Package: isync
Version: 1.4.3-1
Severity: normal
Before the upgrade (1.3.0-2.2, on bullseye), I am able to run mbsync
without too many issues. After the upgrade, it completely crashes with
what looks like an assertion failure:
C: 0/1 B: 134/205 F: +0/0 *0/0 #0/0 N: +4/4 *0/0 #0/0
Warning: lost track of 676 pulled message(s)
C: 0/1 B: 134/205 F: +0/0 *0/0 #0/0 N: +4/681 *0/0 #0/0
Warning: message 1 from far side has incomplete header.
C: 0/1 B: 134/205 F: +0/0 *0/0 #0/0 N: +5/681 *0/0 #0/0corrupted size vs.
prev_size while consolidating
Abandon (core dumped)
Here's the backtrace:
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00007f529fa18537 in __GI_abort () at abort.c:79
#2 0x00007f529fa71768 in __libc_message (action=action@entry=do_abort,
fmt=fmt@entry=0x7f529fb7fe2d "%s\n") at ../sysdeps/posix/libc_fatal.c:155
#3 0x00007f529fa78a5a in malloc_printerr (
str=str@entry=0x7f529fb82280 "corrupted size vs. prev_size while
consolidating") at malloc.c:5347
#4 0x00007f529fa7a12e in _int_free (av=0x7f529fbb1b80 <main_arena>,
p=0x5613006c9860, have_lock=<optimized out>) at malloc.c:4332
#5 0x00005612ff5f01a7 in copy_msg_convert (vars=0x561300587510,
out_cr=<optimized out>, in_cr=<optimized out>) at ./src/sync.c:534
#6 msg_fetched (sts=<optimized out>, aux=0x561300587510) at ./src/sync.c:559
#7 0x00005612ff5f9832 in done_imap_cmd (ctx=ctx@entry=0x7f52a0140010,
cmd=cmd@entry=0x561300635b30, response=response@entry=0)
at ./src/drv_imap.c:326
#8 0x00005612ff600bc2 in imap_socket_read (aux=0x7f52a0140010)
at ./src/drv_imap.c:1740
#9 0x00005612ff5f72b7 in event_wait () at ./src/util.c:831
#10 main_loop () at ./src/util.c:903
#11 0x00005612ff5ec38f in main (argc=<optimized out>, argv=<optimized out>)
at ./src/main.c:797
It could be this is a new assertion for something that was broken
already in a previous version. I'm dealing with corruption issues on
the IMAP server side, but it seems to me this should still not crash,
especially on hostile server data...
(I don't have a particular reason to believe this is a security issue,
but i guess that if this is caused by a malicious message, it might be
a mild DOS condition..)
-- System Information:
Debian Release: 11.1
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable-debug'), (500, 'stable'),
(1, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-9-amd64 (SMP w/4 CPU threads)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages isync depends on:
ii libc6 2.31-13+deb11u2
ii libdb5.3 5.3.28+dfsg1-0.8
ii libsasl2-2 2.1.27+dfsg-2.1
ii libssl1.1 1.1.1k-1+deb11u1
ii zlib1g 1:1.2.11.dfsg-2
isync recommends no packages.
Versions of packages isync suggests:
ii mutt 2.0.5-4.1
-- no debconf information
