Re: [Mutt] #2966: Crash when opening encrypted message
#2966: Crash when opening encrypted message
Changes (by brendan):
* version: => 1.5.16
* milestone: => 1.6
Old description:
> Mutt crashed today when I tried to open an encrypted message. Malloc()
> complained of head corruption. Here's the backtrace:
>
> *** glibc detected *** malloc(): memory corruption: 0x081250e8 ***
>
> Program received signal SIGABRT, Aborted.
> 0x0055c7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
> (gdb) bt
> #0 0x0055c7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
> #1 0x001287a5 in raise () from /lib/tls/libc.so.6
> #2 0x0012a209 in abort () from /lib/tls/libc.so.6
> #3 0x0015ca1a in __libc_message () from /lib/tls/libc.so.6
> #4 0x00163cd2 in _int_malloc () from /lib/tls/libc.so.6
> #5 0x001656e1 in malloc () from /lib/tls/libc.so.6
> #6 0x006e048e in CRYPTO_get_new_dynlockid () from /lib/libcrypto.so.4
> #7 0x006e0a3f in CRYPTO_malloc () from /lib/libcrypto.so.4
> #8 0x0072c068 in EVP_DigestInit_ex () from /lib/libcrypto.so.4
> #9 0x006e9817 in HMAC_Init_ex () from /lib/libcrypto.so.4
> #10 0x00ae1838 in tls1_mac () from /lib/libssl.so.4
> #11 0x00adc65b in ssl3_dispatch_alert () from /lib/libssl.so.4
> #12 0x00adc598 in ssl3_dispatch_alert () from /lib/libssl.so.4
> #13 0x00adc710 in ssl3_write_bytes () from /lib/libssl.so.4
> #14 0x00adab04 in ssl3_write () from /lib/libssl.so.4
> #15 0x00ae2883 in SSL_write () from /lib/libssl.so.4
> #16 0x080dc97c in ssl_socket_write (conn=0x81a1f50,
> buf=0x81eba98 "a1957 UID FETCH 38904 BODY.PEEK[]\r\n", len=35)
> at mutt_ssl.c:258
> #17 0x080db532 in mutt_socket_write_d (conn=0x81a1f50,
> buf=0x81eba98 "a1957 UID FETCH 38904 BODY.PEEK[]\r\n", len=35, dbg=2)
> at mutt_socket.c:126
> #18 0x080e2913 in imap_cmd_start (idata=0x81aa080,
> cmdstr=0xbfffc074 "UID FETCH 38904 BODY.PEEK[]") at command.c:107
> #19 0x080e74b7 in imap_fetch_message (msg=0x84dead8, ctx=0x817d3a0,
> msgno=0)
> at message.c:426
> #20 0x08093181 in mx_open_message (ctx=0x817d3a0, msgno=0) at mx.c:1407
> #21 0x0809d136 in mutt_parse_mime_message (ctx=0x817d3a0, cur=0x84dec08)
> at parse.c:956
> #22 0x08059d96 in mutt_display_message (cur=0x84dec08) at commands.c:71
> #23 0x080681d3 in mutt_index_menu () at curs_main.c:1179
> #24 0x08085fe6 in main (argc=1, argv=0xbfffe064) at main.c:989
> (gdb)
>
> This is with mutt 1.5.16. From mutt -v:
>
> Mutt 1.5.16 (2007-06-09)
> Copyright (C) 1996-2007 Michael R. Elkins and others.
> Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
> Mutt is free software, and you are welcome to redistribute it
> under certain conditions; type `mutt -vv' for details.
>
> System: Linux 2.6.9-55.3.EL (i686)
> slang: 10409
> libidn: 0.5.6 (compiled with 0.5.6)
> Compile options:
> -DOMAIN
> -DEBUG
> -HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE
> +USE_FCNTL +USE_FLOCK -USE_INODESORT
> +USE_POP +USE_IMAP +USE_SMTP -USE_GSS +USE_SSL_OPENSSL
> -USE_SSL_GNUTLS -USE_SASL +HAVE_GETADDRINFO
> +HAVE_REGCOMP -USE_GNU_REGEX
> +HAVE_COLOR -HAVE_START_COLOR -HAVE_TYPEAHEAD -HAVE_BKGDSET
> -HAVE_CURS_SET -HAVE_META -HAVE_RESIZETERM
> +CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME
> -CRYPT_BACKEND_GPGME
> -EXACT_ADDRESS -SUN_ATTACHMENT
> +ENABLE_NLS -LOCALES_HACK +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET
> +HAVE_LANGINFO_YESEXPR
> +HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN +HAVE_GETSID +USE_HCACHE
> ISPELL="/usr/bin/ispell"
> SENDMAIL="/usr/sbin/sendmail"
> MAILPATH="/var/mail"
> PKGDATADIR="/db/c6xi/linux/share/mutt"
> SYSCONFDIR="/db/c6xi/linux/etc"
> EXECSHELL="/bin/sh"
> -MIXMASTER
> To contact the developers, please mail to <mutt-dev@xxxxxxxx>.
> To report a bug, please visit http://bugs.mutt.org/.
New description:
Mutt crashed today when I tried to open an encrypted message. Malloc()
complained of head corruption. Here's the backtrace:
{{{
*** glibc detected *** malloc(): memory corruption: 0x081250e8 ***
Program received signal SIGABRT, Aborted.
0x0055c7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
(gdb) bt
#0 0x0055c7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
#1 0x001287a5 in raise () from /lib/tls/libc.so.6
#2 0x0012a209 in abort () from /lib/tls/libc.so.6
#3 0x0015ca1a in __libc_message () from /lib/tls/libc.so.6
#4 0x00163cd2 in _int_malloc () from /lib/tls/libc.so.6
#5 0x001656e1 in malloc () from /lib/tls/libc.so.6
#6 0x006e048e in CRYPTO_get_new_dynlockid () from /lib/libcrypto.so.4
#7 0x006e0a3f in CRYPTO_malloc () from /lib/libcrypto.so.4
#8 0x0072c068 in EVP_DigestInit_ex () from /lib/libcrypto.so.4
#9 0x006e9817 in HMAC_Init_ex () from /lib/libcrypto.so.4
#10 0x00ae1838 in tls1_mac () from /lib/libssl.so.4
#11 0x00adc65b in ssl3_dispatch_alert () from /lib/libssl.so.4
#12 0x00adc598 in ssl3_dispatch_alert () from /lib/libssl.so.4
#13 0x00adc710 in ssl3_write_bytes () from /lib/libssl.so.4
#14 0x00adab04 in ssl3_write () from /lib/libssl.so.4
#15 0x00ae2883 in SSL_write () from /lib/libssl.so.4
#16 0x080dc97c in ssl_socket_write (conn=0x81a1f50,
buf=0x81eba98 "a1957 UID FETCH 38904 BODY.PEEK[]\r\n", len=35)
at mutt_ssl.c:258
#17 0x080db532 in mutt_socket_write_d (conn=0x81a1f50,
buf=0x81eba98 "a1957 UID FETCH 38904 BODY.PEEK[]\r\n", len=35, dbg=2)
at mutt_socket.c:126
#18 0x080e2913 in imap_cmd_start (idata=0x81aa080,
cmdstr=0xbfffc074 "UID FETCH 38904 BODY.PEEK[]") at command.c:107
#19 0x080e74b7 in imap_fetch_message (msg=0x84dead8, ctx=0x817d3a0,
msgno=0)
at message.c:426
#20 0x08093181 in mx_open_message (ctx=0x817d3a0, msgno=0) at mx.c:1407
#21 0x0809d136 in mutt_parse_mime_message (ctx=0x817d3a0, cur=0x84dec08)
at parse.c:956
#22 0x08059d96 in mutt_display_message (cur=0x84dec08) at commands.c:71
#23 0x080681d3 in mutt_index_menu () at curs_main.c:1179
#24 0x08085fe6 in main (argc=1, argv=0xbfffe064) at main.c:989
(gdb)
This is with mutt 1.5.16. From mutt -v:
Mutt 1.5.16 (2007-06-09)
Copyright (C) 1996-2007 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.
System: Linux 2.6.9-55.3.EL (i686)
slang: 10409
libidn: 0.5.6 (compiled with 0.5.6)
Compile options:
-DOMAIN
-DEBUG
-HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE
+USE_FCNTL +USE_FLOCK -USE_INODESORT
+USE_POP +USE_IMAP +USE_SMTP -USE_GSS +USE_SSL_OPENSSL
-USE_SSL_GNUTLS -USE_SASL +HAVE_GETADDRINFO
+HAVE_REGCOMP -USE_GNU_REGEX
+HAVE_COLOR -HAVE_START_COLOR -HAVE_TYPEAHEAD -HAVE_BKGDSET
-HAVE_CURS_SET -HAVE_META -HAVE_RESIZETERM
+CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME
-CRYPT_BACKEND_GPGME
-EXACT_ADDRESS -SUN_ATTACHMENT
+ENABLE_NLS -LOCALES_HACK +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET
+HAVE_LANGINFO_YESEXPR
+HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN +HAVE_GETSID +USE_HCACHE
ISPELL="/usr/bin/ispell"
SENDMAIL="/usr/sbin/sendmail"
MAILPATH="/var/mail"
PKGDATADIR="/db/c6xi/linux/share/mutt"
SYSCONFDIR="/db/c6xi/linux/etc"
EXECSHELL="/bin/sh"
-MIXMASTER
To contact the developers, please mail to <mutt-dev@xxxxxxxx>.
To report a bug, please visit http://bugs.mutt.org/.
}}}
--
Ticket URL: <http://dev.mutt.org/trac/ticket/2966#comment:2>