lib-imap: imap_parser_unref() should always set parser=NULL

Not just when the last reference is cleared. This is how *_unref()s should
work everywhere in Dovecot. This fixes a bug in lib-imap-client where a
parser could have been accessed after it was already freed.

diff --git a/src/lib-imap/imap-parser.c b/src/lib-imap/imap-parser.c
index 0784278425f47fa042c75a6beeade06d0c39a3b5..2b75a40017e72ca28546bc9f0a154f593802b9f1 100644 (file)
--- a/src/lib-imap/imap-parser.c
+++ b/src/lib-imap/imap-parser.c
@@ -93,16 +93,18 @@ void imap_parser_ref(struct imap_parser *parser)
        parser->refcount++;
 }
 
-void imap_parser_unref(struct imap_parser **parser)
+void imap_parser_unref(struct imap_parser **_parser)
 {
-       i_assert((*parser)->refcount > 0);
+       struct imap_parser *parser = *_parser;
 
-       if (--(*parser)->refcount > 0)
+       *_parser = NULL;
+
+       i_assert(parser->refcount > 0);
+       if (--parser->refcount > 0)
                return;
 
-       pool_unref(&(*parser)->pool);
-       i_free(*parser);
-       *parser = NULL;
+       pool_unref(&parser->pool);
+       i_free(parser);
 }
 
 void imap_parser_enable_literal_minus(struct imap_parser *parser)