'[Bug 68801] New: kmail crashes in KMFolderMbox::addMsg() due to'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-bugs-dist
Subject:    [Bug 68801] New: kmail crashes in KMFolderMbox::addMsg() due to
From:       Torsten Kasch <tk () Genetik ! Uni-Bielefeld ! DE>
Date:       2003-11-22 16:17:48
[Download RAW message or body]

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
     
http://bugs.kde.org/show_bug.cgi?id=68801     
           Summary: kmail crashes in KMFolderMbox::addMsg() due to NULL
                    pointer in fprintf() args
           Product: kmail
           Version: unspecified
          Platform: Compiled Sources
        OS/Version: Solaris
            Status: UNCONFIRMED
          Severity: normal
          Priority: NOR
         Component: general
        AssignedTo: kmail@kde.org
        ReportedBy: tk@Genetik.Uni-Bielefeld.DE


Version:            (using KDE Devel)
Installed from:    Compiled sources
Compiler:          gcc version 2.95.3 
OS:          Solaris

KMail crashes reproducibly on my Solaris 8 x86 box when fetching the message list for \
my INBOX via IMAP. Here is the backtrace:

--- snip ---
(no debugging symbols found)...(no debugging symbols found)...
sol-thread active.
Retry #1:
Retry #2:
Retry #3:
Retry #4:
[New LWP    1        ]
[New Thread 1 (LWP 1)]
[Switching to Thread 1 (LWP 1)]
0xdda1b14c in _waitid () from /usr/lib/libc.so.1
#0  0xdda1b14c in _waitid () from /usr/lib/libc.so.1
#1  0xdda33c2f in _waitpid () from /usr/lib/libc.so.1
#2  0xdd717f24 in waitpid () from /usr/lib/libthread.so.1
#3  0xdd707a4f in __sighndlr () from /usr/lib/libthread.so.1
#4  0xdd715b3d in sigacthandler () from /usr/lib/libthread.so.1
#5  <signal handler called>
#6  0xdda0d3b1 in strlen () from /usr/lib/libc.so.1
#7  0xdda3ede6 in fprintf () from /usr/lib/libc.so.1
#8  0xdfa49da5 in KMFolderMbox::addMsg ()
   from /vol/kde-cvs/lib/libkmailprivate.so.0
#9  0xdfa5361a in KMFolderImap::slotGetMessagesData ()
   from /vol/kde-cvs/lib/libkmailprivate.so.0
#10 0xdfa57d0d in KMFolderImap::qt_invoke ()
   from /vol/kde-cvs/lib/libkmailprivate.so.0
#11 0xdded29af in QObject::activate_signal (this=0x8a2e498, clist=0x8afc3d0, 
    o=0x80467f0) at kernel/qobject.cpp:2333
#12 0xdec216e7 in KIO::TransferJob::data (this=0x8a2e498, t0=0x8a2e498, 
    t1=@0x8046b54) at jobclasses.moc:722
#13 0xdec10be5 in KIO::TransferJob::slotData (this=0x8a2e498, _data=@0x8046b54)
    at job.cpp:790
#14 0xdec21c37 in KIO::TransferJob::qt_invoke (this=0x8a2e498, _id=18, 
    _o=0x8046954) at jobclasses.moc:801
#15 0xdded29af in QObject::activate_signal (this=0x83a2e58, clist=0x815ee68, 
    o=0x8046954) at kernel/qobject.cpp:2333
#16 0xdec02877 in KIO::SlaveInterface::data (this=0x83a2e58, t0=@0x8046b54)
    at slaveinterface.moc:194
#17 0xdebffa9c in KIO::SlaveInterface::dispatch (this=0x83a2e58, _cmd=100, 
    rawdata=@0x8046b54) at slaveinterface.cpp:246
#18 0xdebff64c in KIO::SlaveInterface::dispatch (this=0x83a2e58)
    at slaveinterface.cpp:191
#19 0xdebfc749 in KIO::Slave::gotInput (this=0x83a2e58) at slave.cpp:294
#20 0xdebfe9d1 in KIO::Slave::qt_invoke (this=0x83a2e58, _id=4, _o=0x8046cb4)
    at slave.moc:113
#21 0xdded29af in QObject::activate_signal (this=0x83a2de0, clist=0x88ef510, 
    o=0x8046cb4) at kernel/qobject.cpp:2333
#22 0xdded2dd4 in QObject::activate_signal (this=0x83a2de0, signal=2, param=20)
    at kernel/qobject.cpp:2426
#23 0xde24d9de in QSocketNotifier::activated (this=0x83a2de0, t0=20)
    at .moc/debug-shared-mt/moc_qsocketnotifier.cpp:85
#24 0xddef135e in QSocketNotifier::event (this=0x83a2de0, e=0x8046f88)
    at kernel/qsocketnotifier.cpp:268
#25 0xdde6a1c7 in QApplication::internalNotify (this=0x80472a0, 
    receiver=0x83a2de0, e=0x8046f88) at kernel/qapplication.cpp:2582
#26 0xdde6923b in QApplication::notify (this=0x80472a0, receiver=0x83a2de0, 
    e=0x8046f88) at kernel/qapplication.cpp:2305
#27 0xde711ab9 in KApplication::notify (this=0x80472a0, receiver=0x83a2de0, 
    event=0x8046f88) at kapplication.cpp:509
#28 0xde24417b in QApplication::sendEvent (receiver=0x83a2de0, event=0x8046f88)
    at .moc/debug-shared-mt/../../kernel/qapplication.h:490
#29 0xdde579b8 in QEventLoop::activateSocketNotifiers (this=0x8078e60)
    at kernel/qeventloop_unix.cpp:579
#30 0xdde0ec94 in QEventLoop::processEvents (this=0x8078e60, flags=4)
    at kernel/qeventloop_x11.cpp:340
#31 0xdde81080 in QEventLoop::enterLoop (this=0x8078e60)
    at kernel/qeventloop.cpp:198
#32 0xdde80fa9 in QEventLoop::exec (this=0x8078e60)
    at kernel/qeventloop.cpp:145
#33 0xdde6a3a5 in QApplication::exec (this=0x80472a0)
    at kernel/qapplication.cpp:2705
#34 0x0804b996 in main ()
#35 0x0804ac0b in _start ()
--- snip ---

This seems to happen due to a message with the following header:

	From: FirstName LastName <>

This is due to the fprintf() statement in KMFolderMbox::addMsg() \
(kmail/kmfoldermbox.cpp); obviously aMsg->fromEmail() may be NULL which causes a SEGV \
in fprintf().

Replacing

	aMsg->fromEmail()

in fptintf()'s arguments with

	aMsg->fromEmail() ? (const char *)aMsg->fromEmail() : ""

fixed this problem for me.


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic