579850 – mail-client/mutt-1.6.0-r1 - segfault with "set sidebar_folder_indent"

Bug 579850 - mail-client/mutt-1.6.0-r1 - segfault with "set sidebar_folder_indent"

Summary: mail-client/mutt-1.6.0-r1 - segfault with "set sidebar_folder_indent"

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	AMD64 Linux

Importance:	Normal normal
Assignee:	Fabian Groffen

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2016-04-13 16:47 UTC by S. Gilles
Modified:	2016-04-15 02:57 UTC (History)
CC List:	2 users (show)

See Also:	559842
Package list:
Runtime testing required:	---

Attachments
Proposed patch (mutt-1.6.0-sidebar-folder-indent-segfault.patch,652 bytes, patch) 2016-04-13 16:48 UTC, S. Gilles	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description S. Gilles 2016-04-13 16:47:47 UTC

If "set sidebar_folder_indent" is present in my .muttrc, then draw_sidebar() of sidebar.c executes if-block which starts around line 759. For some reason, it is possible for tmp_folder_name to be "", so that strlen (tmp_folder_name) - 1 is not the value it's supposed to be, and I get a segfault immediately upon showing the sidebar.

I have tested the attached patch, which fixes the issue in my particular case. If there is an upstream fix (for some definition of upstream), I was not able to find it.

Reproducible: Always

Steps to Reproduce:
1. Use the following .muttrc (I think adding "set sidebar_folder_indent" to any reasonable config will work, but I've tested this one):

----8<--------8<----
set folder = "imaps://XXXXX.XXX/"
set imap_user = "XXXXX@XXXXX.XXX"
set imap_pass = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
set spoolfile = +INBOX
mailboxes = +INBOX =Sent
set ssl_starttls = yes
set ssl_force_tls = no
set header_cache    = ~/.cache/mutt/hcache

# These are the important parts
set sidebar_visible=yes
set sidebar_delim_chars="/"
set sidebar_folder_indent
----8<--------8<----

with e.g.

USE="berkdb crypt gdbm gpg imap libressl nls sasl sidebar smtp ssl -debug -doc -gnutls -idn -kerberos -mbox -nntp -pop -qdbm -selinux -slang -smime -tokyocabinet"


2. Perhaps make sure the IMAP host satisfies some certain requirements?  Google Apps does, and at least one other.
Actual Results:  
Segfault (upon inspection with gdb, tmp_folder_name is "" and i is some huge number).

Expected Results:  
It doesn't segfault.

The attached patch fixes the issue for me.  I suspect that this will be fixed better by the sidebar upstream at some point.

Comment 1 S. Gilles 2016-04-13 16:48:42 UTC

Created attachment 430336 [details, diff]
Proposed patch

Comment 2 S. Gilles 2016-04-13 19:24:22 UTC

Regarding https://bugs.gentoo.org/show_bug.cgi?id=559842 , I did not believe the issues were the same: this segfault is 100% reproducible, and the backtrace points to a different place.  If they are, then I apologize for the noise.

Comment 3 Richard Russon 2016-04-15 01:40:27 UTC

Thanks for the detailed bug report, especially the patch.
I've committed a slightly modified version to the Sidebar branch.

    https://github.com/neomutt/neomutt/tree/feature/sidebar

I'll release a new version of NeoMutt (and patches) shortly.
Then, Fabian can make a new Gentoo Mutt release.

In the mean time, you can work around the problem by stripping any trailing /'s from the end of mailboxes commands:

    set folder="~/mail/folder"
    mailboxes "~/mail/folder/"

This is the sort of thing causing crashes.

Comment 4 S. Gilles 2016-04-15 02:57:05 UTC

Thanks for the workaround.  I can confirm that it (as well as removing `=' as a mailbox) fixes the issue for me.