Fix bug in imap_keepalive() which erroneously free Context when the IMAP connection...

Closes #3410

diff --git a/imap/util.c b/imap/util.c
index 611cbe926b01ebbac7648901cb18d6e64d609f11..b38268e22dc543472e906c6f1d00a06eb16f43c7 100644 (file)
--- a/imap/util.c
+++ b/imap/util.c
@@ -749,6 +749,8 @@ void imap_keepalive (void)
   {
     if (conn->account.type == M_ACCT_TYPE_IMAP)
     {
+      int need_free = 0;
+
       idata = (IMAP_DATA*) conn->data;
 
       if (idata->state >= IMAP_AUTHENTICATED
@@ -760,9 +762,17 @@ void imap_keepalive (void)
        {
          ctx = safe_calloc (1, sizeof (CONTEXT));
          ctx->data = idata;
+         /* imap_close_mailbox will set ctx->iadata->ctx to NULL, so we can't
+          * rely on the value of iadata->ctx to determine if this placeholder
+          * context needs to be freed.
+          */
+         need_free = 1;
        }
+       /* if the imap connection closes during this call, ctx may be invalid
+        * after this point, and thus should not be read.
+        */
        imap_check_mailbox (ctx, NULL, 1);
-       if (!idata->ctx)
+       if (need_free)
          FREE (&ctx);
       }
     }