Commit e00c3f71 authored by Ilya Dryomov's avatar Ilya Dryomov
Browse files

libceph: replace overzealous BUG_ON in osdmap_apply_incremental() 



If the osdmap is (maliciously) corrupted such that the incremental
osdmap epoch is different from what is expected, there is no need to
BUG.  Instead, just declare the incremental osdmap to be invalid.

Cc: stable@vger.kernel.org
Reported-by: default avatarziming zhang <ezrakiez@gmail.com>
Signed-off-by: default avatarIlya Dryomov <idryomov@gmail.com>
parent 818156ca

net/ceph/osdmap.c

+3 −1
Original line number Diff line number Diff line
@@ -1979,11 +1979,13 @@ struct ceph_osdmap *osdmap_apply_incremental(void **p, void *end, bool msgr2, 
			 sizeof(u64) + sizeof(u32), e_inval);

	ceph_decode_copy(p, &fsid, sizeof(fsid));

	epoch = ceph_decode_32(p);

	BUG_ON(epoch != map->epoch+1);

	ceph_decode_copy(p, &modified, sizeof(modified));

	new_pool_max = ceph_decode_64(p);

	new_flags = ceph_decode_32(p);



	if (epoch != map->epoch + 1)

		goto e_inval;



	/* full map? */

	ceph_decode_32_safe(p, end, len, e_inval);

	if (len > 0) {