1 Return-Path: <todd@electricoding.com>
\r
2 X-Original-To: notmuch@notmuchmail.org
\r
3 Delivered-To: notmuch@notmuchmail.org
\r
4 Received: from localhost (localhost [127.0.0.1])
\r
5 by olra.theworths.org (Postfix) with ESMTP id 7815A431FAF
\r
6 for <notmuch@notmuchmail.org>; Sat, 17 Jan 2015 07:52:29 -0800 (PST)
\r
7 X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
\r
11 X-Spam-Status: No, score=2.438 tagged_above=-999 required=5
\r
12 tests=[DNS_FROM_AHBL_RHSBL=2.438] autolearn=disabled
\r
13 Received: from olra.theworths.org ([127.0.0.1])
\r
14 by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
\r
15 with ESMTP id IZUCpbMXJrov for <notmuch@notmuchmail.org>;
\r
16 Sat, 17 Jan 2015 07:52:26 -0800 (PST)
\r
17 Received: from s75.web-hosting.com (s75.web-hosting.com [198.187.31.9])
\r
18 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
\r
19 (No client certificate requested)
\r
20 by olra.theworths.org (Postfix) with ESMTPS id 2732D431FC2
\r
21 for <notmuch@notmuchmail.org>; Sat, 17 Jan 2015 07:52:26 -0800 (PST)
\r
22 Received: from user-69-73-37-128.knology.net ([69.73.37.128]:46357
\r
23 helo=localhost.localdomain)
\r
24 by server75.web-hosting.com with esmtpsa (UNKNOWN:AES128-SHA256:128)
\r
25 (Exim 4.82) (envelope-from <todd@electricoding.com>)
\r
26 id 1YCVfk-00164v-PJ; Sat, 17 Jan 2015 10:52:24 -0500
\r
27 From: Todd <todd@electricoding.com>
\r
28 To: notmuch@notmuchmail.org
\r
29 Subject: [PATCH v1 1/2] lib: Fix potential invalid read past an empty string
\r
30 Date: Sat, 17 Jan 2015 09:51:45 -0600
\r
31 Message-Id: <1421509906-2153-2-git-send-email-todd@electricoding.com>
\r
32 X-Mailer: git-send-email 1.9.1
\r
33 In-Reply-To: <1421509906-2153-1-git-send-email-todd@electricoding.com>
\r
34 References: <1421509906-2153-1-git-send-email-todd@electricoding.com>
\r
35 X-AntiAbuse: This header was added to track abuse,
\r
36 please include it with any abuse report
\r
37 X-AntiAbuse: Primary Hostname - server75.web-hosting.com
\r
38 X-AntiAbuse: Original Domain - notmuchmail.org
\r
39 X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
\r
40 X-AntiAbuse: Sender Address Domain - electricoding.com
\r
41 X-Get-Message-Sender-Via: server75.web-hosting.com: authenticated_id:
\r
42 todd@electricoding.com
\r
46 X-BeenThere: notmuch@notmuchmail.org
\r
47 X-Mailman-Version: 2.1.13
\r
49 List-Id: "Use and development of the notmuch mail system."
\r
50 <notmuch.notmuchmail.org>
\r
51 List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
\r
52 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
\r
53 List-Archive: <http://notmuchmail.org/pipermail/notmuch>
\r
54 List-Post: <mailto:notmuch@notmuchmail.org>
\r
55 List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
\r
56 List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
\r
57 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
\r
58 X-List-Received-Date: Sat, 17 Jan 2015 15:52:29 -0000
\r
60 ==22884== ERROR: AddressSanitizer: heap-buffer-overflow on address 0x601600008291 at pc 0x7ff6295680e5 bp 0x7fff4ab9aa40 sp 0x7fff4ab9aa08
\r
61 READ of size 1 at 0x601600008291 thread T0
\r
62 #0 0x7ff6295680e4 in __interceptor_strcmp ??:?
\r
63 #1 0x44763b in _thread_add_message /home/todd/.apps/notmuch/lib/thread.cc:255
\r
64 #2 0x4459e8 in notmuch_threads_get /home/todd/.apps/notmuch/lib/query.cc:496
\r
65 #3 0x41e2a7 in do_search_threads /home/todd/.apps/notmuch/notmuch-search.c:131
\r
66 #4 0x40a408 in main /home/todd/.apps/notmuch/notmuch.c:345
\r
67 #5 0x7ff627cb9ec4 in __libc_start_main /build/buildd/eglibc-2.19/csu/libc-start.c:287
\r
68 #6 0x40abf3 in _start ??:?
\r
69 0x601600008291 is located 0 bytes to the right of 97-byte region [0x601600008230,0x601600008291)
\r
70 allocated by thread T0 here:
\r
71 #0 0x7ff62956e41a in malloc ??:?
\r
72 #1 0x7ff628b8ab5d in talloc_strdup ??:?
\r
74 lib/thread.cc | 4 ++--
\r
75 1 file changed, 2 insertions(+), 2 deletions(-)
\r
77 diff --git a/lib/thread.cc b/lib/thread.cc
\r
78 index 4542505..4c49f98 100644
\r
81 @@ -251,8 +251,8 @@ _thread_add_message (notmuch_thread_t *thread,
\r
85 - /* We ignore initial 'K'. */
\r
86 - if (strcmp(tag, (term->string + 1)) == 0) {
\r
87 + /* Check for an empty string, and then ignore initial 'K'. */
\r
88 + if (*(term->string) && strcmp(tag, (term->string + 1)) == 0) {
\r
89 message_excluded = TRUE;
\r