On Wed, Nov 17, 2021 at 08:08:22AM +0900, Norbert Preining wrote:
Today I got a bug report about a crash including a backtrace:
i know, i watch the debian package. you don't need to forward anything
to me. in fact, i was about to reply directly on the bts before it
occurred to me to check the other folder first.
Do you have any suggestion?
it's an obvious heap corruption, which may be exploitable in the worst
case (the glibc allocator seems to catch the condition, but others may
not, or a more carefully crafted message may sidestep it).
the easiest way to get to the bottom of it should be running
valgrind --tool=memcheck --num-callers=50 mbsync -D <...>
(mbsync's -D should help identify the culprit message, a verbatim copy
of which should be inspected).
antoine, you can send the log (and the message, if it's not too
confidential) to me in private.
_______________________________________________
isync-devel mailing list
isync-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/isync-devel
