Mercurial > dovecot > original-hg > dovecot-1.2

diff src/imap/cmd-append.c @ 3879:928229f8b3e6 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
deinit, unref, destroy, close, free, etc. functions now take a pointer to their data pointer, and set it to NULL. This makes double-frees less likely to cause security holes.
author Timo Sirainen <tss@iki.fi>
date Sat, 14 Jan 2006 20:47:20 +0200
parents 55df57c028d4
children a490e6657329
line wrap: on
line diff
--- a/src/imap/cmd-append.c	Sat Jan 14 19:23:22 2006 +0200
+++ b/src/imap/cmd-append.c	Sat Jan 14 20:47:20 2006 +0200
@@ -105,22 +105,21 @@
 {
 	ctx->client->input_skip_line = TRUE;
 
-	io_remove(ctx->client->io);
-	ctx->client->io = NULL;
+	io_remove(&ctx->client->io);
 
-        imap_parser_destroy(ctx->save_parser);
+        imap_parser_destroy(&ctx->save_parser);
 
 	if (ctx->input != NULL)
-		i_stream_unref(ctx->input);
+		i_stream_unref(&ctx->input);
 
 	if (ctx->save_ctx != NULL)
-		mailbox_save_cancel(ctx->save_ctx);
+		mailbox_save_cancel(&ctx->save_ctx);
 
 	if (ctx->t != NULL)
-		mailbox_transaction_rollback(ctx->t);
+		mailbox_transaction_rollback(&ctx->t);
 
 	if (ctx->box != ctx->cmd->client->mailbox && ctx->box != NULL)
-		mailbox_close(ctx->box);
+		mailbox_close(&ctx->box);
 }
 
 static bool cmd_append_continue_cancel(struct client_command_context *cmd)
@@ -199,8 +198,7 @@
 			return TRUE;
 		}
 
-		ret = mailbox_transaction_commit(ctx->t, 0);
-		ctx->t = NULL;
+		ret = mailbox_transaction_commit(&ctx->t, 0);
 		if (ret < 0) {
 			client_send_storage_error(cmd, ctx->storage);
 			cmd_append_finish(ctx);
@@ -272,7 +270,7 @@
 					  ctx->input, FALSE);
 
 	if (keywords != NULL)
-		mailbox_keywords_free(ctx->t, keywords);
+		mailbox_keywords_free(ctx->t, &keywords);
 
 	client->command_pending = TRUE;
 	cmd->func = cmd_append_continue_message;
@@ -290,8 +288,7 @@
 		if (mailbox_save_continue(ctx->save_ctx) < 0) {
 			/* we still have to finish reading the message
 			   from client */
-			mailbox_save_cancel(ctx->save_ctx);
-			ctx->save_ctx = NULL;
+			mailbox_save_cancel(&ctx->save_ctx);
 		}
 	}
 
@@ -305,7 +302,7 @@
 		/* finished */
 		bool all_written = ctx->input->v_offset == ctx->msg_size;
 
-		i_stream_unref(ctx->input);
+		i_stream_unref(&ctx->input);
 		ctx->input = NULL;
 
 		if (ctx->save_ctx == NULL) {
@@ -316,8 +313,8 @@
 			/* client disconnected before it finished sending the
 			   whole message. */
 			failed = TRUE;
-			mailbox_save_cancel(ctx->save_ctx);
-		} else if (mailbox_save_finish(ctx->save_ctx, NULL) < 0) {
+			mailbox_save_cancel(&ctx->save_ctx);
+		} else if (mailbox_save_finish(&ctx->save_ctx, NULL) < 0) {
 			failed = TRUE;
 			client_send_storage_error(cmd, ctx->storage);
 		} else {
@@ -387,8 +384,7 @@
 		if (mailbox_get_status(ctx->box, STATUS_KEYWORDS,
 				       &status) < 0) {
 			client_send_storage_error(cmd, ctx->storage);
-			mailbox_close(ctx->box);
-			ctx->box = NULL;
+			mailbox_close(&ctx->box);
 		} else {
 			client_save_keywords(&client->keywords,
 					     status.keywords);
@@ -398,7 +394,7 @@
 				MAILBOX_TRANSACTION_FLAG_EXTERNAL);
 	}
 
-	io_remove(client->io);
+	io_remove(&client->io);
 	client->io = io_add(i_stream_get_fd(client->input), IO_READ,
 			    client_input, client);
 	/* append is special because we're only waiting on client input, not