From 4454e1d40dfdad58075b95b1b6cfaeb226389031 Mon Sep 17 00:00:00 2001
From: InterLinked1 <24227567+InterLinked1@users.noreply.github.com>
Date: Mon, 16 Sep 2024 19:39:01 -0400
Subject: [PATCH] net_imap: Add assertion guarding potential NULL dereference.

There has been a single incident where there was a segfault
in this strncmp call, but not enough details at this point
to determine why this happened. Add some assertions for
the meantime to provide better visibility into this in the
future, should this happen again.

LBBS-14 #close
---
 nets/net_imap/imap_client.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/nets/net_imap/imap_client.c b/nets/net_imap/imap_client.c
index 5560f8b..f036b1c 100644
--- a/nets/net_imap/imap_client.c
+++ b/nets/net_imap/imap_client.c
@@ -823,13 +823,16 @@ static struct imap_client *__load_virtual_mailbox(struct imap_session *imap, con
 	size_t pathlen;
 
 	if (imap->client) {
+		const char *virtprefix = imap->client->virtprefix;
 		/* Reuse the same connection if it's the same account. */
-		if (!strncmp(imap->client->virtprefix, path, imap->client->virtprefixlen)) {
+		bbs_assert_exists(path);
+		bbs_assert_exists(virtprefix);
+		if (!strncmp(virtprefix, path, imap->client->virtprefixlen)) {
 			bbs_debug(5, "Reusing existing active connection for %s\n", path);
 			*exists = 1;
 			return imap->client;
 		}
-		/* An optimization here is if the remote server supports the UNAUTHENTICATE capability,
+		/* A potential optimization here is if the remote server supports the UNAUTHENTICATE capability,
 		 * we can reuse the connection instead of establishing a new one
 		 * (if it's the same server (hostname), but different user/account)
 		 * Unfortunately, no major providers support the UNAUTHENTICATE extension,