Re: [Pan-users] Segfaults from recent pan2.git [crap, NOTSOLVED]

[walt]

On 02/17/2014 07:03 PM, Duncan wrote:
> walt posted on Mon, 17 Feb 2014 18:31:29 -0800 as excerpted:
> 
>> A few minutes after I posted, pan segfaulted again with the usual
>> backtrace involving gnutls, so I'll start over.  But there were no
>> asserts involving g_object_ref/unref, so maybe there are two separate
>> bugs?  Dunno.
> 
> FWIW...
> 
> I haven't done anything but report it to the pan-dev list/group (no 
> backtraces, etc, but I /did/ isolate the problem in the post), but I came 
> across a post that triggered a pan crash here.  Did you see that report 
> from 22 January to the dev list, obviously from me:
> 
> Subject: Reporting a crash-trigger post
> 
> The crash-trigger post was, in turn, on the gmane server (news.gmane.org), 
> so it should be verifiable by all.  Here's the IDing info from the above 
> post for it, with the from and message-id broken up at the @ in ordered 
> to keep gmane's email address encryption from destroying them:
> 
> From: "toyota company" <roseline.sec6 @ rediffmail.com>
> Newsgroups: gmane.comp.file-systems.btrfs
> Subject: =?utf-8?B?b3BlbiB0aGUgYXR0YWNobWVudCBlbmNsb3Nl?=
> Date: 21 Jan 2014 09:24:46 -0000
> Message-ID: <20140121092446.14189.qmail @ f5mail-224-108.rediffmail.com>
> Content-Type: multipart/mixed;
>         boundary="=_5bdc72cb509a47604979bccace821e19"
> X-Trace: ger.gmane.org 1390297891 1893 80.91.229.3 (21 Jan 2014 
> 09:51:31GMT)
> NNTP-Posting-Date: Tue, 21 Jan 2014 09:51:31 +0000 (UTC)
> Xref: news.gmane.org gmane.comp.file-systems.btrfs:31884
> Archived-At: <http://permalink.gmane.org/gmane.comp.file-
> systems.btrfs/31884>
> 
> As I analyzed it in the reporting post, the original post apparently 
> contained malware which was stripped either by gmane or (more likely) by 
> the vger.kernel.org list-serv.  The result was (as listed above) a 
> content-type multipart/mixed post, but there were no parts!  The only 
> content other than the global headers was the standard list footer, 
> appended by the list-serv.  Other than that, no body at all, thus no 
> included parts despite the content-type multipart/mixed header including 
> the specified boundary.
> 
> But pan apparently doesn't like a multipart/mixed post without any parts, 
> and crashes!  Removing that content-type header from the file in pan's 
> cache allowed pan to load the message, while with it there, pan crashes, 
> so that does indeed appear to be the problem.
> 
> 
> So I'd suggest loading that group on the gmane list and verifying that 
> pan crashes when you try to read that post.  Assuming it does, compare 
> that backtrace to what you were seeing.
> 
> And if you can devise a patch (I'm not a dev so I can report and did 
> isolate the problem header, but a patch is pretty much beyond me), after 
> applying it, see if pan still crashes for you in the other cases.  With a 
> bit of luck, we've both found the same bug, and between my isolating the 
> problem post and header and your backtracing and etc, perhaps there's a 
> fix possible. =:^)
> 

My theory ATM is that there are at least two different bugs bugging me :)

The crash caused by the article above *may* be fixed by the change below:

diff --git a/pan/data/article-cache.cc b/pan/data/article-cache.cc
index 0ac3d57..537504e 100644
--- a/pan/data/article-cache.cc
+++ b/pan/data/article-cache.cc
@@ -117,7 +117,6 @@ ArticleCache :: message_id_to_filename (char * buf, int 
len, const StringView& m
            break;
         case '<': case '>': /* these are illegal too, but rather than encoding
                                them, follow the convention of omitting them */
-           break;
         default:
            *out++ = *in;
            break;

That article doesn't crash the patched pan I'm running now; instead the
event log shows a warning that the article is incomplete and the missing
parts are unobtainable -- the correct response IMO.

So, give the patch a try and see what happens.