On Thu, Oct 16, 2008 at 11:39 AM, Timo Sirainen <tss@iki.fi> wrote:
On Oct 16, 2008, at 11:33 AM, Diego Liziero wrote:
Today a user got this imap segfault with vanilla 1.1.4 (I don't know
Hmm. And Maildir as topic says?
No, sorry, wrong subject, mbox
#0 0x080c8d41 in message_parse_header_next (ctx=0x8774fa0, hdr_r=0xbfa438e0) at message-header-parser.c:114
p *ctx.input p *ctx.input.real_stream
(gdb) p *ctx.input $1 = {v_offset = 0, stream_errno = 0, mmaped = 0, blocking = 1, closed = 0, seekable = 1, eof = 0, real_stream = 0x8771538} (gdb) p *ctx.input.real_stream $2 = {iostream = {refcount = 3, close = 0x80e3f10 <io_stream_default_close_destroy>, destroy = 0x80c6d50 <i_stream_header_filter_destroy>, set_max_buffer_size = 0x80c6d20 <i_stream_header_filter_set_max_buffer_size>, destroy_callback = 0x8094630 <index_mail_stream_destroy_callback>, destroy_context = 0x8776138}, read = 0x80c6940 <i_stream_header_filter_read>, seek = 0x80c6be0 <i_stream_header_filter_seek>, sync = 0x80c5fa0 <i_stream_header_filter_sync>, stat = 0x80c6b40 <i_stream_header_filter_stat>, istream = {v_offset = 0, stream_errno = 0, mmaped = 0, blocking = 1, closed = 0, seekable = 1, eof = 0, real_stream = 0x8771538}, fd = -1, abs_start_offset = 374333755, statbuf = {st_dev = 0, __pad1 = 0, __st_ino = 0, st_mode = 0, st_nlink = 0, st_uid = 0, st_gid = 0, st_rdev = 0, __pad2 = 0, st_size = -1, st_blksize = 0, st_blocks = 0, st_atim = {tv_sec = 1224104682, tv_nsec = 0}, st_mtim = { tv_sec = 1224104682, tv_nsec = 0}, st_ctim = {tv_sec = 1224104682, tv_nsec = 0}, st_ino = 0}, buffer = 0x0, w_buffer = 0x0, buffer_size = 0, max_buffer_size = 8192, skip = 0, pos = 0, parent = 0x8770fe0, parent_start_offset = 0, line_str = 0x0}
size = 0i_stream_read_data() returned 0 bytes, but
ret = -2it also returned that the input buffer is full. That shouldn't be happening. http://hg.dovecot.org/dovecot-1.1/rev/82d4756f43cc should catch it earlier.
Ok thanks.