Bug 361259 - baloo crashes
Summary: baloo crashes
Status: RESOLVED FIXED
Alias: None
Product: frameworks-kfilemetadata
Classification: Frameworks and Libraries
Component: general (show other bugs)
Version: 5.19.0
Platform: Fedora RPMs Linux
: NOR crash
Target Milestone: ---
Assignee: Pinak Ahuja
URL:
Keywords: drkonqi
Depends on:
Blocks:
 
Reported: 2016-04-01 00:28 UTC by John theFish
Modified: 2018-10-16 13:56 UTC (History)
2 users (show)

See Also:
Latest Commit: https://commits.kde.org/kfilemetadata/5eee9ac75b7d6bb19795c2d3b964fe05fd8fc47c
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description John theFish 2016-04-01 00:28:48 UTC 
Application: baloo_file_extractor (5.19.0)

Qt Version: 5.5.1
Operating System: Linux 4.4.6-300.fc23.x86_64 x86_64
Distribution: "Fedora release 23 (Twenty Three)"

-- Information about the crash:
It happens every time I power on and login.
(I hope I remembered the name above correctly)

-- Backtrace:
Application: Baloo File Extractor (baloo_file_extractor), signal: Segmentation fault
Using host libthread_db library "/lib64/libthread_db.so.1".
[Current thread is 1 (Thread 0x7fc9684b88c0 (LWP 1780))]

Thread 2 (Thread 0x7fc9512c2700 (LWP 1843)):
#0  0x00007fc964a67fdd in poll () at /lib64/libc.so.6
#1  0x00007fc95f11c272 in _xcb_conn_wait () at /lib64/libxcb.so.1
#2  0x00007fc95f11dee7 in xcb_wait_for_event () at /lib64/libxcb.so.1
#3  0x00007fc954634da9 in QXcbEventReader::run() () at /lib64/libQt5XcbQpa.so.5
#4  0x00007fc9656703de in QThreadPrivate::start(void*) () at /lib64/libQt5Core.so.5
#5  0x00007fc963b7960a in start_thread () at /lib64/libpthread.so.0
#6  0x00007fc964a73a4d in clone () at /lib64/libc.so.6

Thread 1 (Thread 0x7fc9684b88c0 (LWP 1780)):
[KCrash Handler]
#5  0x00007fc94b49a818 in Exiv2::ValueType<std::pair<unsigned int, unsigned int> >::toFloat(long) const () at /lib64/libexiv2.so.14
#6  0x00007fc94b87c2c8 in (anonymous namespace)::toVariantDouble(Exiv2::Value const&) [clone .constprop.49] () at /usr/lib64/qt5/plugins/kf5/kfilemetadata/kfilemetadata_exiv2extractor.so
#7  0x00007fc94b87db85 in KFileMetaData::Exiv2Extractor::add(KFileMetaData::ExtractionResult*, Exiv2::ExifData const&, KFileMetaData::Property::Property, char const*, QVariant::Type) [clone .constprop.43] () at /usr/lib64/qt5/plugins/kf5/kfilemetadata/kfilemetadata_exiv2extractor.so
#8  0x00007fc94b87e1e1 in KFileMetaData::Exiv2Extractor::extract(KFileMetaData::ExtractionResult*) () at /usr/lib64/qt5/plugins/kf5/kfilemetadata/kfilemetadata_exiv2extractor.so
#9  0x00005608d6c66513 in Baloo::App::index(Baloo::Transaction*, QString const&, unsigned long long) ()
#10 0x00005608d6c6700f in Baloo::App::processNextFile() ()
#11 0x00007fc96588c888 in QSingleShotTimer::timerEvent(QTimerEvent*) () at /lib64/libQt5Core.so.5
#12 0x00007fc965881113 in QObject::event(QEvent*) () at /lib64/libQt5Core.so.5
#13 0x00007fc96653641c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /lib64/libQt5Widgets.so.5
#14 0x00007fc96653b8e6 in QApplication::notify(QObject*, QEvent*) () at /lib64/libQt5Widgets.so.5
#15 0x00007fc96585173b in QCoreApplication::notifyInternal(QObject*, QEvent*) () at /lib64/libQt5Core.so.5
#16 0x00007fc9658a6ccd in QTimerInfoList::activateTimers() () at /lib64/libQt5Core.so.5
#17 0x00007fc9658a7209 in idleTimerSourceDispatch(_GSource*, int (*)(void*), void*) () at /lib64/libQt5Core.so.5
#18 0x00007fc9633e0e3a in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
#19 0x00007fc9633e11d0 in g_main_context_iterate.isra () at /lib64/libglib-2.0.so.0
#20 0x00007fc9633e127c in g_main_context_iteration () at /lib64/libglib-2.0.so.0
#21 0x00007fc9658a7eaf in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /lib64/libQt5Core.so.5
#22 0x00007fc96584eeca in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /lib64/libQt5Core.so.5
#23 0x00007fc965856fac in QCoreApplication::exec() () at /lib64/libQt5Core.so.5
#24 0x00005608d6c659d5 in main ()

Reported using DrKonqi
Comment 1 Igor Poboiko 2018-10-16 13:56:15 UTC 
Git commit 5eee9ac75b7d6bb19795c2d3b964fe05fd8fc47c by Igor Poboiko.
Committed on 16/10/2018 at 13:56.
Pushed by poboiko into branch 'master'.

Don't crash on invalid exiv2 data

Summary:
The file from bug 375131 crashes `baloo_file_extractor`.
The problem is that its EXIF data contains a key `Exif.Photo.FocalLength`,
whose type is `Exiv2::unsignedRational`, and whose value is empty.
On the other hand, the `Exiv2::Value::toFloat()` call relies on at least single component of a value,
causing undefined behavior (i.e. crash) if there is none.

This is simple workaround: if we got a property with no value, just return an empty QVariant().
(unfortunately, didn't manage to reproduce the hang reported in the bug originally)
Related: bug 352856, bug 353848, bug 375131

Test Plan: `baloo_file_extractor` no longer crashes on the file, it processes the file and extracts all the necessary data

Reviewers: #baloo, #frameworks, astippich

Reviewed By: astippich

Subscribers: bruns, astippich, kde-frameworks-devel

Tags: #frameworks, #baloo

Differential Revision: https://phabricator.kde.org/D16165

M  +3    -0    src/extractors/exiv2extractor.cpp

https://commits.kde.org/kfilemetadata/5eee9ac75b7d6bb19795c2d3b964fe05fd8fc47c