On Fri Apr 10 07:19:39 2026 +0000, Dmitry Timoshkov wrote:
Quoting https://gitlab.winehq.org/wine/wine/-/merge_requests/10439/diffs?commit_id=0... A buggy application does something like this: PCCERT_CONTEXT cert, prev = NULL; while ((cert = CertEnumCertificatesInStore(store, prev))) { do_something_with_cert(cert); CertFreeCertificateContext(cert); prev = cert; } CertCloseStore(store); <= assert(!cert->ref) beacuse cert->ref == -1 which leads to a crash because of an assert(). Similar code works under Windows, however it's not clear how this could be properly added as a test case because of potential use after free. Also, adding a 'prev->ref' check to Context_Release() doesn't seem to be correct since Context_Release() is used outside of the lock in other callers. Can you provide more detail? This translation of your example crashes on Windows:
static void test_crash(void)
{
PCCERT_CONTEXT cert, prev = NULL;
HCERTSTORE store = CertOpenSystemStoreW( 0, L"My" );
while ((cert = CertEnumCertificatesInStore( store, prev )))
{
trace( "%p\n", cert );
CertFreeCertificateContext( cert );
prev = cert;
}
CertCloseStore( store, 0 );
}
-- https://gitlab.winehq.org/wine/wine/-/merge_requests/10439#note_135785