Ticket #3018 (closed defect: fixed)

Opened 6 months ago

Last modified 3 weeks ago

integer overflow in curs_lib.c if time_inc is used

Reported by: vinc17 Assigned to: mutt-dev
Priority: minor Milestone: 1.6
Component: mutt Version: 1.5.17
Keywords: Cc:

Description

When building Mutt with -ftrapv in CFLAGS and running it with a muttrc file containing: 

set time_inc=250

Mutt aborts at this line: 

  if (TimeInc)
    progress->timestamp = tv.tv_sec * 1000 + tv.tv_usec / 1000;

In gdb, print tv.tv_sec outputs 1200664610. My original time_inc patch didn't have such a problem since I didn't use timeval, but I think the bug can easily be fixed by adding casts to unsigned int since only relative timestamps matter (see attached patch). The 

  if (update && progress->timestamp && !gettimeofday (&tv, NULL)) {

can be wrong as progress->timestamp can be 0 due to the wrapping, but I don't think this is a real problem in practice.

Attachments

curs_lib.c.diff (0.8 kB) - added by vinc17 on 2008-01-18 06:27:12.
patch
intfix.diff (0.9 kB) - added by pdmef on 2008-07-02 05:22:42.

Change History

2008-01-18 06:27:12 changed by vinc17

  • attachment curs_lib.c.diff added.

patch

2008-01-18 07:52:22 changed by pdmef

  • priority changed from major to minor.
  • milestone set to 1.6.

It seems at least in hash_string() 'h' should be turned into unsigned int, too. Maybe there're more places causing trouble with -ftrapv.

2008-07-01 20:07:00 changed by vinc17

  • status changed from new to closed.
  • resolution set to fixed.

(In [fb0df4ae0836]) Clamp timeval math to unsigned int to match progress timestamps. This is fine since only relative differences matter. Closes #3018.

2008-07-02 05:21:55 changed by pdmef

  • status changed from closed to reopened.
  • resolution deleted.

This still doesn't fix the issue for me on OS X 10.4.11, I need the attached patch on top of tip to make mutt work with -ftrapv.

2008-07-02 05:22:42 changed by pdmef

  • attachment intfix.diff added.

2008-07-02 09:08:15 changed by pdmef

  • status changed from reopened to closed.
  • resolution set to fixed.

(In [f41ba27be46f]) Fix casts for progress update to prevent -ftrapv aborts to trigger. Closes #3018.

2008-07-02 18:19:05 changed by Vincent Lefevre 

On 2008-07-02 12:22:00 -0000, Mutt wrote:
>  This still doesn't fix the issue for me on OS X 10.4.11, I need the
>  attached patch on top of tip to make mutt work with -ftrapv.

FYI, my original patch

  http://dev.mutt.org/trac/attachment/ticket/3018/curs_lib.c.diff

was correct. But parentheses have been added in

  http://dev.mutt.org/trac/changeset/fb0df4ae0836

changing the meaning of the code.