diff options
author | Rusty Russell <rusty@rustcorp.com.au> | 2012-01-30 09:23:50 +1030 |
---|---|---|
committer | Rusty Russell <rusty@rustcorp.com.au> | 2012-01-30 09:23:50 +1030 |
commit | 205e198471a481b849d05b5756261f1739c0c8b2 (patch) | |
tree | 1a3901d647eb9f3ecd63debc4ef98173e8083b4b /lib/tdb2/transaction.c | |
parent | 697a6e9504d9f3eefd97c7c822e90feddd9b9a3b (diff) | |
download | samba-205e198471a481b849d05b5756261f1739c0c8b2.tar.gz samba-205e198471a481b849d05b5756261f1739c0c8b2.tar.bz2 samba-205e198471a481b849d05b5756261f1739c0c8b2.zip |
tdb2: careful on wrap.
It's much harder to wrap a 64-bit tdb2 than a 32-bit tdb1, but we should still
take care against bugs.
Also, we should *not* cast the length to a size_t when comparing it to
the stat result, in case size_t is 32 bit.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
(Imported from CCAN commit 6f7cb26e589cea081e71c59801eae87178967861)
Diffstat (limited to 'lib/tdb2/transaction.c')
-rw-r--r-- | lib/tdb2/transaction.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/lib/tdb2/transaction.c b/lib/tdb2/transaction.c index 1af1c4acaf..70e664fc2d 100644 --- a/lib/tdb2/transaction.c +++ b/lib/tdb2/transaction.c @@ -345,16 +345,16 @@ static void transaction_write_existing(struct tdb_context *tdb, tdb_off_t off, /* out of bounds check during a transaction */ -static enum TDB_ERROR transaction_oob(struct tdb_context *tdb, tdb_off_t len, - bool probe) +static enum TDB_ERROR transaction_oob(struct tdb_context *tdb, + tdb_off_t off, tdb_len_t len, bool probe) { - if (len <= tdb->file->map_size || probe) { + if ((off + len >= off && off + len <= tdb->file->map_size) || probe) { return TDB_SUCCESS; } tdb_logerr(tdb, TDB_ERR_IO, TDB_LOG_ERROR, "tdb_oob len %lld beyond transaction size %lld", - (long long)len, + (long long)(off + len), (long long)tdb->file->map_size); return TDB_ERR_IO; } @@ -601,7 +601,7 @@ enum TDB_ERROR tdb_transaction_start(struct tdb_context *tdb) /* make sure we know about any file expansions already done by anyone else */ - tdb->tdb2.io->oob(tdb, tdb->file->map_size + 1, true); + tdb->tdb2.io->oob(tdb, tdb->file->map_size, 1, true); tdb->tdb2.transaction->old_map_size = tdb->file->map_size; /* finally hook the io methods, replacing them with |