It does the job, now opening the database with a relative path raise a NotmuchError. On Mon, Jun 8, 2015 at 8:02 AM, David Bremner <david@tethera.net> wrote: > Morgan Veyret <morgan.veyret@gmail.com> writes: > > > > > As I understand it's expected that the database path should be absolute > but > > corrupting the database when the path is relative sounds dangerous. > > Thanks for the report. I can see how this could happen, since the > internal functions _notmuch_message_add_file_name and > _notmuch_database_relative_path classify message filenames into absolute > paths starting with the database path and paths relative to the database > root. > > The obvious solution is to reject non-absolute paths in > notmuch_database_open_verbose. A slightly friendlier approach would be > to canonicalize the path, but this might have unforseen consequences for > clients relying on the database path being exactly what they pass in. > > Can you see if the attached patch "fixes" it for you? You'll have to > rebuild notmuch from source. The patch should apply to 0.20 or later. > > > diff --git a/lib/database.cc b/lib/database.cc > index 78a24f7..2a5b82a 100644 > --- a/lib/database.cc > +++ b/lib/database.cc > @@ -847,6 +847,12 @@ notmuch_database_open_verbose (const char *path, > goto DONE; > } > > + if (path[0] != '/') { > + message = strdup ("Error: Database path must be absolute.\n"); > + status = NOTMUCH_STATUS_FILE_ERROR; > + goto DONE; > + } > + > if (! (notmuch_path = talloc_asprintf (local, "%s/%s", path, > ".notmuch"))) { > message = strdup ("Out of memory\n"); > status = NOTMUCH_STATUS_OUT_OF_MEMORY; > >