From 473e9e83333dd57c1edb36b541dea67536bae7ce Mon Sep 17 00:00:00 2001 From: Sebastian Harl Date: Sun, 5 Oct 2014 18:09:00 +0200 Subject: [PATCH] object: Assert that object's are not free'd multiple times. Else, we'd access free'd memory when trying to do so. --- src/core/object.c | 3 +++ t/unit/core/object_test.c | 3 +-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/core/object.c b/src/core/object.c index 9101918..c39faf4 100644 --- a/src/core/object.c +++ b/src/core/object.c @@ -149,6 +149,9 @@ sdb_object_deref(sdb_object_t *obj) if (obj->ref_cnt > 0) return; + /* we'd access free'd memory in case ref_cnt < 0 */ + assert(! obj->ref_cnt); + if (obj->type.destroy) obj->type.destroy(obj); diff --git a/t/unit/core/object_test.c b/t/unit/core/object_test.c index dec6d41..73d7c86 100644 --- a/t/unit/core/object_test.c +++ b/t/unit/core/object_test.c @@ -275,8 +275,7 @@ START_TEST(test_obj_ref) "%d time%s; expected: 0", destroy_noop_called == 1 ? "" : "2", destroy_noop_called); - /* test_obj_create already checks the ref_cnt == 1 case */ - obj->ref_cnt = 0; + obj->ref_cnt = 1; sdb_object_deref(obj); fail_unless(init_noop_called == 1, "after some sdb_object_{de,}ref(); object's init called %d times; " -- 2.30.2