Check for NULL userhdrs.

When composing an email, miscellaneous extra headers are stored in a userhdrs list. Mutt first checks to ensure each header contains at least a colon character, passes the entire userhdr field (name, colon, and body) to the rfc2047 decoder, and safe_strdup()'s the result on the userhdrs list. An empty result would from the decode would result in a NULL headers being added to list. The previous commit removed the possibility of the decoded header field being empty, but it's prudent to add a check to the strchr calls, in case there is another unexpected bug resulting in one. Thanks to Chenyuan Mi (@morningbread) for discovering the two strchr crashes, giving a working example draft message, and providing the stack traces for the two NULL derefences.
author: Kevin McCarthy <kevin@8t8.us> 2023-09-04 12:50:07 +0800
committer: Kevin McCarthy <kevin@8t8.us> 2023-09-09 14:31:19 +0800
commit: 4cc3128abdf52c615911589394a03271fddeefc6 (patch)
tree: c732f421fe2ce334bbb13f6069fcf6b18041c534
parent: 452ee330e094bfc7c9a68555e5152b1826534555 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/sendlib.c b/sendlib.c
index c2283972..763bff41 100644
--- a/sendlib.c
+++ b/sendlib.c
@@ -2418,7 +2418,7 @@ int mutt_write_rfc822_header (FILE *fp, ENVELOPE *env, BODY *attach, char *date,
   /* Add any user defined headers */
   for (; tmp; tmp = tmp->next)
   {
-    if ((p = strchr (tmp->data, ':')))
+    if ((p = strchr (NONULL (tmp->data), ':')))
     {
       q = p;
 
@@ -2466,7 +2466,7 @@ static void encode_headers (LIST *h)
 
   for (; h; h = h->next)
   {
-    if (!(p = strchr (h->data, ':')))
+    if (!(p = strchr (NONULL (h->data), ':')))
       continue;
 
     i = p - h->data;
author	Kevin McCarthy <kevin@8t8.us>	2023-09-04 12:50:07 +0800
committer	Kevin McCarthy <kevin@8t8.us>	2023-09-09 14:31:19 +0800
commit	4cc3128abdf52c615911589394a03271fddeefc6 (patch)
tree	c732f421fe2ce334bbb13f6069fcf6b18041c534
parent	452ee330e094bfc7c9a68555e5152b1826534555 (diff)