[PATCH] Fix segfault during ITIP parsing.
Guido Günther
agx at sigxcpu.org
Sat Jun 5 09:14:00 UTC 2010
Fixes possible NULL pointer dereference. Patch adjusts code to current
evolution git.
---
plugins/itip-formatter/itip-formatter.c | 17 +++++++++++------
1 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/plugins/itip-formatter/itip-formatter.c b/plugins/itip-formatter/itip-formatter.c
index 526af07..cf37693 100644
--- a/plugins/itip-formatter/itip-formatter.c
+++ b/plugins/itip-formatter/itip-formatter.c
@@ -2535,7 +2535,8 @@ format_itip (EPlugin *ep, EMFormatHookTarget *target)
gchar *classid;
struct _itip_puri *puri;
CamelDataWrapper *content;
- CamelStream *mem;
+ CamelStream *stream;
+ GByteArray *byte_array;
classid = g_strdup_printf("itip:///%s", ((EMFormat *) target->format)->part_id->str);
@@ -2561,14 +2562,18 @@ format_itip (EPlugin *ep, EMFormatHookTarget *target)
/* This is non-gui thread. Download the part for using in the main thread */
content = camel_medium_get_content_object ((CamelMedium *) target->part);
- mem = camel_stream_mem_new ();
- camel_data_wrapper_decode_to_stream (content, mem);
- if (((CamelStreamMem *) mem)->buffer->len == 0)
+ byte_array = g_byte_array_new ();
+ stream = camel_stream_mem_new_with_byte_array (byte_array);
+ camel_data_wrapper_decode_to_stream (content, stream);
+
+ if (byte_array->len == 0)
puri->vcalendar = NULL;
else
- puri->vcalendar = g_strndup ((gchar *)((CamelStreamMem *) mem)->buffer->data, ((CamelStreamMem *) mem)->buffer->len);
- camel_object_unref (mem);
+ puri->vcalendar = g_strndup (
+ (gchar *) byte_array->data, byte_array->len);
+
+ g_object_unref (stream);
camel_stream_printf (target->stream, "<table border=0 width=\"100%%\" cellpadding=3><tr>");
camel_stream_printf (target->stream, "<td valign=top><object classid=\"%s\"></object></td><td width=100%% valign=top>", classid);
--
1.7.1
--6TrnltStXW4iwmi0--
------------=_1277506269-29222-0
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
Received: (at 584661-close) by bugs.debian.org; 25 Jun 2010 22:47:40 +0000
X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02
(2008-06-10) on busoni.debian.org
X-Spam-Level:
X-Spam-Bayes: score:0.0000 Tokens: new, 120; hammy, 151; neutral, 190; spammy,
0. spammytokens: hammytokens:0.000-+--HX-Debian:DAK,
0.000-+--H*RU:128.148.34.103, 0.000-+--H*rp:D*ftp-master.debian.org,
0.000-+--HX-DAK:process-upload, 0.000-+--HX-DAK:dak
X-Spam-Status: No, score=-13.0 required=4.0 tests=AWL,BAYES_00,FOURLA,
FROMDEVELOPER,FVGT_m_MULTI_ODD,HAS_BUG_NUMBER,IMPRONONCABLE_2,
MURPHY_DRUGS_REL8,MURPHY_WRONG_WORD1,MURPHY_WRONG_WORD2,PGPSIGNATURE
autolearn=ham version=3.2.5-bugs.debian.org_2005_01_02
Return-path: <envelope at ftp-master.debian.org>
Received: from ries.debian.org ([128.148.34.103])
from C=NA,ST=NA,L=Ankh Morpork,O=Debian SMTP,OU=Debian SMTP CA,CN=ries.debian.org,EMAIL=hostmaster at ries.debian.org (verified)
by busoni.debian.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
(Exim 4.69)
(envelope-from <envelope at ftp-master.debian.org>)
id 1OSHgS-0007Bf-Af
for 584661-close at bugs.debian.org; Fri, 25 Jun 2010 22:47:40 +0000
Received: from dak by ries.debian.org with local (Exim 4.69)
(envelope-from <envelope at ftp-master.debian.org>)
id 1OSHgQ-0004S9-6u; Fri, 25 Jun 2010 22:47:38 +0000
From: Yves-Alexis Perez <corsac at debian.org>
To: 584661-close at bugs.debian.org
X-DAK: dak process-upload
X-Debian: DAK
X-Debian-Package: evolution
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Subject: Bug#584661: fixed in evolution 2.30.2-1
