Created attachment 111052 [details] Causes CPU to go to 100% The attached file causes soffice.bin to run at 100% CPU apparently forever (for a couple of hours at least). I've tested in on Debian testing with 4.4.0-beta2 and Windows 7 with 4.3.3.2. It seems to gets stuck here: ustring.cxx:1080 if (n != 0) { (*newStr)->length = n; assert(i >= 0 && i < str->length); memcpy( (*newStr)->buffer, str->buffer, i * sizeof (sal_Unicode)); memcpy( (*newStr)->buffer + i, to->buffer, to->length * sizeof (sal_Unicode)); memcpy( (*newStr)->buffer + i + to->length, str->buffer + i + from->length, (str->length - i - from->length) * sizeof (sal_Unicode)); } This bug was found using the Rollit fuzzer.
Version: 4.4.0.0.beta2+ Build ID: e1de94244c1b0419c1c3415c02381e8b7a87abe0 TinderBox: Linux-rpm_deb-x86_64@46-TDF, Branch:libreoffice-4-4, Time: 2014-12-14_11:45:23 Text import dialog when opening this file. In excel - excel found unreadable content in "fuzzed-7-18-435352508.xls" File seems to be corrupted.
This file falls back to the text import for me.
Hi, After you use text import, doesn't it cause the cpu to lock at 100%? The file is expected to be corrupted and to fall back to text import. This was found during a fuzzing run. If you are not familiar with fuzzing, it's a technique to find security bugs (but often also non security like this) by running a series of invalid inputs / files in a program.
(In reply to Pedro Ribeiro from comment #3) > Hi, > > After you use text import, doesn't it cause the cpu to lock at 100%? > The file is expected to be corrupted and to fall back to text import. This > was found during a fuzzing run. No, opens without problems.
Strange - on my Debian install it definitely causes the CPU to go to lock to 100%.