After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 514771 - segfault in TNEF Attachment decoder
segfault in TNEF Attachment decoder
Status: RESOLVED FIXED
Product: evolution
Classification: Applications
Component: Mailer
2.12.x (obsolete)
Other All
: Normal critical
: ---
Assigned To: evolution-mail-maintainers
Evolution QA team
Depends on:
Blocks:
 
 
Reported: 2008-02-06 15:02 UTC by Paul Bolle
Modified: 2008-02-07 10:35 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
patch regarding segfault in TNEF Attachment decode (725 bytes, patch)
2008-02-06 15:03 UTC, Paul Bolle 		committed Details | Review

Description Paul Bolle 2008-02-06 15:02:02 UTC 
Steps to reproduce:
1. $ evolution 
[...]
/home/peb/.evolution/cache/tmp/tnef-attachment-PuwNza/calendar.vcf
Segmentation fault (core dumped)
2. 
3. 


Stack trace:
Core was generated by `evolution'.
Program terminated with signal 11, Segmentation fault.

+ Trace 188299

  • #0 printRtf
    at tnef-plugin.c line 1316
  • #0 printRtf
    at tnef-plugin.c line 1316
  • #1 saveVCalendar
    at tnef-plugin.c line 1033
  • #2 processTnef
    at tnef-plugin.c line 227
  • #3 org_gnome_format_tnef
    at tnef-plugin.c line 100
  • #4 epl_invoke
    at e-plugin.c line 893
  • #5 e_plugin_invoke
    at e-plugin.c line 667
  • #6 emfh_format_format
    at em-format-hook.c line 78
  • #7 efhd_format_attachment
    at em-format-html-display.c line 2434
  • #8 em_format_part_as
    at em-format.c line 633
  • #9 em_format_part
    at em-format.c line 652
  • #10 emf_multipart_mixed
    at em-format.c line 1256
  • #11 em_format_part_as
    at em-format.c line 625
  • #12 em_format_part
    at em-format.c line 652
  • #13 efh_format_message
    at em-format-html.c line 2008
  • #14 efh_format_exec
    at em-format-html.c line 1254
  • #15 mail_msg_proxy
    at mail-mt.c line 500
  • #16 ??
    from /lib/libglib-2.0.so.0
  • #17 ??
    from /lib/libglib-2.0.so.0
  • #18 start_thread
    from /lib/libpthread.so.0
  • #19 clone
    from /lib/libc.so.6 


Other information:
Further evidence:
(gdb) info locals
index = 167752
byte = 0x99bc000 <Address 0x99bc000 out of bounds>
brace_ct = -20
key = 0

I'll attach a (trivial) patch that fixed this crasher for me.
Comment 1 Paul Bolle 2008-02-06 15:03:39 UTC 
Created attachment 104564 [details] [review]
patch regarding segfault in TNEF Attachment decode

Trivial.
Comment 2 Srinivasa Ragavan 2008-02-07 04:36:30 UTC 
Looks fine to commit. If you don't have commit rights, we will commit it for 2.21.91 just before the release. Thanks for the patch.
Comment 3 Paul Bolle 2008-02-07 08:16:37 UTC 
No, I do not have commit rights.
Comment 4 Suman Manjunath 2008-02-07 10:35:59 UTC 
Patch committed to SVN trunk as r34969
(http://svn.gnome.org/viewvc/evolution?view=revision&revision=34969)