From 710fd1ded68491a164d85aedc69ffd4675ec5c59 Mon Sep 17 00:00:00 2001 From: Richard Yao Date: Mon, 12 Sep 2022 15:54:43 -0400 Subject: zpool_load_compat() should create strings of length ZFS_MAXPROPLEN Otherwise, `strlcat()` can overflow them. Coverity found this. Reviewed-by: Brian Behlendorf Reviewed-by: Neal Gompa Signed-off-by: Richard Yao Closes #13866 --- lib/libzfs/libzfs_pool.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/libzfs/libzfs_pool.c b/lib/libzfs/libzfs_pool.c index 928f8b428..eea388cf3 100644 --- a/lib/libzfs/libzfs_pool.c +++ b/lib/libzfs/libzfs_pool.c @@ -4684,8 +4684,8 @@ zpool_load_compat(const char *compat, boolean_t *features, char *report, for (uint_t i = 0; i < SPA_FEATURES; i++) features[i] = B_TRUE; - char err_badfile[1024] = ""; - char err_badtoken[1024] = ""; + char err_badfile[ZFS_MAXPROPLEN] = ""; + char err_badtoken[ZFS_MAXPROPLEN] = ""; /* * We ignore errors from the directory open() -- cgit v1.2.3