From 4b17201c4fa5ce1b4c46c09659b187164dbc1c12 Mon Sep 17 00:00:00 2001 From: Ralph Seichter Date: Sun, 16 Jun 2019 17:18:47 +0200 Subject: [PATCH 01/15] configure: fix mktemp call for macOS Add missing template to mktemp, as required by macOS / OS X. Signed-off-by: Ralph Seichter --- configure | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure b/configure index 8b80f0e0..6e73b22e 100755 --- a/configure +++ b/configure @@ -529,7 +529,7 @@ int main () { return 0; } EOF - if ! TEMP_GPG=$(mktemp -d); then + if ! TEMP_GPG=$(mktemp -d "${TMPDIR:-/tmp}/notmuch.XXXXXX"); then printf 'No.\nCould not make tempdir for testing session-key support.\n' errors=$((errors + 1)) elif ${CC} ${CFLAGS} ${gmime_cflags} _check_session_keys.c ${gmime_ldflags} -o _check_session_keys \ From 1ee5bdcc1de8b39be57ab4a929cef81891053140 Mon Sep 17 00:00:00 2001 From: David Bremner Date: Mon, 23 Sep 2019 21:34:07 -0300 Subject: [PATCH 02/15] remove stray ` from NEWS --- NEWS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/NEWS b/NEWS index e0271e70..4aefdf6b 100644 --- a/NEWS +++ b/NEWS @@ -114,7 +114,7 @@ Build System ------------ Serialize calls to sphinx-build to avoid race condition. -` + Notmuch 0.28.2 (2019-02-17) =========================== From 2cf38f8e1c1d3b50ac41b002308de5eea9efc61d Mon Sep 17 00:00:00 2001 From: David Bremner Date: Sun, 22 Sep 2019 19:44:00 -0300 Subject: [PATCH 03/15] test: known broken test file descriptor leak in gzip file open James Troup reported this bug in id:87pnjsf9q5.fsf@canonical.com --- test/T750-gzip.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/test/T750-gzip.sh b/test/T750-gzip.sh index 5b678fa1..f4e0c42a 100755 --- a/test/T750-gzip.sh +++ b/test/T750-gzip.sh @@ -167,4 +167,12 @@ This is just a test message (#7) EOF test_expect_equal_file EXPECTED OUTPUT +# there are more than 200 messages in this corpus +add_email_corpus lkml +test_begin_subtest "new doesn't run out of file descriptors with many gzipped files" +test_subtest_known_broken +ulimit -n 200 +gzip --recursive ${MAIL_DIR} +test_expect_success "notmuch new" + test_done From 4c5b17b10b786994255641fee8df4733c3586f3e Mon Sep 17 00:00:00 2001 From: David Bremner Date: Sun, 22 Sep 2019 19:44:01 -0300 Subject: [PATCH 04/15] util: unreference objects referenced by the returned stream obj We want freeing the returned stream to also free these underlying objects. Compare tests/test-filters.c in the gmime 3.2.x source, which uses this same idiom. Thanks to James Troup for the report and the fix. --- test/T750-gzip.sh | 1 - util/gmime-extra.c | 2 ++ 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/test/T750-gzip.sh b/test/T750-gzip.sh index f4e0c42a..fac41d39 100755 --- a/test/T750-gzip.sh +++ b/test/T750-gzip.sh @@ -170,7 +170,6 @@ test_expect_equal_file EXPECTED OUTPUT # there are more than 200 messages in this corpus add_email_corpus lkml test_begin_subtest "new doesn't run out of file descriptors with many gzipped files" -test_subtest_known_broken ulimit -n 200 gzip --recursive ${MAIL_DIR} test_expect_success "notmuch new" diff --git a/util/gmime-extra.c b/util/gmime-extra.c index 7562d906..4a591cae 100644 --- a/util/gmime-extra.c +++ b/util/gmime-extra.c @@ -28,6 +28,8 @@ _gzfile_maybe_filter (GMimeStream *file_stream) { /* ignore filter id */ (void)g_mime_stream_filter_add ((GMimeStreamFilter *)gzstream, gzfilter); + g_object_unref(gzfilter); + g_object_unref(file_stream); return gzstream; } else { return file_stream; From 49621ea8d5596e707d81ec5aafcfb6a19f864819 Mon Sep 17 00:00:00 2001 From: David Bremner Date: Sun, 13 Oct 2019 09:18:24 -0300 Subject: [PATCH 05/15] util: whitespace cleanup for 4c5b17b1 Oops. This should make the merge back to master smoother. --- util/gmime-extra.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/util/gmime-extra.c b/util/gmime-extra.c index 4a591cae..d1bb1d47 100644 --- a/util/gmime-extra.c +++ b/util/gmime-extra.c @@ -27,9 +27,9 @@ _gzfile_maybe_filter (GMimeStream *file_stream) { return NULL; /* ignore filter id */ - (void)g_mime_stream_filter_add ((GMimeStreamFilter *)gzstream, gzfilter); - g_object_unref(gzfilter); - g_object_unref(file_stream); + (void) g_mime_stream_filter_add ((GMimeStreamFilter *) gzstream, gzfilter); + g_object_unref (gzfilter); + g_object_unref (file_stream); return gzstream; } else { return file_stream; From 449e77761e20bde2935531d1789945bd8270eb62 Mon Sep 17 00:00:00 2001 From: David Bremner Date: Sat, 19 Oct 2019 07:21:53 -0300 Subject: [PATCH 06/15] bump version --- bindings/python/notmuch/version.py | 2 +- version | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bindings/python/notmuch/version.py b/bindings/python/notmuch/version.py index ca9e6a8c..1bde97e5 100644 --- a/bindings/python/notmuch/version.py +++ b/bindings/python/notmuch/version.py @@ -1,3 +1,3 @@ # this file should be kept in sync with ../../../version -__VERSION__ = '0.29.1' +__VERSION__ = '0.29.2' SOVERSION = '5' diff --git a/version b/version index 25939d35..20f06870 100644 --- a/version +++ b/version @@ -1 +1 @@ -0.29.1 +0.29.2 From 75328e4fecf48ed935f9f6cc8a513fa2c25c5c03 Mon Sep 17 00:00:00 2001 From: David Bremner Date: Sat, 19 Oct 2019 07:24:08 -0300 Subject: [PATCH 07/15] Changelog stanza for 0.29.2-1 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index 72a52546..21010a1a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +notmuch (0.29.2-1) unstable; urgency=medium + + * New upstream bug fix release: fix file descriptor leak with gzipped + files. Thanks to James Troup for reporting and the fix. + + -- David Bremner Sat, 19 Oct 2019 07:23:21 -0300 + notmuch (0.29.1-2) unstable; urgency=medium * Re-upload to unstable From 1c8d9e172e57bad26ebb94a8cb22a959ebedb9a3 Mon Sep 17 00:00:00 2001 From: David Bremner Date: Sat, 19 Oct 2019 07:37:37 -0300 Subject: [PATCH 08/15] update NEWS for 0.29.2 --- NEWS | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/NEWS b/NEWS index 4aefdf6b..c416a373 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,12 @@ +Notmuch 0.29.2 (2019-10-19) +=========================== + +General +------- + +Fix for file descriptor leak when opening gzipped mail files. Thanks +to James Troup for the bug report and the fix. + Notmuch 0.29.1 (2019-06-11) =========================== From 2a003f0f503b1e7a15b01664cf8217a4762d95cc Mon Sep 17 00:00:00 2001 From: David Bremner Date: Sat, 2 Nov 2019 17:33:20 -0300 Subject: [PATCH 09/15] debian upload 0.29.2-2: goodbye python2 support Convert to pybuild while we are at it. --- debian/changelog | 8 ++++++++ debian/control | 14 -------------- debian/python3-notmuch.install | 1 - debian/rules | 13 +++++-------- 4 files changed, 13 insertions(+), 23 deletions(-) delete mode 100644 debian/python3-notmuch.install diff --git a/debian/changelog b/debian/changelog index 21010a1a..92b97449 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +notmuch (0.29.2-2) experimental; urgency=medium + + * Drop python-notmuch binary package. + * Drop python2 build-dependency (Closes: #937161). + * Convert to pybuild for python bindings + + -- David Bremner Sat, 02 Nov 2019 18:21:06 -0300 + notmuch (0.29.2-1) unstable; urgency=medium * New upstream bug fix release: fix file descriptor leak with gzipped diff --git a/debian/control b/debian/control index 31d6471c..84be657d 100644 --- a/debian/control +++ b/debian/control @@ -14,7 +14,6 @@ Build-Depends: libgmime-3.0-dev (>= 3.0.3~), libtalloc-dev, libz-dev, - python-all (>= 2.6.6-3~), python3-all (>= 3.1.2-7~), dh-python, dh-elpa (>= 1.3), @@ -73,19 +72,6 @@ Description: thread-based email index, search and tagging (development) This package provides the necessary development libraries and header files to allow you to develop