Package: abiword
Version: 2.9.2+svn20120603-1
Severity: normal
Dear Maintainer,
Abiword crashes when pasting text from Iceweasel that contains
characters outside of the Unicode Basic Multilingual Plane.
To reproduce:
- Start Firefox/Iceweasel
- Go to http://en.wikipedia.org/wiki/Linear_B#Unicode
- Copy one of the characters from the Unicode table
- Paste in a new Abiword document.
(But "Paste Unformatted" doesn't crash.)
A backtrace is attached.
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=nl_BE.UTF-8, LC_CTYPE=nl_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages abiword depends on:
ii abiword-common 2.9.2+svn20120603-1
ii gsfonts 1:8.11+urwcyr1.0.7~pre44-4.2
ii libabiword-2.9 2.9.2+svn20120603-1
ii libc6 2.13-34
ii libdbus-1-3 1.6.2-2
ii libdbus-glib-1-2 0.100-1
ii libgcc1 1:4.7.1-3
ii libgcrypt11 1.5.0-3
ii libglib2.0-0 2.32.3-1
ii libgnutls26 2.12.20-1
ii libgsf-1-114 1.14.21-2.1
ii libgtk-3-0 3.4.2-2
ii libjpeg8 8d-1
ii libloudmouth1-0 1.4.3-8
ii libots0 0.5.0-2.1
ii libpng12-0 1.2.49-1
ii librdf0 1.0.15-1+b1
ii libreadline6 6.2-8
ii libsoup2.4-1 2.38.1-2
ii libstdc++6 4.7.1-3
ii libtelepathy-glib0 0.18.1-2
ii libtidy-0.99-0 20091223cvs-1.2
ii libwmf0.2-7 0.2.8.4-10
ii libwpd-0.9-9 0.9.4-3
ii libwpg-0.2-2 0.2.1-1
ii libwps-0.2-2 0.2.7-1
ii libxml2 2.8.0+dfsg1-4
ii libxslt1.1 1.1.26-13
ii zlib1g 1:1.2.7.dfsg-13
Versions of packages abiword recommends:
ii abiword-plugin-grammar 2.9.2+svn20120603-1
ii abiword-plugin-mathview 2.9.2+svn20120603-1
ii aspell-nl [aspell-dictionary] 1:2.10-1
ii fonts-liberation 1.07.2-5
ii poppler-utils 0.18.4-3
abiword suggests no packages.
-- no debconf information
(gdb) run
Starting program: /usr/bin/abiword
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
__memmove_ssse3 () at ../sysdeps/x86_64/multiarch/memcpy-ssse3.S:2235
(gdb) bt full
#0 __memmove_ssse3 () at ../sysdeps/x86_64/multiarch/memcpy-ssse3.S:2235
No locals.
#1 0x00007ffff79e24aa in memmove (__len=3, __src=0x0, __dest=<optimized out>)
at /usr/include/x86_64-linux-gnu/bits/string3.h:58
No locals.
#2 UT_ByteBuf::ins (this=0x7fffffffde90, position=0, pValue=0x0,
length=<optimized out>) at ut_bytebuf.cpp:96
No locals.
