<<< Date Index >>>     <<< Thread Index >>>

Re: [Mutt] #2676: mutt + imap header results in a NULL pointer



#2676: mutt + imap header results in a NULL pointer dereference crash

Old description:

> {{{
> Whenever I try to check my employer's mail (via IMAP+TLS),
> I use IMAP header-caching. However, mutt crashes on this particular
> mailbox. gdb(1) gives:
>
> Fetching message headers... [402/402]
> Program received signal SIGSEGV, Segmentation fault.
> 0x080927df in mx_update_context (ctx=0x8121900, new_messages=402) at
> mx.c:1618
> 1618          h->security = crypt_query (h->content);
> (gdb) inspect h
> $1 = (HEADER *) 0x0
> (gdb) inspect ctx->hdrs[399]
> $3 = (HEADER *) 0x81c4d80
> (gdb) inspect ctx->hdrs[400]
> $4 = (HEADER *) 0x0
> (gdb) inspect ctx->hdrs[401]
> $5 = (HEADER *) 0x8121980
> (gdb) bt
> #0  0x080927df in mx_update_context (ctx=0x8121900, new_messages=402)
>     at mx.c:1618
> #1  0x080e2069 in imap_read_headers (idata=0x8117a00, msgbegin=401,
> msgend=401)
>     at message.c:344
> #2  0x080de706 in imap_open_mailbox (ctx=0x8121900) at imap.c:737
> #3  0x080908e2 in mx_open_mailbox (path=0xbfbfdc30
> "imap://imap.qsp.nl/",
>     flags=0, pctx=0x0) at mx.c:719
> #4  0x08067827 in mutt_index_menu () at curs_main.c:1129
> #5  0x08085b2a in main (argc=1, argv=0xbfbfe884) at main.c:969
>
> For some reason, message 400's headers point to a NULL pointer. However,
> I can read the message using mutt without headercache (which is enabled
> using --with-hcache in configure) just fine.
>
> I have left the gdb(1) running; let me know if anything else needs to be
> inspected
> >How-To-Repeat:
> Try to open my employer's IMAP mailbox, while IMAP header caching is
> enabled.
> >Fix:
> Disable headercaching (configuring with --with-hcache will do) solves the
> problem.
> }}}

New description:

 Whenever I try to check my employer's mail (via IMAP+TLS),
 I use IMAP header-caching. However, mutt crashes on this particular
 mailbox. gdb(1) gives:
 {{{
 Fetching message headers... [402/402]
 Program received signal SIGSEGV, Segmentation fault.
 0x080927df in mx_update_context (ctx=0x8121900, new_messages=402) at
 mx.c:1618
 1618          h->security = crypt_query (h->content);
 (gdb) inspect h
 $1 = (HEADER *) 0x0
 (gdb) inspect ctx->hdrs[399]
 $3 = (HEADER *) 0x81c4d80
 (gdb) inspect ctx->hdrs[400]
 $4 = (HEADER *) 0x0
 (gdb) inspect ctx->hdrs[401]
 $5 = (HEADER *) 0x8121980
 (gdb) bt
 #0  0x080927df in mx_update_context (ctx=0x8121900, new_messages=402)
     at mx.c:1618
 #1  0x080e2069 in imap_read_headers (idata=0x8117a00, msgbegin=401,
 msgend=401)
     at message.c:344
 #2  0x080de706 in imap_open_mailbox (ctx=0x8121900) at imap.c:737
 #3  0x080908e2 in mx_open_mailbox (path=0xbfbfdc30
 "imap://imap.qsp.nl/",
     flags=0, pctx=0x0) at mx.c:719
 #4  0x08067827 in mutt_index_menu () at curs_main.c:1129
 #5  0x08085b2a in main (argc=1, argv=0xbfbfe884) at main.c:969
 }}}
 For some reason, message 400's headers point to a NULL pointer. However,
 I can read the message using mutt without headercache (which is enabled
 using --with-hcache in configure) just fine.

 I have left the gdb(1) running; let me know if anything else needs to be
 inspected
 >How-To-Repeat:
 Try to open my employer's IMAP mailbox, while IMAP header caching is
 enabled.
 >Fix:
 Disable headercaching (configuring with --with-hcache will do) solves the
 problem.

-- 
Ticket URL: <http://dev.mutt.org/trac/ticket/2676#comment:1>