diff options
author | Richard Yao <[email protected]> | 2023-05-12 17:10:14 -0400 |
---|---|---|
committer | Brian Behlendorf <[email protected]> | 2023-05-15 10:29:05 -0700 |
commit | ee7b71dbc919439b1db6352bcd95f121127b42dd (patch) | |
tree | c2585e6db8cbca29d11f1c78ab5ed6220d9f5244 /module/zfs/zcp_iter.c | |
parent | c87798d8ff6a63158e80acbbce8b034518a1656e (diff) |
Fix undefined behavior in spa_sync_props()
8eae2d214cfa53862833eeeda9a5c1e9d5ded47d caused Coverity to begin
complaining about "Improper use of negative value" in two places in
spa_sync_props() because Coverity correctly inferred from `prop ==
ZPOOL_PROP_INVAL` that prop could be -1 while both zpool_prop_to_name()
and zpool_prop_get_type() use it an array index, which is undefined
behavior.
Assuming that the system does not panic from an attempt to read invalid
memory, the case statement for ZPOOL_PROP_INVAL will ensure that only
user properties will reach this code when prop is ZPOOL_PROP_INVAL, such
that execution will continue safely. However, if we are unlucky enough
to read invalid memory, then the system will panic.
This issue predates the patch that caused coverity to begin complaining.
Thankfully, our userland tools do not pass nonsense to us, so this bug
should not be triggered unless a future userland tool attempts to set a
property that we do not understand.
Reported-by: Coverity (CID-1561129)
Reported-by: Coverity (CID-1561130)
Reviewed-by: Brian Behlendorf <[email protected]>
Reviewed-by: George Amanakis <[email protected]>
Signed-off-by: Richard Yao <[email protected]>
Closes #14860
Diffstat (limited to 'module/zfs/zcp_iter.c')
0 files changed, 0 insertions, 0 deletions