pidgin-2.10.6 crashes on exit with purple-events (git version)

[richardgv]

Environment: Gentoo ~amd64, pidgin-2.10.6, purple-events-9999

Problem:

Exiting Pidgin (after it has connected to some accounts?) results in:

*** glibc detected *** /usr/bin/pidgin: free(): invalid pointer: 0x0000555556478db0 ***
======= Backtrace: =========
...

Possible cause:

Line 214, src/plugin/events.c:

static gboolean
_purple_events_unload(PurplePlugin *plugin)
{
    // ...

    g_list_free_full(context->just_signed_on_accounts, _purple_events_just_signed_on_account_free);

    // ...

Line 202, src/plugin/events.c:

static void
_purple_events_just_signed_on_account_free(gpointer data)
{
    // ...

    g_free(just_signed_on_account);
}

g_list_free_full will call g_free on elements in the GList after it fires the callback function, so calling gfree to free an element on _purple_events_just_signed_on_account_free may introduce a double free, according to my very limited understanding of glib.

Proposed patch:

--- src/plugin/events.old.c 2012-08-27 10:04:03.130013469 +0800
+++ src/plugin/events.c 2012-08-27 10:03:33.840013373 +0800
@@ -195,11 +195,10 @@
 }

 static void
-_purple_events_just_signed_on_account_free(gpointer data)
+_purple_events_just_signed_on_account_free(gpointer data, gpointer user_data)
 {
     PurpleEventsJustSignedOnAccount *just_signed_on_account = data;
     purple_timeout_remove(just_signed_on_account->handle);
-    g_free(just_signed_on_account);
 }

 static gboolean

[sardemff7]

g_list_free_full does not call g_free. I simply failed at removing used data from the list.

Fixed in 27e217f1ba162fdc0694824913d0feb883ee12a1