From 409c99a1d3e5c47c5b61a4d471c60c5b92c887a6 Mon Sep 17 00:00:00 2001 From: Richard Yao Date: Sun, 16 Oct 2022 00:19:13 -0400 Subject: [PATCH] Fix NULL pointer dereference in spa_open_common() Calling spa_open() will pass a NULL pointer to spa_open_common()'s config parameter. Under the right circumstances, we will dereference the config parameter without doing a NULL check. Clang's static analyzer found this. Reviewed-by: Brian Behlendorf Signed-off-by: Richard Yao Closes #14044 --- module/zfs/spa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/module/zfs/spa.c b/module/zfs/spa.c index 86447d1fd..c9759f35a 100644 --- a/module/zfs/spa.c +++ b/module/zfs/spa.c @@ -5230,7 +5230,7 @@ spa_open_common(const char *pool, spa_t **spapp, void *tag, nvlist_t *nvpolicy, * If we've recovered the pool, pass back any information we * gathered while doing the load. */ - if (state == SPA_LOAD_RECOVER) { + if (state == SPA_LOAD_RECOVER && config != NULL) { fnvlist_add_nvlist(*config, ZPOOL_CONFIG_LOAD_INFO, spa->spa_load_info); }