osd/OSDMapMapping: do not crash if acting > pool size

Existing oversized pg_temp mappings (or some other bug) might make acting
exceed the pool size.  Avoid overrunning out buffer if that happens.

Note that the mapping won't be completely accurate in that case!

Signed-off-by: Sage Weil <sage@redhat.com>

diff --git a/src/osd/OSDMapMapping.h b/src/osd/OSDMapMapping.h
index 3f14cb8f0c7a37549e0ce0d935b6a3df0d296d50..e85e85dc6e0a41a476d4520eaff7b036ae460975 100644 (file)
--- a/src/osd/OSDMapMapping.h
+++ b/src/osd/OSDMapMapping.h
@@ -230,8 +230,11 @@ private:
       int32_t *row = &table[row_size() * ps];
       row[0] = acting_primary;
       row[1] = up_primary;
-      row[2] = acting.size();
-      row[3] = up.size();
+      // these should always be <= the pool size, but just in case, avoid
+      // blowing out the array.  Note that our mapping is not completely
+      // accurate in this case--this is just to avoid crashing.
+      row[2] = std::min<int32_t>(acting.size(), size);
+      row[3] = std::min<int32_t>(up.size(), size);
       for (int i = 0; i < row[2]; ++i) {
        row[4 + i] = acting[i];
       }