[Commits] [SCM] claws branch, master, updated. 4.2.0-46-geff109180

mones at claws-mail.org mones at claws-mail.org
Sat Feb 10 19:06:07 UTC 2024 

The branch, master has been updated
       via  eff1091802b80bfb76f72e4c8005d6d87f99141c (commit)
      from  dcafc3fad2af216d0d125310eb9a4424f32f76a3 (commit)

Summary of changes:
 src/common/plugin.c | 5 +++--
 src/common/prefs.c  | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)


- Log -----------------------------------------------------------------
commit eff1091802b80bfb76f72e4c8005d6d87f99141c
Author: Ricardo Mones <ricardo at mones.org>
Date:   Sat Feb 10 20:04:16 2024 +0100

    Fix CID 1491211 'Use after free'
    
    The function prefs_set_block_label frees its pfile argument on error
    (via prefs_file_close_revert calls) and also returns -1, so use the
    returned value to check instead of the freed pointer.
    
    Update function documentation while we're at it.

diff --git a/src/common/plugin.c b/src/common/plugin.c
index 47557d735..1ae02be78 100644
--- a/src/common/plugin.c
+++ b/src/common/plugin.c
@@ -595,16 +595,17 @@ void plugin_load_all(const gchar *type)
 	gchar buf[BUFFSIZE];
 	PrefFile *pfile;
 	gchar *error = NULL, *block;
+	gint failed = 0;
 
 	plugin_types = g_slist_append(plugin_types, g_strdup(type));
 
 	rcpath = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S, COMMON_RC, NULL);	
 	block = g_strconcat(PLUGINS_BLOCK_PREFIX, type, NULL);
 	if ((pfile = prefs_read_open(rcpath)) == NULL ||
-	    (prefs_set_block_label(pfile, block) < 0)) {
+	    ((failed = prefs_set_block_label(pfile, block)) < 0)) {
 		g_free(rcpath);
 		g_free(block);
-		if (pfile)
+		if (!failed)
 			prefs_file_close(pfile);
 		return;
 	}
diff --git a/src/common/prefs.c b/src/common/prefs.c
index 114ed65e5..8d722f799 100644
--- a/src/common/prefs.c
+++ b/src/common/prefs.c
@@ -265,7 +265,7 @@ gboolean prefs_rc_is_readonly(const gchar * rcfile)
  *
  *\param	pfile Preferences file struct
  *
- *\return	0 on success, -1 on failure
+ *\return	0 on success, -1 on failure and pfile is freed.
  */
 gint prefs_set_block_label(PrefFile *pfile, const gchar *label)
 {

-----------------------------------------------------------------------


hooks/post-receive
-- 
Claws Mail

More information about the Commits mailing list