Package: mutt
Version: 1.9.1-5
Mutt crashes on this mbox:
$ printf 'From Wed Nov 0 0: 0\nTo:=??B??=:\n' > nullptr.mbox
$ mutt -R -f nullptr.mbox >/dev/null 2>&1
GDB says it's a null pointer dereference in mbox_to_udomain():
(gdb) up
#1 0x566ffd01 in mbox_to_udomain (mbx=<optimized out>,
user=user@entry=0xffe2b4f0, domain=domain@entry=0xffe2b4f4) at ../../mutt_idna.c:53
53 p = strchr (buff, '@');
(gdb) print buff
$1 = 0x0
(gdb) bt
#0 __strchr_sse2_bsf () at
../sysdeps/i386/i686/multiarch/strchr-sse2-bsf.S:97
#1 0x566ffd01 in mbox_to_udomain (mbx=<optimized out>,
user=user@entry=0xffe2b4f0, domain=domain@entry=0xffe2b4f4) at ../../mutt_idna.c:53
#2 0x56700556 in mutt_addr_for_display (a=0x57eb3190) at
../../mutt_idna.c:293
#3 0x566c8e60 in mutt_get_name (a=0x57eb3190) at ../../sort.c:104
#4 0x5668dfb7 in make_from (hdr=0x57eaeea8, buf=buf@entry=0xffe2b63c "Oct 31",
do_lists=<optimized out>, do_lists@entry=1, len=1024) at ../../hdrline.c:121
#5 0x5668f4be in hdr_format_str (dest=0xffe2bbec "", destlen=1024, col=16, cols=80, op=76 'L', src=0x57ea9fa0 "
(%?l?%4l&%4c?) %s", prefix=0xffe2baec "-15.15", ifstring=0xffe2bb6c "", elsestring=0xffe2bfec
"", data=4293051440, flags=(MUTT_FORMAT_MAKEPRINT | MUTT_FORMAT_ARROWCURSOR | MUTT_FORMAT_INDEX)) at ../../hdrline.c:494
#6 0x566d3ee8 in mutt_FormatString (dest=0xffe2c50c " 1 N F Oct 31 \254\311\342\377",
destlen=1023, col=<optimized out>, cols=80, src=<optimized out>, callback=0x5668e280
<hdr_format_str>, data=4293051440, flags=(MUTT_FORMAT_MAKEPRINT | MUTT_FORMAT_ARROWCURSOR |
MUTT_FORMAT_INDEX)) at ../../muttlib.c:1513
#7 0x5668f7e0 in _mutt_make_string (dest=0xffe2c50c " 1 N F Oct 31 \254\311\342\377",
destlen=1024, s=0x57ea9f88 "%4C %Z %{%b %d} %-15.15L (%?l?%4l&%4c?) %s", ctx=0x57eaebf8,
hdr=0x57eb30a8, flags=(MUTT_FORMAT_MAKEPRINT | MUTT_FORMAT_ARROWCURSOR | MUTT_FORMAT_INDEX)) at
../../hdrline.c:779
#8 0x56673794 in index_make_entry (s=0xffe2c50c " 1 N F Oct 31
\254\311\342\377", l=1024, menu=0x57eb3210, num=0) at ../../curs_main.c:253
#9 0x56697b02 in menu_make_entry (s=s@entry=0xffe2c50c " 1 N F Oct 31
\254\311\342\377", menu=menu@entry=0x57eb3210, i=i@entry=0, l=1024) at
../../menu.c:188
#10 0x56697ebf in menu_redraw_index (menu=0x57eb3210) at ../../menu.c:263
#11 0x56674049 in index_menu_redraw (menu=0x57eb3210) at ../../curs_main.c:521
#12 0x56674569 in mutt_index_menu () at ../../curs_main.c:676
#13 0x56658de3 in main (argc=<optimized out>, argv=<optimized out>,
environ=<optimized out>) at ../../main.c:1252
This was fixed a while ago in NeoMutt[0], but upstream Mutt is still
affected.
[0] https://github.com/neomutt/neomutt/issues/778
-- System Information:
Architecture: i386
Versions of packages mutt depends on:
ii libassuan0 2.4.4-1
ii libc6 2.25-2
ii libcomerr2 1.43.7-1
ii libgnutls30 3.5.16-1
ii libgpg-error0 1.27-5
ii libgpgme11 1.9.0-6
ii libgssapi-krb5-2 1.15.2-2
ii libidn11 1.33-2
ii libk5crypto3 1.15.2-2
ii libkrb5-3 1.15.2-2
ii libncursesw5 6.0+20171125-1
ii libsasl2-2 2.1.27~101-g0780600+dfsg-3
ii libtinfo5 6.0+20171125-1
ii libtokyocabinet9 1.4.48-11+b1
--
Jakub Wilk
