Dear Evolution hackers,
analyzing crashes, I see that in `./camel/camel-folder-summary.c`
count = bdata_extract_digit (&part)
sometimes seems to be negative, which seems unreasonable. I added
`g_assert (count < 0)` right after that and in at least one case I hit
that assert. Though this is not reproducible.
Now the question is, whether this is due to some memory corruption or a
programming error.
`bdata_extract_digit ()` was added in
commit ceb906002ae20ffa8eb4d79407d8111b0aa0798d
Author: Milan Crha <mcrha redhat com>
Date: Thu Dec 9 13:56:19 2010 +0100
Bug #573125 - Crashes right after startup when having broken db summary
and replaced the following macros.
#define EXTRACT_FIRST_DIGIT(val) val=strtoul (part, &part, 10);
#define EXTRACT_DIGIT(val) part++; val=strtoul (part, &part, 10);
Looking at the function it would be awesome if you could help me
understand it.
gint
bdata_extract_digit (/* const */ gchar **part)
{
First we check whether at least one of the pointers or the string are
empty/NULL.
if (!part || !*part || !**part)
return 0;
Now we check whether the first character of the string is a space and if
true we go to the next character.
if (**part == ' ')
*part += 1;
The next check checks again, if the string exists and should be
redundant to `if (!part)`.
if (!**part)
return 0;
Now `strtoul()` is used to convert the string to an unsigned long int.
return strtoul (*part, part, 10);
Could this cause problems because `count` is a normal integer and not an
unsigned integer?
}
Also I do not understand why we check for a space because according to
`man strtoul` spaces are skipped.
Thanks,
Paul
[1] http://git.gnome.org/browse/evolution-data-server/tree/camel/camel-folder-summary.c?id=ceb906002ae20ffa8eb4d79407d8111b0aa0798d#n4904
Attachment:
signature.asc
Description: This is a digitally signed message part