From Bugzilla Helper: User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.4.7 i686) Description of problem: From elm-2.5.5-tempnam.patch for sndpart_lib.c: - if ((fname_tmp = tempnam(temp_dir, "fil.")) != NULL) { - MIME_FILE_CMD(buf, part->fname, fname_tmp); + if(fname_tmp) + free(fname_tmp); fname_tmp is not allocated for the free() resulting in a segfault when using the ``attach'' feature of elm. Suggestion: Why not just make fname_tmp an auto array and lose the ``calloc()'' call? Furthermore, what does ``calloc()'' buy in terms of safety? ``snprint()'' is already being used to confine the number of characters written to the buffer...and it will null terminate the string. How reproducible: Always Steps to Reproduce: 1. Send mail using elm 2. Select attachment option 3. Specify a valid file Actual Results: Crash -- I've since changed fname_tmp to an auto array, avoiding the calloc/free traps and it now works without fault in this context. Expected Results: The elm application should have ``attached'' (encoded) the file to the e-mail message. Additional info:
*** This bug has been marked as a duplicate of 49566 ***