Bug 287786

Summary: Crash on importing investment via CSV plugin
Product: [Applications] kmymoney Reporter: allan <agander93>
Component: generalAssignee: KMyMoney Devel Mailing List <kmymoney-devel>
Status: RESOLVED FIXED    
Severity: crash    
Priority: NOR    
Version: SVN   
Target Milestone: ---   
Platform: unspecified   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description allan 2011-11-28 21:01:42 UTC 
Version:           SVN trunk (using KDE 4.6.5) 
OS:                Linux

Application: KMyMoney (kmymoney), signal: Segmentation fault
[Current thread is 1 (Thread 0xb4257710 (LWP 7746))]

Thread 3 (Thread 0xb3e1bb70 (LWP 7747)):
#0  0xb77f8424 in __kernel_vsyscall ()
#1  0xb54fbf76 in __poll (fds=0x9df7f28, nfds=3, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:87
#2  0xb4b0884b in g_poll () from /lib/i386-linux-gnu/libglib-2.0.so.0
#3  0xb4af81af in ?? () from /lib/i386-linux-gnu/libglib-2.0.so.0
#4  0xb4af892b in g_main_loop_run () from /lib/i386-linux-gnu/libglib-2.0.so.0
#5  0xb3f54304 in ?? () from /usr/lib/i386-linux-gnu/libgio-2.0.so.0
#6  0xb4b212df in ?? () from /lib/i386-linux-gnu/libglib-2.0.so.0
#7  0xb6992e99 in start_thread (arg=0xb3e1bb70) at pthread_create.c:304
#8  0xb550a73e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130

Thread 2 (Thread 0xad556b70 (LWP 7754)):
#0  0xb4b91d41 in clock_gettime (clock_id=1, tp=0xad556000) at ../sysdeps/unix/clock_gettime.c:116
#1  0xb6276dd8 in ?? () from /usr/lib/libQtCore.so.4
#2  0xb63434f2 in ?? () from /usr/lib/libQtCore.so.4
#3  0xb6341d32 in ?? () from /usr/lib/libQtCore.so.4
#4  0xb6341dcd in ?? () from /usr/lib/libQtCore.so.4
#5  0xb4af6fd4 in g_main_context_prepare () from /lib/i386-linux-gnu/libglib-2.0.so.0
#6  0xb4af7e63 in ?? () from /lib/i386-linux-gnu/libglib-2.0.so.0
#7  0xb4af8524 in g_main_context_iteration () from /lib/i386-linux-gnu/libglib-2.0.so.0
#8  0xb6342577 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#9  0xb6314289 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#10 0xb6314522 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#11 0xb621e2a0 in QThread::exec() () from /usr/lib/libQtCore.so.4
#12 0xb62f5fdb in ?? () from /usr/lib/libQtCore.so.4
#13 0xb6220da2 in ?? () from /usr/lib/libQtCore.so.4
#14 0xb6992e99 in start_thread (arg=0xad556b70) at pthread_create.c:304
#15 0xb550a73e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130

