Debian Bug report logs -
#517457
mailutils: "readmsg -a foo" segfaults
Reported by: Steve Cotton <steve0001@s.cotton.clara.co.uk>
Date: Fri, 27 Feb 2009 21:42:12 UTC
Severity: normal
Tags: patch
Found in version mailutils/1:2.0+dfsg1-1
Fixed in version mailutils/1:2.1+dfsg1-2
Done: Jordi Mallach <jordi@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Jordi Mallach <jordi@debian.org>:
Bug#517457; Package mailutils.
(Fri, 27 Feb 2009 21:42:22 GMT) (full text, mbox, link).
Acknowledgement sent
to Steve Cotton <steve0001@s.cotton.clara.co.uk>:
New Bug report received and forwarded. Copy sent to Jordi Mallach <jordi@debian.org>.
(Fri, 27 Feb 2009 21:43:12 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: mailutils
Version: 1:2.0+dfsg1-1
Severity: normal
$ readmsg -a foo
segfaults, regardless of the search pattern or mailbox contents.
I can also replicate this with a user who has no mailbox file.
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7b8bc23 in valcvt (sdata=0x7fffffffe650, locus=0x613e68, tgt=0x611724, type=mu_cfg_bool, val=0x0) at cfg_parser.y:926
926 if (val->type != MU_CFG_STRING)
(gdb) bt
#0 0x00007ffff7b8bc23 in valcvt (sdata=0x7fffffffe650, locus=0x613e68, tgt=0x611724, type=mu_cfg_bool, val=0x0) at cfg_parser.y:926
#1 0x00007ffff7b8d83d in parse_param (sdata=0x7fffffffe650, node=0x613e60) at cfg_parser.y:1148
#2 0x00007ffff7b8da82 in _scan_tree_helper (node=0x613e60, data=0x7fffffffe650) at cfg_parser.y:1202
#3 0x00007ffff7b8ae0c in _mu_cfg_preorder_recursive (node=0x613e60, beg=0x7ffff7b8d853 <_scan_tree_helper>, end=0x7ffff7b8dab1 <_scan_tree_end_helper>, data=0x7fffffffe650) at cfg_parser.y:469
#4 0x00007ffff7b8ae4c in mu_cfg_preorder (node=0x613e60, beg=0x7ffff7b8d853 <_scan_tree_helper>, end=0x7ffff7b8dab1 <_scan_tree_end_helper>, data=0x7fffffffe650) at cfg_parser.y:479
#5 0x00007ffff7b8dc03 in mu_cfg_scan_tree (tree=0x613590, sections=0x613440, target=0x0, data=0x7fffffffec6f) at cfg_parser.y:1257
#6 0x00007ffff7b8626f in mu_cfg_tree_reduce (parse_tree=0x613590, progname=0x7fffffffec6f "readmsg", progparam=0x60faa0, flags=0, target_ptr=0x0) at cfg_driver.c:606
#7 0x0000000000405327 in ?? ()
#8 0x0000000000403939 in ?? ()
#9 0x00007ffff39e75a6 in __libc_start_main (main=0x403830 <mu_cfg_destroy_tree@plt+872>, argc=3, ubp_av=0x7fffffffea08, init=0x40c270, fini=<value optimized out>, rtld_fini=<value optimized out>, stack_end=0x7fffffffe9f8) at libc-start.c:222
#10 0x0000000000403509 in ?? ()
#11 0x00007fffffffe9f8 in ?? ()
#12 0x000000000000001c in ?? ()
#13 0x0000000000000003 in ?? ()
#14 0x00007fffffffec66 in ?? ()
#15 0x00007fffffffec77 in ?? ()
#16 0x00007fffffffec7a in ?? ()
#17 0x0000000000000000 in ?? ()
(gdb) frame 1
#1 0x00007ffff7b8d83d in parse_param (sdata=0x7fffffffe650, node=0x613e60) at cfg_parser.y:1148
1148 return valcvt (sdata, &node->locus, tgt, clos.type, node->label);
(gdb) print *node
$1 = {next = 0x0, locus = {file = 0x40c72a "command line", line = 0}, type = mu_cfg_node_param, tag = 0x613e98 "show-all-match", label = 0x0, node = 0x0}
Frame 1's node->label is the troublesome null pointer in frame 0.
