Created attachment 1601 [details] patch / fix The URL parser code in mainwindow.c will read beyond the bounds of its input buffer if an URL which is missing a closing bracket is passed. This can happen e.g. when the List-Archive header is broken (which currently seems to be the case with Google Groups due to a bug there). See attached patch which should fix this. This was found with address sanitizer. I'll also attach the address sanitizer error message and a minimal sample input mail that will trigger this bug.
Created attachment 1602 [details] minimal email sample triggering the bug
Created attachment 1603 [details] Address Sanitizer full debug output
Changes related to this bug have been committed. Please check latest Git and update the bug accordingly. You can also get the patch from: http://git.claws-mail.org/ ++ ChangeLog 2015-11-16 10:17:02.317616930 +0100 http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=c7030e74363abe028f4369c0dfc3762829db7b34 Merge: e8971e4 8f65fc9 Author: Colin Leroy <colin@colino.net> Date: Mon Nov 16 10:17:01 2015 +0100 Merge branch 'master' of file:///home/git/claws http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=8f65fc9f8be8d30ba67d8f4a64256e8645aa0dc1 Merge: 2a2a1bd 0314464 Author: Colin Leroy <colin@colino.net> Date: Mon Nov 16 10:17:24 2015 +0100 Merge branch 'master' of ssh+git://git.claws-mail.org/home/git/claws http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=2a2a1bd7db0949e1763661b6098b31a6cd82f617 Author: Colin Leroy <colin@colino.net> Date: Mon Nov 16 10:04:16 2015 +0100 Fix bug #3563 (URL parser will read out of bounds when closing bracket is missing in get_url_part) Patch by Hanno Boeck