Bug 833044
Summary: | [abrt] mutt-1.5.21-11.fc17: write_one_header: Process /usr/bin/mutt was killed by signal 11 (SIGSEGV) | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Dave Allan <dallan> | ||||||||||
Component: | mutt | Assignee: | Honza Horak <hhorak> | ||||||||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||||
Severity: | unspecified | Docs Contact: | |||||||||||
Priority: | unspecified | ||||||||||||
Version: | 17 | CC: | hhorak, mlichvar, pertusus | ||||||||||
Target Milestone: | --- | ||||||||||||
Target Release: | --- | ||||||||||||
Hardware: | x86_64 | ||||||||||||
OS: | Unspecified | ||||||||||||
Whiteboard: | abrt_hash:0e5808c5e467fd838772dc7c00fea5f85b5b8a93 | ||||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||||
Doc Text: | Story Points: | --- | |||||||||||
Clone Of: | Environment: | ||||||||||||
Last Closed: | 2012-07-10 16:29:03 UTC | Type: | --- | ||||||||||
Regression: | --- | Mount Type: | --- | ||||||||||
Documentation: | --- | CRM: | |||||||||||
Verified Versions: | Category: | --- | |||||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||||
Embargoed: | |||||||||||||
Attachments: |
|
Description
Dave Allan
2012-06-18 13:22:45 UTC
Created attachment 592640 [details]
File: backtrace
Created attachment 592641 [details]
File: maps
Created attachment 594197 [details]
proposed patch - handle NULL return value of strchr
Thanks for the report. I'm unfortunately unable to reproduce this failure, but I found that strchr return value was not properly handled when the function returned NULL.
I created a patch and will believe it will fix the issue. If you can reproduce the failure, you can try the patch attached (new builds will be available soon).
mutt-1.5.21-12.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/mutt-1.5.21-12.fc17 That build fixes the segfault for me, and I gave it karma. It took me a bit to verify it, as I had used mutt to move the corrupt message into a new mailbox, which caused mutt to write headers that made the crash not repro any more, so I had to go recorrupt the message before I could repro. :) The message was originally the single character '0'. I'll attach a tarball with the mailbox; on the unpatched mutt it reproduces 100% of the time if I view the message's headers. Created attachment 594236 [details]
mailbox with the corrupt message
Taking a look at the patch, I agree it should fix the crash (which it does in my case). Thanks! (In reply to comment #6) > Created attachment 594236 [details] > mailbox with the corrupt message Strange, when I run mutt -f corrupt I still don't see the segfault. But anyway, thanks for your response. (In reply to comment #8) > Strange, when I run mutt -f corrupt I still don't see the segfault. But Did you try to view headers on the corrupt message? (In reply to comment #9) > Did you try to view headers on the corrupt message? Oh, I forgot that the problem was encountered during header viewing, I can reproduce it now. Package mutt-1.5.21-12.fc17: * should fix your issue, * was pushed to the Fedora 17 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing mutt-1.5.21-12.fc17' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-9933/mutt-1.5.21-12.fc17 then log in and leave karma (feedback). mutt-1.5.21-12.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. |