FileStore::_do_fiemap: do not reference fiemap after it is freed

`last` points to fiemap::fm_extends[n], and if fiemap gets freed, we can
not reference any of its fieldis. so we could remember the check result before
freeing it.

Signed-off-by: Kefu Chai <kchai@redhat.com>

diff --git a/src/os/filestore/FileStore.cc b/src/os/filestore/FileStore.cc
index d3f632192b5b0bf8de19cf5affac1f71fd863e73..1aecea9ca6a68a7f39a12ec1d992e8bd514e8166 100644 (file)
--- a/src/os/filestore/FileStore.cc
+++ b/src/os/filestore/FileStore.cc
@@ -3158,7 +3158,6 @@ int FileStore::_do_fiemap(int fd, uint64_t offset, size_t len,
 {
   uint64_t i;
   struct fiemap_extent *extent = NULL;
-  struct fiemap_extent *last = NULL;
   struct fiemap *fiemap = NULL;
   int r = 0;
 
@@ -3182,6 +3181,7 @@ more:
 
   i = 0;
 
+  struct fiemap_extent *last = nullptr;
   while (i < fiemap->fm_mapped_extents) {
     struct fiemap_extent *next = extent + 1;
 
@@ -3204,8 +3204,9 @@ more:
     i++;
     last = extent++;
   }
+  const bool is_last = last->fe_flags & FIEMAP_EXTENT_LAST;
   free(fiemap);
-  if (!(last->fe_flags & FIEMAP_EXTENT_LAST)) {
+  if (!is_last) {
     uint64_t xoffset = last->fe_logical + last->fe_length - offset;
     offset = last->fe_logical + last->fe_length;
     len -= xoffset;