Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 58c17b0e authored by Alex Elder's avatar Alex Elder
Browse files

rbd: don't over-allocate space for object prefix



In rbd_header_from_disk() the object prefix buffer is sized based on
the maximum size it's block_name equivalent on disk could be.

Instead, only allocate enough to hold null-terminated string from
the on-disk header--or the maximum size of no NUL is found.

Signed-off-by: default avatarAlex Elder <elder@inktank.com>
Reviewed-by: default avatarYehuda Sadeh <yehuda@inktank.com>
parent 1f7ba331
Loading
Loading
Loading
Loading
+5 −4
Original line number Diff line number Diff line
@@ -519,18 +519,19 @@ static int rbd_header_from_disk(struct rbd_image_header *header,
				 struct rbd_image_header_ondisk *ondisk)
{
	u32 snap_count;
	size_t len;
	size_t size;

	memset(header, 0, sizeof (*header));

	snap_count = le32_to_cpu(ondisk->snap_count);

	size = sizeof (ondisk->object_prefix) + 1;
	header->object_prefix = kmalloc(size, GFP_KERNEL);
	len = strnlen(ondisk->object_prefix, sizeof (ondisk->object_prefix));
	header->object_prefix = kmalloc(len + 1, GFP_KERNEL);
	if (!header->object_prefix)
		return -ENOMEM;
	memcpy(header->object_prefix, ondisk->object_prefix, size - 1);
	header->object_prefix[size - 1] = '\0';
	memcpy(header->object_prefix, ondisk->object_prefix, len);
	header->object_prefix[len] = '\0';

	if (snap_count) {
		header->snap_names_len = le64_to_cpu(ondisk->snap_names_len);