Diffusion FreeBSD src repository 957c3776f2ac

FreeBSD: Fix out of bounds read in zfs_ioctl_ozfs_to_legacy()
957c3776f2ac
Actions

Description

FreeBSD: Fix out of bounds read in zfs_ioctl_ozfs_to_legacy()

There is an off by 1 error in the check. Fortunately, this function does
not appear to be used in kernel space, despite being compiled as part of
the kernel module. However, it is used in userspace. Callers of
lzc_ioctl_fd() likely will crash if they attempt to use the
unimplemented request number.

This was reported by FreeBSD's coverity scan.

Reported-by: Coverity (CID 1432059)
Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Reviewed-by: Damian Szuberski <szuberskidamian@gmail.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #14135

Details

Provenance

Richard Yao <richard.yao@alumni.stonybrook.edu>	Authored on Nov 4 2022, 6:06 PM
Tony Hutter <hutter2@llnl.gov>	Committed on Dec 1 2022, 8:39 PM

Parents

rG85537f77a357: Expose zfs_vdev_open_timeout_ms as a tunable

Branches

Unknown

Tags

Unknown

Event Timeline

Tony Hutter <hutter2@llnl.gov> committed rG957c3776f2ac: FreeBSD: Fix out of bounds read in zfs_ioctl_ozfs_to_legacy() (authored by Richard Yao <richard.yao@alumni.stonybrook.edu>).Dec 1 2022, 8:39 PM

Changes (1)

Path

Size

module/

os/

freebsd/

zfs/

zfs_ioctl_compat.c

rG957c3776f2ac

View Options

module/os/freebsd/zfs/zfs_ioctl_compat.c