From: Liu Yuan <tailai.ly at taobao.com> This bug will be triggered by farm_link(), which calls retrieve_object_from_snap() that pass the unaligned buf to misfortune farm_atomic_put(). Signed-off-by: Liu Yuan <tailai.ly at taobao.com> --- sheep/farm/sha1_file.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sheep/farm/sha1_file.c b/sheep/farm/sha1_file.c index 347c0b5..135546f 100644 --- a/sheep/farm/sha1_file.c +++ b/sheep/farm/sha1_file.c @@ -180,7 +180,11 @@ static void *unpack_sha1_file(void *map, unsigned long mapsize, struct sha1_file memcpy(hdr, map, sizeof(*hdr)); hdr_len = sizeof(*hdr); - buf = xmalloc(hdr->size); + buf = valloc(hdr->size); + if (!buf) { + dprintf("%m\n"); + return NULL; + } memcpy(buf, (char *)map + hdr_len, mapsize - hdr_len); return buf; -- 1.7.10.2 |