Avoid null pointer dereference in dsl_fs_ss_limit_check()
Check for cr == NULL before dereferencing it in dsl_enforce_ds_ss_limits() to lookup the zone/jail ID. Reported-by: Coverity (CID 1210459) Reviewed-by: Richard Yao <richard.yao@alumni.stonybrook.edu> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Allan Jude <allan@klarasystems.com> Closes #14103
This commit is contained in:
parent
e9a8fb17b5
commit
ac01b876c9
|
@ -809,6 +809,18 @@ dsl_fs_ss_limit_check(dsl_dir_t *dd, uint64_t delta, zfs_prop_t prop,
|
||||||
ASSERT(prop == ZFS_PROP_FILESYSTEM_LIMIT ||
|
ASSERT(prop == ZFS_PROP_FILESYSTEM_LIMIT ||
|
||||||
prop == ZFS_PROP_SNAPSHOT_LIMIT);
|
prop == ZFS_PROP_SNAPSHOT_LIMIT);
|
||||||
|
|
||||||
|
if (prop == ZFS_PROP_SNAPSHOT_LIMIT) {
|
||||||
|
/*
|
||||||
|
* We don't enforce the limit for temporary snapshots. This is
|
||||||
|
* indicated by a NULL cred_t argument.
|
||||||
|
*/
|
||||||
|
if (cr == NULL)
|
||||||
|
return (0);
|
||||||
|
|
||||||
|
count_prop = DD_FIELD_SNAPSHOT_COUNT;
|
||||||
|
} else {
|
||||||
|
count_prop = DD_FIELD_FILESYSTEM_COUNT;
|
||||||
|
}
|
||||||
/*
|
/*
|
||||||
* If we're allowed to change the limit, don't enforce the limit
|
* If we're allowed to change the limit, don't enforce the limit
|
||||||
* e.g. this can happen if a snapshot is taken by an administrative
|
* e.g. this can happen if a snapshot is taken by an administrative
|
||||||
|
@ -828,19 +840,6 @@ dsl_fs_ss_limit_check(dsl_dir_t *dd, uint64_t delta, zfs_prop_t prop,
|
||||||
if (delta == 0)
|
if (delta == 0)
|
||||||
return (0);
|
return (0);
|
||||||
|
|
||||||
if (prop == ZFS_PROP_SNAPSHOT_LIMIT) {
|
|
||||||
/*
|
|
||||||
* We don't enforce the limit for temporary snapshots. This is
|
|
||||||
* indicated by a NULL cred_t argument.
|
|
||||||
*/
|
|
||||||
if (cr == NULL)
|
|
||||||
return (0);
|
|
||||||
|
|
||||||
count_prop = DD_FIELD_SNAPSHOT_COUNT;
|
|
||||||
} else {
|
|
||||||
count_prop = DD_FIELD_FILESYSTEM_COUNT;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If an ancestor has been provided, stop checking the limit once we
|
* If an ancestor has been provided, stop checking the limit once we
|
||||||
* hit that dir. We need this during rename so that we don't overcount
|
* hit that dir. We need this during rename so that we don't overcount
|
||||||
|
|
Loading…
Reference in New Issue