[Users] [Bug 3146] New: Memory corruption when deleting a message from folder

noreply at thewildbeast.co.uk noreply at thewildbeast.co.uk
Sat Apr 19 22:58:56 CEST 2014 

http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3146

            Bug ID: 3146
           Summary: Memory corruption when deleting a message from folder
    Classification: Unclassified
           Product: Claws Mail
           Version: 3.9.3
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: critical
          Priority: P3
         Component: Folders/IMAP
          Assignee: users at lists.claws-mail.org
          Reporter: deweloper at wp.pl

Using claws-mail-3.9.3-1.fc20.i686
1. Click on a newly received e-mail to open it
2. Press "delete" immediately

==00:00:35:22.984 1629== Thread 1:
==00:00:35:23.031 1629== Invalid write of size 4
==00:00:35:23.031 1629==    at 0x80ECB8F: imap_change_flags (imap.c:4876)
==00:00:35:23.031 1629==    by 0x80CD4CF: folder_item_change_msg_flags
(folder.c:3888)
==00:00:35:23.031 1629==    by 0x819DA09: procmsg_msginfo_unset_flags
(procmsg.c:2057)
==00:00:35:23.031 1629==    by 0x81B4A4E: summary_msginfo_unset_flags
(summaryview.c:3438)
==00:00:35:23.031 1629==    by 0x81B9EDB: msginfo_mark_as_read
(summaryview.c:3523)
==00:00:35:23.031 1629==    by 0x81B9F9C: msginfo_mark_as_read_timeout
(summaryview.c:3541)
==00:00:35:23.031 1629==    by 0x48066261: g_timeout_dispatch (gmain.c:4451)
==00:00:35:23.031 1629==    by 0x48065555: g_main_context_dispatch
(gmain.c:3066)
==00:00:35:23.031 1629==    by 0x4806591F: g_main_context_iterate.isra.23
(gmain.c:3713)
==00:00:35:23.031 1629==    by 0x480659E8: g_main_context_iteration
(gmain.c:3774)
==00:00:35:23.032 1629==    by 0x4372D981: gtk_main_iteration (gtkmain.c:1345)
==00:00:35:23.032 1629==    by 0x822E5D4: threaded_run (imap-thread.c:440)
==00:00:35:23.032 1629==  Address 0x451911c is 28 bytes inside a block of size
128 free'd
==00:00:35:23.032 1629==    at 0x4007BCD: free (in
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==00:00:35:23.032 1629==    by 0x4806B631: g_free (gmem.c:197)
==00:00:35:23.032 1629==    by 0x81BEAFE: summary_execute (summaryview.c:5130)
==00:00:35:23.032 1629==    by 0x81C26EF: summary_move_selected_to
(summaryview.c:4570)
==00:00:35:23.032 1629==    by 0x81C2883: summary_delete_trash
(summaryview.c:4450)
==00:00:35:23.032 1629==    by 0x81D05AA: toolbar_trash_cb (toolbar.c:1148)
==00:00:35:23.032 1629==    by 0x48187548: g_cclosure_marshal_VOID__VOIDv
(gmarshal.c:115)
==00:00:35:23.032 1629==    by 0x48185A25: _g_closure_invoke_va
(gclosure.c:840)
==00:00:35:23.032 1629==    by 0x4819FA82: g_signal_emit_valist
(gsignal.c:3238)
==00:00:35:23.032 1629==    by 0x481A0B80: g_signal_emit_by_name
(gsignal.c:3426)
==00:00:35:23.032 1629==    by 0x438264EB: button_clicked (gtktoolbutton.c:773)
==00:00:35:23.033 1629==    by 0x48187548: g_cclosure_marshal_VOID__VOIDv
(gmarshal.c:115)

While program hasn't crashed immediately, each such a heap corruption (invalid
write) may lead to a crash during one of following calls to malloc(), like in
bug 3145.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the Users mailing list