mutt/2519: segfault on any write operation
>Number: 2519
>Notify-List:
>Category: mutt
>Synopsis: segfault on any write operation
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: mutt-dev
>State: open
>Keywords:
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Oct 10 07:44:44 +0200 2006
>Originator: Johannes Rohr
>Release: 1.5.13
>Organization:
>Environment:
[Re-submitting this bug, because the previous submission was not posted to the
mailing list]
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-k7
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Versions of packages mutt depends on:
ii exim4 4.63-4 metapackage to ease exim MTA (v4)
ii exim4-daemon-light [mai 4.63-4 lightweight exim MTA (v4) daemon
ii libc6 2.3.6.ds1-6 GNU C Library: Shared libraries
ii libdb4.4 4.4.20-8 Berkeley v4.4 Database Libraries [
ii libgnutls13 1.4.4-1 the GNU TLS library - runtime libr
ii libidn11 0.6.5-1 GNU libidn library, implementation
ii libncursesw5 5.5-4 Shared libraries for terminal hand
ii libsasl2 2.1.19.dfsg1-0.5 Authentication abstraction library
Versions of packages mutt recommends:
ii locales 2.3.6.ds1-6 GNU C Library: National Language (
ii mime-support 3.37-1 MIME files 'mime.types' & 'mailcap
>Description:
mutt segfaults over every single write operation on an mbox file, i.e.
expunging, syncing a mailbox. It started appr. half a year ago and remains
unchanged. See also Debian BTS entry at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364730
I just run it through gdb, here is the output:
-*-Mutt: /var/mail/jr [Msgs:3 Old:3 Del:1 Post:10
21K]---(threads/date)-------------------------------------------------(all)---Sortiere
Mailbox...
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1213794624 (LWP 16691)]
0xb7c741c7 in puts () from /lib/tls/i686/cmov/libc.so.6
(gdb) bt
#0 0xb7c741c7 in puts () from /lib/tls/i686/cmov/libc.so.6
#1 0xb7c72f16 in ftell () from /lib/tls/i686/cmov/libc.so.6
#2 0x08081ca2 in mbox_sync_mailbox (ctx=0x81cc0f0, index_hint=0xbfcb5a40) at
../mbox.c:796
#3 0x08088f62 in sync_mailbox (ctx=0x81cc0f0, index_hint=0xbfcb5a40) at
../mx.c:809
#4 0x0808944c in mx_sync_mailbox (ctx=0x81cc0f0, index_hint=0xbfcb5a40) at
../mx.c:1213
#5 0x080648e5 in mutt_index_menu () at ../curs_main.c:1043
#6 0x0807f6d1 in main (argc=Cannot access memory at address 0x0
) at ../main.c:969
) (gdb)
)
I'd be extremely grateful if someone would have a look at this. Without mutt I
feel seriously disabled
>How-To-Repeat:
I have no idea what rare condition (existing on both of my Debian machines) has
led to this total DoS. All my attempts to isolate the cause have failed, so
far. It is /not/ caused by any local config file (tested with "mutt -n"),
neither is it caused by corrupted mbox files (tested with those files on an
Ubuntu box) It occurs under any user account, including root and on both Debian
Unstable boxes I have.
>Fix:
Unknown
>Add-To-Audit-Trail:
>Unformatted: