mirror of
https://github.com/freebsd/freebsd-src.git
synced 2024-11-26 20:12:44 +00:00
Fix an uninitialized data access (#16511)
zfs_acl_node_alloc allocates an uninitialized data buffer, but upstack zfs_acl_chmod only partially initializes it. KMSAN reported that this memory remained uninitialized at the point when it was read by lzjb_compress, which suggests a possible kernel memory disclosure bug. The full KMSAN warning may be found in the PR. https://github.com/openzfs/zfs/pull/16511 Signed-off-by: Alan Somers <asomers@gmail.com> Sponsored by: Axcient Reviewed-by: Alexander Motin <mav@FreeBSD.org> Reviewed-by: Tony Hutter <hutter2@llnl.gov>
This commit is contained in:
parent
63253dbf4f
commit
308f7c2f14
@ -473,7 +473,7 @@ zfs_acl_node_alloc(size_t bytes)
|
||||
|
||||
aclnode = kmem_zalloc(sizeof (zfs_acl_node_t), KM_SLEEP);
|
||||
if (bytes) {
|
||||
aclnode->z_acldata = kmem_alloc(bytes, KM_SLEEP);
|
||||
aclnode->z_acldata = kmem_zalloc(bytes, KM_SLEEP);
|
||||
aclnode->z_allocdata = aclnode->z_acldata;
|
||||
aclnode->z_allocsize = bytes;
|
||||
aclnode->z_size = bytes;
|
||||
|
@ -471,7 +471,7 @@ zfs_acl_node_alloc(size_t bytes)
|
||||
|
||||
aclnode = kmem_zalloc(sizeof (zfs_acl_node_t), KM_SLEEP);
|
||||
if (bytes) {
|
||||
aclnode->z_acldata = kmem_alloc(bytes, KM_SLEEP);
|
||||
aclnode->z_acldata = kmem_zalloc(bytes, KM_SLEEP);
|
||||
aclnode->z_allocdata = aclnode->z_acldata;
|
||||
aclnode->z_allocsize = bytes;
|
||||
aclnode->z_size = bytes;
|
||||
|
Loading…
Reference in New Issue
Block a user