SIGSEGV on malformed alias

[vt-alt]

Steps to Reproduce

If you add into .mutt/alias:

alias testtest "Test Test <testtest.email@yandex.ru>"

Then run:

echo 'Hi there!' | neomutt -s 'Hi ' testtest

neomutt crashes with SIGSEGV instead of reporting address error.

gdb debug session:

builder@x86_64:/.in$ gdb -return-child-result --batch -ex r -ex bt -ex 'p *a' --args neomutt -s 'Hi ' testtest < /dev/null
warning: /proc is not accessible.
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Missing separate debuginfo for /usr/lib64/gconv/ISO8859-1.so
Try to install the hash file /usr/lib/debug/.build-id/e1/681a460f6ebc874b5f3907cd63aea7171522aa.debug
[Detaching after fork from child process 15261]
[Detaching after fork from child process 15262]
[Detaching after fork from child process 15263]
[Detaching after fork from child process 15264]
[New Thread 0x7ffff656c880 (LWP 15265)]
warning: unable to open /proc file '/proc/15257/status'
warning: unable to open /proc file '/proc/15257/status'
[Detaching after fork from child process 15266]
warning: unable to open /proc file '/proc/15257/status'
warning: unable to open /proc file '/proc/15257/status'
[Detaching after fork from child process 15268]
warning: unable to open /proc file '/proc/15257/status'
warning: unable to open /proc file '/proc/15257/status'
[Detaching after fork from child process 15270]
warning: unable to open /proc file '/proc/15257/status'
warning: unable to open /proc file '/proc/15257/status'
[Detaching after fork from child process 15272]
warning: unable to open /proc file '/proc/15257/status'
warning: unable to open /proc file '/proc/15257/status'
[Detaching after fork from child process 15274]
warning: unable to open /proc file '/proc/15257/status'
warning: unable to open /proc file '/proc/15257/status'
warning: unable to open /proc file '/proc/15257/status'

Thread 1 received signal SIGSEGV, Segmentation fault.
0x00000000004b7e3a in expand_aliases_r (al=al@entry=0x59d600, expn=expn@entry=0x7fffffffb8e0) at alias/alias.c:148
148             a = TAILQ_PREV(a, AddressList, entries);
#0  0x00000000004b7e3a in expand_aliases_r (al=al@entry=0x59d600, expn=expn@entry=0x7fffffffb8e0) at alias/alias.c:148
#1  0x00000000004b7f9d in mutt_expand_aliases (al=al@entry=0x59d600) at alias/alias.c:299
#2  0x00000000004b7fe6 in mutt_expand_aliases_env (env=env@entry=0x59d5e0) at alias/alias.c:311
#3  0x00000000004c0515 in mutt_send_message (flags=<optimized out>, flags@entry=32, e_templ=<optimized out>, tempfile=tempfile@entry=0x0, ctx=ctx@entry=0x0, el=el@entry=0x0, sub=0x587970) at send/send.c:2214
#4  0x000000000040cd76 in main (argc=2, argv=0x7fffffffe618, envp=<optimized out>) at main.c:1052
$1 = {personal = 0x0, mailbox = 0x5b3a00 "testtest", group = false, is_intl = false, intl_checked = false, entries = {tqe_next = 0x0, tqe_prev = 0x59d600}}
builder@x86_64:/.in$

When did it start to happen?

Version 20180716 does not crash. Crash noticed on version 20200821 and confirmed on git master.

NeoMutt Version

NeoMutt 20200821
Copyright (C) 1996-2020 Michael R. Elkins and others.
NeoMutt comes with ABSOLUTELY NO WARRANTY; for details type 'neomutt -vv'.
NeoMutt is free software, and you are welcome to redistribute it
under certain conditions; type 'neomutt -vv' for details.

System: Linux 4.9.56-std-def-alt1.1 (x86_64)
ncurses: ncurses 6.1.20180407 (compiled with 6.1.20180407)
libidn2: 2.3.0 (compiled with 2.3.0)
GPGME: 1.13.1
OpenSSL: OpenSSL 1.1.1g  21 Apr 2020
libnotmuch: 5.2.0
storage: bdb
compression: zlib, zstd

Configure options: --build=x86_64-alt-linux --host=x86_64-alt-linux --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/lib --localstatedir=/var/lib --sharedstatedir=/var/lib --mandir=/usr/share/man --infodir=/usr/share/info --disable-dependency-tracking --disable-silent-rules --disable-nls --docdir=/usr/share/doc/neomutt-20200821 --with-ui=ncurses --gpgme --notmuch --lua --bdb --ssl --sasl --disable-idn --idn2 --zlib --zstd --sqlite

Compilation CFLAGS: -pipe -frecord-gcc-switches -Wall -g -O2 -std=c99 -fno-delete-null-pointer-checks -D_ALL_SOURCE=1 -D_GNU_SOURCE=1 -D__EXTENSIONS__ -I/usr/include -DNCURSES_WIDECHAR -I/include -I/usr/include/

Default options:
  +attach_headers_color +compose_to_sender +compress +cond_date +debug
  +encrypt_to_self +forgotten_attachments +forwref +ifdef +imap +index_color
  +initials +limit_current_thread +multiple_fcc +nested_if +new_mail +nntp +pop
  +progress +quasi_delete +regcomp +reply_with_xorig +sensible_browser +sidebar
  +skip_quoted +smtp +status_color +timeout +tls_sni +trash

Compile options:
  -autocrypt +bkgdset +color +curs_set +fcntl -flock -fmemopen +futimens
  +getaddrinfo -gnutls +gpgme -gss +hcache -homespool +idn +inotify
  -locales_hack +lua +meta -mixmaster -nls +notmuch +openssl +pgp +regex +sasl
  +smime +sqlite +start_color +sun_attachment +typeahead
MAILPATH="/var/mail"
PKGDATADIR="/usr/share/neomutt"
SENDMAIL="/usr/sbin/sendmail"
SYSCONFDIR="/etc"

To learn more about NeoMutt, visit: https://neomutt.org
If you find a bug in NeoMutt, please raise an issue at:
    https://github.com/neomutt/neomutt/issues
or send an email to: <neomutt-devel@neomutt.org>

Extra Info

There is downstream bug report https://bugzilla.altlinux.org/show_bug.cgi?id=38891 by Vera Blagoveschenskaya.

[gahr]

Yep I see that.

[vt-alt]

Tested, looks good. Thanks!

builder@x86_64:/.in$ echo | neomutt -s 'Hi ' testtest
Error in /usr/src/.mutt/alias, line 8: Warning: Bad address '"Test Test <testtest.email@yandex.ru>"' in alias 'testtest'
Error in /usr/src/.mutt/muttrc, line 2: source: file /usr/src/.mutt/alias could not be sourced
source: errors in /usr/src/.mutt/muttrc
Error sending message, child exited 127 (Exec error.)
Could not send the message
builder@x86_64:/.in$