#3 0x00007ffff79841d2 in IE_Imp_XHTML::pasteFromBuffer (this=0x10cc800,
pDocRange=0x7fffffffdfc0, pData=0x0, lenData=<optimized out>,
szEncoding=<optimized out>) at ie_imp_XHTML.cpp:698
newDoc = 0x10c2050
buf = {m_pBuf = 0x10eaa20 "", m_iSize = 3, m_iSpace = 1024, m_iChunk =
1024}
e = <optimized out>
pPasteListen = <optimized out>
newXML = 0x10e9d10
p = 0x10ea7e0
posEnd = <optimized out>
b = <optimized out>
#4 0x00007ffff7848954 in AP_UnixApp::pasteFromClipboard (this=0x6077c0,
pDocRange=0x7fffffffdfc0, bUseClipboard=<optimized out>,
bHonorFormatting=<optimized out>) at ap_UnixApp.cpp:771
iread = 2
iwritten = 3
szutf8 = 0x0
pImpHTML = 0x10cc800
SniffBuf = {<IE_ImpSniffer> = {_vptr.IE_ImpSniffer = 0x7ffff7d5b2b0,
m_name = {pimpl = 0xee2a50}, m_type = -1, m_bCanPaste = true}, <No data fields>}
szRes = <optimized out>
iLen = 6
tFrom = XAP_UnixClipboard::TAG_ClipboardOnly
szFormatFound = 0x7ffff7a1ef5e "text/html"
pData = 0x1042780 "\377\376"
bFoundOne = <optimized out>
bSuccess = false
#5 0x00007ffff77e0056 in FV_View::_doPaste (this=0xf78c90, bUseClipboard=true,
bHonorFormatting=true) at fv_View_protected.cpp:5405
dr = {m_pDoc = 0xb48610, m_pos1 = 2, m_pos2 = 2}
pSL = <optimized out>
#6 0x00007ffff77b373f in FV_View::cmdPaste (this=0xf78c90,
bHonorFormatting=true) at fv_View_cmd.cpp:4736
dblBuffObj = {m_pPainter = 0x102cbc0, m_pView = 0xf78c90,
m_bCallDrawOnlyAtTheEnd = true, m_bSuspendDirectDrawing = true, mostExtArgs =
{clipRect = {left = 0, top = 0, width = 0, height = 0}, fullRect = {left = 0,
top = 0, width = 0, height = 0}, bDirtyRunsOnly = 255, bClip = 127, callCount =
0}}
#7 0x00007ffff78b960b in _sFrequentRepeat (pWorker=<optimized out>) at
ap_EditMethods.cpp:1517
pFreq = 0x10ccd30
pTmp = 0x101c2a0
bRunning = true
#8 _sFrequentRepeat (pWorker=<optimized out>) at ap_EditMethods.cpp:1489
No locals.
#9 0x00007ffff79e12ca in _Timer_Proc (p=<optimized out>) at ut_unixIdle.cpp:36
pIdle = <optimized out>
#10 0x00007ffff2b46205 in g_main_context_dispatch () from
/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#11 0x00007ffff2b46538 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#12 0x00007ffff2b46932 in g_main_loop_run () from
/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#13 0x00007ffff44722c5 in gtk_main () from
/usr/lib/x86_64-linux-gnu/libgtk-3.so.0
No symbol table info available.
#14 0x00007ffff771f48b in AP_UnixApp::main (szAppName=<optimized out>, argc=1,
argv=0x7fffffffe398) at ap_UnixApp.cpp:1382
XArgs = {m_argc = 1, m_argv = 0x7fffffffe398, m_bAllocated = 37,
m_szBuf = 0x0}
sa = {__sigaction_handler = {sa_handler = 0x7ffff784a3b0
<signalWrapper(int)>, sa_sigaction = 0x7ffff784a3b0 <signalWrapper(int)>},
sa_mask = {__val = {18446744067267100639, 18446744073709551615 <repeats 15
times>}}, sa_flags = -1073741824, sa_restorer = 0}
Args = {XArgs = 0x7fffffffe1e0, static m_sGeometry = 0x0, static
m_sToFormat = 0x0, static m_sPrintTo = 0x0, static m_sName = 0x0, static
m_iToThumb = 0, static m_sThumbXY = 0x7ffff7a43aed "100x120", static m_iVerbose
= 1, static m_iShow = <optimized out>, static m_sPluginArgs = 0x0, static
m_sFiles = 0x0, static m_iVersion = 0, static m_iHelp = 0, static m_sMerge =
0x0, static m_impProps = 0x0, static m_expProps = 0x0, static m_sUserProfile =
0x0, static m_sFileExtension = 0x0, m_pApp = 0x6077c0, m_context = 0x610e70}
have_display = <optimized out>
windowlessArgsWereSuccessful = true
exit_status = 0
pMyUnixApp = 0x6077c0
#15 0x00007ffff6e88ead in __libc_start_main (main=<optimized out>,
argc=<optimized out>, ubp_av=<optimized out>, init=<optimized out>,
fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe388) at
libc-start.c:228
result = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, 3131029281548835156,
4195824, 140737488348048, 0, 0, -3131029281185949356, -3131044782676076204},
mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x7ffff7deb077, 0x0}, data =
{prev = 0x0, cleanup = 0x0, canceltype = -136400777}}}
not_first_call = <optimized out>
#16 0x0000000000400619 in _start ()
No symbol table info available.
