The string function in a sprinter may be called with a NULL string pointer (eg if a header is absent). This causes a segfault. We fix this by checking for a null pointer in the string functions and update the sprinter documentation. At the moment some output when format=text is done directly rather than via an sprinter: in that case a null pointer is passed to printf or similar and a "(null)" appears in the output. That behaviour is not changed in this patch. --- This could really do with some tests (it is the second time this type of bug has occurred). To be considered as a message by notmuch new a file needs at least one of a From: Subject: or To: header. Thus we should have three messages each of which just contains that single header (and nothing else) and check that search and show work as expected. sprinter-json.c | 2 ++ sprinter-text.c | 2 ++ sprinter.h | 4 +++- 3 files changed, 7 insertions(+), 1 deletions(-) diff --git a/sprinter-json.c b/sprinter-json.c index c9b6835..0a07790 100644 --- a/sprinter-json.c +++ b/sprinter-json.c @@ -118,6 +118,8 @@ json_string_len (struct sprinter *sp, const char *val, size_t len) static void json_string (struct sprinter *sp, const char *val) { + if (val == NULL) + val = ""; json_string_len (sp, val, strlen (val)); } diff --git a/sprinter-text.c b/sprinter-text.c index dfa54b5..10343be 100644 --- a/sprinter-text.c +++ b/sprinter-text.c @@ -38,6 +38,8 @@ text_string_len (struct sprinter *sp, const char *val, size_t len) static void text_string (struct sprinter *sp, const char *val) { + if (val == NULL) + val = ""; text_string_len (sp, val, strlen (val)); } diff --git a/sprinter.h b/sprinter.h index 5f43175..912a526 100644 --- a/sprinter.h +++ b/sprinter.h @@ -27,7 +27,9 @@ typedef struct sprinter { * a list or map, followed or preceded by separators). For string * and string_len, the char * must be UTF-8 encoded. string_len * allows non-terminated strings and strings with embedded NULs - * (though the handling of the latter is format-dependent). + * (though the handling of the latter is format-dependent). For + * string (but not string_len) the string pointer passed may be + * NULL. */ void (*string) (struct sprinter *, const char *); void (*string_len) (struct sprinter *, const char *, size_t); -- 1.7.9.1 H