Thank you. I have installed the attached patch. Regards, Sergey
>From bf0d23962442075cf16eab955435de99bea961de Mon Sep 17 00:00:00 2001 From: Sergey Poznyakoff <[email protected]> Date: Thu, 12 Aug 2010 16:34:49 +0300 Subject: [PATCH] Bugfixes. * mailbox/mime.c (mu_mime_get_num_parts): Assume MIME message is not scanned if nmtp_parts are 0 and boundary is NULL. * mailbox/rfc2047.c (mu_rfc2047_decode): Free the buffer prior to returning a non-zero status. * mailbox/message.c (mu_message_destroy): Install a kludge to work over the slopy ref semantics. * mailbox/auth.c (mu_authority_destroy): Free auth_methods list. * mailbox/locker.c (destroy_dotlock): Free data.dot.nfslock. --- mailbox/auth.c | 1 + mailbox/locker.c | 3 ++- mailbox/message.c | 17 ++++++++++++++--- mailbox/mime.c | 3 ++- mailbox/rfc2047.c | 7 +++++-- 5 files changed, 24 insertions(+), 7 deletions(-) diff --git a/mailbox/auth.c b/mailbox/auth.c index 7975050..95f5faf 100644 --- a/mailbox/auth.c +++ b/mailbox/auth.c @@ -69,6 +69,7 @@ mu_authority_destroy (mu_authority_t *pauthority, void *owner) if (authority->owner == owner) { mu_ticket_destroy (&authority->ticket); + mu_list_destroy (&authority->auth_methods); free (authority); } *pauthority = NULL; diff --git a/mailbox/locker.c b/mailbox/locker.c index bbe41f9..f752c16 100644 --- a/mailbox/locker.c +++ b/mailbox/locker.c @@ -701,6 +701,7 @@ static void destroy_dotlock (mu_locker_t locker) { free (locker->data.dot.dotlock); + free (locker->data.dot.nfslock); } #ifndef MAXHOSTNAMELEN @@ -721,7 +722,7 @@ lock_dotlock (mu_locker_t locker, enum mu_locker_mode mode) { unlink (locker->data.dot.nfslock); free (locker->data.dot.nfslock); - locker->data.dot.nfslock = 0; + locker->data.dot.nfslock = NULL; } expire_stale_lock (locker); diff --git a/mailbox/message.c b/mailbox/message.c index 33730a5..b05d2dd 100644 --- a/mailbox/message.c +++ b/mailbox/message.c @@ -105,7 +105,18 @@ mu_message_destroy (mu_message_t *pmsg, void *owner) int destroy_lock = 0; mu_monitor_wrlock (monitor); - msg->ref--; + /* Note: msg->ref may be incremented by mu_message_ref without + additional checking for its owner, therefore decrementing + it must also occur independently of the owner checking. Due + to this inconsistency ref may reach negative values, which + is very unfortunate. + + The `owner' stuff is a leftover from older mailutils versions. + There is an ongoing attempt to remove it in the stream-cleanup + branch. When it is ready, it will be merged to the HEAD and this + will finally resolve this issue. */ + if (msg->ref > 0) + msg->ref--; if ((msg->owner && msg->owner == owner) || (msg->owner == NULL && msg->ref <= 0)) { @@ -155,8 +166,8 @@ mu_message_destroy (mu_message_t *pmsg, void *owner) if (msg->floating_mailbox && msg->mailbox) mu_mailbox_destroy (&(msg->mailbox)); */ - - if (msg->ref == 0) + + if (msg->ref <= 0) free (msg); } mu_monitor_unlock (monitor); diff --git a/mailbox/mime.c b/mailbox/mime.c index 33186d9..d2f6aab 100644 --- a/mailbox/mime.c +++ b/mailbox/mime.c @@ -930,7 +930,8 @@ mu_mime_get_num_parts (mu_mime_t mime, size_t *nmtp_parts) { int ret = 0; - if (mime->nmtp_parts == 0 || mime->flags & MIME_PARSER_ACTIVE) + if ((mime->nmtp_parts == 0 && !mime->boundary) + || mime->flags & MIME_PARSER_ACTIVE) { if (mu_mime_is_multipart (mime)) { diff --git a/mailbox/rfc2047.c b/mailbox/rfc2047.c index bc6972b..9e043d6 100644 --- a/mailbox/rfc2047.c +++ b/mailbox/rfc2047.c @@ -224,8 +224,11 @@ mu_rfc2047_decode (const char *tocode, const char *input, char **ptostr) free (fromcode); free (encoding_type); free (encoded_text); - - *ptostr = realloc (buffer, bufpos); + + if (status) + free (buffer); + else + *ptostr = realloc (buffer, bufpos); return status; } -- 1.6.0.3
_______________________________________________ Bug-mailutils mailing list [email protected] http://lists.gnu.org/mailman/listinfo/bug-mailutils
