diff options
author | Michal Schmidt <mschmidt@redhat.com> | 2014-12-12 18:21:55 +0100 |
---|---|---|
committer | Michal Schmidt <mschmidt@redhat.com> | 2014-12-13 00:46:16 +0100 |
commit | fed67c38e3f1cecf4c0571f5603d47b35bff6576 (patch) | |
tree | 6929d5c2d40ab635d599a976f94bae63d8f79891 /src/core/device.c | |
parent | fad5a6c66e73d3df20846906121d52159e1f6bf4 (diff) |
journal: map objects to context set by caller, not by actual object type
When the caller of journal_file_move_to_object() specifies type==0,
the object header is at first mapped in context 0. Then after the header
is checked, the whole object is mapped in a context determined by
the actual object type (which is not even range-checked using
type_to_context()). This looks wrong. It should map in the
caller-specified context.
An old comment in sd_journal_enumerate_unique() supports this view:
/* We do not use the type context here, but 0 instead,
* so that we can look at this data object at the same
* time as one on another file */
Clearly the expectation was that the data object will remain mapped
in context 0 without being pushed away by mapping other objects in
context OBJECT_DATA.
I suspect that this was the real bug that got fixed by ae97089d49
"journal: fix access to munmapped memory in sd_journal_enumerate_unique".
In other words, journal_file_object_keep/release are superfluous after
applying this patch.
Diffstat (limited to 'src/core/device.c')
0 files changed, 0 insertions, 0 deletions