Re: imap/2557: imap_munge_mbox_name does not check for empty src

To: Mutt Developers <mutt-dev@xxxxxxxx>
Subject: Re: imap/2557: imap_munge_mbox_name does not check for empty src
From: Brendan Cully <brendan@xxxxxxxxxx>
Date: Tue, 21 Nov 2006 20:25:05 +0100
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?Subject="Unsubscribe Mutt Dev"?body=unsubscribe>
Mail-followup-to: bug-any@xxxxxxxxxxxxx
References: <mutt-pr-2557@xxxxxxxxxxxxx>
Reply-to: bug-any@xxxxxxxxxxxxx
Sender: owner-mutt-dev@xxxxxxxx

The following reply was made to PR imap/2557; it has been noted by GNATS.

From: Brendan Cully <brendan@xxxxxxxxxx>
To: bug-any@xxxxxxxxxxxxx
Cc: 
Subject: Re: imap/2557: imap_munge_mbox_name does not check for empty src
        string
Date: Tue, 21 Nov 2006 11:22:30 -0800

 On Saturday, 18 November 2006 at 00:59, ksimpson@xxxxxxxxxxxxxxxx wrote:
 > >Synopsis:       imap_munge_mbox_name does not check for empty src string
 > >Release:        1.5.12
 > >Environment:
 > Linux 2.6, Ubuntu Edgy Eft
 > >Description:
 > imap_munge_mbox_name() does not check whether the src argument is
 > the empty string. It then uses safe_strdup to copy src into a
 > buf. buf is set to null, which later causes a segfault in libc when
 > 0x0 is sent to strsomething. The attached patch fixes this problem
 > by checking for empty src and just copying src to dest unmolested in
 > that case.
 > >How-To-Repeat:
 > In muttrc:
 > set folder="imaps://user@xxxxxxxxxxxxxxxx/"
 > (i.e. put a slash on the end)
 > 
 > Then compose a message and try attaching a file. The file browser
 > segfaults.
 
 I don't suppose you could repeat this test with CVS HEAD? I have a
 memory of fixing this bug, but I can't seem to find it in the
 Changelog...

Prev by Date: Re: [PATCH] Teach maildir/mh about $write_inc
Next by Date: Re: mutt/2560: Mutt chokes on invalid charset in UTF environment
Previous by thread: Re: IMAP reconnecting trouble
Next by thread: [2006-11-22] CVS repository changes
Index(es):
- Date
- Thread