fsck: Fix a serious bug in prune_mapped_column().

This function still contained a relict from the old database format that was changed in commit
6d7dce7f277fc8606fb8d5ed6360660c13a218af.  This caused prune_mapped_column()
to write one byte too much to the data file of a mapped column for each removed row.

Running the buggy oslfsck on a table with mapped columns where rows have been deleted
likely results in data corruption to objects adjacent to the deleted objects.

Worst of all, since only the data files but not the index is affected,  the corruption will not
immediately be noticed, which is probably why it took one year to find this bug. Kill it with
pleasure.

diff --git a/fsck.c b/fsck.c
index bc77424e30db1f7939ec6b084d707b283b0693ed..f4f1071149e783519f6f0fc6c7acfcf4dcdd0b30 100644 (file)
--- a/fsck.c
+++ b/fsck.c
@@ -553,10 +553,10 @@ static int prune_mapped_column(struct osl_table *t, uint32_t col_num, int fd)
                ret = get_mapped_object(t, col_num, i, &obj);
                if (ret < 0)
                        return ret;
-               ret = _write_all(fd, (char *)(obj.data) - 1, obj.size + 1);
+               ret = _write_all(fd, (char *)(obj.data), obj.size);
                if (ret < 0)
                        return ret;
-               written += obj.size + 1;
+               written += obj.size;
                ret = get_row_index(t, i, &index_entry);
                if (ret < 0)
                        return ret;