Bug 1609690 - Fix address-parsing crash on some IMAP servers when mail.imap.use_envelope_cmd is set. r+a=mkmelin
authorBen Campbell <benc@thunderbird.net>
Mon, 20 Jan 2020 12:40:04 +0200
changeset 37887 412d38997e6342a26a1cdc83fc2a0d46058cad49
parent 37886 27db17ea1a174d484cbcbf2cfbc403de3c74252e
child 37888 3249d2340a6a4f10d0dda9c9480864488a2df636
push id397
push userclokep@gmail.com
push dateMon, 10 Feb 2020 21:16:13 +0000
bugs1609690
Bug 1609690 - Fix address-parsing crash on some IMAP servers when mail.imap.use_envelope_cmd is set. r+a=mkmelin
mailnews/imap/src/nsImapServerResponseParser.cpp
--- a/mailnews/imap/src/nsImapServerResponseParser.cpp
+++ b/mailnews/imap/src/nsImapServerResponseParser.cpp
@@ -1379,16 +1379,18 @@ void nsImapServerResponseParser::xaolenv
         }
         if (ContinueParse()) AdvanceToNextToken();  // skip )
       }
     }
   }
 }
 
 void nsImapServerResponseParser::parse_address(nsAutoCString &addressLine) {
+  // NOTE: Not sure this function correctly handling group address syntax.
+  // See Bug 1609846.
   if (!strcmp(fNextToken, "NIL")) return;
   bool firstAddress = true;
   // should really look at chars here
   NS_ASSERTION(*fNextToken == '(', "address should start with '('");
   fNextToken++;  // eat the next '('
   while (ContinueParse() && *fNextToken == '(') {
     NS_ASSERTION(*fNextToken == '(', "address should start with '('");
     fNextToken++;  // eat the next '('
@@ -1401,28 +1403,31 @@ void nsImapServerResponseParser::parse_a
     char *atDomainList = CreateNilString();
     if (ContinueParse()) {
       AdvanceToNextToken();
       char *mailboxName = CreateNilString();
       if (ContinueParse()) {
         AdvanceToNextToken();
         char *hostName = CreateNilString();
         AdvanceToNextToken();
-        addressLine += mailboxName;
+        if (mailboxName) {
+          addressLine += mailboxName;
+        }
         if (hostName) {
           addressLine += '@';
           addressLine += hostName;
-          free(hostName);
+          PR_Free(hostName);
         }
         if (personalName) {
           addressLine += " (";
           addressLine += personalName;
           addressLine += ')';
         }
       }
+      PR_Free(mailboxName);
     }
     PR_Free(personalName);
     PR_Free(atDomainList);
 
     if (*fNextToken == ')') fNextToken++;
     // if the next token isn't a ')' for the address term,
     // then we must have another address pair left....so get the next
     // token and continue parsing in this loop...