diff options
author | Jonathan Earl Brassow <jbrassow@redhat.com> | 2011-09-22 15:33:21 +0000 |
---|---|---|
committer | Jonathan Earl Brassow <jbrassow@redhat.com> | 2011-09-22 15:33:21 +0000 |
commit | 40c85cf1d763aa080d0469433902e66a867d57bb (patch) | |
tree | 65904194f8428b66fc5aa1bcddc0f8913cd71bd2 /lib/metadata/raid_manip.c | |
parent | f79f7250cef2963be45cd50b82c254b935d9790d (diff) | |
download | lvm2-40c85cf1d763aa080d0469433902e66a867d57bb.tar.gz lvm2-40c85cf1d763aa080d0469433902e66a867d57bb.tar.xz lvm2-40c85cf1d763aa080d0469433902e66a867d57bb.zip |
When up-converting a RAID1 array, we need to allocate new larger arrays for
seg->areas and seg->meta_areas. We also need to copy the memory from the
old arrays to the newly allocated arrays. The amount of memory to copy was
determined by seg->area_count. However, seg->area_count was being set to the
higher value after copying the 'seg->areas' information, but before copying
the 'seg->meta_areas' information. This means we were copying more memory
than necessary for 'seg->meta_areas' - something that could lead to a segfault.
Diffstat (limited to 'lib/metadata/raid_manip.c')
-rw-r--r-- | lib/metadata/raid_manip.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/metadata/raid_manip.c b/lib/metadata/raid_manip.c index 19808184..c6fb1f12 100644 --- a/lib/metadata/raid_manip.c +++ b/lib/metadata/raid_manip.c @@ -499,7 +499,6 @@ to be left for these sub-lvs. goto fail; memcpy(new_areas, seg->areas, seg->area_count * sizeof(*seg->areas)); seg->areas = new_areas; - seg->area_count = new_count; /* Expand meta_areas array */ if (!(new_areas = dm_pool_zalloc(lv->vg->cmd->mem, @@ -508,6 +507,7 @@ to be left for these sub-lvs. memcpy(new_areas, seg->meta_areas, seg->area_count * sizeof(*seg->meta_areas)); seg->meta_areas = new_areas; + seg->area_count = new_count; /* Set segment areas for metadata sub_lvs */ s = old_count; |