[Libreoffice-bugs] [Bug 144271] New: leaks of SwTextBoxHelper

bugzilla-daemon at bugs.documentfoundation.org bugzilla-daemon at bugs.documentfoundation.org
Thu Sep 2 13:39:12 UTC 2021 

https://bugs.documentfoundation.org/show_bug.cgi?id=144271

            Bug ID: 144271
           Summary: leaks of SwTextBoxHelper
           Product: LibreOffice
           Version: 7.3.0.0 alpha0+ Master
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: normal
          Priority: medium
         Component: Writer
          Assignee: libreoffice-bugs at lists.freedesktop.org
          Reporter: caolanm at redhat.com

Description:
oss-fuzz has detected leaks of SwTextBoxHelper when fuzzing .docx.

These seem to have begun since: https://gerrit.libreoffice.org/c/core/+/120452

commit 504d78acb866495fd954fcd6db22ea68f174a5ab
Author: Attila Bakos (NISZ) <bakos.attilakaroly at nisz.hu>
Date:   Fri Aug 13 14:11:24 2021 +0200

    tdf#143574 sw: textboxes in group shapes - part 1


Steps to Reproduce:
This i bit of a pain to reproduce because they are generated documents, but
under Linux see vcl/workben/fftester.cxx and

1 cp workdir/LinkTarget/Executable/fftester instdir/program
2 LD_LIBRARY_PATH=`pwd`/instdir/program valgrind --leak-check=yes
instdir/program/fftester ~/Downloads/DOCUMENT docx

where for DOCUMENT substitute one of the attachments

Actual Results:
==738289== 88 (64 direct, 24 indirect) bytes in 1 blocks are definitely lost in
loss record 1,623 of 2,437
==738289==    at 0x4840FF5: operator new(unsigned long)
(vg_replace_malloc.c:417)
==738289==    by 0x1CFCAC74: SwTextBoxHelper::create(SwFrameFormat*,
SdrObject*, bool) (textboxhelper.cxx:119)
==738289==    by 0x1D868D58: SwXShape::setPropertyValue(rtl::OUString const&,
com::sun::star::uno::Any const&) (unodraw.cxx:1169)
==738289==    by 0x22DD540F:
SvxShape::setPropertyValues(com::sun::star::uno::Sequence<rtl::OUString>
const&, com::sun::star::uno::Sequence<com::sun::star::uno::Any> const&)
(unoshape.cxx:1815)
==738289==    by 0x2B0D1937:
oox::PropertySet::setProperties(com::sun::star::uno::Sequence<rtl::OUString>
const&, com::sun::star::uno::Sequence<com::sun::star::uno::Any> const&)
(propertyset.cxx:82)
==738289==    by 0x2B0D1C23: oox::PropertySet::setProperties(oox::PropertyMap
const&) (propertyset.cxx:105)


Expected Results:
no leak


Reproducible: Always


User Profile Reset: No



Additional Info:
if this work is something that isn't complete yet then maybe it could be only
enabled if the experimental setting is set?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/libreoffice-bugs/attachments/20210902/8a0b8f9e/attachment.htm>

More information about the Libreoffice-bugs mailing list