If epoch file length is shorter than size of time due to file broken,
epoch_stat.st_size - sizeof(*timestamp) is negative. However,
the third parameter of function xread will get it as type size_t,
then xread will think there are many data to be read. Therefore,
a file length checking to prevent this situation is needed.
v2 does nothing changed logically but uses a variable to store
the value of the express 'epoch_stat.st_size - sizeof(*timestamp)'
Signed-off-by: Ruoyu <lian...@ucweb.com>
---
sheep/store.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/sheep/store.c b/sheep/store.c
index eee88c7..eb42f2c 100644
--- a/sheep/store.c
+++ b/sheep/store.c
@@ -44,7 +44,7 @@ int update_epoch_log(uint32_t epoch, struct sd_node *nodes,
size_t nr_nodes)
static int do_epoch_log_read(uint32_t epoch, struct sd_node *nodes, int len,
time_t *timestamp)
{
- int fd, ret, nr_nodes;
+ int fd, ret, nr_nodes, buf_len;
char path[PATH_MAX];
struct stat epoch_stat;
@@ -62,12 +62,13 @@ static int do_epoch_log_read(uint32_t epoch, struct sd_node
*nodes, int len,
goto err;
}
- if (len < epoch_stat.st_size - sizeof(*timestamp)) {
+ buf_len = epoch_stat.st_size - sizeof(*timestamp);
+ if (buf_len < 0 || len < buf_len) {
sd_err("invalid epoch %"PRIu32" log", epoch);
goto err;
}
- ret = xread(fd, nodes, epoch_stat.st_size - sizeof(*timestamp));
+ ret = xread(fd, nodes, buf_len);
if (ret < 0) {
sd_err("failed to read epoch %"PRIu32" log, %m", epoch);
goto err;
--
1.8.3.2
--
sheepdog mailing list
sheepdog@lists.wpkg.org
http://lists.wpkg.org/mailman/listinfo/sheepdog
