Zero end of embedded block buffer in dump_write_embedded()

This fixes a kernel stack leak.

Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Tested-by: Nicholas Sherlock <n.sherlock@gmail.com>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #13778
Closes #14255
This commit is contained in:
Richard Yao 2022-12-13 20:31:47 -05:00 committed by GitHub
parent 9be34ec99e
commit f3f5263f8a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -584,7 +584,13 @@ dump_write_embedded(dmu_send_cookie_t *dscp, uint64_t object, uint64_t offset,
decode_embedded_bp_compressed(bp, buf); decode_embedded_bp_compressed(bp, buf);
if (dump_record(dscp, buf, P2ROUNDUP(drrw->drr_psize, 8)) != 0) uint32_t psize = drrw->drr_psize;
uint32_t rsize = P2ROUNDUP(psize, 8);
if (psize != rsize)
memset(buf + psize, 0, rsize - psize);
if (dump_record(dscp, buf, rsize) != 0)
return (SET_ERROR(EINTR)); return (SET_ERROR(EINTR));
return (0); return (0);
} }