Whamcloud - gitweb
LU-9412 lfs: A invalid memory write in llapi_layout_to_lum 58/26858/4
authorBobi Jam <bobijam.xu@intel.com>
Thu, 27 Apr 2017 10:29:09 +0000 (18:29 +0800)
committerOleg Drokin <oleg.drokin@intel.com>
Sat, 20 May 2017 18:46:19 +0000 (18:46 +0000)
When lum is realloc(), the comp_v1 needs to be updated, otherwise
it could point to the old invalid memory area.

Signed-off-by: Bobi Jam <bobijam.xu@intel.com>
Change-Id: I4493e5f13bce22dae07200bada14ba2349635890
Reviewed-on: https://review.whamcloud.com/26858
Reviewed-by: Niu Yawei <yawei.niu@intel.com>
Tested-by: Jenkins
Tested-by: Maloo <hpdd-maloo@intel.com>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Jinshan Xiong <jinshan.xiong@intel.com>
Reviewed-by: Oleg Drokin <oleg.drokin@intel.com>
lustre/utils/liblustreapi_layout.c

index 83bab13..557765d 100644 (file)
@@ -560,6 +560,7 @@ llapi_layout_to_lum(const struct llapi_layout *layout)
                        goto error;
                } else {
                        lum = blob;
                        goto error;
                } else {
                        lum = blob;
+                       comp_v1 = (struct lov_comp_md_v1 *)lum;
                        blob = (struct lov_user_md *)((char *)lum + lum_size);
                        lum_size += blob_size;
                }
                        blob = (struct lov_user_md *)((char *)lum + lum_size);
                        lum_size += blob_size;
                }
@@ -611,7 +612,7 @@ llapi_layout_to_lum(const struct llapi_layout *layout)
                        lmm_objects[i].l_ost_idx =
                                comp->llc_objects[i].l_ost_idx;
 
                        lmm_objects[i].l_ost_idx =
                                comp->llc_objects[i].l_ost_idx;
 
-               if (comp_v1 != NULL) {
+               if (layout->llot_is_composite) {
                        ent = &comp_v1->lcm_entries[ent_idx];
                        ent->lcme_id = comp->llc_id;
                        ent->lcme_flags = comp->llc_flags;
                        ent = &comp_v1->lcm_entries[ent_idx];
                        ent->lcme_id = comp->llc_id;
                        ent->lcme_flags = comp->llc_flags;