Bug #6527: Possible access beyond end of string in zpool comment - illumos gate - illumos

Bug #6527

Possible access beyond end of string in zpool comment

Added by Jorgen Lundman almost 4 years ago. Updated almost 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

Start date:

2015-12-21

Due date:

% Done:

100%

Estimated time:

Difficulty:

Medium

Tags:

needs-triage

Description

The 'check' pointer is incremented in both the for-loop's update statement,
as well as, in the body of the loop. This means only every second character
is actually checked for low-ascii, and potentially, bytes beyond the
string's null-terminator can be attempted to be accessed.

History

Updated by Jorgen Lundman almost 4 years ago

https://github.com/openzfs/openzfs/pull/47

Updated by Electric Monk almost 4 years ago

Status changed from New to Closed
% Done changed from 0 to 100

git commit 2bd7a8d078223b122d65fea49bb8641f858b1409

commit  2bd7a8d078223b122d65fea49bb8641f858b1409
Author: Jorgen Lundman <lundman@lundman.net>
Date:   2015-12-21T04:51:23.000Z

    6527 Possible access beyond end of string in zpool comment
    Reviewed by: George Wilson <george.wilson@delphix.com>
    Reviewed by: Matthew Ahrens <mahrens@delphix.com>
    Reviewed by: Dan McDonald <danmcd@omniti.com>
    Approved by: Gordon Ross <gwr@nexenta.com>

Also available in: Atom PDF

Project

General

Profile

illumos gate

Issues

Custom queries

Bug #6527

Possible access beyond end of string in zpool comment

History

Updated by Jorgen Lundman almost 4 years ago

Updated by Electric Monk almost 4 years ago