From d6df4441c03ae1fb90f57b125d2c4813cc1561ca Mon Sep 17 00:00:00 2001 From: Brooks Davis Date: Tue, 29 Nov 2022 09:51:35 -0800 Subject: [PATCH] Don't leak packed recieved proprties When local properties (e.g., from -o and -x) are provided, don't leak the packed representation of the received properties due to variable reuse. Reviewed-by: Brian Behlendorf Signed-off-by: Brooks Davis Closes #14197 --- lib/libzfs_core/libzfs_core.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/lib/libzfs_core/libzfs_core.c b/lib/libzfs_core/libzfs_core.c index 3fe65e665b..254f14e043 100644 --- a/lib/libzfs_core/libzfs_core.c +++ b/lib/libzfs_core/libzfs_core.c @@ -1105,7 +1105,8 @@ recv_impl(const char *snapname, nvlist_t *recvdprops, nvlist_t *localprops, fnvlist_free(outnvl); } else { zfs_cmd_t zc = {"\0"}; - char *packed = NULL; + char *rp_packed = NULL; + char *lp_packed = NULL; size_t size; ASSERT3S(g_refcount, >, 0); @@ -1114,14 +1115,14 @@ recv_impl(const char *snapname, nvlist_t *recvdprops, nvlist_t *localprops, (void) strlcpy(zc.zc_value, snapname, sizeof (zc.zc_value)); if (recvdprops != NULL) { - packed = fnvlist_pack(recvdprops, &size); - zc.zc_nvlist_src = (uint64_t)(uintptr_t)packed; + rp_packed = fnvlist_pack(recvdprops, &size); + zc.zc_nvlist_src = (uint64_t)(uintptr_t)rp_packed; zc.zc_nvlist_src_size = size; } if (localprops != NULL) { - packed = fnvlist_pack(localprops, &size); - zc.zc_nvlist_conf = (uint64_t)(uintptr_t)packed; + lp_packed = fnvlist_pack(localprops, &size); + zc.zc_nvlist_conf = (uint64_t)(uintptr_t)lp_packed; zc.zc_nvlist_conf_size = size; } @@ -1156,8 +1157,10 @@ recv_impl(const char *snapname, nvlist_t *recvdprops, nvlist_t *localprops, zc.zc_nvlist_dst_size, errors, KM_SLEEP)); } - if (packed != NULL) - fnvlist_pack_free(packed, size); + if (rp_packed != NULL) + fnvlist_pack_free(rp_packed, size); + if (lp_packed != NULL) + fnvlist_pack_free(lp_packed, size); free((void *)(uintptr_t)zc.zc_nvlist_dst); }