src/query.c: Correct assertion in free_interim

!something is always >=0.  We meant to check that the free_interim
does not free more than was allocated.

Also do the assertion before the manipulation.  That reduces the
probability that a compiler will "prove" that the assertion is not
needed, or that it will fire too late.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>

diff --git a/src/query.c b/src/query.c
index 480cbf557ebafce2d88fc2aa0d3273975fecfc7d..a462bbc0e31fefeb78a045852fa0ac5aea51f63e 100644 (file)
--- a/src/query.c
+++ b/src/query.c
@@ -431,10 +431,10 @@ void adns__free_interim(adns_query qu, void *p) {
 
   if (!an) return;
   assert(!qu->final_allocspace);
+  qu->interim_allocd -= sz;
+  assert(qu->interim_allocd >= 0);
   LIST_UNLINK(qu->allocations, an);
   free(an);
-  qu->interim_allocd -= sz;
-  assert(!qu->interim_allocd >= 0);
 }
 
 void *adns__alloc_mine(adns_query qu, size_t sz) {