<<< Date Index >>>     <<< Thread Index >>>

[Mutt] #3182: mutt segfaults if the IMAP server fails to allocate memory



#3182: mutt segfaults if the IMAP server fails to allocate memory
------------------------------+---------------------------------------------
 Reporter:  antonio@xxxxxxxx  |       Owner:  mutt-dev
     Type:  defect            |      Status:  new     
 Priority:  minor             |   Milestone:          
Component:  mutt              |     Version:  1.5.19  
 Keywords:                    |  
------------------------------+---------------------------------------------
 Forwarding from http://bugs.debian.org/513979
 ---

 What we are seeing in mutt is a segfault if IMAP fails to allocate memory,
 the corefile is attached to the original debian bug

 It seems that mutt is not aware that the IMAP server closed the connection
 with:

 * BYE [ALERT] Fatal error: Cannot allocate memory

 the stack trace is

 {{{
 #0  0x080dbda4 in imap_sync_mailbox (ctx=0x83165a0, expunge=1,
 index_hint=0xbf8c6bd0) at ../../imap/imap.c:1124
 #1  0x0808e349 in mx_close_mailbox (ctx=0x83165a0, index_hint=0xbf8c6bd0)
 at ../mx.c:1053
 #2  0x08065177 in mutt_index_menu () at ../curs_main.c:1143
 #3  0x08082048 in main (argc=1, argv=0xbf8c75f4) at ../main.c:1005
 }}}

 in imap_sync_mailbox() the idata struct contains a ctx field which is 0x0
 and when, at imap/imap.c:1125, this is done:

 {{{
   if (expunge && mutt_bit_isset (idata->ctx->rights, M_ACL_DELETE))
 }}}

 mutt crashes because idata->ctx == 0

 (pls note that I cannot attach the corefile because it's too big)

 Cheers
 Antonio

-- 
Ticket URL: <http://dev.mutt.org/trac/ticket/3182>
Mutt <http://www.mutt.org/>
The Mutt mail user agent