~kevin8t8/mutt

edf5699c189bf8da642297fe327e19a6c7674091 — Kevin McCarthy 6 months ago 8914a1b
Fix crash when polling a closed ssl connection.

Commit 8353407c enabled checking for buffered OpenSSL/GnuTLS data when
polling, but neglected to check if the connection was already closed.

This can be triggered during imap_logout() if the connection write of
"LOGOUT" fails and closes the connection, before the poll.  It's a bit
tricky to trigger because imap_logout_all() checks for a closed
connection, so the failure needs to take place at that last write.

Thanks to Stefan Sperling for pointing out the problem, complete with
a backtrace and patch.  (This commit takes a different approach for a
stable-branch fix.)
2 files changed, 6 insertions(+), 0 deletions(-)

M mutt_ssl.c
M mutt_ssl_gnutls.c
M mutt_ssl.c => mutt_ssl.c +3 -0
@@ 465,6 465,9 @@ static int ssl_socket_poll (CONNECTION* conn, time_t wait_secs)
{
  sslsockdata *data = conn->sockdata;

  if (!data)
    return -1;

  if (SSL_has_pending (data->ssl))
    return 1;
  else

M mutt_ssl_gnutls.c => mutt_ssl_gnutls.c +3 -0
@@ 193,6 193,9 @@ static int tls_socket_poll (CONNECTION* conn, time_t wait_secs)
{
  tlssockdata *data = conn->sockdata;

  if (!data)
    return -1;

  if (gnutls_record_check_pending (data->state))
    return 1;
  else