From: Samuel Just <sam.just@inktank.com>
Date: Thu, 6 Mar 2014 19:12:24 +0000 (-0800)
Subject: obj_bencher: allocate contentsChars to object_size, not op_size
X-Git-Tag: v0.78~67^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=d17141805894109c2d35aa8a65d4290ea4fd9c6c;p=ceph.git

obj_bencher: allocate contentsChars to object_size, not op_size

Otherwise, our attempt to sanitize object_size bytes of
data.object_contents will be doomed to memory corruption.

Fixes: #7610
Signed-off-by: Samuel Just <sam.just@inktank.com>
---

diff --git a/src/common/obj_bencher.cc b/src/common/obj_bencher.cc
index d3c3b44692cf8..70675995930dc 100644
--- a/src/common/obj_bencher.cc
+++ b/src/common/obj_bencher.cc
@@ -170,7 +170,6 @@ int ObjBencher::aio_bench(
   int concurrentios, int op_size, bool cleanup) {
   int object_size = op_size;
   int num_objects = 0;
-  char* contentsChars = new char[op_size];
   int r = 0;
   int prevPid = 0;
 
@@ -178,7 +177,6 @@ int ObjBencher::aio_bench(
   if (operation != OP_WRITE) {
     r = fetch_bench_metadata(BENCH_LASTRUN_METADATA, &object_size, &num_objects, &prevPid);
     if (r < 0) {
-      delete[] contentsChars;
       if (r == -ENOENT)
 	cerr << "Must write data before running a read benchmark!" << std::endl;
       return r;
@@ -187,6 +185,7 @@ int ObjBencher::aio_bench(
     object_size = op_size;
   }
 
+  char* contentsChars = new char[object_size];
   lock.Lock();
   data.done = false;
   data.object_size = object_size;