The following patch fixes a double-free /  NULL pointer dereference
for quote_chars used in attributes (1st part) and memleaks for
news_headers_to_display and news_headers_to_not_display used in attributes
(2nd part).

=== modified file 'src/attrib.c'
--- old/src/attrib.c    2024-11-25 19:56:05 +0000
+++ new/src/attrib.c    2024-12-01 14:06:21 +0000
@@ -471,6 +471,7 @@
                                                quote_dash_to_space(buf);
                                                *tmp = my_strdup(buf);
                                                
set_attrib(OPT_ATTRIB_QUOTE_CHARS, scope, line, *tmp);
+                                               *tmp = NULL;
                                                found = TRUE;
                                                break;
                                        }
@@ -837,23 +838,33 @@
                                SET_BOOLEAN(mark_saved_read);
 
                        case OPT_ATTRIB_NEWS_HEADERS_TO_DISPLAY:
-                               if 
(!curr_scope->attribute->news_headers_to_display)
-                                       
curr_scope->attribute->news_headers_to_display = my_malloc(sizeof(char *));
-                               else
-                                       
FreeIfNeeded(*curr_scope->attribute->news_headers_to_display);
-                               *curr_scope->attribute->news_headers_to_display 
= my_strdup((char *) data);
-                               build_news_headers_array(curr_scope->attribute, 
TRUE);
-                               curr_scope->state->news_headers_to_display = 
TRUE;
+                               {
+                                       char *tmp = (char *) data;
+
+                                       if 
(!curr_scope->attribute->news_headers_to_display)
+                                               
curr_scope->attribute->news_headers_to_display = my_malloc(sizeof(char *));
+                                       else
+                                               
FreeIfNeeded(*curr_scope->attribute->news_headers_to_display);
+                                       
*curr_scope->attribute->news_headers_to_display = my_strdup(tmp);
+                                       FreeAndNull(tmp);
+                                       
build_news_headers_array(curr_scope->attribute, TRUE);
+                                       
curr_scope->state->news_headers_to_display = TRUE;
+                               }
                                break;
 
                        case OPT_ATTRIB_NEWS_HEADERS_TO_NOT_DISPLAY:
-                               if 
(!curr_scope->attribute->news_headers_to_not_display)
-                                       
curr_scope->attribute->news_headers_to_not_display = my_malloc(sizeof(char *));
-                               else
-                                       
FreeIfNeeded(*curr_scope->attribute->news_headers_to_not_display);
-                               
*curr_scope->attribute->news_headers_to_not_display = my_strdup((char *) data);
-                               build_news_headers_array(curr_scope->attribute, 
FALSE);
-                               curr_scope->state->news_headers_to_not_display 
= TRUE;
+                               {
+                                       char *tmp = (char *) data;
+
+                                       if 
(!curr_scope->attribute->news_headers_to_not_display)
+                                               
curr_scope->attribute->news_headers_to_not_display = my_malloc(sizeof(char *));
+                                       else
+                                               
FreeIfNeeded(*curr_scope->attribute->news_headers_to_not_display);
+                                       
*curr_scope->attribute->news_headers_to_not_display = my_strdup(tmp);
+                                       FreeAndNull(tmp);
+                                       
build_news_headers_array(curr_scope->attribute, FALSE);
+                                       
curr_scope->state->news_headers_to_not_display = TRUE;
+                               }
                                break;
 
                        case OPT_ATTRIB_POS_FIRST_UNREAD:


_______________________________________________
tin-dev mailing list
tin-dev@tin.org
http://lists.tin.org/cgi-bin/mailman/listinfo/tin-dev

Reply via email to