Re: mutt/2195: double free in rfc822_free_address() when using S/MIME encryption
The following reply was made to PR mutt/2195; it has been noted by GNATS.
From: Rocco Rutte <pdmef@xxxxxxx>
To: bug-any@xxxxxxxxxxxxx
Cc:
Subject: Re: mutt/2195: double free in rfc822_free_address() when using S/MIME
encryption
Date: Fri, 7 Jul 2006 13:14:51 +0000
Hi,
* Christoph Ludwig [06-07-07 12:35:03 +0200] wrote:
> On Thu, Jul 06, 2006 at 06:25:03PM +0200, Rocco Rutte wrote:
[...]
> But the original patch manipulates (new_)keylist exactly the same way as my
> later hack does, so your observations are probably still valid.
>
> > I bet you can reproduce the bug if you don't decide to encrypt the
> > messages to yourself or have no default S/MIME key set up.
>
> Hm, yes, since I now usually rely on gpgsm to encrypt the FCC with my key, I
> set smime_encrypt_self to no in .muttrc.
So it's 100% reproduceable? Then we can close the bug, I think.
> > A solution would be to rewrite that part, or only call FREE() (not
> > safe_free(), btw) if new_keylist!=keylist to not free() the parameter.
>
> Are there guidelines available which convenience / safety functions and
> macros
> should be used in mutt code?
I changed the wiki page for creating patches:
<http://wiki.mutt.org/?SubmittingPatches>
to also mention the check_sec.sh script which is used before committing
code. So everybody hacking on the code should use it, too. I'll add some
notes on the safetey functions to the wiki in a few minutes.
A call like safe_free() will then make it print warnings. But still
there's not a word about it somewhere in doc/*.txt though there should
be.
IMHO doc/patch-notes.txt can be droped in favor of the above wiki
content.
bye, Rocco
--
:wq!