Hi, While testing cyrus-imapd-2.3.13rc3, I noticed log entries like the following when deleting a top-level mailbox:
Oct 14 17:39:21 machine master[24378]: process 24391 exited, signaled to death by 11 The mailbox had been removed from the filesystem, but the imapd process appears to have segfaulted. Trussing the imapd showed: stat("/var/imap/mailboxes.db", 0xFFBFB5B0) = 0 fcntl(6, F_SETLKW, 0xFFBFB628) = 0 rmdir("/var/spool/imap/v/wobble") = 0 Incurred fault #6, FLTBOUNDS %pc = 0x00047850 siginfo: SIGSEGV SEGV_MAPERR addr=0x00000000 Received signal #11, SIGSEGV [default] siginfo: SIGSEGV SEGV_MAPERR addr=0x00000000 Looking at the code there is a clear NULL pointer bug in the mailbox_delete function in imap/mailbox.c. The patch is: $ diff -u imap/mailbox.c.orig imap/mailbox.c --- imap/mailbox.c.orig Wed Oct 8 16:47:08 2008 +++ imap/mailbox.c Tue Oct 14 17:49:05 2008 @@ -2919,7 +2919,9 @@ r = mboxlist_lookup(nbuf, NULL, NULL); } while(r == IMAP_MAILBOX_NONEXISTENT); - *ntail = '\0'; + if (ntail != NULL) { + *ntail = '\0'; + } if (updatenotifier) updatenotifier(nbuf); -- Stephen Grier Systems Developer Computing Services Queen Mary, University of London ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html