Message-Id: <E1OSHgQ-0004S9-6u at ries.debian.org>
Sender: Archive Administrator <dak at ries.debian.org>
Date: Fri, 25 Jun 2010 22:47:38 +0000
Source: evolution
Source-Version: 2.30.2-1
We believe that the bug you reported is fixed in the latest version of
evolution, which is due to be installed in the Debian FTP archive:
evolution-common_2.30.2-1_all.deb
to main/e/evolution/evolution-common_2.30.2-1_all.deb
evolution-dbg_2.30.2-1_amd64.deb
to main/e/evolution/evolution-dbg_2.30.2-1_amd64.deb
evolution-dev_2.30.2-1_amd64.deb
to main/e/evolution/evolution-dev_2.30.2-1_amd64.deb
evolution-plugins-experimental_2.30.2-1_amd64.deb
to main/e/evolution/evolution-plugins-experimental_2.30.2-1_amd64.deb
evolution-plugins_2.30.2-1_amd64.deb
to main/e/evolution/evolution-plugins_2.30.2-1_amd64.deb
evolution_2.30.2-1.debian.tar.gz
to main/e/evolution/evolution_2.30.2-1.debian.tar.gz
evolution_2.30.2-1.dsc
to main/e/evolution/evolution_2.30.2-1.dsc
evolution_2.30.2-1_amd64.deb
to main/e/evolution/evolution_2.30.2-1_amd64.deb
evolution_2.30.2.orig.tar.gz
to main/e/evolution/evolution_2.30.2.orig.tar.gz
libevolution_2.30.2-1_amd64.deb
to main/e/evolution/libevolution_2.30.2-1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 584661 at bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Yves-Alexis Perez <corsac at debian.org> (supplier of updated evolution package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster at debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 25 Jun 2010 16:59:53 +0200
Source: evolution
Binary: evolution libevolution evolution-common evolution-dev evolution-dbg evolution-plugins evolution-plugins-experimental
Architecture: source all amd64
Version: 2.30.2-1
Distribution: unstable
Urgency: low
Maintainer: Debian Evolution Maintainers <pkg-evolution-maintainers at lists.alioth.debian.org>
Changed-By: Yves-Alexis Perez <corsac at debian.org>
Description:
evolution - groupware suite with mail client and organizer
evolution-common - architecture independent files for Evolution
evolution-dbg - debugging symbols for Evolution
evolution-dev - development library files for Evolution
evolution-plugins - standard plugins for Evolution
evolution-plugins-experimental - experimental plugins for Evolution
libevolution - evolution libraries
Closes: 584661 585794 585921 586905
Changes:
evolution (2.30.2-1) unstable; urgency=low
.
* New upstream release.
- fix message deleting in search folers. closes: #585794
- fix crash on i386 with largefile. closes: #585921
- fix folder creation inside filter window. closes: #586905
* debian/rules:
- install some information on bug reporting
- include gnome-get-source.mk.
* debian/bug-presubj: warn user that she should report upstream issues
directly to upstream bugzilla because of lack of time and manpower.
* debian/patches
- 03_fix-segfault-on-some-mails-display,
04_fix-crash-when-viewing-closing-mails-quickly dropped,
included upstream.
- 03_fix-crash-itip added, fix crash in ITIP parser. closes: #584661
* debian/control:
- update build-deps to 2.30.2.
- update debhelper build-dep to 7.2.3 for dh_bugfiles.
- add build-dep on gnome-pkg-tools for gnome-get-source.mk.
* Switch to 3.0 (quilt) format.
* debian/libevolution.install:
- install /usr/lib/evolution/2.30/evolution-alarm-notify in the package.
Checksums-Sha1:
307cacfae4e4ff1361aebc825f16772cc607d99e 3550 evolution_2.30.2-1.dsc
5002554d18ff1d7575738ceb2521412bc8f566f7 39396197 evolution_2.30.2.orig.tar.gz
