• Jonathan Brassow's avatar
    dm log: userspace fix overhead_size calcuations · ebfd32bb
    Jonathan Brassow authored
    This patch fixes two bugs that revolve around the miscalculation and
    misuse of the variable 'overhead_size'.  'overhead_size' is the size of
    the various header structures used during communication.
    
    The first bug is the use of 'sizeof' with the pointer of a structure
    instead of the structure itself - resulting in the wrong size being
    computed.  This is then used in a check to see if the payload
    (data_size) would be to large for the preallocated structure.  Since the
    bug produces a smaller value for the overhead, it was possible for the
    structure to be breached.  (Although the current users of the code do
    not currently send enough data to trigger this bug.)
    
    The second bug is that the 'overhead_size' value is used to compute how
    much of the preallocated space should be cleared before populating it
    with fresh data.  This should have simply been 'sizeof(struct cn_msg)'
    not overhead_size.  The fact that 'overhead_size' was computed
    incorrectly made this problem "less bad" - leaving only a pointer's
    worth of space at the end uncleared.  Thus, this bug was never producing
    a bad result, but still needs to be fixed - especially now that the
    value is computed correctly.
    
    Cc: stable@kernel.org
    Signed-off-by: Jonathan Brassow <jbrassow@redhat.com
    Signed-off-by: default avatarAlasdair G Kergon <agk@redhat.com>
    ebfd32bb
dm-log-userspace-transfer.c 7.07 KB