From be226be6355e4dd9cb50e5fe2dddab94477b4e81 Mon Sep 17 00:00:00 2001 From: Jonathan Earl Brassow Date: Fri, 25 Mar 2011 22:02:27 +0000 Subject: [PATCH] Fix unhandled condition in _move_lv_segments If _move_lv_segments is passed a 'lv_from' that does not yet have any segments, it will screw things up because the code that does the segment copy assumes there is at least one segment. See copy code here: lv_to->segments = lv_from->segments; lv_to->segments.n->p = &lv_to->segments; lv_to->segments.p->n = &lv_to->segments; If 'segments' is an empty list, the first statement copies over the values, but the next two reset those values to point to the other LV's list structure. 'lv_to' now appears to have one segment, but it is really an ill-set pointer. --- lib/metadata/lv_manip.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/metadata/lv_manip.c b/lib/metadata/lv_manip.c index ee3a289a8..015c48118 100644 --- a/lib/metadata/lv_manip.c +++ b/lib/metadata/lv_manip.c @@ -2950,7 +2950,8 @@ static int _move_lv_segments(struct logical_volume *lv_to, } } - lv_to->segments = lv_from->segments; + if (!dm_list_empty(&lv_from->segments)) + lv_to->segments = lv_from->segments; lv_to->segments.n->p = &lv_to->segments; lv_to->segments.p->n = &lv_to->segments;