From 19516b69ee41c9d3e239cb132c31fa9b13af2356 Mon Sep 17 00:00:00 2001 From: Richard Yao Date: Fri, 14 Oct 2022 16:33:22 -0400 Subject: [PATCH] Fix potential NULL pointer dereference in lzc_ioctl() Users are allowed to pass NULL to resultp, but we unconditionally assume that they never do. When an external user does pass NULL to resultp, we dereference a NULL pointer. Clang's static analyzer complained about this. Reviewed-by: Brian Behlendorf Reviewed-by: Ryan Moeller Signed-off-by: Richard Yao Closes #14008 --- lib/libzfs_core/libzfs_core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libzfs_core/libzfs_core.c b/lib/libzfs_core/libzfs_core.c index 16bd9af1b..3fe65e665 100644 --- a/lib/libzfs_core/libzfs_core.c +++ b/lib/libzfs_core/libzfs_core.c @@ -235,7 +235,7 @@ lzc_ioctl(zfs_ioc_t ioc, const char *name, break; } } - if (zc.zc_nvlist_dst_filled) { + if (zc.zc_nvlist_dst_filled && resultp != NULL) { *resultp = fnvlist_unpack((void *)(uintptr_t)zc.zc_nvlist_dst, zc.zc_nvlist_dst_size); }