diff options
| author | Andriy Gapon <avg@FreeBSD.org> | 2019-12-13 22:04:13 +0000 |
|---|---|---|
| committer | Andriy Gapon <avg@FreeBSD.org> | 2019-12-13 22:04:13 +0000 |
| commit | c527e9200452b065b46bda11b03ab1b800c642e6 (patch) | |
| tree | 3108d4cefc66b9af6278b11d937601ff17a2032d /stand/libsa/zfs/zfsimpl.c | |
| parent | 9f07ef760a8e707380ad538a7216aef6b10e36d8 (diff) | |
| download | src-c527e9200452b065b46bda11b03ab1b800c642e6.tar.gz src-c527e9200452b065b46bda11b03ab1b800c642e6.zip | |
zfs boot: fix a crash in a rarely taken path in fzap_lookup
Instead of passing NULL to fzap_name_equal and crashing, just return
ENOENT. This happened when higher bits of a hash of the searched key
(its hash prefix) matched a hash prefix of some key in the ZAP, but the
full hash value of the searched key did not match any key in the ZAP.
I observerved this problem when loader tried to look up
"features_for_read" in a particular old pool that predates pool
features.
MFC after: 2 weeks
Sponsored by: Panzura
Notes
Notes:
svn path=/head/; revision=355736
Diffstat (limited to 'stand/libsa/zfs/zfsimpl.c')
| -rw-r--r-- | stand/libsa/zfs/zfsimpl.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/stand/libsa/zfs/zfsimpl.c b/stand/libsa/zfs/zfsimpl.c index f7d13d175037..8e728aa1abec 100644 --- a/stand/libsa/zfs/zfsimpl.c +++ b/stand/libsa/zfs/zfsimpl.c @@ -2282,10 +2282,8 @@ fzap_lookup(const spa_t *spa, const dnode_phys_t *dnode, const char *name, return (ENOENT); zc = &ZAP_LEAF_CHUNK(&zl, h); while (zc->l_entry.le_hash != hash) { - if (zc->l_entry.le_next == 0xffff) { - zc = NULL; - break; - } + if (zc->l_entry.le_next == 0xffff) + return (ENOENT); zc = &ZAP_LEAF_CHUNK(&zl, zc->l_entry.le_next); } if (fzap_name_equal(&zl, zc, name)) { |