new software using libnotmuch. -Package: python-notmuch -Architecture: all -Section: python -Depends: ${misc:Depends}, ${python:Depends}, libnotmuch5 (>= ${source:Version}) -Description: Python interface to the notmuch mail search and index library - Notmuch is a system for indexing, searching, reading, and tagging - large collections of email messages in maildir or mh format. It uses - the Xapian library to provide fast, full-text search with a very - convenient search syntax. - . - This package provides a Python interface to the notmuch - functionality, directly interfacing with a shared notmuch library. - Package: python3-notmuch Architecture: all Section: python diff --git a/debian/python3-notmuch.install b/debian/python3-notmuch.install deleted file mode 100644 index 4606faae..00000000 --- a/debian/python3-notmuch.install +++ /dev/null @@ -1 +0,0 @@ -usr/lib/python3* diff --git a/debian/rules b/debian/rules index d056edb6..5a378f6e 100755 --- a/debian/rules +++ b/debian/rules @@ -1,9 +1,9 @@ #!/usr/bin/make -f -python3_all = py3versions -s | xargs -n1 | xargs -t -I {} env {} +export PYBUILD_NAME=notmuch %: - dh $@ --with python2,python3,elpa + dh $@ --with python3,elpa override_dh_auto_configure: BASHCMD=/bin/bash ./configure --prefix=/usr \ @@ -17,20 +17,17 @@ override_dh_auto_configure: override_dh_auto_build: dh_auto_build -- V=1 - dh_auto_build --sourcedirectory bindings/python - cd bindings/python && $(python3_all) setup.py build + dh_auto_build --buildsystem=pybuild --sourcedirectory bindings/python $(MAKE) -C contrib/notmuch-mutt override_dh_auto_clean: dh_auto_clean - dh_auto_clean --sourcedirectory bindings/python - cd bindings/python && $(python3_all) setup.py clean -a + dh_auto_clean --buildsystem=pybuild --sourcedirectory bindings/python dh_auto_clean --sourcedirectory bindings/ruby $(MAKE) -C contrib/notmuch-mutt clean override_dh_auto_install: dh_auto_install - dh_auto_install --sourcedirectory bindings/python - cd bindings/python && $(python3_all) setup.py install --install-layout=deb --root=$(CURDIR)/debian/tmp + dh_auto_install --buildsystem=pybuild --sourcedirectory bindings/python $(MAKE) -C contrib/notmuch-mutt DESTDIR=$(CURDIR)/debian/tmp install dh_auto_install --sourcedirectory bindings/ruby From 8e2251484214d39bdb4872216239bd38eb7729ab Mon Sep 17 00:00:00 2001 From: David Bremner Date: Sun, 24 Nov 2019 22:31:34 -0400 Subject: [PATCH 10/15] lib: fix memory error in notmuch_config_list_value The documentation for notmuch_config_list_key warns that that the returned value will be destroyed by the next call to notmuch_config_list_key, but it neglected to mention that calling notmuch_config_list_value would also destroy it (by calling notmuch_config_list_key). This is surprising, and caused a use after free bug in _setup_user_query_fields (first noticed by an OpenBSD porter, so kudos to the OpenBSD malloc implementation). This change fixes that use-after-free bug. --- lib/config.cc | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/config.cc b/lib/config.cc index da71c16e..a8bcdf83 100644 --- a/lib/config.cc +++ b/lib/config.cc @@ -150,13 +150,17 @@ notmuch_config_list_valid (notmuch_config_list_t *metadata) return true; } +static inline char * _key_from_iterator (notmuch_config_list_t *list) { + return talloc_strdup (list, (*list->iterator).c_str () + CONFIG_PREFIX.length ()); +} + const char * notmuch_config_list_key (notmuch_config_list_t *list) { if (list->current_key) talloc_free (list->current_key); - list->current_key = talloc_strdup (list, (*list->iterator).c_str () + CONFIG_PREFIX.length ()); + list->current_key = _key_from_iterator (list); return list->current_key; } @@ -166,7 +170,7 @@ notmuch_config_list_value (notmuch_config_list_t *list) { std::string strval; notmuch_status_t status; - const char *key = notmuch_config_list_key (list); + char *key = _key_from_iterator (list); /* TODO: better error reporting?? */ status = _metadata_value (list->notmuch, key, strval); @@ -177,6 +181,7 @@ notmuch_config_list_value (notmuch_config_list_t *list) talloc_free (list->current_val); list->current_val = talloc_strdup (list, strval.c_str ()); + talloc_free (key); return list->current_val; } From a11b2f0f2d984b7f5974aff01c9fa80718449766 Mon Sep 17 00:00:00 2001 From: Ralph Seichter Date: Tue, 23 Jul 2019 22:48:23 +0200 Subject: [PATCH 11/15] notmuch-dump.c: Fix output file being closed twice Fixed: If the output file for a dump was non-writeable, gzclose_w() was called twice on the output file handle, resulting in SIGABRT. (cherry picked from commit 17806ecc955ce0375146ea1df51eae061a72bef8) --- notmuch-dump.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/notmuch-dump.c b/notmuch-dump.c index ef2f02df..70cdb0c2 100644 --- a/notmuch-dump.c +++ b/notmuch-dump.c @@ -329,13 +329,15 @@ notmuch_database_dump (notmuch_database_t *notmuch, } } - if (gzclose_w (output) != Z_OK) { + ret = gzclose_w (output); + if (ret) { fprintf (stderr, "Error closing %s: %s\n", name_for_error, gzerror (output, NULL)); ret = EXIT_FAILURE; output = NULL; goto DONE; - } + } else + output = NULL; if (output_file_name) { ret = rename (tempname, output_file_name); From 9024b2f5f6094d145e06883027b08ad0011023ff Mon Sep 17 00:00:00 2001 From: David Bremner Date: Wed, 27 Nov 2019 08:06:15 -0400 Subject: [PATCH 12/15] NEWS for 0.29.3 --- NEWS | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/NEWS b/NEWS index c416a373..722a352e 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,13 @@ +Notmuch 0.29.3 (2019-11-27) +=========================== + +General +------- + +Fix for use-after-free in notmuch_config_list_{key,val}. + +Fix for double close of file in notmuch-dump. + Notmuch 0.29.2 (2019-10-19) =========================== From 3efa2ad72c8ffd8183fab2cd6592f35e72fbb7d7 Mon Sep 17 00:00:00 2001 From: David Bremner Date: Wed, 27 Nov 2019 08:06:59 -0400 Subject: [PATCH 13/15] version: bump to 0.29.3 --- bindings/python/notmuch/version.py | 2 +- version | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bindings/python/notmuch/version.py b/bindings/python/notmuch/version.py index 1bde97e5..e688b565 100644 --- a/bindings/python/notmuch/version.py +++ b/bindings/python/notmuch/version.py @@ -1,3 +1,3 @@ # this file should be kept in sync with ../../../version -__VERSION__ = '0.29.2' +__VERSION__ = '0.29.3' SOVERSION = '5' diff --git a/version b/version index 20f06870..5540b6e0 100644 --- a/version +++ b/version @@ -1 +1 @@ -0.29.2 +0.29.3 From e5437dc4c2f1b93f94e5e9b5661b5e57244e3f96 Mon Sep 17 00:00:00 2001 From: David Bremner Date: Wed, 27 Nov 2019 08:11:53 -0400 Subject: [PATCH 14/15] mention python 2 changes --- NEWS | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/NEWS b/NEWS index 722a352e..66bb69f1 100644 --- a/NEWS +++ b/NEWS @@ -8,6 +8,11 @@ Fix for use-after-free in notmuch_config_list_{key,val}. Fix for double close of file in notmuch-dump. +Debian +------ + +Drop python2 support from shipped debian packaging. + Notmuch 0.29.2 (2019-10-19) =========================== From a59ef7d02cb229c2ec3569024918024003568aea Mon Sep 17 00:00:00 2001 From: David Bremner Date: Wed, 27 Nov 2019 08:20:31 -0400 Subject: [PATCH 15/15] debian: changelog for 0.29.3 --- debian/changelog | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/debian/changelog b/debian/changelog index 92b97449..4f7457cd 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +notmuch (0.29.3-1) unstable; urgency=medium + + * New upstream bugfix release. + - fix use-after-free bug in libnotmuch + - fix double close of file in "notmuch dump" + + -- David Bremner Wed, 27 Nov 2019 08:19:57 -0400 + notmuch (0.29.2-2) experimental; urgency=medium * Drop python-notmuch binary package.