librados: avoid overflow in the return value of reads

Signed-off-by: Josh Durgin <josh.durgin@inktank.com>

diff --git a/src/librados/IoCtxImpl.cc b/src/librados/IoCtxImpl.cc
index 1455ccc7230f822a8873f089f538fd6599b492bb..34c8d13a42bff527524634264a4272825ab22fae 100644 (file)
--- a/src/librados/IoCtxImpl.cc
+++ b/src/librados/IoCtxImpl.cc
@@ -680,6 +680,8 @@ int librados::IoCtxImpl::aio_operate(const object_t& oid,
 int librados::IoCtxImpl::aio_read(const object_t oid, AioCompletionImpl *c,
                                  bufferlist *pbl, size_t len, uint64_t off)
 {
+  if (len > (size_t) INT_MAX)
+    return -EDOM;
 
   Context *onack = new C_aio_Ack(c);
   eversion_t ver;
@@ -698,6 +700,9 @@ int librados::IoCtxImpl::aio_read(const object_t oid, AioCompletionImpl *c,
 int librados::IoCtxImpl::aio_read(const object_t oid, AioCompletionImpl *c,
                                  char *buf, size_t len, uint64_t off)
 {
+  if (len > (size_t) INT_MAX)
+    return -EDOM;
+
   Context *onack = new C_aio_Ack(c);
 
   c->is_read = true;
@@ -719,6 +724,8 @@ int librados::IoCtxImpl::aio_sparse_read(const object_t oid,
                                         bufferlist *data_bl, size_t len,
                                         uint64_t off)
 {
+  if (len > (size_t) INT_MAX)
+    return -EDOM;
 
   C_aio_sparse_read_Ack *onack = new C_aio_sparse_read_Ack(c);
   onack->m = m;
@@ -1028,6 +1035,9 @@ int librados::IoCtxImpl::aio_exec(const object_t& oid, AioCompletionImpl *c,
 int librados::IoCtxImpl::read(const object_t& oid,
                              bufferlist& bl, size_t len, uint64_t off)
 {
+  if (len > (size_t) INT_MAX)
+    return -EDOM;
+
   Mutex mylock("IoCtxImpl::read::mylock");
   Cond cond;
   bool done;
@@ -1035,6 +1045,7 @@ int librados::IoCtxImpl::read(const object_t& oid,
   Context *onack = new C_SafeCond(&mylock, &cond, &done, &r);
   eversion_t ver;
 
+
   ::ObjectOperation op;
   ::ObjectOperation *pop = prepare_assert_ops(&op);
 
@@ -1101,6 +1112,9 @@ int librados::IoCtxImpl::sparse_read(const object_t& oid,
                                     bufferlist& data_bl, size_t len,
                                     uint64_t off)
 {
+  if (len > (size_t) INT_MAX)
+    return -EDOM;
+
   bufferlist bl;
 
   Mutex mylock("IoCtxImpl::read::mylock");

diff --git a/src/osdc/ObjectCacher.cc b/src/osdc/ObjectCacher.cc
index 944cef51fb3d875f1a9599d89fe16dbd2cdec020..5d0e9886bfb5704dab1cfdfe07a834fb242c5b69 100644 (file)
--- a/src/osdc/ObjectCacher.cc
+++ b/src/osdc/ObjectCacher.cc
@@ -1010,7 +1010,9 @@ int ObjectCacher::_readx(OSDRead *rd, ObjectSet *oset, Context *onfinish,
   delete rd;
 
   trim();
-  
+
+  assert(pos <= (uint64_t) INT_MAX);
+
   return pos;
 }
 

diff --git a/src/osdc/ObjectCacher.h b/src/osdc/ObjectCacher.h
index 0c326a6a0186dc4af8911be7af0feb95443e929d..f959cf359d75ac79fac03e33a79de994c26bfd17 100644 (file)
--- a/src/osdc/ObjectCacher.h
+++ b/src/osdc/ObjectCacher.h
@@ -503,6 +503,11 @@ class ObjectCacher {
 
 
   // non-blocking.  async.
+
+  /**
+   * @note total read size must be <= INT_MAX, since
+   * the return value is total bytes read
+   */
   int readx(OSDRead *rd, ObjectSet *oset, Context *onfinish);
   int writex(OSDWrite *wr, ObjectSet *oset, Mutex& wait_on_lock);
   bool is_cached(ObjectSet *oset, vector<ObjectExtent>& extents, snapid_t snapid);