tdb: Harden allocating the tdb recovery area

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/lib/tdb/common/transaction.c b/lib/tdb/common/transaction.c
index 7d281fc75ff6465c20bc80c1ec6ddd65472d1ba6..6a5338c5faf1ba3ab3b9763341b8a70b68ff2c16 100644 (file)
--- a/lib/tdb/common/transaction.c
+++ b/lib/tdb/common/transaction.c
@@ -689,6 +689,8 @@ int tdb_recovery_area(struct tdb_context *tdb,
                      tdb_off_t *recovery_offset,
                      struct tdb_record *rec)
 {
+       int ret;
+
        if (tdb_ofs_read(tdb, TDB_RECOVERY_HEAD, recovery_offset) == -1) {
                return -1;
        }
@@ -709,6 +711,13 @@ int tdb_recovery_area(struct tdb_context *tdb,
                *recovery_offset = 0;
                rec->rec_len = 0;
        }
+
+       ret = methods->tdb_oob(tdb, *recovery_offset, rec->rec_len, 1);
+       if (ret == -1) {
+               *recovery_offset = 0;
+               rec->rec_len = 0;
+       }
+
        return 0;
 }