lefcha
Session use after free
The C core stores pointers to the Lua string passed when login in to an account. However Lua's strings are only valid until they are popped from stack.
Thus once eg lua code changes the password, by eg changing (the private) member:
Account._account.password
the the prior (dangling) reference may no longer point to the correct memory location leading to a segmentation fault.
The code in the pull request stores copies for xstrdup instead.
A similar issue happens when reconnection fails during options.recover = true runs. Here the issue is that the C core's request_login function tears down the session object if login fails. However this then produces dangling pointers since it will try to recover again using the same (now invalid) pointer to a partially torn down session.
This commit is not really a nice fix, mostly I would thin one may have to have a login and relogin function to avoid the extra flag I introduced. Not sure what would best fit into imapfilter's code pilosophy.
