Bug 137527

Summary: KMFolderMaildir::getDwString does an invalid C-style case (at least) when called from KMFolderMaildir::readMsg
Product: [Unmaintained] kmail Reporter: Matthias Kretz <kretz>
Component: maildirAssignee: kdepim bugs <kdepim-bugs>
Status: RESOLVED UNMAINTAINED    
Severity: crash CC: frederic.coiffier
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: unspecified   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Matthias Kretz 2006-11-18 12:22:15 UTC
Version:           unknown (using KDE 3.5.5, Kubuntu (edgy) 4:3.5.5-0ubuntu3)
Compiler:          Target: i486-linux-gnu
OS:                Linux (i686) release 2.6.17-10-generic

Below is the code from kmfoldermaildir.cpp - the assertions were added by me because I had segfaults in malloc called from getDwString.

I guess removing the cast in getDwString and simply using a KMMsgBase pointer should be enough to fix it, but if getDwString shouldn't be called for KMMessage objects then an additional check would be needed.

BTW, I believe all those C-casts to KMMsgInfo* from mMsgList should really be changed to dynamic_casts as mMsgList is an array of KMMsgBase*. I added asserts in my kmail code now for every occurrence.

KMMessage* KMFolderMaildir::readMsg(int idx)
{
  assert( dynamic_cast<KMMsgInfo*>( mMsgList[idx] ) );
  KMMsgInfo* mi = (KMMsgInfo*)mMsgList[idx];
  KMMessage *msg = new KMMessage(*mi); // note that mi is deleted by the line below
  mMsgList.set(idx,&msg->toMsgBase()); // done now so that the serial number can be computed
  msg->setComplete( true );
  msg->fromDwString(getDwString(idx));
  return msg;
}

DwString KMFolderMaildir::getDwString(int idx)
{
  assert( dynamic_cast<KMMsgInfo*>( mMsgList[idx] ) );
  KMMsgInfo* mi = (KMMsgInfo*)mMsgList[idx];
  QString abs_file(location() + "/cur/");
  abs_file += mi->fileName();
Comment 1 Germain Garand 2008-03-16 10:22:35 UTC
I'm getting constant crashes in kmail 1.9.7/Mandriva 2008.0 making it hardly usable at all. The backtrace is:

