Bug #4665
librbd: read_iterate() can overflow its return value
0%
Description
If the length requested is longer than int64_t, it will wrap around. This happened to someone on irc when doing an rbd export:
(2013-04-05 13:15:33) mrjack_: what could that be: (2013-04-05 13:15:34) mrjack_: rbd export kvm00000000943 - | gzip >kvm00000000943.gz (2013-04-05 13:15:34) mrjack_: rbd: export error: (-2147483648) Unknown error 18446744071562067968
A new version of read_iterate should be created that just returns 0 or an error code as an int, and takes a uint64_t for the length parameter.
Associated revisions
librbd: add read_iterate2 call with fixed argument type
The existing read_iterate takes a size_t for the length, which is only 4GB
on 32-bit machines. Instead, take a uint64_t length for the new
read_iterate2().
Return 0 instead of the number of bytes read; this makes the user-facing
API a bit simpler.
Fixes: #4665
Signed-off-by: Sage Weil <sage@inktank.com>
keep bytes return from internal method
History
#1 Updated by Ian Colle over 7 years ago
- Priority changed from High to Urgent
#2 Updated by Ian Colle over 7 years ago
Per Josh, this is another easy fix, let's get it into Cuttlefish.
#3 Updated by Sage Weil over 7 years ago
- Status changed from 12 to In Progress
- Assignee changed from Josh Durgin to Sage Weil
#4 Updated by Josh Durgin over 7 years ago
- Status changed from In Progress to Resolved
commit:857c88e017f082b6ef2a81a1890baa7d20672a31