<<< Date Index >>>     <<< Thread Index >>>

Re: mutt 1.5.8i: SIGSEGV in imap_sync_mailbox



Hello,

> This is consistent with the crashes one of my users have had. It's
> pretty serious, is there noone with IMAP knowledge who can fix it?

try this patch and tell me if it works for you.

        Thomas
diff --git a/hash.c b/hash.c
--- a/hash.c
+++ b/hash.c
@@ -114,8 +114,12 @@ void *hash_find_hash (const HASH * table
 void hash_delete_hash (HASH * table, int hash, const char *key, const void 
*data,
                       void (*destroy) (void *))
 {
-  struct hash_elem *ptr = table->table[hash];
-  struct hash_elem **last = &table->table[hash];
+  struct hash_elem *ptr;
+  struct hash_elem **last;
+
+again:
+  ptr  = table->table[hash];
+  last = &table->table[hash];
 
   for (; ptr; last = &ptr->next, ptr = ptr->next)
   {
@@ -128,7 +132,7 @@ void hash_delete_hash (HASH * table, int
       *last = ptr->next;
       if (destroy) destroy (ptr->data);
       FREE (&ptr);
-      return;
+      goto again;
     }
   }
 }
diff --git a/imap/message.c b/imap/message.c
--- a/imap/message.c
+++ b/imap/message.c
@@ -314,7 +314,10 @@ int imap_read_headers (IMAP_DATA* idata,
   fclose(fp);
 
   if (ctx->msgcount > oldmsgcount)
+  {
+    mx_alloc_memory(ctx);
     mx_update_context (ctx, ctx->msgcount - oldmsgcount);
+  }
 
   return msgend;
 }
@@ -469,6 +472,8 @@ int imap_fetch_message (MESSAGE *msg, CO
     hash_delete (ctx->id_hash, h->env->message_id, h, NULL);
   if (ctx->subj_hash && h->env->real_subj)
     hash_delete (ctx->subj_hash, h->env->real_subj, h, NULL);
+  if (ctx->thread_hash && h->env->message_id)
+    hash_delete (ctx->thread_hash, h->env->message_id, NULL, NULL);
   mutt_free_envelope (&h->env);
   h->env = mutt_read_rfc822_header (msg->fp, h, 0, 0);
   if (ctx->id_hash && h->env->message_id)
diff --git a/imap/util.c b/imap/util.c
--- a/imap/util.c
+++ b/imap/util.c
@@ -138,11 +138,11 @@ int imap_parse_path (const char* path, I
     {
       *c = '\0';
       strfcpy (mx->account.user, tmp, sizeof (mx->account.user));
-      strfcpy (tmp, c+1, sizeof (tmp));
+      c++;
       mx->account.flags |= M_ACCT_USER;
     }
   
-    if ((n = sscanf (tmp, "%127[^:/]%127s", mx->account.host, tmp)) < 1)
+    if ((n = sscanf (c, "%127[^:/]%127s", mx->account.host, c)) < 1)
     {
       dprint (1, (debugfile, "imap_parse_path: NULL host in %s\n", path));
       FREE (&mx->mbox);
@@ -150,11 +150,11 @@ int imap_parse_path (const char* path, I
     }
   
     if (n > 1) {
-      if (sscanf (tmp, ":%hu%127s", &(mx->account.port), tmp) >= 1)
+      if (sscanf (c, ":%hu%127s", &(mx->account.port), c) >= 1)
        mx->account.flags |= M_ACCT_PORT;
-      if (sscanf (tmp, "/%s", tmp) == 1)
+      if (sscanf (c, "/%s", c) == 1)
       {
-       if (!ascii_strncmp (tmp, "ssl", 3))
+       if (!ascii_strncmp (c, "ssl", 3))
          mx->account.flags |= M_ACCT_SSL;
        else
        {