4300 – Specific mail make claws crash if viewed with litehtml

Bug 4300 - Specific mail make claws crash if viewed with litehtml

Summary: Specific mail make claws crash if viewed with litehtml

Status:	RESOLVED FIXED

Alias:	None

Product:	Claws Mail (GTK 2)
Classification:	Unclassified
Component:	Plugins/LiteHTML Viewer (show other bugs)
Version:	3.17.4
Hardware:	PC Linux

Importance:	P3 normal
Assignee:	users

URL:

Duplicates (1):	4653 (view as bug list)
Depends on:
Blocks:

Reported:	2020-02-03 21:51 UTC by Julien
Modified:	2023-02-03 10:38 UTC (History)
CC List:	2 users (show)

See Also:

Attachments
faulty mail which makes litehtml crash (18.03 KB, text/plain) 2020-02-03 21:51 UTC, Julien	no flags	Details
Add an attachment (proposed patch, testcase, etc.)

Description Julien 2020-02-03 21:51:44 UTC

Created attachment 2039 [details]
faulty mail which makes litehtml crash

Hello,

I just received a spam which, if viewed with the litehtml plugin makes claws mail crashes with a segmentation fault. Tested with a fresh profile with only litehml plugin activated and only this mail in the inbox.

I'm using claws mail 3.17.4 on mageia 7 x86_64.

here is the backtrace with gdb, the guilty mail is attached:

