Inkscape

Crash when SVG contains certain special chars

Bug #1548953 reported by Patrick Storz
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Inkscape
Fix Released
High
Patrick Storz
Inkscape 0.92 "0.92"

Bug Description

Inkscape crashes when trying to open a file containing certain UTF8-encoded special characters (e.g. a thinspace, see testcase.svg)

The crash is caused by an assertion failure in /boost/optional/optional.hpp (see error.png)

The error is reproducible in 64-bit trunk builds but not in builds of 0.91 stable branch on Windows 7 x64. I didn't test 32-bit builds (yet).
(Both builds were based on the 5.3 branch of devlibs64 which contain boost 1.60 headers)

Tags: crash text
Revision history for this message
Patrick Storz (ede123) wrote :
Revision history for this message
Patrick Storz (ede123) wrote :
Revision history for this message
Mc (mc...) wrote :

no crashes on linux (debian testing, 0.91 release show "(inkscape:31621): Gtk-CRITICAL **: gtk_text_buffer_emit_insert: assertion 'g_utf8_validate (text, len, NULL)' failed" warnings, but trunk r14666 is just fine)
(boost 1.58.0+dfsg-4.1)

Revision history for this message
Patrick Storz (ede123) wrote :

Also reproduced on Windows 7 x64 with Inkscape trunk r14666 32-bit built with devlibs r59

Revision history for this message
Alvin Penner (apenner) wrote :

not reproduced on Windows XP, Inkscape 0.91+devel r14653 (Feb 15 2016)

Revision history for this message
Patrick Storz (ede123) wrote :

Now that's interesting
- Also *not* reproduced on Windows XP x86 with Inkscape trunk r14666 32-bit built with devlibs r59
- Reproduced on Windows 10 x64 with Inkscape trunk r14666 32-bit built with devlibs r59

So the very same build that is working on Windows XP is failing on Windows 7/10.

Revision history for this message
su_v (suv-lp) wrote :

Reproduces on OS X with Inkscape 0.91+devel depending on the font used for the text [1]. AFAICT the version of boost does not matter (crash is reproducible with recent local builds using Boost 1.49 as well as with builds using Boost 1.59).
On the local system, the crash (depending on font) only reproduces in current Inkscape trunk after the major 2geom update in rev 14226 (archived builds: rev <= 14224 ok, rev >= 14228 crashes). Full backtrace of X11-based debug build attached.

[1] System fonts (from OS X 10.7.5) which trigger the crash are for example 'Arial' and 'Times New Roman' (each contains a glyph definition for 'THIN SPACE' \u2009), but not 'Arial Unicode' (also contains glyph definition). System font 'Verdana' and e.g. user font 'Turnpike' OTOH also trigger the crash but - according to fontforge - do not contain a definition for 'THIN SPACE' -> possible the fallback retrieved via pango/fontconfig may play an additional role.

Revision history for this message
Patrick Storz (ede123) wrote :

The attached patch fixes this bug (tested on Windows 7 x64 with Inkscape 0.91+devel_64bit r14691).

Cause were uninitialized fields "left/right" of "Geom::OptRect tiltb" in the rare case of certain whitespace characters containing path data that results in an empty bounding box (e.g. a single move-to command).
Normal whitespace characters do *not* contain path data (therefore "_drawable = false" in the conditional) and therefore didn't trigger the bug.

Patrick Storz (ede123)
Changed in inkscape:
assignee: nobody → Eduard Braun (eduard-braun2)
status: New → In Progress
jazzynico (jazzynico)
Changed in inkscape:
importance: Undecided → High
milestone: none → 0.92
tags: added: crash text
Revision history for this message
Patrick Storz (ede123) wrote :

Committed in revision 14750.
http://bazaar.launchpad.net/~inkscape.dev/inkscape/trunk/revision/14750

Changed in inkscape:
status: In Progress → Fix Committed
Bryce Harrington (bryce)
Changed in inkscape:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.