From 03fe48a629c4fa0da88732c5664269502eb9b25a Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sat, 20 Jul 2013 11:02:24 +2000 Subject: [PATCH] Re: segmentation fault caused by empty application/pgp-signature part --- 80/ff2123151d939ea003018f57d049d53cdaac06 | 147 ++++++++++++++++++++++ 1 file changed, 147 insertions(+) create mode 100644 80/ff2123151d939ea003018f57d049d53cdaac06 diff --git a/80/ff2123151d939ea003018f57d049d53cdaac06 b/80/ff2123151d939ea003018f57d049d53cdaac06 new file mode 100644 index 000000000..68007b79b --- /dev/null +++ b/80/ff2123151d939ea003018f57d049d53cdaac06 @@ -0,0 +1,147 @@ +Return-Path: +X-Original-To: notmuch@notmuchmail.org +Delivered-To: notmuch@notmuchmail.org +Received: from localhost (localhost [127.0.0.1]) + by olra.theworths.org (Postfix) with ESMTP id C5E70431FD0 + for ; Fri, 19 Jul 2013 08:02:38 -0700 (PDT) +X-Virus-Scanned: Debian amavisd-new at olra.theworths.org +X-Spam-Flag: NO +X-Spam-Score: 0 +X-Spam-Level: +X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none] + autolearn=disabled +Received: from olra.theworths.org ([127.0.0.1]) + by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id V8oTszW7zJhz for ; + Fri, 19 Jul 2013 08:02:31 -0700 (PDT) +Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) + by olra.theworths.org (Postfix) with ESMTP id 2C754431FC2 + for ; Fri, 19 Jul 2013 08:02:31 -0700 (PDT) +Received: from [192.168.13.183] (lair.fifthhorseman.net [108.58.6.98]) + by che.mayfirst.org (Postfix) with ESMTPSA id EDB51F984 + for ; Fri, 19 Jul 2013 11:02:25 -0400 (EDT) +Message-ID: <51E95500.8000404@fifthhorseman.net> +Date: Fri, 19 Jul 2013 11:02:24 -0400 +From: Daniel Kahn Gillmor +User-Agent: Mozilla/5.0 (X11; Linux x86_64; + rv:17.0) Gecko/20130630 Icedove/17.0.7 +MIME-Version: 1.0 +To: notmuch +Subject: Re: segmentation fault caused by empty application/pgp-signature part +References: <87mwpiu4vi.fsf@zancas.localnet> +In-Reply-To: <87mwpiu4vi.fsf@zancas.localnet> +X-Enigmail-Version: 1.5.1 +Content-Type: multipart/signed; micalg=pgp-sha512; + protocol="application/pgp-signature"; + boundary="----enig2RGQXRKUTMSJPIALSVVQV" +X-BeenThere: notmuch@notmuchmail.org +X-Mailman-Version: 2.1.13 +Precedence: list +List-Id: "Use and development of the notmuch mail system." + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +X-List-Received-Date: Fri, 19 Jul 2013 15:02:38 -0000 + +This is an OpenPGP/MIME signed message (RFC 4880 and 3156) +------enig2RGQXRKUTMSJPIALSVVQV +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: quoted-printable + +On 07/19/2013 08:10 AM, David Bremner wrote: +>=20 +> The attached message is edited from one I managed to convince notmuch-e= +macs to +> send via some mishap with gpg-agent. It has an empty signature +> part. Clearly this is wrong, but on the other hand, it should not cause= + +> notmuch show --decrypt to segmentation fault. As for the actual creatio= +n +> of the message, I suppose that's more likely a bug in emacs, if +> anything. + +confirmed the bug in notmuch. + +here is the backtrace: + +>> Program received signal SIGSEGV, Segmentation fault. +>> __strcasecmp_l_avx () at ../sysdeps/x86_64/multiarch/strcmp-sse42.S:16= +4 +>> 164 ../sysdeps/x86_64/multiarch/strcmp-sse42.S: No such file or direct= +ory. +>> (gdb) bt +>> #0 __strcasecmp_l_avx () at ../sysdeps/x86_64/multiarch/strcmp-sse42.