Mutt already has checks for deeply nested mime. However, for the
message type, parts of the code assume body->header will be set.
The current parser simply exited the recursion at a certain depth, but
left the header set to NULL. This caused a crash in the attachment
list menu, but probably would cause crashes elsewhere in the code too.
When deeply nested, instead change the type to text/plain before
giving up.
Thanks to Acts1631 for the bug report, sample message causing the
crash, and possible suggested fix. This fix is different from the
suggestion, instead fixing the parser, rather than the attachment list
code.
---
This is a fix for what looks like an AI scanner bug report. I will
forward that email to the list shortly.
Note, this patch isn't the cleanest, as it duplicates some of the
error recovery code further below in the _parse_part() function.
However, the logic is a little tightly bound in the function, so I
thought it would be better to duplicate the code a bit rather than
make the logic flow more difficult.
Because of this, I plan on releasing 2.3.3 this weekend (with the
"--without-bundled-regex" fix cherry picked over). I'll get 2.4.0 out
next week sometime.
parse.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/parse.c b/parse.c
index 897281a4..ae1bad58 100644
--- a/parse.c
+++ b/parse.c
@@ -604,6 +604,11 @@ static void _parse_part (FILE *fp, BODY *b, int *counter)
if (recurse_level >= MUTT_MIME_MAX_DEPTH)
{
dprint (1, (debugfile, "mutt_parse_part(): recurse level too deep. giving
up!\n"));
+ if (b->type == TYPEMULTIPART || b->type == TYPEMESSAGE)
+ {
+ b->type = TYPETEXT;
+ mutt_str_replace(&b->subtype, "plain");
+ }
return;
}
recurse_level++;
--
2.54.0
