headers
bhayden | 8 May 22:05

SEGV on imap_expunge in c-client.

Hi folks. Here at the U of Minnesota we use a heavily-modded version of 
Cambridge's Prayer webmail. Out of the box it has a normal expunge call. I 
added one to do an expunge on specific messages. So, I happily did:

mail_expunge_full(stream, sequence, 0);

with 'sequence', of course, being a ptr to char the same as one would give 
to mail_copy_full. It compiles fine, core dumps at run time. Debugging, I 
get this:

  signal SEGV (no mapping at the fault address) in imap_expunge at line 
2403 in file "imap4r1.c"
  2403           if (LOCAL->tmp[0]) *s++ = ',';

We're linking against a src-unmodified c-client built on solaris 9 with GNU 
C, from imap-2006k. I know there is a more recent version of the IMAP 
toolkit; I checked imap_expunge and it has not changed, so I thought I'd 
ask here first for anything easy and obvious before building a new version 
of c-client. Also checked the release notes of the newer versions and 
didn't see anything referring to expunges.

Anyone have any thoughts, or similar experience? I'll be happy to provide 
any more info as requested. Thanks,

-Brian Hayden
University of Minnesota
Internet Services

_______________________________________________
Imap-uw mailing list
(Continue reading)

Permalink | Reply |
headers
Mark Crispin | 8 May 22:51

Re: SEGV on imap_expunge in c-client.

I see the problem.  You're probably the first person to have used the 
feature of selective expunge with sequence numbers as opposed to UIDs.

The attached imap4r1.c ought to fix this problem.  Please give it a try.

On Thu, 8 May 2008, bhayden <at> umn.edu wrote:
> Hi folks. Here at the U of Minnesota we use a heavily-modded version of 
> Cambridge's Prayer webmail. Out of the box it has a normal expunge call. I 
> added one to do an expunge on specific messages. So, I happily did:
>
> mail_expunge_full(stream, sequence, 0);
>
> with 'sequence', of course, being a ptr to char the same as one would give to 
> mail_copy_full. It compiles fine, core dumps at run time. Debugging, I get 
> this:
>
> signal SEGV (no mapping at the fault address) in imap_expunge at line 2403 
> in file "imap4r1.c"
> 2403           if (LOCAL->tmp[0]) *s++ = ',';
>
> We're linking against a src-unmodified c-client built on solaris 9 with GNU 
> C, from imap-2006k. I know there is a more recent version of the IMAP 
> toolkit; I checked imap_expunge and it has not changed, so I thought I'd ask 
> here first for anything easy and obvious before building a new version of 
> c-client. Also checked the release notes of the newer versions and didn't see 
> anything referring to expunges.
>
> Anyone have any thoughts, or similar experience? I'll be happy to provide any 
> more info as requested. Thanks,
>
(Continue reading)

Permalink | Reply |
headers
bhayden | 9 May 04:29

Re: SEGV on imap_expunge in c-client.

On May 8 2008, Mark Crispin wrote:

>I see the problem.  You're probably the first person to have used the 
>feature of selective expunge with sequence numbers as opposed to UIDs.
>
>The attached imap4r1.c ought to fix this problem.  Please give it a try.

Getting closer. It doesn't segfault anymore, but no matter the sequence 
string it returns "Excessively complex sequence." Going back to the 
debugger, it looks to my untrained eye like the sequence is being corrupted 
by the assignment at line 2397:

 stopped in imap_expunge at line 2397 in file "imap4r1.c"
  2397         char *t = (char *) fs_get (IMAPTMPLEN);
 (dbx) dump
 j = 0
 s = 0x215e60 "Hang in there.."
 t = 0xffbff3e8 ""
 i = 2174752U
 args = ARRAY
 aseq = RECORD
 ret = 0
 reply = 0x215e60
 stream = 0x31d0e8
 sequence = 0x212f20 "25"
 options = 0
 (dbx) next 
 stopped in imap_expunge at line 2400 in file "imap4r1.c"
  2400        for (*s = '\0', i = 1; i <= stream->nmsgs; ++i)
 (dbx) dump
(Continue reading)

Permalink | Reply |
headers
Mark Crispin | 9 May 05:28

Re: SEGV on imap_expunge in c-client.

On Thu, 8 May 2008, bhayden <at> umn.edu wrote:
> After completing that for loop, this results in (again, to my untrained eye) 
> a sequence of ',56244' when what was passed in was '25':

You weren't on the right track (the statement that you thought corrupted 
the buffer is the one that creates it), but the part above was the clue 
that I needed to fix the actual problem.  Try the attached imap4r1.c

-- Mark --

http://panda.com/mrc
Democracy is two wolves and a sheep deciding what to eat for lunch.
Liberty is a well-armed sheep contesting the vote.
/* ========================================================================
 * Copyright 1988-2008 University of Washington
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * 
 * ========================================================================
 */

/*
 * Program:	Interactive Message Access Protocol 4rev1 (IMAP4R1) routines
 *
(Continue reading)

Permalink | Reply |
headers
bhayden | 9 May 05:58

Re: SEGV on imap_expunge in c-client.

On May 8 2008, Mark Crispin wrote:

>On Thu, 8 May 2008, bhayden <at> umn.edu wrote:
>> After completing that for loop, this results in (again, to my untrained 
>> eye) a sequence of ',56244' when what was passed in was '25':
>
>You weren't on the right track (the statement that you thought corrupted 
>the buffer is the one that creates it), but the part above was the clue 
>that I needed to fix the actual problem.  Try the attached imap4r1.c

That seems to have done the trick, so far. Thank you!

_______________________________________________
Imap-uw mailing list
Imap-uw <at> u.washington.edu
https://mailman1.u.washington.edu/mailman/listinfo/imap-uw
Permalink | Reply |

Gmane