aboutsummaryrefslogtreecommitdiffstats
path: root/cmd/ztest
diff options
context:
space:
mode:
authorRyan Moeller <[email protected]>2020-03-16 14:56:29 -0400
committerGitHub <[email protected]>2020-03-16 11:56:29 -0700
commit4d32abaa874db06ec84aeefafa1354548f91d650 (patch)
treed198dcc0c8522f04df7455ba6640595c94234f26 /cmd/ztest
parent7261fc2e8136f99b89851fa853f7862db45437c3 (diff)
libzfs: Fix bounds checks for float parsing
UINT64_MAX is not exactly representable as a double. The closest representation is UINT64_MAX + 1, so we can use a >= comparison instead of > for the bounds check. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ryan Moeller <[email protected]> Closes #10127
Diffstat (limited to 'cmd/ztest')
-rw-r--r--cmd/ztest/ztest.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/cmd/ztest/ztest.c b/cmd/ztest/ztest.c
index e4b0f61f8..92b46c296 100644
--- a/cmd/ztest/ztest.c
+++ b/cmd/ztest/ztest.c
@@ -648,7 +648,12 @@ nicenumtoull(const char *buf)
} else if (end[0] == '.') {
double fval = strtod(buf, &end);
fval *= pow(2, str2shift(end));
- if (fval > UINT64_MAX) {
+ /*
+ * UINT64_MAX is not exactly representable as a double.
+ * The closest representation is UINT64_MAX + 1, so we
+ * use a >= comparison instead of > for the bounds check.
+ */
+ if (fval >= (double)UINT64_MAX) {
(void) fprintf(stderr, "ztest: value too large: %s\n",
buf);
usage(B_FALSE);