[gnome-calendar/mcatanzaro/#435] Fix use-after-free in GcalManager code

[Michael Catanzaro <mcatanzaro src gnome org>]

commit 0b0847bed0c33485cd7f198d9a0698da18452e78
Author: Michael Catanzaro <mcatanzaro igalia com>
Date:   Wed Jul 17 17:52:39 2019 -0500

    Fix use-after-free in GcalManager code
    
    This was originally discovered and fixed by Milan Crha; I'm just
    forward-porting his fix to the master branch. self->clients takes
    ownership of this source but we don't currently have ownership here,
    leading to a double free vulnerability.
    
    Fixes #435

 src/core/gcal-manager.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
---
diff --git a/src/core/gcal-manager.c b/src/core/gcal-manager.c
index 7760eccc..879695b1 100644
--- a/src/core/gcal-manager.c
+++ b/src/core/gcal-manager.c
@@ -269,7 +269,7 @@ on_calendar_created_cb (GObject      *source_object,
   client = gcal_calendar_get_client (calendar);
   source = gcal_calendar_get_source (calendar);
 
-  g_hash_table_insert (self->clients, source, calendar);
+  g_hash_table_insert (self->clients, g_object_ref (source), calendar);
 
   if (visible)
     {