#3971: mutt intermittently segfaults in macOS 10.12.6 during IMAP message 
deletion
---------------------+----------------------
  Reporter:  chdiza  |      Owner:  mutt-dev
      Type:  defect  |     Status:  closed
  Priority:  major   |  Milestone:
 Component:  mutt    |    Version:  1.9.0
Resolution:  fixed   |   Keywords:
---------------------+----------------------
Changes (by Kevin McCarthy <kevin@…>):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 In [changeset:"7155392ed28b7c88f3398e57058434da2484ed6b"
 7159:7155392ed28b]:
 {{{
 #!CommitTicketReference repository=""
 revision="7155392ed28b7c88f3398e57058434da2484ed6b"
 Fix imap sync segfault due to inactive headers during an expunge.  (closes
 #3971)

 Mutt has several places where it turns off h->active as a hack.  For
 example to avoid FLAG updates, or to exclude from imap_exec_msgset.

 Unfortunately, when a reopen is allowed and the IMAP_EXPUNGE_PENDING
 flag becomes set (e.g. a flag update to a modified header),
 imap_expunge_mailbox() will be called by imap_cmd_finish().

 The mx_update_tables() would free and remove these "inactive" headers,
 despite that an EXPUNGE was not received for them.  This would result
 in memory leaks and segfaults due to dangling pointers in the
 msn_index and uid_hash.

 There should probably be a more elegant solution, removing the initial
 hacks.  However, this is causing a segfault, and the best solution
 right now is to turn active back on for non-expunged messages in
 imap_expunge_mailbox().

 Extra thanks to chdiza, who bravely runs tip and found this issue
 quickly.
 }}}

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3971#comment:14>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

Reply via email to