From 5f1011ac0ad676d1e7eaba14d1384180e98fb93e Mon Sep 17 00:00:00 2001
From: Justus Winter <4winter@informatik.uni-hamburg.de>
Date: Fri, 20 Jun 2014 14:27:59 +0200
Subject: include: detect use-after-free errors using the reference counts

* include/refcount.h (refcount_init): There must be at least one
reference at initialization time.
(refcounts_init): Likewise.
(refcount_unsafe_ref): New function retaining the previous
functionality of refcount_ref.  It is occasionally useful to raise the
reference count again after it dropped to zero.
(refcounts_unsafe_ref): Likewise.
(refcounts_unsafe_weak_ref): Likewise.
(refcount_ref): Detect use-after-free errors.
(refcounts_ref): Likewise.
(refcounts_ref_weak): Likewise.
* libtrivfs/protid-clean.c (trivfs_clean_protid): Use refcount_unsafe_ref.
---
 libtrivfs/protid-clean.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'libtrivfs')

diff --git a/libtrivfs/protid-clean.c b/libtrivfs/protid-clean.c
index adc5e981..ff6cc167 100644
--- a/libtrivfs/protid-clean.c
+++ b/libtrivfs/protid-clean.c
@@ -36,7 +36,7 @@ trivfs_clean_protid (void *arg)
       if (refcount_deref (&cred->po->refcnt) == 0)
         {
           /* Reacquire a reference while we call the hook.  */
-          refcount_ref (&cred->po->refcnt);
+          refcount_unsafe_ref (&cred->po->refcnt);
           (*trivfs_peropen_destroy_hook) (cred->po);
           if (refcount_deref (&cred->po->refcnt) == 0)
             {
-- 
cgit v1.2.3