Fix setenv overwriting to not truncate the envlist. (see #3922)

The refactor in 2b9c40f13e13 exposed a bug I hadn't noticed.  The
match loop performed a FREE() on the slot.  Then, below, it was
checking if (*envp) to see whether it was overwriting or creating a
new slot.  However, FREE() nulls out *envp.  This would end up
truncating the envlist just after the set slot!

Move the free down, using a mutt_str_replace(), when overwriting the
slot.

diff --git a/init.c b/init.c
index e776a6c9a6b9afadba80a70c77aea1d2a8b6396b..1ba65b994c96f02fc1487de9556ba7845c3ebb69 100644 (file)
--- a/init.c
+++ b/init.c
@@ -2045,10 +2045,7 @@ void mutt_envlist_set (const char *name, const char *value)
   while (envp && *envp)
   {
     if (!mutt_strncmp (name, *envp, len) && (*envp)[len] == '=')
-    {
-      FREE (envp);     /* __FREE_CHECKED__ */
       break;
-    }
     envp++;
     count++;
   }
@@ -2058,7 +2055,7 @@ void mutt_envlist_set (const char *name, const char *value)
 
   /* If slot found, overwrite */
   if (envp && *envp)
-    *envp = safe_strdup (work);
+    mutt_str_replace (envp, work);
 
   /* If not found, add new slot */
   else