Archive-Team
/
zfs
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 103 Wiki Activity

Fix potential NULL pointer dereference in lzc_ioctl() 

Users are allowed to pass NULL to resultp, but we unconditionally assume
that they never do. When an external user does pass NULL to resultp, we
dereference a NULL pointer.

Clang's static analyzer complained about this.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #14008
This commit is contained in:
Richard Yao 2022-10-14 16:33:22 -04:00 committed by Tony Hutter
parent d05f247aec
commit d016ca1a92
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/libzfs_core/libzfs_core.c
View File

@ -233,7 +233,7 @@ lzc_ioctl(zfs_ioc_t ioc, const char *name,
break; break;
} }
} }
if (zc.zc_nvlist_dst_filled) { if (zc.zc_nvlist_dst_filled && resultp != NULL) {
*resultp = fnvlist_unpack((void *)(uintptr_t)zc.zc_nvlist_dst, *resultp = fnvlist_unpack((void *)(uintptr_t)zc.zc_nvlist_dst,
zc.zc_nvlist_dst_size); zc.zc_nvlist_dst_size);
} }