Go to file
Richard Yao a2163a96ae
Fix bad free in skein code
Clang's static analyzer found a bad free caused by skein_mac_atomic().
It will allocate a context on the stack and then pass it to
skein_final(), which attempts to free it. Upon inspection,
skein_digest_atomic() also has the same problem.

These functions were created to match the OpenSolaris ICP API, so I was
curious how we avoided this in other providers and looked at the SHA2
code. It appears that SHA2 has a SHA2Final() helper function that is
called by the exported sha2_mac_final()/sha2_digest_final() as well as
the sha2_mac_atomic() and sha2_digest_atomic() functions. The real work
is done in SHA2Final() while some checks and the free are done in
sha2_mac_final()/sha2_digest_final().

We fix the use after free in the skein code by taking inspiration from
the SHA2 code. We introduce a skein_final_nofree() that does most of the
work, and make skein_final() into a function that calls it and then
frees the memory.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Tony Hutter <hutter2@llnl.gov>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #13954
2022-09-27 12:36:58 -07:00
.github CI: revert --with-config=dist to hotfix Ubuntu 20.04 2022-09-14 16:26:57 -07:00
cmd Fix userland resource leaks 2022-09-23 16:55:26 -07:00
config Add Linux posix_fadvise support 2022-09-08 10:29:41 -07:00
contrib Fix userspace memory leaks found by Clang Static Analzyer 2022-09-26 17:18:05 -07:00
etc Update zfs-mount to load before fstab, matches systemd service. 2022-09-26 17:11:43 -07:00
include Fix double declaration of getauxval() for FreeBSD PPC 2022-09-26 10:32:22 -07:00
lib Fix double declaration of getauxval() for FreeBSD PPC 2022-09-26 10:32:22 -07:00
man Dynamically size dbuf hash mutex array 2022-09-22 12:59:56 -07:00
module Fix bad free in skein code 2022-09-27 12:36:58 -07:00
rpm Add zilstat script to report zil kstats in a user friendly manner 2022-09-02 13:24:07 -07:00
scripts Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
tests Fix userspace memory leaks found by Clang Static Analzyer 2022-09-26 17:18:05 -07:00
udev Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
.editorconfig Add an .editorconfig; document git whitespace settings 2020-01-27 13:32:52 -08:00
.gitignore autoconf: use include directives instead of recursing down cmd 2022-05-10 10:18:38 -07:00
.gitmodules .gitmodules: link to openzfs github repository 2021-04-12 09:37:23 -07:00
AUTHORS Introduce BLAKE3 checksums as an OpenZFS feature 2022-06-08 15:55:57 -07:00
autogen.sh autogen.sh: paper over automake <1.14's lack of %reldir% support 2022-05-10 10:20:46 -07:00
CODE_OF_CONDUCT.md Replace ZFS on Linux references with OpenZFS 2020-10-08 20:10:13 -07:00
configure.ac Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
copy-builtin copy-builtin: add hooks with sed/>> 2022-05-10 10:17:43 -07:00
COPYRIGHT Fix typos 2020-06-09 21:24:09 -07:00
LICENSE Update build system and packaging 2018-05-29 16:00:33 -07:00
Makefile.am Replace EXTRA_DIST with dist_noinst_DATA 2022-05-26 09:24:50 -07:00
META Linux 5.19 compat: META 2022-08-02 10:04:38 -07:00
NEWS Fix NEWS file 2020-08-26 21:44:41 -07:00
NOTICE Update build system and packaging 2018-05-29 16:00:33 -07:00
README.md README: Update OpenZFS website url 2022-01-06 16:25:01 -08:00
RELEASES.md Add RELEASES.md file 2021-04-02 16:33:40 -07:00
TEST Remove CI builder customization from TEST 2020-03-16 10:46:03 -07:00
zfs.release.in Move zfs.release generation to configure step 2012-07-12 12:22:51 -07:00

img

OpenZFS is an advanced file system and volume manager which was originally developed for Solaris and is now maintained by the OpenZFS community. This repository contains the code for running OpenZFS on Linux and FreeBSD.

codecov coverity

Official Resources

Installation

Full documentation for installing OpenZFS on your favorite operating system can be found at the Getting Started Page.

Contribute & Develop

We have a separate document with contribution guidelines.

We have a Code of Conduct.

Release

OpenZFS is released under a CDDL license. For more details see the NOTICE, LICENSE and COPYRIGHT files; UCRL-CODE-235197

Supported Kernels

  • The META file contains the officially recognized supported Linux kernel versions.
  • Supported FreeBSD versions are any supported branches and releases starting from 12.2-RELEASE.