From: Pierre-Elliott Bécue <becue@crans.org>
Date: Sun, 13 May 2018 13:56:30 +0000 (+0200)
Subject: ci_send_message: copy the x_original_to address list instead of using it
X-Git-Tag: neomutt-20180622~60
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fd97e5bf3c0a110527d107c82981eaf516451d68;p=neomutt

ci_send_message: copy the x_original_to address list instead of using it

If an end user cancels the edit_envelope action, then cleanup is called.
When using directly the x_original_to address list directly, this
cleanup stage did actually clean the x_original_to pointer. Should the
user reply again to the same message, then the pointer would point to 0
and then any "unsafe" operation on it would trigger a SIGSEGV. Copying
it solves this issue safely.
---

diff --git a/send.c b/send.c
index fedd646ba..ef42edd54 100644
--- a/send.c
+++ b/send.c
@@ -1459,7 +1459,7 @@ int ci_send_message(int flags, struct Header *msg, char *tempfile,
      */
     if (cur->env->x_original_to && !msg->env->from)
     {
-      msg->env->from = cur->env->x_original_to;
+      msg->env->from = mutt_addr_copy_list(cur->env->x_original_to, false);
       /* Not more than one from address */
       msg->env->from->next = NULL;
       mutt_debug(5, "msg->env->from extracted from X-Original-To: header: %s\n",