Fix coverity defects: 147480, 147584
CID 147480: Logically dead code (DEADCODE) Remove non-null check and subsequent function call. Add ASSERT to future proof the code. usage label is only jumped to before `zhp` is initialized. CID 147584: Out-of-bounds access (OVERRUN) Subtract length of current string from buffer length for `size` argument to `snprintf`. Starting address for the write is the start of the buffer + the current string length. We need to subtract this string length else risk a buffer overflow. Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Tobin C. Harding <me@tobin.cc> Closes #6745
This commit is contained in:
parent
7670f721fc
commit
ced28193b0
|
@ -2001,13 +2001,13 @@ dump_object(objset_t *os, uint64_t object, int verbosity, int *print_header,
|
||||||
aux[0] = '\0';
|
aux[0] = '\0';
|
||||||
|
|
||||||
if (doi.doi_checksum != ZIO_CHECKSUM_INHERIT || verbosity >= 6) {
|
if (doi.doi_checksum != ZIO_CHECKSUM_INHERIT || verbosity >= 6) {
|
||||||
(void) snprintf(aux + strlen(aux), sizeof (aux), " (K=%s)",
|
(void) snprintf(aux + strlen(aux), sizeof (aux) - strlen(aux),
|
||||||
ZDB_CHECKSUM_NAME(doi.doi_checksum));
|
" (K=%s)", ZDB_CHECKSUM_NAME(doi.doi_checksum));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (doi.doi_compress != ZIO_COMPRESS_INHERIT || verbosity >= 6) {
|
if (doi.doi_compress != ZIO_COMPRESS_INHERIT || verbosity >= 6) {
|
||||||
(void) snprintf(aux + strlen(aux), sizeof (aux), " (Z=%s)",
|
(void) snprintf(aux + strlen(aux), sizeof (aux) - strlen(aux),
|
||||||
ZDB_COMPRESS_NAME(doi.doi_compress));
|
" (Z=%s)", ZDB_COMPRESS_NAME(doi.doi_compress));
|
||||||
}
|
}
|
||||||
|
|
||||||
(void) printf("%10lld %3u %5s %5s %5s %6s %5s %6s %s%s\n",
|
(void) printf("%10lld %3u %5s %5s %5s %6s %5s %6s %s%s\n",
|
||||||
|
|
|
@ -785,8 +785,7 @@ zfs_do_clone(int argc, char **argv)
|
||||||
return (!!ret);
|
return (!!ret);
|
||||||
|
|
||||||
usage:
|
usage:
|
||||||
if (zhp)
|
ASSERT3P(zhp, ==, NULL);
|
||||||
zfs_close(zhp);
|
|
||||||
nvlist_free(props);
|
nvlist_free(props);
|
||||||
usage(B_FALSE);
|
usage(B_FALSE);
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
Loading…
Reference in New Issue