Mercurial > dovecot > core-2.2

changeset 22050:37e6375d1978

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
lib-imap: imap_parser_unref() should always set parser=NULL Not just when the last reference is cleared. This is how *_unref()s should work everywhere in Dovecot. This fixes a bug in lib-imap-client where a parser could have been accessed after it was already freed.
author Timo Sirainen <timo.sirainen@dovecot.fi>
date Thu, 18 May 2017 19:40:04 +0300
parents c24c32983eae
children a70a741f0ae8
files src/lib-imap/imap-parser.c
diffstat 1 files changed, 8 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/src/lib-imap/imap-parser.c	Thu May 18 18:09:56 2017 +0300
+++ b/src/lib-imap/imap-parser.c	Thu May 18 19:40:04 2017 +0300
@@ -91,16 +91,18 @@
 	parser->refcount++;
 }
 
-void imap_parser_unref(struct imap_parser **parser)
+void imap_parser_unref(struct imap_parser **_parser)
 {
-	i_assert((*parser)->refcount > 0);
+	struct imap_parser *parser = *_parser;
 
-	if (--(*parser)->refcount > 0)
+	*_parser = NULL;
+
+	i_assert(parser->refcount > 0);
+	if (--parser->refcount > 0)
 		return;
 
-	pool_unref(&(*parser)->pool);
-	i_free(*parser);
-	*parser = NULL;
+	pool_unref(&parser->pool);
+	i_free(parser);
 }
 
 void imap_parser_reset(struct imap_parser *parser)