Return-Path: <cworth@cworth.org>
X-Original-To: notmuch@notmuchmail.org
Delivered-To: notmuch@notmuchmail.org
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id B155A4196F0
	for <notmuch@notmuchmail.org>; Thu,  3 Jun 2010 16:48:33 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: -2.89
X-Spam-Level: 
X-Spam-Status: No, score=-2.89 tagged_above=-999 required=5
	tests=[ALL_TRUSTED=-1, BAYES_00=-1.9, T_MIME_NO_TEXT=0.01]
	autolearn=ham
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id WziUdAbcfYiw; Thu,  3 Jun 2010 16:48:23 -0700 (PDT)
Received: from yoom.home.cworth.org (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id 0F575431FC1;
	Thu,  3 Jun 2010 16:48:23 -0700 (PDT)
Received: by yoom.home.cworth.org (Postfix, from userid 1000)
	id ACA1D568F2C; Thu,  3 Jun 2010 16:48:22 -0700 (PDT)
From: Carl Worth <cworth@cworth.org>
To: dme@dme.org, notmuch@notmuchmail.org
Subject: Re: [PATCH] notmuch: Fix off-by-one errors if a header is >200
	characters long.
In-Reply-To: <1272451541-6479-1-git-send-email-dme@dme.org>
References: <1272451541-6479-1-git-send-email-dme@dme.org>
User-Agent: Notmuch/0.3.1-22-g1d528f8 (http://notmuchmail.org) Emacs/23.1.1
	(i486-pc-linux-gnu)
Date: Thu, 03 Jun 2010 16:48:16 -0700
Message-ID: <87mxvbfzjz.fsf@yoom.home.cworth.org>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha1; protocol="application/pgp-signature"
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jun 2010 23:48:33 -0000

--=-=-=
Content-Transfer-Encoding: quoted-printable

On Wed, 28 Apr 2010 11:45:41 +0100, dme@dme.org wrote:
> From: David Edmondson <dme@dme.org>
>=20
> If a single header is more than 200 characters long a set of 'off by
> one' errors cause memory corruption.
...
> This is the cause of my segmentation fault (or bus error) during
> `notmuch reply'. The patch is for the 0.3.1 branch, but I'd expect
> that it will apply cleanly to master.

Thanks for the fix, David.

In my testing I found that it was a header of *exactly* 200 bytes that
caused a problem. I added a message with such a header to the test suite
and verified (with valgrind) that the old code was problematic.

I've now pushed out both your fix and the new test case.

=2DCarl (happy to be hacking on notmuch again)

=2D-=20
carl.d.worth@intel.com

--=-=-=
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFMCD9A6JDdNq8qSWgRAutiAJ9VBasMfm7Zk4oKOlUzv/mtuDPs7gCdGCuR
Fn5KuN/v1D3RNpkm/QvF6sA=
=Xv6X
-----END PGP SIGNATURE-----
--=-=-=--