From 20ea8540a68ff183f273fc642ac498ccd182d58e Mon Sep 17 00:00:00 2001
From: Christian Schwarz <me@cschwarz.com>
Date: Fri, 24 Jan 2020 06:13:42 +0100
Subject: [PATCH] dsl_bookmark_create_check: fix NULL pointer deref if
 dbca_errors == NULL

Discovered in preparation of zcp support for creating bookmarks.
Handle the case where dbca_errors is NULL.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Christian Schwarz <me@cschwarz.com>
Closes #9880
---
 module/zfs/dsl_bookmark.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/module/zfs/dsl_bookmark.c b/module/zfs/dsl_bookmark.c
index 42c612abc9..4d5c601d6a 100644
--- a/module/zfs/dsl_bookmark.c
+++ b/module/zfs/dsl_bookmark.c
@@ -167,6 +167,9 @@ static int
 dsl_bookmark_create_check(void *arg, dmu_tx_t *tx)
 {
 	dsl_bookmark_create_arg_t *dbca = arg;
+	ASSERT3P(dbca, !=, NULL);
+	ASSERT3P(dbca->dbca_bmarks, !=, NULL);
+
 	dsl_pool_t *dp = dmu_tx_pool(tx);
 	int rv = 0;
 
@@ -187,9 +190,10 @@ dsl_bookmark_create_check(void *arg, dmu_tx_t *tx)
 			dsl_dataset_rele(snapds, FTAG);
 		}
 		if (error != 0) {
-			fnvlist_add_int32(dbca->dbca_errors,
-			    nvpair_name(pair), error);
 			rv = error;
+			if (dbca->dbca_errors != NULL)
+				fnvlist_add_int32(dbca->dbca_errors,
+				    nvpair_name(pair), error);
 		}
 	}