Thread 1 (Thread 0xb4257710 (LWP 7746)):
[KCrash Handler]
#7  0xb624cf56 in QLocalePrivate::stringToDouble(QString const&, bool*, QLocalePrivate::GroupSeparatorMode) const () from /usr/lib/libQtCore.so.4
#8  0xb6269ab4 in QString::toDouble(bool*) const () from /usr/lib/libQtCore.so.4
#9  0xae09c709 in InvestProcessing::processInvestLine (this=0xa6ba3e0, inBuffer=..., line=0) at /home/aga/Git/kmymoney/kmymoney/plugins/csvimport/investprocessing.cpp:953
#10 0xae0a7003 in InvestProcessing::readFile (this=0xa6ba3e0, fname=..., skipLines=3) at /home/aga/Git/kmymoney/kmymoney/plugins/csvimport/investprocessing.cpp:728
#11 0xae0a7b96 in InvestProcessing::slotImportClicked (this=0xa6ba3e0) at /home/aga/Git/kmymoney/kmymoney/plugins/csvimport/investprocessing.cpp:1349
#12 0xae069e86 in InvestProcessing::qt_metacall (this=0xa6ba3e0, _c=QMetaObject::InvokeMetaMethod, _id=13, _a=0xbff00d3c) at /home/aga/Git/kmymoney/build/kmymoney/plugins/csvimport/moc_investprocessing.cpp:132
#13 0xb631b6ba in QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) () from /usr/lib/libQtCore.so.4
#14 0xb632b4ff in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib/libQtCore.so.4
#15 0xae069b47 in CompletionPage::importInvestment (this=0xa7967f0) at /home/aga/Git/kmymoney/build/kmymoney/plugins/csvimport/moc_csvdialog.cpp:617
#16 0xae078f20 in CompletionPage::slotImportClicked (this=0xa7967f0) at /home/aga/Git/kmymoney/kmymoney/plugins/csvimport/csvdialog.cpp:2219
#17 0xae069bd3 in CompletionPage::qt_metacall (this=0xa7967f0, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0xbff00f18) at /home/aga/Git/kmymoney/build/kmymoney/plugins/csvimport/moc_csvdialog.cpp:593
#18 0xb631b6ba in QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) () from /usr/lib/libQtCore.so.4
#19 0xb632b4ff in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib/libQtCore.so.4
#20 0xb5ee17c9 in QAbstractButton::clicked(bool) () from /usr/lib/libQtGui.so.4
#21 0xb5bf9326 in ?? () from /usr/lib/libQtGui.so.4
#22 0xb5bfab94 in ?? () from /usr/lib/libQtGui.so.4
#23 0xb5bfae4e in QAbstractButton::mouseReleaseEvent(QMouseEvent*) () from /usr/lib/libQtGui.so.4
#24 0xb584e13a in QWidget::event(QEvent*) () from /usr/lib/libQtGui.so.4
#25 0xb5bf9e9e in QAbstractButton::event(QEvent*) () from /usr/lib/libQtGui.so.4
#26 0xb5c97c52 in QPushButton::event(QEvent*) () from /usr/lib/libQtGui.so.4
#27 0xb57f5d24 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#28 0xb57fb201 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#29 0xb6d2e32a in KApplication::notify(QObject*, QEvent*) () from /usr/lib/libkdeui.so.5
#30 0xb63150bb in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/libQtCore.so.4
#31 0xb57f6c3b in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) () from /usr/lib/libQtGui.so.4
#32 0xb588204c in ?? () from /usr/lib/libQtGui.so.4
#33 0xb58809b5 in QApplication::x11ProcessEvent(_XEvent*) () from /usr/lib/libQtGui.so.4
#34 0xb58ac5f4 in ?? () from /usr/lib/libQtGui.so.4
#35 0xb4af7aa8 in g_main_context_dispatch () from /lib/i386-linux-gnu/libglib-2.0.so.0
#36 0xb4af8270 in ?? () from /lib/i386-linux-gnu/libglib-2.0.so.0
#37 0xb4af8524 in g_main_context_iteration () from /lib/i386-linux-gnu/libglib-2.0.so.0
#38 0xb634253c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#39 0xb58ac1e5 in ?? () from /usr/lib/libQtGui.so.4
#40 0xb6314289 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#41 0xb6314522 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#42 0xb6318ecc in QCoreApplication::exec() () from /usr/lib/libQtCore.so.4
#43 0xb57f38e7 in QApplication::exec() () from /usr/lib/libQtGui.so.4
#44 0x08087a05 in runKMyMoney (splash=0x9f3d800, a=<value optimized out>) at /home/aga/Git/kmymoney/kmymoney/main.cpp:282
#45 0x080899d5 in main (argc=2689996, argv=0xb698cac0) at /home/aga/Git/kmymoney/kmymoney/main.cpp:181


Reproducible: Always

Steps to Reproduce:
If a CSV file contains lines with differing numbers of columns, and if one of the selected columns happens to be the last column in a line with fewer than the maximum number, an array goes out of bounds.

Actual Results:  
Crash.

Expected Results:  
Importer should deal with the file to avoid a crash in these conditions.
Comment 1 allan 2011-11-28 23:16:40 UTC 
Git commit 480d891c72afe98b9a9c83d66a14aa980a9ed300 by Allan Anderson.
Committed on 29/11/2011 at 00:06.
Pushed by allananderson into branch 'master'.

BUG: 287786
If a CSV file contains lines with differing numbers of columns (or the
last column is empty), and if one of the selected columns happens to
be the last column in a line with fewer than the maximum number,
an array goes out of bounds.

Use the actual line's column list count instead of maximum column count.

M  +1    -1    kmymoney/plugins/csvimport/investprocessing.cpp

http://commits.kde.org/kmymoney/480d891c72afe98b9a9c83d66a14aa980a9ed300