After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 779886 - Add NULL checks to camel_content_type_set_param/camel_content_type_simple
Add NULL checks to camel_content_type_set_param/camel_content_type_simple
Status: RESOLVED FIXED
Product: evolution-data-server
Classification: Platform
Component: Mailer
3.22.x (obsolete)
Other Linux
: Normal critical
: ---
Assigned To: evolution-mail-maintainers
Evolution QA team
Depends on:
Blocks:
 
 
Reported: 2017-03-11 02:29 UTC by Paul Wise
Modified: 2017-03-13 08:45 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
gdb backtrace of the crash (114.44 KB, text/plain)
2017-03-11 02:29 UTC, Paul Wise 		Details

Description Paul Wise 2017-03-11 02:29:10 UTC 
Created attachment 347677 [details]
gdb backtrace of the crash

I got a random crash (SIGSEGV) in evolution. I am using evolution and evolution-data-server 3.22.5-1 and GNOME 3.22 on Debian stretch. If the below gdb backtrace summary and attached full gdb backtrace isn't useful, please close this bug.

Core was generated by `evolution'.
Program terminated with signal SIGSEGV, Segmentation fault.

+ Trace 237242

  • #0 camel_content_type_simple
    at camel-mime-utils.c line 3728
  • #0 camel_content_type_simple
    at camel-mime-utils.c line 3728
  • #1 attachment_load_from_mime_part_thread
    at e-attachment.c line 2188
  • #2 run_in_thread
    at ././gio/gsimpleasyncresult.c line 898
  • #3 io_job_thread
    at ././gio/gioscheduler.c line 85
  • #4 g_task_thread_pool_thread
    at ././gio/gtask.c line 1304
  • #5 g_thread_pool_thread_proxy
    at ././glib/gthreadpool.c line 307
  • #6 g_thread_proxy
    at ././glib/gthread.c line 784
  • #7 start_thread
    at pthread_create.c line 333
  • #8 clone
    at ../sysdeps/unix/sysv/linux/x86_64/clone.S line 105 






Comment 1


Milan Crha





          2017-03-13 08:45:05 UTC
        



Thanks for a bug report. I do not see anything truly obvious for the cause of this. It looks like you received a message which had not set Content-Type header for one of its attachments, or some memory issue happened, like a ref/unref imbalance.

I will add checks which will avoid similar crashes in the future, but I cannot tell whether it'll fix the real cause of the crash. It's also possible it'll just crash slightly later. I cannot tell without a reproducer.

Created commit cab838a in eds master (3.23.92+)
Created commit 3231778 in eds gnome-3-22 (3.22.6+)