journal: map objects to context set by caller, not by actual object type

When the caller of journal_file_move_to_object() specifies type==0,
the object header is at first mapped in context 0. Then after the header
is checked, the whole object is mapped in a context determined by
the actual object type (which is not even range-checked using
type_to_context()). This looks wrong. It should map in the
caller-specified context.

An old comment in sd_journal_enumerate_unique() supports this view:
    /* We do not use the type context here, but 0 instead,
     * so that we can look at this data object at the same
     * time as one on another file */
Clearly the expectation was that the data object will remain mapped
in context 0 without being pushed away by mapping other objects in
context OBJECT_DATA.

I suspect that this was the real bug that got fixed by ae97089d49
"journal: fix access to munmapped memory in sd_journal_enumerate_unique".
In other words, journal_file_object_keep/release are superfluous after
applying this patch.

diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
index 622eb165e131d32eea9f2c79bc71e6511cdf924d..01b7f89fef58b8d36d7c9ebf2fa68a0be5f42912 100644 (file)
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@@ -445,7 +445,7 @@ int journal_file_move_to_object(JournalFile *f, int type, uint64_t offset, Objec
                 return -EBADMSG;
 
         if (s > sizeof(ObjectHeader)) {
-                r = journal_file_move_to(f, o->object.type, false, offset, s, &t);
+                r = journal_file_move_to(f, type_to_context(type), false, offset, s, &t);
                 if (r < 0)
                         return r;