When starting two instances of alpine for the same maildir, second alpine crashes. Problem is in maildir_can_assign_uid() function: pointer returned by readdir() is used after closedir(). CC: gcc-4.4.0 CFLAGS: -O2 -march=i686 GLIBC: GNU C Library stable release version 2.9 Below is the patch: --- maildir.c.orig 2009-08-31 14:49:14.000000000 +0400 +++ maildir.c 2009-08-31 14:50:10.000000000 +0400 @@ -2396,7 +2396,6 @@ || !strncmp(d->d_name, MDUIDTEMP, strlen(MDUIDTEMP))) break; } - closedir(dir); rv = d ? !strncmp(d->d_name, tmp, strlen(tmp)) : 1; createtemp = d ? 0 : 1; if (d && rv == 0){ /* is there a temp file that is not ours? */ @@ -2410,6 +2409,9 @@ unlink(tmp); } } + + closedir(dir); + if(createtemp){ FILE *fp; sprintf(tmp,"%s/%s.%d.%lu", LOCAL->dir, MDUIDTEMP, getpid(), time(0));
(In reply to comment #0) > When starting two instances of alpine for the same maildir, > second alpine crashes. > > Problem is in maildir_can_assign_uid() function: > pointer returned by readdir() is used after closedir(). Thank you for your message. You are right about the problem and the solution. I have posted a new patch to solve this problem. -- Eduardo
Thanks. Bumped to -r2.
