On Sun, Feb 21, 1999 at 02:53:21PM -0800, Daniel Eisenbud <[EMAIL PROTECTED]>
wrote:
> On Sun, Feb 21, 1999 at 02:46:36PM -0800, Daniel Eisenbud
><[EMAIL PROTECTED]> wrote:
> > On Sun, Feb 21, 1999 at 07:48:49PM +0000, Raimar Falke <[EMAIL PROTECTED]>
>wrote:
> > >
> > > Hello
> > >
> > > I don't know if this is a known problem, but after a wrote a email mutt
> > > crashes with an segfault in:
[...]
> > These routines should only be called when the mailbox is modified, not
> > when mail has just been appended to it by procmail.
> >
> > > It looks like locking doesn't work like it should. Are there ways to
> > > prevent this?
> >
> > I think locking is working just fine. However, I have seen this
> > coredump in the reopen code for a long time, every once in a while. I
> > had really hoped that someone had fixed it in my absence from mutt-dev,
> > but it appears not. I'll try to look into this... It may be a hrard
> > one to trace, though.
>
> Aargh! Memory corruption, it looks like. I'll try to trace it a bit
> more by hand, then use our local purify lookalike to do some more
> testing if I can't find it. Anyone have a real copy of purify that they
> can run this under if I can find a way to reproduce the bug?
Got it! This could actually happen any time the mailbox had more
messages after being reopened, but it seems to have been common only in
extreme cases. This bug has been around for a long time now -- I
believe I reported it more than a year ago, maybe significantly longer
than that. Anyway, it was annoying, and I'm glad it's gone (of course,
it's possible that there are more problems lurking around there, but
that code is surprisingly straightforward, so I think this was probably
what was causing all the problems. (BTW, it was not memory corruption
as such, just that we could read way past the end of an array in some
cases.)
This patch should probably apply cleanly against 0.96 as well.
-Daniel
--
Daniel Eisenbud
[EMAIL PROTECTED]
--- mbox.c.orig Sun Feb 21 16:24:16 1999
+++ mbox.c Sun Feb 21 16:24:20 1999
@@ -1107,7 +1107,7 @@ int mutt_reopen_mailbox (CONTEXT *ctx, i
}
if (!found)
{
- for (j = 0; j < i; j++)
+ for (j = 0; j < i && j < old_msgcount; j++)
{
if (old_hdrs[j] == NULL)
continue;