Quirks of my system:
mailutils has been installed with --force-overwrite for #516541
mailutils FTBFS until I commented out the AM_GNU_RADIUS section of configure.ac
(however the reported bug happens with the normal archive package)
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (990, 'unstable') (some experimental packages installed too)
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages mailutils depends on:
ii exim4 4.69-9 metapackage to ease Exim MTA (v4)
ii exim4-daemon-light [m 4.69-9 lightweight Exim MTA (v4) daemon
ii guile-1.8-libs 1.8.5+1-4.1 Main Guile libraries
ii libc6 2.9-3 GNU C Library: Shared libraries
ii libcomerr2 1.41.3-1 common error description library
ii libfribidi0 0.10.9-1 Free Implementation of the Unicode
ii libgcrypt11 1.4.4-2 LGPL Crypto library - runtime libr
ii libgdbm3 1.8.3-4 GNU dbm database routines (runtime
ii libgmp3c2 2:4.2.4+dfsg-2 Multiprecision arithmetic library
ii libgnutls26 2.6.4-2 the GNU TLS library - runtime libr
ii libgpg-error0 1.4-2 library for common error values an
ii libgsasl7 0.2.26-2 GNU SASL library
ii libidn11 1.12-1 GNU Libidn library, implementation
ii libkrb53 1.6.dfsg.4~beta1-6 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.15-1 OpenLDAP libraries
ii libltdl3 1.5.26-4 A system independent dlopen wrappe
ii libmailutils2 1:2.0+dfsg1-1 GNU Mail abstraction library
ii libmysqlclient15off 5.0.77-1 MySQL database client library
ii libncurses5 5.7+20090221-1 shared libraries for terminal hand
ii libntlm0 0.3.13-1 NTLM authentication library
ii libpam0g 1.0.1-5 Pluggable Authentication Modules l
ii libreadline5 5.2-3.1 GNU readline and history libraries
ii libtasn1-3 1.8-1 Manage ASN.1 structures (runtime)
ii libwrap0 7.6.q-16 Wietse Venema's TCP wrappers libra
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
mailutils recommends no packages.
Versions of packages mailutils suggests:
pn mailutils-mh <none> (no description available)
-- no debconf information
Information forwarded
to debian-bugs-dist@lists.debian.org, Jordi Mallach <jordi@debian.org>:
Bug#517457; Package mailutils.
(Sat, 07 Mar 2009 15:54:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Steve Cotton <steve0001@s.cotton.clara.co.uk>:
Extra info received and forwarded to list. Copy sent to Jordi Mallach <jordi@debian.org>.
(Sat, 07 Mar 2009 15:54:05 GMT) (full text, mbox, link).
Message #10 received at 517457@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
package mailutils
tags 517457 + patch
done
readmsg.c parses its command line in to option-value pairs, which
it then parses a second time. Options without arguments need a
fake argument added in the first parse, otherwise the second parse
segfaults. Patch attached.
It also appears to embed bits of libc's getopt (in the lib/getopt*
files) instead of using the system library.
Steve
[mailutils_517457_readmsg_command_line_segfaults.patch (text/x-diff, attachment)]
Tags added: patch
Request was from Steve Cotton <steve0001@s.cotton.clara.co.uk>
to control@bugs.debian.org.
(Sat, 07 Mar 2009 15:54:06 GMT) (full text, mbox, link).
Added tag(s) pending.
Request was from Jordi Mallach <jordi@debian.org>
to control@bugs.debian.org.
(Wed, 28 Oct 2009 23:15:06 GMT) (full text, mbox, link).
Reply sent
to Jordi Mallach <jordi@debian.org>:
You have taken responsibility.
(Thu, 29 Oct 2009 22:03:35 GMT) (full text, mbox, link).
Notification sent
to Steve Cotton <steve0001@s.cotton.clara.co.uk>:
Bug acknowledged by developer.
(Thu, 29 Oct 2009 22:03:35 GMT) (full text, mbox, link).
