On Thu, May 22, 2025 at 02:25:47PM -0400, Eric Sunshine wrote:
> It's subjective, but I would probably fix this a little bit
> differently and (to my mind) more simply:
>
> response = cram(prompt, ctx->cfg->user, ctx->cfg->pass);
>
> ret = socket_write(&ctx->imap->buf.sock, response, strlen(response));
> free(response);
> if (ret != strlen(response))
> return error("IMAP error: sending response failed");
Doesn't that introduce a use-after-free for response? You'd have to
store the strlen() result in a local variable.
-Peff
