After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 143252 - crash when MIME component is too short
crash when MIME component is too short
Status: RESOLVED DUPLICATE of bug 125051
Product: Pan
Classification: Other
Component: general
0.14.2
Other Linux
: Normal normal
: ---
Assigned To: Charles Kerr
Pan QA Team
Depends on:
Blocks:
 
 
Reported: 2004-05-27 02:58 UTC by Carl Schaefer
Modified: 2004-12-22 21:47 UTC
See Also:
GNOME target: ---
GNOME version: 2.1/2.2


Description Carl Schaefer 2004-05-27 02:58:31 UTC 
Pan will crash with the following stack trace if a MIME component is
too short (see example article below, following the stack trace).
I've found that adding this line

	g_return_val_if_fail (stream->position <= stream->bound_end, -1);

to the beginning of g_mime_stream_buffer_gets() will avoid the crash.

+ Trace 46923

  • #0 memcpy
    from /lib/i686/libc.so.6
  • #1 stream_read
    at gmime-stream-mem.c line 130
  • #2 g_mime_stream_read
    at gmime-stream.c line 162
  • #3 g_mime_stream_buffer_gets
    at gmime-stream-buffer.c line 533
  • #4 stream_readln
    at util-mime.c line 414
  • #5 separate_encoded_parts
    at util-mime.c line 470
  • #6 handle_inline_encoded_data
    at util-mime.c line 740
  • #7 handle_inline_encoded_data
    at util-mime.c line 717
  • #8 pan_g_mime_parser_construct_message
    at util-mime.c line 986
  • #9 acache_get_message
    at acache.c line 841
  • #10 text_set_from_identifiers
    at text.c line 943
  • #11 articlelist_read_article
    at articlelist.c line 574
  • #12 header_pane_forall_selected
    at articlelist.c line 291
  • #13 articlelist_selection_changed_cb
    at articlelist.c line 1934
  • #14 pan_callback_call
    at pan-callback.c line 63
  • #15 tree_select_row_idle
    at articlelist.c line 2050
  • #16 gui_queue_timer_cb
    at util.c line 225
  • #17 pan_timeout_wrapper
    at util.c line 166
  • #18 g_timeout_dispatch
    from /opt/gnome/lib/libglib-2.0.so.0
  • #19 g_main_dispatch
    from /opt/gnome/lib/libglib-2.0.so.0
  • #20 g_main_context_dispatch
    from /opt/gnome/lib/libglib-2.0.so.0
  • #21 g_main_context_iterate
    from /opt/gnome/lib/libglib-2.0.so.0
  • #22 g_main_loop_run
    from /opt/gnome/lib/libglib-2.0.so.0
  • #23 gtk_main
    from /opt/gnome/lib/libgtk-x11-2.0.so.0
  • #24 main
    at pan.c line 340 

Path: foo!bar!news.POSTED!53ab2750!not-for-mail
Newsgroups: foo.bar
From: foo@bar.com
Subject: foo bar
Mime-Version: 1.0
Content-Type: multipart/mixed;
	boundary="=====================_28438041==_"
Message-ID: <9c8tc.922438$yC6.841163@news>
Date: Wed, 26 May 2004 21:43:33 GMT

--=====================_28438041==_
Content-Type: text/plain; charset="us-ascii"; format=flowed

--=====================_28438041==_
Content-Type: text/plain; charset="us-ascii"; format=flowed

The previous section is too short.

--=====================_28438041==_--
Comment 1 Christophe Lambin 2004-05-29 10:15:46 UTC 

*** This bug has been marked as a duplicate of 125051 ***