Message #19 received at 517457-close@bugs.debian.org (full text, mbox, reply):
Source: mailutils
Source-Version: 1:2.1+dfsg1-2
We believe that the bug you reported is fixed in the latest version of
mailutils, which is due to be installed in the Debian FTP archive:
libmailutils-dev_2.1+dfsg1-2_i386.deb
to main/m/mailutils/libmailutils-dev_2.1+dfsg1-2_i386.deb
libmailutils2_2.1+dfsg1-2_i386.deb
to main/m/mailutils/libmailutils2_2.1+dfsg1-2_i386.deb
mailutils-comsatd_2.1+dfsg1-2_i386.deb
to main/m/mailutils/mailutils-comsatd_2.1+dfsg1-2_i386.deb
mailutils-guile_2.1+dfsg1-2_i386.deb
to main/m/mailutils/mailutils-guile_2.1+dfsg1-2_i386.deb
mailutils-imap4d_2.1+dfsg1-2_i386.deb
to main/m/mailutils/mailutils-imap4d_2.1+dfsg1-2_i386.deb
mailutils-mh_2.1+dfsg1-2_i386.deb
to main/m/mailutils/mailutils-mh_2.1+dfsg1-2_i386.deb
mailutils-pop3d_2.1+dfsg1-2_i386.deb
to main/m/mailutils/mailutils-pop3d_2.1+dfsg1-2_i386.deb
mailutils_2.1+dfsg1-2.diff.gz
to main/m/mailutils/mailutils_2.1+dfsg1-2.diff.gz
mailutils_2.1+dfsg1-2.dsc
to main/m/mailutils/mailutils_2.1+dfsg1-2.dsc
mailutils_2.1+dfsg1-2_i386.deb
to main/m/mailutils/mailutils_2.1+dfsg1-2_i386.deb
python-mailutils_2.1+dfsg1-2_i386.deb
to main/m/mailutils/python-mailutils_2.1+dfsg1-2_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 517457@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jordi Mallach <jordi@debian.org> (supplier of updated mailutils package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 28 Oct 2009 13:55:24 +0100
Source: mailutils
Binary: libmailutils2 libmailutils-dev mailutils mailutils-imap4d mailutils-pop3d mailutils-comsatd mailutils-guile mailutils-mh python-mailutils
Architecture: source i386
Version: 1:2.1+dfsg1-2
Distribution: unstable
Urgency: low
Maintainer: Jordi Mallach <jordi@debian.org>
Changed-By: Jordi Mallach <jordi@debian.org>
Description:
libmailutils-dev - Development files for GNU mailutils
libmailutils2 - GNU Mail abstraction library
mailutils - GNU mailutils utilities for handling mail
mailutils-comsatd - GNU mailutils-based comsatd daemon
mailutils-guile - GNU mailutils Guile interpreter and modules
mailutils-imap4d - GNU mailutils-based IMAP4 Daemon
mailutils-mh - GNU mailutils-based MH utilities
mailutils-pop3d - GNU mailutils-based POP3 Daemon
python-mailutils - GNU Mail abstraction library (Python interface)
Closes: 517457
Changes:
mailutils (1:2.1+dfsg1-2) unstable; urgency=low
.
* Correct dependency on libmailutils-dev for mailutils-guile.
* Build-Depend on guile-1.8 (>= 1.8.7+1-1.1), which has transitioned
to readline6, to fix builds in buildds.
* Use gawk in the get-orig-source target; as this isn't used during the
build, we're not adding build deps, although it currently does not work
with mawk.
* Drop .la files from libmailutils-dev.
* Add readmsg_command_line_segfaults.diff by Steve Cotton to fix a
segfault in readmsg when using the -a and -p options (closes: #517457).
Thanks!
