qom: Assert instance size in object_initialize_with_type()
This catches objects initializing beyond allocated memory, e.g.,
when subtypes get extended with instance state of their own.
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
diff --git a/qom/object.c b/qom/object.c
index 1635422..e90e382 100644
--- a/qom/object.c
+++ b/qom/object.c
@@ -311,7 +311,7 @@
}
}
-void object_initialize_with_type(void *data, TypeImpl *type)
+void object_initialize_with_type(void *data, size_t size, TypeImpl *type)
{
Object *obj = data;
@@ -320,6 +320,7 @@
g_assert(type->instance_size >= sizeof(Object));
g_assert(type->abstract == false);
+ g_assert(size >= type->instance_size);
memset(obj, 0, type->instance_size);
obj->class = type->class;
@@ -333,7 +334,7 @@
{
TypeImpl *type = type_get_by_name(typename);
- object_initialize_with_type(data, type);
+ object_initialize_with_type(data, size, type);
}
static inline bool object_property_is_child(ObjectProperty *prop)
@@ -424,7 +425,7 @@
type_initialize(type);
obj = g_malloc(type->instance_size);
- object_initialize_with_type(obj, type);
+ object_initialize_with_type(obj, type->instance_size, type);
obj->free = g_free;
return obj;
