in vclcanvas's Renderstate: {m00 = 2147483929, m01 = 0, m02 = 1.8156158213572333e+17, m10 = 0, m11 = 25.377110694183866, m12 = 16683.521575984989}
There have been a few cases like this, where shapes, either during import or whilst animated, get exceedingly large. I can certainly fix this by clamping the shape size, OTOH, code that cannot handle certain input values should sanitize them itself (i.e. VCL, in this case). @hdu: what exactly makes freetype crash here?
*** Issue 66537 has been marked as a duplicate of this issue. ***
> what exactly makes freetype crash here? It tries to allocate the bitmap output buffer for a glyph. Since you requested a very large font the buffer size has to be big enough. And if it is so big that the memory allocation fails...
This is duplicate to issue 64758 - both crashes are triggered by obscenely high matrix scales. *** This issue has been marked as a duplicate of 64758 ***
...and closing.