Thread 1 "claws-mail" received signal SIGSEGV, Segmentation fault.
0x00007ffff67ec126 in __strlen_sse2 () from /lib64/libc.so.6
(gdb) bt
#0  0x00007ffff67ec126 in __strlen_sse2 () at /lib64/libc.so.6
#1  0x00007ffff28f7302 in lh_widget::set_base_url(char const*) () at /usr/lib64/claws-mail/plugins/litehtml_viewer.so
#2  0x00007ffff2909b08 in litehtml::el_base::parse_attributes() () at /usr/lib64/claws-mail/plugins/litehtml_viewer.so
#3  0x00007ffff2913968 in litehtml::html_tag::parse_attributes() () at /usr/lib64/claws-mail/plugins/litehtml_viewer.so
#4  0x00007ffff2913968 in litehtml::html_tag::parse_attributes() () at /usr/lib64/claws-mail/plugins/litehtml_viewer.so
#5  0x00007ffff29066e3 in litehtml::document::createFromUTF8(char const*, litehtml::document_container*, litehtml::context*, litehtml::css*) ()
    at /usr/lib64/claws-mail/plugins/litehtml_viewer.so
#6  0x00007ffff2906b69 in litehtml::document::createFromString(char const*, litehtml::document_container*, litehtml::context*, litehtml::css*) ()
    at /usr/lib64/claws-mail/plugins/litehtml_viewer.so
#7  0x00007ffff28f7de4 in lh_widget::open_html(char const*) () at /usr/lib64/claws-mail/plugins/litehtml_viewer.so
#8  0x00007ffff28f6b3b in lh_show_mimepart () at /usr/lib64/claws-mail/plugins/litehtml_viewer.so
#9  0x00000000004e6b1d in mimeview_show_part (mimeview=mimeview@entry=0xbbf5b0, partinfo=partinfo@entry=0xa40300) at mimeview.c:946
#10 0x00000000004e6cec in mimeview_selected (selection=<optimized out>, mimeview=0xbbf5b0) at mimeview.c:1471
#14 0x00007ffff6f821b2 in <emit signal ??? on instance 0xbbe200 [GtkTreeSelection]> (instance=<optimized out>, signal_id=<optimized out>, detail=detail@entry=0)
    at ../gobject/gsignal.c:3447
    #11 0x00007ffff6f65d8d in g_closure_invoke (closure=0xbc1dc0, return_value=0x0, n_param_values=1, param_values=0x7fffffffce90, invocation_hint=0x7fffffffce30)
    at ../gobject/gclosure.c:810
    #12 0x00007ffff6f78d35 in signal_emit_unlocked_R
    (node=node@entry=0xbadc90, detail=detail@entry=0, instance=instance@entry=0xbbe200, emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@entry=0x7fffffffce90) at ../gobject/gsignal.c:3635
    #13 0x00007ffff6f81bce in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fffffffd038)
    at ../gobject/gsignal.c:3391
#15 0x00007ffff7d6e9e7 in _gtk_tree_selection_internal_select_node
    (override_browse_mode=0, mode=<optimized out>, path=0xd4d8b0, tree=<optimized out>, node=<optimized out>, selection=<optimized out>) at gtktreeselection.c:1427
#16 0x00007ffff7d6e9e7 in _gtk_tree_selection_internal_select_node
    (selection=<optimized out>, node=<optimized out>, tree=<optimized out>, path=path@entry=0xd4d8b0, mode=<optimized out>, override_browse_mode=override_browse_mode@entry=0)
    at gtktreeselection.c:1290
#17 0x00007ffff7d82269 in gtk_tree_view_real_set_cursor
    (tree_view=tree_view@entry=0xbc25b0 [GtkTreeView], path=path@entry=0xd4d8b0, clear_and_select=clear_and_select@entry=1, clamp_node=1) at gtktreeview.c:12610
#18 0x00007ffff7d869bb in gtk_tree_view_button_press (widget=widget@entry=0xbc25b0 [GtkTreeView], event=0xd81840) at gtktreeview.c:2797
#23 0x00007ffff6f821b2 in <emit signal ??? on instance 0xbc25b0 [GtkTreeView]> (instance=instance@entry=0xbc25b0, signal_id=<optimized out>, detail=detail@entry=0)
    at ../gobject/gsignal.c:3447
    #19 0x00007ffff7c8e70b in _gtk_marshal_BOOLEAN__BOXED
    (closure=0x8a1af0, return_value=0x7fffffffd390, n_param_values=<optimized out>, param_values=0x7fffffffd440, invocation_hint=<optimized out>, marshal_data=<optimized out>)
    at gtkmarshalers.c:84
    #20 0x00007ffff6f65d8d in g_closure_invoke (closure=0x8a1af0, return_value=0x7fffffffd390, n_param_values=2, param_values=0x7fffffffd440, invocation_hint=0x7fffffffd3e0)
    at ../gobject/gclosure.c:810
    #21 0x00007ffff6f7858d in signal_emit_unlocked_R
    (node=<optimized out>, detail=detail@entry=0, instance=instance@entry=0xbc25b0, emission_return=emission_return@entry=0x7fffffffd540, instance_and_params=instance_and_params@entry=0x7fffffffd440) at ../gobject/gsignal.c:3673
    #22 0x00007ffff6f81276 in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fffffffd608)
    at ../gobject/gsignal.c:3401
#24 0x00007ffff7d9f19c in gtk_widget_event_internal (widget=widget@entry=0xbc25b0 [GtkTreeView], event=event@entry=0xd81840) at gtkwidget.c:5017
#25 0x00007ffff7d9f437 in IA__gtk_widget_event (widget=widget@entry=0xbc25b0 [GtkTreeView], event=event@entry=0xd81840) at gtkwidget.c:4814
#26 0x00007ffff7c8c9cc in IA__gtk_propagate_event (widget=0xbc25b0 [GtkTreeView], event=0xd81840) at gtkmain.c:2503
#27 0x00007ffff7c8cd8b in IA__gtk_main_do_event (event=0xd81840) at gtkmain.c:1698
#28 0x00007ffff7c8cd8b in IA__gtk_main_do_event (event=<optimized out>) at gtkmain.c:1503
#29 0x00007ffff7b0572c in gdk_event_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at gdkevents-x11.c:2425
#30 0x00007ffff6e7e665 in g_main_dispatch (context=0x861560) at ../glib/gmain.c:3189
#31 0x00007ffff6e7e665 in g_main_context_dispatch (context=context@entry=0x861560) at ../glib/gmain.c:3854
#32 0x00007ffff6e7e9e8 in g_main_context_iterate (context=0x861560, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:3927
#33 0x00007ffff6e7ecd2 in g_main_loop_run (loop=0x8ec5a0) at ../glib/gmain.c:4123
#34 0x00007ffff7c8be47 in IA__gtk_main () at gtkmain.c:1270
#35 0x000000000044a2c6 in main (argc=<optimized out>, argv=<optimized out>) at main.c:1640


regards
Julien

Comment 1 Ricardo Mones 2020-02-04 10:45:45 UTC

The bug is already fixed in git by this commit:

https://git.claws-mail.org/?p=claws.git;a=commitdiff;h=8445c4b04e22a13617f12354cc1f47971aea819b

Can you build from git to verify? Otherwise you'll have to wait until next release.

Comment 2 Julien 2020-02-04 21:19:36 UTC

Hi,

thanks for your answer. I just tested and as you say, it's fixed in git. :)


regards
Julien

Comment 3 Ricardo Mones 2020-02-04 21:26:49 UTC

Alright, thanks for confirming! :)

Comment 4 Michael Rasmussen 2023-02-02 23:11:53 UTC

Hi all,

Seems this commit by magic has vanished from git?!!! WTF
See lines 143-149 here: https://git.claws-mail.org/?p=claws.git;a=blob;f=src/plugins/litehtml_viewer/lh_widget.cpp;h=3c1259d0cbcb0b9cd4f7739c75ba4f9b623ca616;hb=HEAD

Making the bug appear was again!

I will recommit again.

Comment 5 Michael Rasmussen 2023-02-02 23:30:57 UTC

Recommitted so closing again.

Comment 6 Paul 2023-02-03 10:38:56 UTC

*** Bug 4653 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.