Checksums-Sha1:
0d0ed91891049e0f6072397f20ac183e195b1400 1702 mailutils_2.1+dfsg1-2.dsc
d0e5b097a8eb90056091cc9207fecf71c6360e76 25069 mailutils_2.1+dfsg1-2.diff.gz
7ca8ee0013edae70ce92b92516061366a8c74f0e 1042594 libmailutils2_2.1+dfsg1-2_i386.deb
8e75f9892d5b003422381c40fe2f6f18562a631b 801204 libmailutils-dev_2.1+dfsg1-2_i386.deb
8247848b12b15afc76f1bb8b5ed35eced16901dd 650054 mailutils_2.1+dfsg1-2_i386.deb
416dec0cbd3d659bd2aeef9044eb1690986f441a 339874 mailutils-imap4d_2.1+dfsg1-2_i386.deb
d2d4a6624a161f7f4c09e534e7be8461b8a1c23a 339842 mailutils-pop3d_2.1+dfsg1-2_i386.deb
66df27be7936ff01157e47acc7477291a24fc577 301438 mailutils-comsatd_2.1+dfsg1-2_i386.deb
b3f660e962cd64fdb4759199842967173630c500 317238 mailutils-guile_2.1+dfsg1-2_i386.deb
37744894bb2a074b7fdcaa339ce194b712db40df 1462752 mailutils-mh_2.1+dfsg1-2_i386.deb
186cd7732042b2aa9adb2dbf2214a6c22c9b05f8 276968 python-mailutils_2.1+dfsg1-2_i386.deb
Checksums-Sha256:
0eda69eaaa2bdaa9dc72109087c226a20eba3b5b89dab6c17ac9bf1f0f827af8 1702 mailutils_2.1+dfsg1-2.dsc
f06e8958c9c5525595a4b44ed8f5fa00266d6de3361c60990602cdfc3835606f 25069 mailutils_2.1+dfsg1-2.diff.gz
cd4a584abb3a0c14a002cc0badbbfa982d0600a214f122d563aa5a186d95131f 1042594 libmailutils2_2.1+dfsg1-2_i386.deb
aaffda83ed8f4b4896e490ca779701597813eeb110cfcd4424e86a2add28891c 801204 libmailutils-dev_2.1+dfsg1-2_i386.deb
1a6bae5735b2f80cece983773b96c18f90ed5cea189716f98791d936d56d019c 650054 mailutils_2.1+dfsg1-2_i386.deb
a440149188d842e97cd0f69f4a9ee8d87667c3377014f48a5adc7d0ef3ab82fb 339874 mailutils-imap4d_2.1+dfsg1-2_i386.deb
f6b70eefa4adc272ea664f52578460fc2a68f7f0d81ceac7978fb94f9f5e70ce 339842 mailutils-pop3d_2.1+dfsg1-2_i386.deb
0d560abb960659b0f45f23be8cf9c01f5d757bc9a9041dfafd7e69abe88b5c85 301438 mailutils-comsatd_2.1+dfsg1-2_i386.deb
9497baf2809544bbbbd59ec030467d25578258cfcdaf9ef39b0460e1ba76a044 317238 mailutils-guile_2.1+dfsg1-2_i386.deb
68795e107b816bcbb437082bc49c35208742be1015b2a58918c83e7861c0c6df 1462752 mailutils-mh_2.1+dfsg1-2_i386.deb
4679b965adbda41dc141fd099f9759d3c439b44036d927c0b9c555c7ab9eab7e 276968 python-mailutils_2.1+dfsg1-2_i386.deb
Files:
08752dc792b1405128dc3f621859b00f 1702 mail optional mailutils_2.1+dfsg1-2.dsc
c4b044e7d0af868a29d413338314f833 25069 mail optional mailutils_2.1+dfsg1-2.diff.gz
739e28d00dce81c1cc4491f3905afbeb 1042594 libs optional libmailutils2_2.1+dfsg1-2_i386.deb
329253df7204554c79ca87b69889bf1f 801204 libdevel optional libmailutils-dev_2.1+dfsg1-2_i386.deb
e712d6eb9688bcb07c70b66bc89bb51f 650054 mail optional mailutils_2.1+dfsg1-2_i386.deb
ca927b86cbf825070afc6814af2193e4 339874 net optional mailutils-imap4d_2.1+dfsg1-2_i386.deb
7091e1fe4c27e4c6ffdc069b1db0a873 339842 net optional mailutils-pop3d_2.1+dfsg1-2_i386.deb
645cc75a5d58ad1903e9716f01f0e16d 301438 net optional mailutils-comsatd_2.1+dfsg1-2_i386.deb
242f78e7ebb5cde7af86c6e06382bb53 317238 mail optional mailutils-guile_2.1+dfsg1-2_i386.deb
a7233b8dc13be6cfb3fd46562f8c9173 1462752 mail optional mailutils-mh_2.1+dfsg1-2_i386.deb
3f7c271f80f67ec42344b16e57b68380 276968 python optional python-mailutils_2.1+dfsg1-2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkrox7QACgkQJYSUupF6Il7ZQwCgt/flV3kAhYTm7Z9fWnZeyP4N
aTkAni8qw+Rmay+Y8XyuSShCZWQ7jqfN
=wyZC
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Fri, 15 Jan 2010 07:31:12 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Sat Dec 23 09:15:17 2023;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.