c/mirror_zfs
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_zfs.git synced 2025-01-15 20:50:30 +03:00
Code Issues Packages Projects Releases Wiki Activity
6219190d7f
mirror_zfs/cmd
History
Richard Yao e23ed1b330 Fix potential buffer overflow in zpool command 
The ZPOOL_SCRIPTS_PATH environment variable can be passed here. This
allows for arbitrarily long strings to be passed to sprintf(), which can
overflow the buffer.

I missed this in my earlier audit of the codebase. CodeQL's
cpp/unbounded-write check caught this.

Reviewed-by: Damian Szuberski <szuberskidamian@gmail.com>
Reviewed-by: Alexander Motin <mav@FreeBSD.org>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #14264
2023-01-19 12:50:36 -08:00
..
arc_summary Remove ambiguity on demand vs prefetch stats reported by arc_summary 2022-11-01 12:35:05 -07:00
arcstat arcstat: fix -p option 2022-08-12 14:29:24 -07:00
dbufstat dbufstat: Fix warnings with Python 3.8 2020-12-23 15:10:35 -08:00
fsck_zfs Turn shellcheck into a normal make target. Fix new files it caught 2021-06-09 13:05:34 -07:00
mount_zfs mount.zfs -o zfsutil leverages zfs_mount_at() 2022-02-16 17:58:55 -08:00
raidz_test Removed duplicated includes 2021-03-22 12:34:58 -07:00
vdev_id Remove basename(1). Clean up/shorten some coreutils pipelines 2022-02-16 17:58:55 -08:00
zdb Fix NULL pointer dereference in zdb 2022-12-01 12:39:42 -08:00
zed zed: unclean disk attachment faults the vdev 2023-01-05 11:09:36 -08:00
zfs Fix theoretical use of uninitialized values 2022-12-01 12:39:42 -08:00
zfs_ids_to_path zfs_ids_to_path: print correct wrong values 2021-04-14 13:19:50 -07:00
zgenhostid zgenhostid: use argument path directly 2021-06-08 14:47:05 -07:00
zhack cppcheck: integrete cppcheck 2021-01-26 16:12:26 -08:00
zinject cppcheck: integrete cppcheck 2021-01-26 16:12:26 -08:00
zpool Fix potential buffer overflow in zpool command 2023-01-19 12:50:36 -08:00
zpool_influxdb Use fallthrough macro 2021-11-02 09:50:30 -07:00
zstream Fix unreachable code in zstreamdump 2022-12-01 12:39:41 -08:00
ztest Address warnings about possible division by zero from clangsa 2022-12-01 12:39:43 -08:00
zvol_id Use substantially more robust program exit status logic in zvol_id 2021-09-14 12:23:38 -07:00
zvol_wait zvol_wait logic may terminate prematurely 2022-11-01 12:35:36 -07:00
Makefile.am Turn shellcheck into a normal make target. Fix new files it caught 2021-06-09 13:05:34 -07:00