831b6e9e4bc122c58f89c6a60cd63f148f68b788 40406 evolution_2.30.2-1.debian.tar.gz
e810a00d99ce7aadcf70a7f5993bd99b6c36ac9a 28767578 evolution-common_2.30.2-1_all.deb
1eba0021344f415c95ce6f30f551c608d2e1d174 1128694 evolution_2.30.2-1_amd64.deb
3ae27f0b21da0006c912b8ecdfad343f724f2288 2333492 libevolution_2.30.2-1_amd64.deb
84f824dacebd855b153a57146ae49155418436de 469148 evolution-dev_2.30.2-1_amd64.deb
302346b5b08adf39943d0826ab80ee08c7af4b26 7877568 evolution-dbg_2.30.2-1_amd64.deb
c27a5e7c1ea312f2f752959718aa79e88b20c99b 350032 evolution-plugins_2.30.2-1_amd64.deb
936765dd34560696d6b8f07ba7e2cf5613123b18 171548 evolution-plugins-experimental_2.30.2-1_amd64.deb
Checksums-Sha256:
89dfa29877171d00f6b2beaac57caaad290e0fbefc4b7c79c78d9cc369ff5d3b 3550 evolution_2.30.2-1.dsc
b53a967f00feb28baf7d425b9361a702cf6f1d78faf30fcfb3d7eaabef499f2e 39396197 evolution_2.30.2.orig.tar.gz
16235f9b657e8bd1b70561603607136c0d56b3066ac4e9706ed0525b22461f34 40406 evolution_2.30.2-1.debian.tar.gz
81de5748b379d616db8175f98c494bd8a79552afec292193189cb8b97b62f931 28767578 evolution-common_2.30.2-1_all.deb
688fdf1c91e8a90b1e9c96940059e785372a1990cdc0bb0eb1f205a2e3490996 1128694 evolution_2.30.2-1_amd64.deb
adf92730dbadbc70ecd8ab034b2373ede2aa68414ff615c4e95c1f2a6d4ab1e5 2333492 libevolution_2.30.2-1_amd64.deb
3ea83152753c7cb25b30ac178ec600a53956f5ce8b5e187b0f7ba3302d45687a 469148 evolution-dev_2.30.2-1_amd64.deb
618ca06eda5ceec18e9392464ca40b934cf1cedd6acec9c076a7059a41bbc2bc 7877568 evolution-dbg_2.30.2-1_amd64.deb
481f42c4587732bc95ef51cdbe9aa97d752290c9dba5d8376f86fa788879ff2e 350032 evolution-plugins_2.30.2-1_amd64.deb
c1030fb4643f1d1559fffc384f3f0a4897a94fbbd2a972f440af2ff555903285 171548 evolution-plugins-experimental_2.30.2-1_amd64.deb
Files:
7bba05253c7aa5ac09b33629fd112cb3 3550 gnome optional evolution_2.30.2-1.dsc
bfb22d252ae69c5a332049e2587a1b3b 39396197 gnome optional evolution_2.30.2.orig.tar.gz
29d6c1ef83e860c0c82f6c57aa294d78 40406 gnome optional evolution_2.30.2-1.debian.tar.gz
aff0e0ed473f3929fc5b13c489477272 28767578 gnome optional evolution-common_2.30.2-1_all.deb
7ef52fdfdacc00bc6ba1243b76e27305 1128694 gnome optional evolution_2.30.2-1_amd64.deb
c20b4ac9d62d8356fe99cf7f3ad1bbb3 2333492 gnome optional libevolution_2.30.2-1_amd64.deb
1b4fa33e098600e7fce8fdc89d46d0c7 469148 devel optional evolution-dev_2.30.2-1_amd64.deb
79541913526b7356e74baf1f5ed61694 7877568 debug extra evolution-dbg_2.30.2-1_amd64.deb
cd466e7a793037a423a63b605de4d36c 350032 gnome optional evolution-plugins_2.30.2-1_amd64.deb
0a1f6c70503618819e65da0a361d6064 171548 gnome optional evolution-plugins-experimental_2.30.2-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCgAGBQJMJSy6AAoJEDBVD3hx7wuoDrAQAMCi6ieYo1Z+jNOdbr/yAmBu
9r750+tJntzPzp/UX1yS0xsN6nJyslqXzZIfiwMYhiYwYSUYxQ3oSvhE9y02Y4N0
M65XhIzn8mzD6KJfTYbuGpmLhGX9Q/uluZmcuQ29VsTUe9yiE6trNknUYqpZq1CF
EhSRveGN1zLhUpMPWH6sC39TaN5lDAnAs5IXo/uaaEPXPyt7S9jhNHaTVpUNLg5e
VLMuZ7yq9RxcpRYXyeV68sJi8L6zlx61Yw4+/n1VSjkP8LASZ5lko5TC4HJQrZEd
5mrgyHjprLTine8yI6xCIMEqgv62GT4Xbu6RAu6ZnXqiBBlCs60AwZpCu9SbtCBm
+vnGtpqObwSzUn9X+TZww6MBOErsvPo9Qis6eKuIX/SKhJ5LRCf3hht1kNa4hQM3
wv/9Fmb8zKYTyJ5L1p7UmutD1qbuMmtjq9kQE7tGYG8mmIT+j2shggiHA/GAqcKS
BkRd5FFv9+KS/2/iSFTupNycdRvRIwhaH2jU8f3jCYoeg+Uo+Q2sfCHOIgx0hfct
r8skucfLZGwuQCtFvsydyUKw7qO5cWHQYsh0QFnxAv3z/XVdowBVoWvGGfbs/LkG
5zbuWX9xp3anBmlf0yUbCu5hqqMUy4kNg+fxT5HmgvC/hlrGZPSwWDyuVxhGeElw
f5vqKwkqXFJLf9HtikCI
=qoGf
-----END PGP SIGNATURE-----
------------=_1277506269-29222-0--
More information about the Pkg-evolution-maintainers
mailing list