As suggested by David Bremner in https://notmuchmail.org/pipermail/notmuch/2020/029288.html here is a separate patch for bug #2: calling gzerror() (indirectly via gzerror_str()) after gzclose_r is a use after free, according to zlib's manual. diff --git a/notmuch-restore.c b/notmuch-restore.c index 9a8b7fb5..e2dc3d45 100644 --- a/notmuch-restore.c +++ b/notmuch-restore.c @@ -237,6 +237,7 @@ notmuch_restore_command (notmuch_config_t *config, int argc, char *argv[]) int opt_index; int include = 0; int input_format = DUMP_FORMAT_AUTO; + int errnum; if (notmuch_database_open (notmuch_config_get_database_path (config), NOTMUCH_DATABASE_MODE_READ_WRITE, ¬much)) @@ -448,10 +449,13 @@ notmuch_restore_command (notmuch_config_t *config, int argc, char *argv[]) if (notmuch) notmuch_database_destroy (notmuch); - if (input && gzclose_r (input)) { - fprintf (stderr, "Error closing %s: %s\n", - name_for_error, gzerror_str (input)); - ret = EXIT_FAILURE; + if (input) { + errnum = gzclose_r (input); + if (errnum) { + fprintf (stderr, "Error closing %s: %d\n", + name_for_error, errnum); + ret = EXIT_FAILURE; + } } return ret ? EXIT_FAILURE : EXIT_SUCCESS; _______________________________________________ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch