account->permit = g_slist_remove(account->permit, l->data);
g_free(l->data);
the g_slist_remove() removes 'l' from the list and frees it, then the g_free tries to access l->data after l has been freed.
Switching the order of these 2 lines fixes the problem.
The same bug occurs twice in this file. See attached patch.
---
--- /tmp/Backup/privacy.c.~1~ 2006-03-17 14:55:31.000000000 +0100
+++ /tmp/privacy.c 2006-03-17 14:55:40.000000000 +0100
@@ -85,8 +85,8 @@
if (l == NULL)
return FALSE;
- account->permit = g_slist_remove(account->permit, l->data);
g_free(l->data);
+ account->permit = g_slist_delete_link(account->permit, l);
if (!local_only && gaim_account_is_connected(account))
serv_rem_permit(gaim_account_get_connection(account), who);
@@ -156,8 +156,8 @@
if (l == NULL)
return FALSE;
- account->deny = g_slist_remove(account->deny, l->data);
g_free(l->data);
+ account->deny = g_slist_delete_link(account->deny, l);
if (!local_only && gaim_account_is_connected(account))
serv_rem_deny(gaim_account_get_connection(account), who);
