Archive-Team
/
zfs
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 103 Wiki Activity
zfs/cmd
History
Matthew Ahrens 8a969f3e2d Read past end of argv array in zpool_do_import() 
`zpool_do_import()` passes `argv[0]`, (optionally) `argv[1]`, and
`pool_specified` to `import_pools()`.  If `pool_specified==FALSE`, the
`argv[]` arguments are not used.  However, these values may be off the
end of the `argv[]` array, so loading them could dereference unmapped
memory.  This error is reported by the asan build:

```
=================================================================
==6003==ERROR: AddressSanitizer: heap-buffer-overflow
READ of size 8 at 0x6030000004a8 thread T0
    #0 0x562a078b50eb in zpool_do_import zpool_main.c:3796
    #1 0x562a078858c5 in main zpool_main.c:10709
    #2 0x7f5115231bf6 in __libc_start_main
    #3 0x562a07885eb9 in _start

0x6030000004a8 is located 0 bytes to the right of 24-byte region
allocated by thread T0 here:
    #0 0x7f5116ac6b40 in __interceptor_malloc
    #1 0x562a07885770 in main zpool_main.c:10699
    #2 0x7f5115231bf6 in __libc_start_main
```

This commit passes NULL for these arguments if they are off the end
of the `argv[]` array.

Reviewed-by: George Wilson <gwilson@delphix.com>
Reviewed-by: John Kennedy <john.kennedy@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Allan Jude <allan@klarasystems.com>
Signed-off-by: Matthew Ahrens <mahrens@delphix.com>
Closes #12339
 		2021-09-14 13:08:53 -07:00
..
arc_summary Added another missed case to arc_summary3 2021-06-09 13:05:34 -07:00
arcstat FreeBSD: Update usage of py-sysctl 2020-12-10 15:28:31 -08:00
dbufstat dbufstat: Fix warnings with Python 3.8 2020-12-23 15:10:35 -08:00
fsck_zfs Turn shellcheck into a normal make target. Fix new files it caught 2021-06-09 13:05:34 -07:00
mount_zfs mount.zfs.8: match to reality; zfsprops.8: add missing temporary options 2021-05-27 22:31:57 -07:00
raidz_test Removed duplicated includes 2021-03-22 12:34:58 -07:00
vdev_id Turn shellcheck into a normal make target. Fix new files it caught 2021-06-09 13:05:34 -07:00
zdb Livelist logic should handle dedup blkptrs 2021-06-09 13:05:34 -07:00
zed ZED: Match added disk by pool/vdev GUID if found (#12217) 2021-09-14 12:10:44 -07:00
zfs Correct zfs-send(8) on readonly sends 2021-09-14 12:38:51 -07:00
zfs_ids_to_path zfs_ids_to_path: print correct wrong values 2021-04-14 13:19:50 -07:00
zgenhostid zgenhostid: use argument path directly 2021-06-08 14:47:05 -07:00
zhack cppcheck: integrete cppcheck 2021-01-26 16:12:26 -08:00
zinject cppcheck: integrete cppcheck 2021-01-26 16:12:26 -08:00
zpool Read past end of argv array in zpool_do_import() 2021-09-14 13:08:53 -07:00
zpool_influxdb zpool_influxdb: fix -Werror=stringop-truncation 2021-09-14 12:39:17 -07:00
zstream zstream: force-install zstreamdump link 2021-06-09 13:05:34 -07:00
ztest Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
zvol_id Use substantially more robust program exit status logic in zvol_id 2021-09-14 12:23:38 -07:00
zvol_wait Turn shellcheck into a normal make target. Fix new files it caught 2021-06-09 13:05:34 -07:00
Makefile.am Turn shellcheck into a normal make target. Fix new files it caught 2021-06-09 13:05:34 -07:00