From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 616 invoked by alias); 22 Sep 2011 15:33:22 -0000 Received: (qmail 599 invoked by uid 9478); 22 Sep 2011 15:33:22 -0000 Date: Thu, 22 Sep 2011 15:33:00 -0000 Message-ID: <20110922153322.597.qmail@sourceware.org> From: jbrassow@sourceware.org To: lvm-devel@redhat.com, lvm2-cvs@sourceware.org Subject: LVM2/lib/metadata raid_manip.c Mailing-List: contact lvm2-cvs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: lvm2-cvs-owner@sourceware.org X-SW-Source: 2011-09/txt/msg00100.txt.bz2 CVSROOT: /cvs/lvm2 Module name: LVM2 Changes by: jbrassow@sourceware.org 2011-09-22 15:33:21 Modified files: lib/metadata : raid_manip.c Log message: When up-converting a RAID1 array, we need to allocate new larger arrays for seg->areas and seg->meta_areas. We also need to copy the memory from the old arrays to the newly allocated arrays. The amount of memory to copy was determined by seg->area_count. However, seg->area_count was being set to the higher value after copying the 'seg->areas' information, but before copying the 'seg->meta_areas' information. This means we were copying more memory than necessary for 'seg->meta_areas' - something that could lead to a segfault. Patches: http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/lib/metadata/raid_manip.c.diff?cvsroot=lvm2&r1=1.14&r2=1.15 --- LVM2/lib/metadata/raid_manip.c 2011/09/14 09:57:35 1.14 +++ LVM2/lib/metadata/raid_manip.c 2011/09/22 15:33:21 1.15 @@ -499,7 +499,6 @@ goto fail; memcpy(new_areas, seg->areas, seg->area_count * sizeof(*seg->areas)); seg->areas = new_areas; - seg->area_count = new_count; /* Expand meta_areas array */ if (!(new_areas = dm_pool_zalloc(lv->vg->cmd->mem, @@ -508,6 +507,7 @@ memcpy(new_areas, seg->meta_areas, seg->area_count * sizeof(*seg->meta_areas)); seg->meta_areas = new_areas; + seg->area_count = new_count; /* Set segment areas for metadata sub_lvs */ s = old_count;