Ubuntu
swish++ package

index++ crashed with SIGSEGV, indexing an email encoded in base64

Bug #911233 reported by Jae-hyeon Park
26
This bug affects 3 people
Affects Status Importance Assigned to Milestone
swish++ (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

This is an update of the previous report #908571, which was invalidated due to old installed packages. Even after updating my system, I still find index++ crashing on the same input file. The following is the command that I gave and the output:

$ index++ -v4 -e 'mail:*' 912
  912Segmentation fault (core dumped)

912 is the email file that has one message, and it is attached in this report.
Its body is in the utf-8 charset, encoded in base64, which is not in accordance with the standard.
Nevertheless, I believe that index++ must not segfault upon it.

ProblemType: Crash
DistroRelease: Ubuntu 11.10
Package: swish++ 6.1.5-2.1
Uname: Linux 3.1.6-0-tuxonice x86_64
ApportVersion: 1.23-0ubuntu4
Architecture: amd64
Date: Tue Jan 3 14:27:07 2012
ExecutablePath: /usr/bin/index++
ProcCmdline: index++ -v4 -e mail * 912
ProcEnviron:
 SHELL=/bin/bash
 PATH=(custom, user)
 LANG=en_US.UTF-8
SegvAnalysis:
 Segfault happened at: 0x41c338: cmpb $0x3d,0x2(%r15)
 PC (0x0041c338) ok
 source "$0x3d" ok
 destination "0x2(%r15)" (0x7f695d25bc62) not located in a known VMA region (needed writable region)!
SegvReason: writing unknown VMA
Signal: 11
SourcePackage: swish++
StacktraceTop:
 ?? ()
 ?? ()
 ?? ()
 ?? ()
 ?? ()
Title: index++ crashed with SIGSEGV
UpgradeStatus: Upgraded to oneiric on 2011-10-15 (80 days ago)
UserGroups: adm admin audio cdrom dialout kvm lpadmin plugdev pulse-access sambashare

Revision history for this message
Jae-hyeon Park (jhyeon) wrote :
Revision history for this message
Apport retracing service (apport) wrote :

StacktraceTop:
 ?? ()
 ?? ()
 ?? ()
 ?? ()
 ?? ()

Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt
Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt
Changed in swish++ (Ubuntu):
status: New → Invalid
Revision history for this message
Apport retracing service (apport) wrote : Crash report cannot be processed

Thank you for your report!

However, processing it in order to get sufficient information for the
developers failed (it does not generate an useful symbolic stack trace). This
might be caused by some outdated packages which were installed on your system
at the time of the report:

outdated debug symbol package for swish++: package version 6.1.5-2.1 dbgsym version 6.1.5-2

Please upgrade your system to the latest package versions. If you still
encounter the crash, please file a new report.

Thank you for your understanding, and sorry for the inconvenience!

tags: removed: need-amd64-retrace
Revision history for this message
Jae-hyeon Park (jhyeon) wrote :

I could not figure out how to update the dbgsym version. I followed the instruction on https://wiki.ubuntu.com/DebuggingProgramCrash but could not find such a package as swish++-dbgsym. In any case, it is simple to reproduce the segfault. One can give the attached file to index++ using the command that I wrote in the bug description.

Changed in swish++ (Ubuntu):
status: Invalid → New
visibility: private → public
Revision history for this message
Jae-hyeon Park (jhyeon) wrote :

The segmentation fault occurs when index++ decodes a non-base64 part of the email text using its base64 decoder. This can happen when a header field is in a multi-line representation which contains a non-null whitespace-only line. index++ misinterprets this type of line as the end of the last header. If the content-transfer-encoding is base64, index++ starts to decode the rest of the header part as in base64 even if it is plain text.

The attached patch fixes this problem by modifying the header parser so that it correctly detects the end of the last header.

Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "swish++-6.1.5.diff" of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-reviewers team please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]

tags: added: patch
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in swish++ (Ubuntu):
status: New → Confirmed
Revision history for this message
Jae-hyeon Park (jhyeon) wrote :

Is the patch review process still in progress?

Revision history for this message
Torsten Bronger (bronger) wrote :

Any update on this?

Revision history for this message
Torsten Bronger (bronger) wrote :

The attached mail also fails with a seg fault:

$ index++ --pattern=mail:"*" 2385
Speicherzugriffsfehler

Is this the same error? FWIW, I don’t see a non-null whitespace line in the header.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.