= +S:164 +>> #1 0x0000000000412973 in notmuch_crypto_get_context (crypto=3D0x7ffff= +fffe248, protocol=3D0x0) at crypto.c:36 +>> #2 0x00000000004123a9 in _mime_node_create (part=3D0x6dc180, parent=3D= +0x66a5a0) at mime-node.c:190 +>> #3 mime_node_child (parent=3Dparent@entry=3D0x66a5a0, child=3Dchild@e= +ntry=3D0) at mime-node.c:310 +>> #4 0x000000000040f3ef in format_part_text (ctx=3D, sp=3D= +0x6695a0, node=3D0x66a5a0, indent=3D0, params=3D0x7fffffffe230) at notmuc= +h-show.c:592 +>> #5 0x000000000040eda9 in show_message (ctx=3Dctx@entry=3D0x6280f0, sp= +=3Dsp@entry=3D0x6695a0, message=3Dmessage@entry=3D0x6697c0, indent=3Dinde= +nt@entry=3D0, params=3Dparams@entry=3D0x7fffffffe230, format=3D0x61bd30 <= +format_text>) +>> at notmuch-show.c:905 +>> #6 0x000000000040ee15 in show_messages (ctx=3Dctx@entry=3D0x6280f0, f= +ormat=3Dformat@entry=3D0x61bd30 , sp=3Dsp@entry=3D0x6695a0, = +messages=3D0x66a3a0, indent=3Dindent@entry=3D0, params=3Dparams@entry=3D0= +x7fffffffe230) +>> at notmuch-show.c:941 +>> #7 0x0000000000410955 in do_show (params=3D0x7fffffffe230, sp=3D0x669= +5a0, format=3D0x61bd30 , query=3D0x643a20, ctx=3D0x6280f0) a= +t notmuch-show.c:1024 +>> #8 notmuch_show_command (ctx=3D0x6280f0, argc=3D, argv= +=3D) at notmuch-show.c:1228 +>> #9 0x000000000040691c in main (argc=3D4, argv=3D0x7fffffffe6a8) at no= +tmuch.c:329 +>> (gdb) up +>> #1 0x0000000000412973 in notmuch_crypto_get_context (crypto=3D0x7ffff= +fffe248, protocol=3D0x0) at crypto.c:36 +>> 36 if ((strcasecmp (protocol, "application/pgp-signature") =3D=3D = +0) +>> (gdb) p protocol +>> $1 =3D 0x0 +>> (gdb)=20 + +Looks like it's a pretty obvious fix -- test protocol for NULL before +strcasecmp'ing it. sorry i don't have time to fix it right now. + + --dkg + + +------enig2RGQXRKUTMSJPIALSVVQV +Content-Type: application/pgp-signature; name="signature.asc" +Content-Description: OpenPGP digital signature +Content-Disposition: attachment; filename="signature.asc" + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.12 (GNU/Linux) +Comment: Using GnuPG with Icedove - http://www.enigmail.net/ + +iQJ8BAEBCgBmBQJR6VUAXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w +ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQjk2OTEyODdBN0FEREUzNzU3RDkxMUVB +NTI0MDFCMTFCRkRGQTVDAAoJEKUkAbEb/fpcon8P/Ri+tmMpvWV24YCgGWr+kaY0 +5sR7Ed1K7umaJwfzHwVwj9IC1uwk/aP6Tr4VD8m5t4Y8raSD82wGPWAPd8WIFFb/ +bOjFu1AuzyU633QPp8n7iF0g9M4iQJ+XfYtIQElq3T5x7/+Q1YVX8fw6fmt6wBTi +pQxZSLHkF6VX2rqUKUgx9RoWaQDIV9OmSUCE4/Qf0PTV6beIp6vlUMdLbCf/AJ3f +WQp14Yq5rFOt1HIspMIlnJJveuvAGRLX4HcJEJWk+IZOWg8hTOZHL6RURhr/yfb6 +kOQTpwLnx64/HltN5qHGGmMvma+bSsLUw9uEIs35mr2cVnBC9YAGrVLAAedFqFXK +icYwSCypNdc4JN9Ei3kYD7xQQY1d8t1nCTwlIPzmjwR+yH9x+W04UyabpBqSMH9h +4z6fJvvFmfLAB1FpSejFsZ607Mg4pCVQcwZLMQjvfxoY2G3kc1SnMINPTHITE7QR +JCrFzZGETHwlHNwbjn4oBATBnwiM5q158Vit5UBJAZZl974OcuPGHYtXxYwMORyx +8M3JJgixtZKehGoyME67xWmnaizkcwtYvDrw3fJWu1zgvzhoumVlI9FaUH4cVNK7 +rIVlAs0L/0jc1U2PXiCL0t4cltt6oyh2uCF6KHgfTXozuURu13srLubi+fa2d7Ix +YQznhCqN0GY5Egt0RSpu +=aKlX +-----END PGP SIGNATURE----- + +------enig2RGQXRKUTMSJPIALSVVQV-- -- 2.26.2