DOS: use-after-free in ACL message handling

Removing the last message in queue because of an ACL leaves last_msg
in a corrupted state. Therefore an unauthorized attacker may cause a
segfault of the broker.

Signed-off-by: Frank Busse <bb0xfb@gmail.com>

src/read_handle_server.c

@@ -549,6 +549,9 @@ int mqtt3_handle_connect(struct mosquitto_db *db, struct mosquitto *context)
 					msg_tail = msg_prev->next;
 				}else{
 					context->msgs = context->msgs->next;
+					if(context->last_msg == msg_tail){
+						context->last_msg = NULL;
+					}
 					_mosquitto_free(msg_tail);
 					msg_tail = context->msgs;
 				}