Fix NULL pointer dereference in dbuf_prefetch_indirect_done()

When ZFS is built with assertions, a prefetch is done on a redacted blkptr and `dpa->dpa_dnode` is NULL, we will have a NULL pointer dereference in `dbuf_prefetch_indirect_done()`. Both Coverity and Clang's Static Analyzer caught this. Reported-by: Coverity (CID 1524671) Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Ryan Moeller <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes #14210
author: Richard Yao <[email protected]> 2022-11-20 18:04:08 -0500
committer: Brian Behlendorf <[email protected]> 2022-11-29 10:00:50 -0800
commit: 97fac0fb70e35bb01c0d97f227c802c0fcbbf3da (patch)
tree: db04a54393cecd27cb7d0da383007f8f4934eb47 /module
parent: 887fb37843887f79582003f55b314530b870643a (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/module/zfs/dbuf.c b/module/zfs/dbuf.c
index 8190b0f76..52760fb1b 100644
--- a/module/zfs/dbuf.c
+++ b/module/zfs/dbuf.c
@@ -3322,10 +3322,10 @@ dbuf_prefetch_indirect_done(zio_t *zio, const zbookmark_phys_t *zb,
 	blkptr_t *bp = ((blkptr_t *)abuf->b_data) +
 	    P2PHASE(nextblkid, 1ULL << dpa->dpa_epbs);
 
-	ASSERT(!BP_IS_REDACTED(bp) ||
+	ASSERT(!BP_IS_REDACTED(bp) || (dpa->dpa_dnode &&
 	    dsl_dataset_feature_is_active(
 	    dpa->dpa_dnode->dn_objset->os_dsl_dataset,
-	    SPA_FEATURE_REDACTED_DATASETS));
+	    SPA_FEATURE_REDACTED_DATASETS)));
 	if (BP_IS_HOLE(bp) || BP_IS_REDACTED(bp)) {
 		arc_buf_destroy(abuf, private);
 		dbuf_prefetch_fini(dpa, B_TRUE);
author	Richard Yao <[email protected]>	2022-11-20 18:04:08 -0500
committer	Brian Behlendorf <[email protected]>	2022-11-29 10:00:50 -0800
commit	97fac0fb70e35bb01c0d97f227c802c0fcbbf3da (patch)
tree	db04a54393cecd27cb7d0da383007f8f4934eb47 /module
parent	887fb37843887f79582003f55b314530b870643a (diff)