forwarded 626294 http://bugs.mutt.org/3288 thanks
Attached is an updated version of 584138-mx_update_context-segfault.patch that seems to fix the problem. Copied from upstream changeset 0e4f1782ea2e. Thanks, Nikolaus
Patch written by hhorak@, it should fix a segfault that happens when there are holes due to deleted messages, this should fix both #584138 and #537694 (the second as a side-effect), therefore the previous upstream/537694-segv-imap-headers.patch is removed This patch was retrieved from the original upstream bug http://bugs.mutt.org/3288 Index: mutt-1.5.21/imap/message.c =================================================================== --- mutt-1.5.21.orig/imap/message.c 2011-09-25 16:40:20.000000000 +0200 +++ mutt-1.5.21/imap/message.c 2011-09-25 16:40:58.000000000 +0200 @@ -65,7 +65,7 @@ char *hdrreq = NULL; FILE *fp; char tempfile[_POSIX_PATH_MAX]; - int msgno, idx; + int msgno, idx = msgbegin - 1; IMAP_HEADER h; IMAP_STATUS* status; int rc, mfhrc, oldmsgcount; @@ -185,7 +185,7 @@ continue; } - idx = h.sid - 1; + idx++; ctx->hdrs[idx] = imap_hcache_get (idata, h.data->uid); if (ctx->hdrs[idx]) { @@ -211,6 +211,7 @@ dprint (3, (debugfile, "bad cache entry at %d, giving up\n", h.sid - 1)); imap_free_header_data((void**) (void*) &h.data); evalhc = 0; + idx--; } } while (rc != IMAP_CMD_OK && mfhrc == -1); @@ -282,18 +283,20 @@ { dprint (2, (debugfile, "msg_fetch_header: ignoring fetch response with no body\n")); mfhrc = -1; + msgend--; continue; } /* make sure we don't get remnants from older larger message headers */ fputs ("\n\n", fp); - idx = h.sid - 1; + idx++; if (idx > msgend) { dprint (1, (debugfile, "imap_read_headers: skipping FETCH response for " "unknown message number %d\n", h.sid)); mfhrc = -1; + idx--; continue; } /* May receive FLAGS updates in a separate untagged response (#2935) */ @@ -301,6 +304,7 @@ { dprint (2, (debugfile, "imap_read_headers: message %d is not new\n", h.sid)); + idx--; continue; }
