summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRaghavendra Talur <rtalur@redhat.com>2016-07-04 18:36:26 +0530
committerNiels de Vos <ndevos@redhat.com>2016-07-07 01:54:17 -0700
commite51beeacf7fcb7359c129c8067cc95dcd2767e39 (patch)
tree2365e1d51dc2bdcaaa4ab9aa4a172eeb763a19e3
parent8680261cbb7cacdc565feb578d6afd3fac50cec4 (diff)
gfapi: update count when glfs_buf_copy is used
glfs_buf_copy collates all iovecs into a iovec with count=1. If gio->count is not updated it will lead to dereferencing of invalid address. Change-Id: I7c58071d5c6515ec6fee3ab36af206fa80cf37c3 BUG: 1352634 Signed-off-by: Raghavendra Talur <rtalur@redhat.com> Signed-off-by: Poornima G <pgurusid@redhat.com> Reported-By: Lindsay Mathieson <lindsay.mathieson@gmail.com> Reported-By: Dmitry Melekhov <dm@belkam.com> Reported-By: Tom Emerson <TEmerson@cyberitas.com> Reviewed-on: http://review.gluster.org/14854 Reviewed-by: Prashanth Pai <ppai@redhat.com> Reviewed-by: Kaushal M <kaushal@redhat.com> Smoke: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> Tested-by: Niels de Vos <ndevos@redhat.com> CentOS-regression: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: Shyamsundar Ranganathan <srangana@redhat.com> Reviewed-by: Niels de Vos <ndevos@redhat.com>
-rw-r--r--api/src/glfs-fops.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/api/src/glfs-fops.c b/api/src/glfs-fops.c
index 5209ce3959a..cf809705c8a 100644
--- a/api/src/glfs-fops.c
+++ b/api/src/glfs-fops.c
@@ -1216,12 +1216,13 @@ pub_glfs_pwritev_async (struct glfs_fd *glfd, const struct iovec *iovec,
gio->op = GF_FOP_WRITE;
gio->glfd = glfd;
- gio->count = count;
gio->offset = offset;
gio->flags = flags;
gio->fn = fn;
gio->data = data;
- gio->iov = GF_CALLOC (1, sizeof (*(gio->iov)), gf_common_mt_iovec);
+ gio->count = 1;
+ gio->iov = GF_CALLOC (gio->count, sizeof (*(gio->iov)),
+ gf_common_mt_iovec);
if (!gio->iov) {
errno = ENOMEM;
goto out;