mirror of
https://git.proxmox.com/git/mirror_zfs.git
synced 2025-10-24 08:55:00 +03:00
d8381f50d6
`zpool_do_import()` passes `argv[0]`, (optionally) `argv[1]`, and
`pool_specified` to `import_pools()`. If `pool_specified==FALSE`, the
`argv[]` arguments are not used. However, these values may be off the
end of the `argv[]` array, so loading them could dereference unmapped
memory. This error is reported by the asan build:
```
=================================================================
==6003==ERROR: AddressSanitizer: heap-buffer-overflow
READ of size 8 at 0x6030000004a8 thread T0
#0 0x562a078b50eb in zpool_do_import zpool_main.c:3796
#1 0x562a078858c5 in main zpool_main.c:10709
#2 0x7f5115231bf6 in __libc_start_main
#3 0x562a07885eb9 in _start
0x6030000004a8 is located 0 bytes to the right of 24-byte region
allocated by thread T0 here:
#0 0x7f5116ac6b40 in __interceptor_malloc
#1 0x562a07885770 in main zpool_main.c:10699
#2 0x7f5115231bf6 in __libc_start_main
```
This commit passes NULL for these arguments if they are off the end
of the `argv[]` array.
Reviewed-by: George Wilson <gwilson@delphix.com>
Reviewed-by: John Kennedy <john.kennedy@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Allan Jude <allan@klarasystems.com>
Signed-off-by: Matthew Ahrens <mahrens@delphix.com>
Closes #12339
|
||
|---|---|---|
| .. | ||
| arc_summary | ||
| arcstat | ||
| dbufstat | ||
| fsck_zfs | ||
| mount_zfs | ||
| raidz_test | ||
| vdev_id | ||
| zdb | ||
| zed | ||
| zfs | ||
| zfs_ids_to_path | ||
| zgenhostid | ||
| zhack | ||
| zinject | ||
| zpool | ||
| zpool_influxdb | ||
| zstream | ||
| ztest | ||
| zvol_id | ||
| zvol_wait | ||
| Makefile.am | ||