Summary: | Heap use after free in privacy_mimeinfo_check_signature() | ||||||
---|---|---|---|---|---|---|---|
Product: | Claws Mail (GTK 2) | Reporter: | Hanno Boeck <hanno> | ||||
Component: | Other | Assignee: | users | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | ||||||
Priority: | P3 | ||||||
Version: | other | ||||||
Hardware: | PC | ||||||
OS: | Linux | ||||||
Attachments: |
|
Description
Hanno Boeck
2016-02-04 21:44:00 UTC
Changes related to this bug have been committed. Please check latest Git and update the bug accordingly. You can also get the patch from: http://git.claws-mail.org/ ++ ChangeLog 2016-02-08 18:29:03.217084203 +0100 http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=f25a8348285c071e33d15627d427f9f410c02c14 Merge: b31a0f6 cd7f85f Author: Colin Leroy <colin@colino.net> Date: Mon Feb 8 18:29:02 2016 +0100 Merge branch 'master' of file:///home/git/claws http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=cd7f85f7eb6db97e86a8830e28116d26223d4e26 Author: Andrej Kacian <ticho@claws-mail.org> Date: Mon Feb 8 18:26:26 2016 +0100 Real fix for #3598. We were zeroing out wrong pointer. http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=14b55b5122349d18fa15f3b10c1067f19657ca10 Author: Andrej Kacian <ticho@claws-mail.org> Date: Mon Feb 8 18:26:49 2016 +0100 Make procmime_mimeinfo_free_all() zero the passed pointer. The function's argument type changes from MimeInfo* to MimeInfo**, so that we can zero out the pointer. This closes bug #3610, reported by Hanno Boeck. Fixed in git, thanks. I fear that there will be a few more such issues throughout the code. |