Bug 473231

Summary: KPhotoAlbum crashes when a invalid file name is provided in the Open List of Files window
Product: [Applications] kphotoalbum Reporter: Victor Lobo <victor.ip.lobo>
Component: Thumbnail ViewerAssignee: KPhotoAlbum Bugs <kpabugs>
Status: RESOLVED FIXED    
Severity: crash CC: johannes, tl, victor.ip.lobo
Priority: NOR    
Version: GIT master   
Target Milestone: ---   
Platform: openSUSE   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: Invalid value entered in Open List of Files Dialog

Description Victor Lobo 2023-08-10 00:10:49 UTC
Created attachment 160877 [details]
Invalid value entered in Open List of Files Dialog

SUMMARY
KPhotoAlbum crashes when a invalid file name is provided in the Open List of Files window


STEPS TO REPRODUCE
1. Open KPhotoAlbum
2. Click on Edit
3. Click on Open List of Files...
4. Enter an invalid file name (for example just the letter "a" or "1" or "not-a-valid-file.jpg")
5. Click OK
6. KPhotoAlbum crashes

OBSERVED RESULT
Crash

EXPECTED RESULT
No crash; KPhotoAlbum should ignore invalid value.


SOFTWARE/OS VERSIONS
Linux: openSUSE Tumbleweed 20230807; Kernel Version: 6.4.8-1-default (64-bit)
KDE Plasma Version: 5.27.7
KDE Frameworks Version: 5.108.0
Qt Version: 5.15.10
KPhotoAlbum Version 5.11.0 (as installed from Opensuse Tumbleweed repository)
Also occurs in latest git version v5.11.0-51-gc9fc8883

ADDITIONAL INFORMATION
1. Crash is reproducible every time the steps are followed.
2. Crash does not occur if the invalid file name has the "/" directory separator
3. Crash occurs even if the first file name is valid but the second file name is invalid. In this case Clicking OK in step 5 does not crash; however, clicking the empty second thumbnail in thumbnail view causes the crash.
4. Crash occurs even in the demo database


GDB Backtrace:
Application: KPhotoAlbum (kphotoalbum), signal: Segmentation fault

