From: David Zafman <dzafman@redhat.com>
Date: Tue, 2 Jun 2015 20:46:23 +0000 (-0700)
Subject: osd: Even in objects_read_sync() case don't read past oi.size
X-Git-Tag: v9.1.0~420^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=79961bc3386e4a926e628552586020ff17d9d086;p=ceph.git

osd: Even in objects_read_sync() case don't read past oi.size

Fixes: #11511

Signed-off-by: David Zafman <dzafman@redhat.com>
---

diff --git a/src/osd/ReplicatedPG.cc b/src/osd/ReplicatedPG.cc
index 6fbf139f6964..5e0d5771f57c 100644
--- a/src/osd/ReplicatedPG.cc
+++ b/src/osd/ReplicatedPG.cc
@@ -6059,13 +6059,14 @@ int ReplicatedPG::fill_in_copy_get(
   bufferlist& bl = reply_obj.data;
   if (left > 0 && !cursor.data_complete) {
     if (cursor.data_offset < oi.size) {
+      left = MIN(oi.size - cursor.data_offset, (uint64_t)left);
       if (cb) {
 	async_read_started = true;
 	ctx->pending_async_reads.push_back(
 	  make_pair(
 	    boost::make_tuple(cursor.data_offset, left, osd_op.op.flags),
 	    make_pair(&bl, cb)));
-	result = MIN(oi.size - cursor.data_offset, (uint64_t)left);
+        result = left;
 	cb->len = result;
       } else {
 	result = pgbackend->objects_read_sync(