From a258cb32b318d831fab5ef64329bd65119b47def Mon Sep 17 00:00:00 2001 From: Dirk Hohndel Date: Tue, 27 Apr 2010 16:29:22 -0700 Subject: [PATCH] Fix SEGV in _thread_cleanup_author if author ends with ', ' Admittedly, an author name ending in ',' guarantees this is spam, and indeed this was triggered by a spam email, but that doesn't mean we shouldn't handle this case correctly. We now check that there is actually a component of the name (presumably the first name) after the comma in the author name. Signed-off-by: Dirk Hohndel --- lib/thread.cc | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/lib/thread.cc b/lib/thread.cc index dc74ee3e..13872d46 100644 --- a/lib/thread.cc +++ b/lib/thread.cc @@ -156,11 +156,19 @@ _thread_cleanup_author (notmuch_thread_t *thread, char *blank; int fname,lname; + if (author == NULL) + return NULL; clean_author = talloc_strdup(thread, author); if (clean_author == NULL) return NULL; + /* check if there's a comma in the name and that there's a + * component of the name behind it (so the name doesn't end with + * the comma - in which case the string that strchr finds is just + * one character long ",\0"). + * Otherwise just return the copy of the original author name that + * we just made*/ comma = strchr(author,','); - if (comma) { + if (comma && strlen(comma) > 1) { /* let's assemble what we think is the correct name */ lname = comma - author; fname = strlen(author) - lname - 2; @@ -180,7 +188,6 @@ _thread_cleanup_author (notmuch_thread_t *thread, /* we didn't identify this as part of the email address * so let's punt and return the original author */ strcpy (clean_author, author); - } return clean_author; }