[Users] [Bug 3667] New: segfault in imap_session_authenticate

Sat Aug 13 12:00:04 CEST 2016

http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3667

            Bug ID: 3667
           Summary: segfault in imap_session_authenticate
    Classification: Unclassified
           Product: Claws Mail
           Version: 3.14.0
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: critical
          Priority: P3
         Component: Folders/IMAP
          Assignee: users at lists.claws-mail.org
          Reporter: finkandreas at web.de

All line numbers will refer to version 3.14.0 and the file imap.c!
I have a plugin running, that returns the password from gnome-keyring, i.e.
imap.c:1285 will run successfully, and we will end up in the block with lines
1287 and 1288.
Line 1287 is the problem here, because we use Xstrdup_a(acc_pass...) which uses
internally alloca, thus the memory is automatically managed.
However in all following code (and in my case in line 1341), the memory for
acc_pass will be freed with g_free.
This leads to a segmentation fault on my PC.

I guess this bug was introduced due to the new passwordstore in claws-mail...

-- 
You are receiving this mail because:
You are the assignee for the bug.