[evolution] [composer-autosave] Use-after-free during snapshot save to file

[Milan Crha <mcrha src gnome org>]

commit 79dd568d6dfa5ff703f8bcd8b82e33b1ae8db928
Author: Milan Crha <mcrha redhat com>
Date:   Mon Jan 29 15:52:41 2018 +0100

    [composer-autosave] Use-after-free during snapshot save to file
    
    It could happen that the snapshot save got interrupted by other UI
    code, one of them being composer close, which causes the composer's
    dispose() execution, even it has more than one ref_count. The dispose()
    frees the content widgets, which results in use-after-free when
    the snapshot save continues its execution. The interrupt was possible
    also due to several asynchronous calls being involved during the save.
    
    This had been reported downstream at:
    https://bugzilla.redhat.com/show_bug.cgi?id=1538865

 .../composer-autosave/e-composer-autosave.c        |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)
---
diff --git a/src/modules/composer-autosave/e-composer-autosave.c 
b/src/modules/composer-autosave/e-composer-autosave.c
index b34e2b4..4797861 100644
--- a/src/modules/composer-autosave/e-composer-autosave.c
+++ b/src/modules/composer-autosave/e-composer-autosave.c
@@ -199,6 +199,9 @@ composer_autosave_msg_composer_before_destroy_cb (EMsgComposer *composer,
 
        g_return_if_fail (autosave != NULL);
 
+       /* Cancel any snapshots in progress, composer is going to destroy its content. */
+       g_cancellable_cancel (autosave->priv->cancellable);
+
        if (autosave->priv->malfunction_snapshot_file) {
                if (e_alert_run_dialog_for_args (GTK_WINDOW (composer), 
"mail-composer:recover-autosave-malfunction", NULL) == GTK_RESPONSE_YES) {
                        e_composer_load_snapshot (