On 2012-07-22 13:09:28 -0000, Mutt wrote: > Comment(by vinc17): > > In mutt_buffer_new, mutt_buffer_init is invoked with uninitialized > contents of b. So, the "FREE(&b->data);" in mutt_buffer_init yields > undefined behavior. > > How about replacing "mutt_buffer_init(b);" by "memset(b, 0, > sizeof(BUFFER));"? Or just replace safe_malloc + mutt_buffer_init by > safe_calloc so that the memory is initialized to 0 there?
A patch, using the safe_calloc method: http://dev.mutt.org/trac/attachment/ticket/3588/patch-1.5.21hg.vl.buffer_new.1 -- Vincent Lefèvre <[email protected]> - Web: <http://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
