Actions
Bug #4665
closedlibrbd: read_iterate() can overflow its return value
% Done:
0%
Source:
Development
Tags:
Backport:
bobtail
Regression:
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
If the length requested is longer than int64_t, it will wrap around. This happened to someone on irc when doing an rbd export:
(2013-04-05 13:15:33) mrjack_: what could that be: (2013-04-05 13:15:34) mrjack_: rbd export kvm00000000943 - | gzip >kvm00000000943.gz (2013-04-05 13:15:34) mrjack_: rbd: export error: (-2147483648) Unknown error 18446744071562067968
A new version of read_iterate should be created that just returns 0 or an error code as an int, and takes a uint64_t for the length parameter.
Actions