Hi all, a reproducible crash occurs with the latest master version: 1. create a VCard address book, and configure it to resolve addresses while typing; 2. open the editor and add an entry with *only* display name and email address being set; 3. opening the composer and typing in the To: fields leads to a segfault: <snip> Thread 1 "balsa" received signal SIGSEGV, Segmentation fault. 0x00005555555f22c6 in is_real_name (name=0xa700000467 <error: Cannot access memory at address 0xa700000467>) at address.c:124 124 return name != NULL && name[0] != '\0'; </snip> The crash is apparently caused by a too short array created in libbalsa/address.c, function libbalsa_address_extract_name(), line 136 – in the case above, it contains only two valid plus a terminating NULL item, whereas the code expects (at least) 5. The attached simple patch ensures that the array contains always 5 items. Best, Albrecht.
diff --git a/libbalsa/address.c b/libbalsa/address.c
index 6c4500d2f..a445ca88d 100644
--- a/libbalsa/address.c
+++ b/libbalsa/address.c
@@ -296,9 +296,12 @@ vcard_strsplit(const gchar * string)
string_list = g_slist_prepend(string_list, g_strdup(remainder));
}
- str_array = g_new(gchar*, n + 1);
+ if (n < 5U) {
+ str_array = g_new0(gchar*, 5U);
+ } else {
+ str_array = g_new0(gchar*, n + 1);
+ }
- str_array[n] = NULL;
for (slist = string_list; slist; slist = slist->next) {
gchar * str = (gchar *) slist->data;
gchar * p;
Attachment:
pgpoJviGvrzCS.pgp
Description: PGP signature