From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Sat, 19 Nov 2016 17:57:10 +0000 (+0000)
Subject: src/query.c: Correct assertion in free_interim
X-Git-Tag: adns-1.5.2~20
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git;a=commitdiff_plain;h=0a214048761384524d2bfc48e792315e6a2e187d

src/query.c: Correct assertion in free_interim

!something is always >=0.  We meant to check that the free_interim
does not free more than was allocated.

Also do the assertion before the manipulation.  That reduces the
probability that a compiler will "prove" that the assertion is not
needed, or that it will fire too late.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---

diff --git a/src/query.c b/src/query.c
index 480cbf5..a462bbc 100644
--- a/src/query.c
+++ b/src/query.c
@@ -431,10 +431,10 @@ void adns__free_interim(adns_query qu, void *p) {
 
   if (!an) return;
   assert(!qu->final_allocspace);
+  qu->interim_allocd -= sz;
+  assert(qu->interim_allocd >= 0);
   LIST_UNLINK(qu->allocations, an);
   free(an);
-  qu->interim_allocd -= sz;
-  assert(!qu->interim_allocd >= 0);
 }
 
 void *adns__alloc_mine(adns_query qu, size_t sz) {