Bug#477289: openoffice.org: OpenOffice.Org hang when try to save-as or export a file opened from samba share

To: Rene Engelhard <rene@debian.org>
Cc: 477289@bugs.debian.org
Subject: Bug#477289: openoffice.org: OpenOffice.Org hang when try to save-as or export a file opened from samba share
From: Szalay Attila <sasa@balabit.hu>
Date: Tue, 22 Apr 2008 14:09:28 +0200
Message-id: <1208866168.6287.12.camel@mochrul.balabit>
Reply-to: Szalay Attila <sasa@balabit.hu>, 477289@bugs.debian.org
In-reply-to: <20080422103810.GC2601@rene-engelhard.de>
References: <20080422091622.12666.21762.reportbug@mochrul.balabit> <20080422103810.GC2601@rene-engelhard.de>

On Tue, 2008-04-22 at 12:38 +0200, Rene Engelhard wrote:
> 
> > It's may cause data loss, because I couldn't save my changes.
> 
> Err, not true. I believe you could save locally and move it to the smb
> share later?

No, I couldn't. The save-as windows is not able to appear.

> > The problem is, that openoffice  (gnome vfs exactly) try to free an invalid pointer. Maybe just in an 64 bit environment.
> 
> And if you think libgnome-vfs is at fault why are you filing this
> against openoffice.org?

Because OpenOffice call it with wrong parameters. The file_info pointer
is seems to be wrong. And it's come from the openoffice side.

(gdb) frame 5
#5  0x00002aaaad386459 in gnome_vfs_file_info_clear (info=0x7fff0b22ee60) at gnome-vfs-file-info.c:134
134     in gnome-vfs-file-info.c
(gdb) p *info
$1 = {name = 0x0, valid_fields = 2701486917, type = 10965, permissions = 186838880, flags = 32767, device = 30577888, inode = 30649040,
  link_count = 31360160, uid = 0, gid = 2904678872, size = 6906512, block_count = 11018464, io_block_size = 1208504, atime = 0, mtime = 31360240,
  ctime = 30577888, symlink_name = 0x1d3aad0 "", mime_type = 0x2aaaad21c000 "\177ELF\002\001\001", refcount = 2676487825, reserved1 = 0x2ad500000001,
  reserved2 = 0x0, reserved3 = 0x7fff0b22f140, reserved4 = 0x2ad5a05c1ad8, reserved5 = 0x2aaaad21e1d8}


> > This only happen when I upgraded from security branch.
> 
> And there were *NO* changes to any component affecting gnome-vfs in
> 7etch5.

It's TRUE.

> > 0x00002ad5a263c07b in raise () from /lib/libc.so.6
> > (gdb) bt
> > #0  0x00002ad5a263c07b in raise () from /lib/libc.so.6
> > #1  0x00002ad5a263d84e in abort () from /lib/libc.so.6
> > #2  0x00002ad5a26725f9 in __libc_message () from /lib/libc.so.6
> > #3  0x00002ad5a2679163 in _int_free () from /lib/libc.so.6
> > #4  0x00002ad5a26791ee in free () from /lib/libc.so.6
> 
> glibc
> 
> > #5  0x00002aaaad386459 in gnome_vfs_file_info_clear (info=0x7fff0b22ee60) at gnome-vfs-file-info.c:134
> > #6  0x00002aaaad384370 in gnome_vfs_directory_read_next (handle=0x1dd57f0, file_info=0x7fff0b22ee60) at gnome-vfs-directory.c:209
> 
> libgnome-vfs
> 
> > #7  0x00002aaaad239fb7 in gvfs::DataSupplier::getData () from /usr/lib/openoffice/program/ucpgvfs1.uno.so

I think the problem is, that in this function a local variable is
corrupted.

-- 
Szalay Attila                     BalaBit IT Biztonságtechnikai Kft.
tel:(36-1)-371-05-40              HU-1115 Budapest, Bártfai u. 54
fax:(36-1)-208-08-75              http://www.balabit.hu/

Reply to:

References:
- Bug#477289: openoffice.org: OpenOffice.Org hang when try to save-as or export a file opened from samba share
  - From: SZALAY Attila <sasa@balabit.hu>
- Bug#477289: openoffice.org: OpenOffice.Org hang when try to save-as or export a file opened from samba share
  - From: Rene Engelhard <rene@debian.org>

Prev by Date: Bug#477289: openoffice.org: OpenOffice.Org hang when try to save-as or export a file opened from samba share
Next by Date: ./packages/openofficeorg/2.4/unstable r1077: suggest ttf-liberation as an alternative to msttcorefonts
Previous by thread: Bug#477289: openoffice.org: OpenOffice.Org hang when try to save-as or export a file opened from samba share
Next by thread: Bug#477289: Save-as problem
Index(es):
- Date
- Thread