• Alex Elder's avatar
    rbd: fixes in rbd_header_from_disk() · ccece235
    Alex Elder authored
    This fixes a few issues in rbd_header_from_disk():
        - There is a check intended to catch overflow, but it's wrong in
          two ways.
    	- First, the type we don't want to overflow is size_t, not
    	  unsigned int, and there is now a SIZE_MAX we can use for
    	  use with that type.
    	- Second, we're allocating the snapshot ids and snapshot
    	  image sizes separately (each has type u64; on disk they
              grouped together as a rbd_image_header_ondisk structure).
    	  So we can use the size of u64 in this overflow check.
        - If there are no snapshots, then there should be no snapshot
          names.  Enforce this, and issue a warning if we encounter a
          header with no snapshots but a non-zero snap_names_len.
        - When saving the snapshot names into the header, be more direct
          in defining the offset in the on-disk structure from which
          they're being copied by using "snap_count" rather than "i"
          in the array index.
        - If an error occurs, the "snapc" and "snap_names" fields are
          freed at the end of the function.  Make those fields be null
          pointers after they're freed, to be explicit that they are
          no longer valid.
        - Finally, move the definition of the local variable "i" to the
          innermost scope in which it's needed.
    Signed-off-by: default avatarAlex Elder <elder@inktank.com>
    Reviewed-by: Josh Durgin <josh.durgin@inktank.com> 
rbd.c 61 KB