#6  0xb5352870 in QObject::checkConnectArgs () from /lib/i686/libc.so.6
#7  0x00000018 in ?? ()
#8  0x095cf268 in ?? ()
#9  0xb5358010 in free () from /lib/i686/libc.so.6
#10 0xb535493d in QObject::checkConnectArgs () from /lib/i686/libc.so.6
#11 0xbfc4b6d8 in ?? ()
#12 0xb53567b7 in malloc () from /lib/i686/libc.so.6
#13 0xb53567b7 in malloc () from /lib/i686/libc.so.6
#14 0xb5516717 in operator new () from /usr/lib/libstdc++.so.6
#15 0xb551684d in operator new[] () from /usr/lib/libstdc++.so.6
#16 0xb7ad2c50 in KMFolderMbox::getDwString ()
   from /usr/lib/libkmailprivate.so
#17 0xb7d8730c in KMFolderMbox::readMsg () from /usr/lib/libkmailprivate.so
#18 0xb7bcb27a in FolderStorage::getMsg () from /usr/lib/libkmailprivate.so
#19 0xb7a957ca in KMFolder::getMsg () from /usr/lib/libkmailprivate.so
#20 0xb7c51d4d in KMSearchPattern::matches () from /usr/lib/libkmailprivate.so
#21 0xb7c51dd2 in FolderStorage::search () from /usr/lib/libkmailprivate.so
#22 0xb7c4e669 in KMFolderSearch::propagateHeaderChanged ()
   from /usr/lib/libkmailprivate.so
#23 0xb7d18196 in KMFolderSearch::qt_invoke ()
   from /usr/lib/libkmailprivate.so
#24 0xb5e60ec1 in QObject::activate_signal ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#25 0xb7ae3e23 in KMFolderMgr::msgHeaderChanged ()
   from /usr/lib/libkmailprivate.so
#26 0xb7ae44b2 in KMFolderMgr::qt_emit () from /usr/lib/libkmailprivate.so
#27 0xb5e60f19 in QObject::activate_signal ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#28 0xb7ae6b43 in KMFolder::msgHeaderChanged ()
   from /usr/lib/libkmailprivate.so
#29 0xb7bd362f in KMFolder::qt_emit () from /usr/lib/libkmailprivate.so
#30 0xb5e60fa1 in QObject::activate_signal ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#31 0xb7ae5333 in FolderStorage::msgHeaderChanged ()
   from /usr/lib/libkmailprivate.so
#32 0xb7ae53c3 in FolderStorage::headerOfMsgChanged ()
   from /usr/lib/libkmailprivate.so
#33 0xb7ae56e1 in KMMsgBase::setStatus () from /usr/lib/libkmailprivate.so
#34 0xb7ae58f2 in KMMsgInfo::setStatus () from /usr/lib/libkmailprivate.so
#35 0xb7ac8133 in FolderStorage::markNewAsUnread ()
   from /usr/lib/libkmailprivate.so
#36 0xb7a95c65 in KMFolder::markNewAsUnread ()
   from /usr/lib/libkmailprivate.so
#37 0xb7cfc44d in KMHeaders::setFolder () from /usr/lib/libkmailprivate.so
#38 0xb7d35fa1 in KMMainWidget::folderSelected ()
   from /usr/lib/libkmailprivate.so
#39 0xb7db5843 in KMMainWidget::qt_invoke () from /usr/lib/libkmailprivate.so
#40 0xb5e60ec1 in QObject::activate_signal ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#41 0xb7ade6fe in KMFolderTree::folderSelected ()
   from /usr/lib/libkmailprivate.so
#42 0xb7c9e3da in KMFolderTree::doFolderSelected ()
   from /usr/lib/libkmailprivate.so
#43 0xb7c9ea1d in KMFolderTree::contentsMouseReleaseEvent ()
   from /usr/lib/libkmailprivate.so
#44 0xb5f73061 in QScrollView::viewportMouseReleaseEvent ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#45 0xb5f70e80 in QScrollView::eventFilter ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#46 0xb5f3f696 in QListView::eventFilter ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#47 0xb7aca30c in KMFolderTree::eventFilter ()
   from /usr/lib/libkmailprivate.so
#48 0xb5e6077c in QObject::activate_filters ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#49 0xb5e607eb in QObject::event () from /usr/lib/qt3/lib/libqt-mt.so.3
#50 0xb5e9944c in QWidget::event () from /usr/lib/qt3/lib/libqt-mt.so.3
#51 0xb5e03cea in QApplication::internalNotify ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#52 0xb5e04cca in QApplication::notify () from /usr/lib/qt3/lib/libqt-mt.so.3
#53 0xb64fedba in KApplication::notify () from /usr/lib/libkdecore.so.4
#54 0xb5da53e1 in QETWidget::translateMouseEvent ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#55 0xb5da4156 in QApplication::x11ProcessEvent ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#56 0xb5db42ad in QEventLoop::processEvents ()
   from /usr/lib/qt3/lib/libqt-mt.so.3
#57 0xb5e199e0 in QEventLoop::enterLoop () from /usr/lib/qt3/lib/libqt-mt.so.3
#58 0xb5e19876 in QEventLoop::exec () from /usr/lib/qt3/lib/libqt-mt.so.3
#59 0xb5e0390f in QApplication::exec () from /usr/lib/qt3/lib/libqt-mt.so.3
#60 0x0804a46e in QObject::checkConnectArgs ()
#61 0xb5302f90 in __libc_start_main () from /lib/i686/libc.so.6
#62 0x0804a1c1 in QObject::checkConnectArgs ()

Is it the same bug?
Comment 2 Christophe Marin 2009-10-14 22:13:45 UTC
*** Bug 210597 has been marked as a duplicate of this bug. ***
Comment 3 Christophe Marin 2009-10-16 23:27:53 UTC
*** Bug 210597 has been marked as a duplicate of this bug. ***
Comment 4 Christophe Marin 2009-11-27 02:21:26 UTC
*** Bug 216231 has been marked as a duplicate of this bug. ***
Comment 5 Myriam Schweingruber 2012-08-19 11:01:42 UTC
Thank you for your report. Kmail1 is currently unmaintained and the code has changed sufficiently in Kmail2 so the backtraces are not really useful anymore. Should you experience the same crash in Kmail 4.8.5 or later, please open a new report for Kmail2. Thank you for your understanding