[KCrash Handler]
#4  QDateTime::Data::Data (other=..., this=0x7ffd79200a80) at time/qdatetime.cpp:3366
#5  QDateTime::QDateTime (this=0x7ffd79200a80, other=...) at time/qdatetime.cpp:3764
#6  0x000000000047bea9 in Utilities::FastDateTime::FastDateTime (this=0x7ffd79200a80, other=...) at /home/victor/Downloads/kphotoalbum/Utilities/FastDateTime.h:35
#7  0x00000000004ae136 in ThumbnailView::ThumbnailWidget::emitDateChange (this=0x2027010) at /home/victor/Downloads/kphotoalbum/ThumbnailView/ThumbnailWidget.cpp:237
#8  0x00000000004b345f in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (ThumbnailView::ThumbnailWidget::*)()>::call(void (ThumbnailView::ThumbnailWidget::*)(), ThumbnailView::ThumbnailWidget*, void**) (f=(void (ThumbnailView::ThumbnailWidget::*)(ThumbnailView::ThumbnailWidget * const)) 0x4adff8 <ThumbnailView::ThumbnailWidget::emitDateChange()>, o=0x2027010, arg=0x7ffd79200ca0) at /usr/include/qt5/QtCore/qobjectdefs_impl.h:152
#9  0x00000000004b2a85 in QtPrivate::FunctionPointer<void (ThumbnailView::ThumbnailWidget::*)()>::call<QtPrivate::List<>, void>(void (ThumbnailView::ThumbnailWidget::*)(), ThumbnailView::ThumbnailWidget*, void**) (f=(void (ThumbnailView::ThumbnailWidget::*)(ThumbnailView::ThumbnailWidget * const)) 0x4adff8 <ThumbnailView::ThumbnailWidget::emitDateChange()>, o=0x2027010, arg=0x7ffd79200ca0) at /usr/include/qt5/QtCore/qobjectdefs_impl.h:185
#10 0x00000000004b22e1 in QtPrivate::QSlotObject<void (ThumbnailView::ThumbnailWidget::*)(), QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (which=1, this_=0x2054790, r=0x2027010, a=0x7ffd79200ca0, ret=0x0) at /usr/include/qt5/QtCore/qobjectdefs_impl.h:418
#11 0x00007f76e83257a2 in QtPrivate::QSlotObjectBase::call (a=0x7ffd79200ca0, r=0x2027010, this=0x2054790) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#12 doActivate<false> (sender=0x2054670, signal_index=3, argv=0x7ffd79200ca0) at kernel/qobject.cpp:3925
#13 0x00007f76e831e40f in QMetaObject::activate (sender=<optimized out>, m=m@entry=0x7f76e85c79a0 <QTimer::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffd79200ca0) at kernel/qobject.cpp:3985
#14 0x00007f76e832957a in QTimer::timeout (this=<optimized out>, _t1=...) at .moc/moc_qtimer.cpp:205
#15 0x00007f76e83191bb in QObject::event (this=0x2054670, e=0x7ffd79200df0) at kernel/qobject.cpp:1369
#16 0x00007f76e8fa519e in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x2054670, e=0x7ffd79200df0) at kernel/qapplication.cpp:3640
#17 0x00007f76e82ed4f8 in QCoreApplication::notifyInternal2 (receiver=0x2054670, event=0x7ffd79200df0) at kernel/qcoreapplication.cpp:1064
#18 0x00007f76e82ed6be in QCoreApplication::sendEvent (receiver=<optimized out>, event=<optimized out>) at kernel/qcoreapplication.cpp:1462
#19 0x00007f76e8345889 in QTimerInfoList::activateTimers (this=0x1c36f70) at kernel/qtimerinfo_unix.cpp:643
#20 0x00007f76e8346134 in timerSourceDispatch (source=<optimized out>) at kernel/qeventdispatcher_glib.cpp:183
#21 0x00007f76e5b16988 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#22 0x00007f76e5b16d98 in ?? () from /lib64/libglib-2.0.so.0
#23 0x00007f76e5b16e2c in g_main_context_iteration () from /lib64/libglib-2.0.so.0
#24 0x00007f76e8346496 in QEventDispatcherGlib::processEvents (this=0x1c386c0, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#25 0x00007f76e82ebf8b in QEventLoop::exec (this=this@entry=0x7ffd79201030, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#26 0x00007f76e82f4420 in QCoreApplication::exec () at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#27 0x0000000000471840 in main (argc=2, argv=0x7ffd79201738) at /home/victor/Downloads/kphotoalbum/main.cpp:161
[Inferior 1 (process 27681) detached]
Comment 1 Tobias Leupold 2023-08-10 05:25:55 UTC
I can reproduce this using the demo database. I never used this feature, so I have to have a look what happens here ;-)
Comment 2 Johannes Zarl-Zierl 2023-08-10 20:55:16 UTC
Git commit d73d00e1d1ad5e9f5148699f49567a4a1f2a687e by Johannes Zarl-Zierl.
Committed on 10/08/2023 at 22:55.
Pushed by johanneszarl into branch 'master'.

Fix crash when opening a list of files with invalid files

M  +2    -1    MainWindow/Window.cpp

https://invent.kde.org/graphics/kphotoalbum/-/commit/d73d00e1d1ad5e9f5148699f49567a4a1f2a687e
Comment 3 Victor Lobo 2023-08-10 22:35:41 UTC
Thank you! While testing the fix I noticed an edge case scenario which still causes the crash.

Scenario is:
1. File exists on the disk, and
2. File exists under the KPA image root directory, but
3. File does not exist in KPA database


Where #3 could be due to
a. File exists in a directory under the KPA root but is excluded from new file search (via Settings).
b. File has recently been added to KPA root and rescan has not been done.
c. File exists under the KPA root but is not an image file.


Easiest way to reproduce the crash in the fixed version is via 3.c: 
i.  In the demo database enter "index.xml" without the quotes as the filename in Open List of Files.
ii. KPhotoAlbum crashes.
Comment 4 Johannes Zarl-Zierl 2023-08-10 23:50:52 UTC
Thanks for the quick feedback! Should be really fixed now...
Comment 5 Johannes Zarl-Zierl 2023-08-10 23:50:59 UTC
Git commit 1b4d199ec9a4806190d7869febfa4a2a6cd03a18 by Johannes Zarl-Zierl.
Committed on 11/08/2023 at 01:46.
Pushed by johanneszarl into branch 'master'.

Fix remaining edge case when opening a list of files not in the database

M  +3    -3    MainWindow/Window.cpp

https://invent.kde.org/graphics/kphotoalbum/-/commit/1b4d199ec9a4806190d7869febfa4a2a6cd03a18
Comment 6 Victor Lobo 2023-08-11 01:01:24 UTC
Thank you! Fix looks good.