From: Andre Noll Date: Sat, 11 Jul 2009 21:24:02 +0000 (+0200) Subject: fsck: Fix a serious bug in prune_mapped_column(). X-Git-Tag: v0.1.0~25 X-Git-Url: http://git.tue.mpg.de/?a=commitdiff_plain;h=1297f561259ea010d295aee88c8c6864e726d5d2;p=osl.git fsck: Fix a serious bug in prune_mapped_column(). This function still contained a relict from the old database format that was changed in commit 6d7dce7f277fc8606fb8d5ed6360660c13a218af. This caused prune_mapped_column() to write one byte too much to the data file of a mapped column for each removed row. Running the buggy oslfsck on a table with mapped columns where rows have been deleted likely results in data corruption to objects adjacent to the deleted objects. Worst of all, since only the data files but not the index is affected, the corruption will not immediately be noticed, which is probably why it took one year to find this bug. Kill it with pleasure. --- diff --git a/fsck.c b/fsck.c index bc77424..f4f1071 100644 --- a/fsck.c +++ b/fsck.c @@ -553,10 +553,10 @@ static int prune_mapped_column(struct osl_table *t, uint32_t col_num, int fd) ret = get_mapped_object(t, col_num, i, &obj); if (ret < 0) return ret; - ret = _write_all(fd, (char *)(obj.data) - 1, obj.size + 1); + ret = _write_all(fd, (char *)(obj.data), obj.size); if (ret < 0) return ret; - written += obj.size + 1; + written += obj.size; ret = get_row_index(t, i, &index_entry); if (ret < 0) return ret;