zap_impl: use flex array field for mzap_phys_t.mz_chunks
mz_phys_t is always a full-block allocation, with mz_chunks[] as an
array over the rest of the block past the header.
Recent Linux compiled with CONFIG_UBSAN will complain about this:
UBSAN: array-index-out-of-bounds in module/zfs/zap.c:1236:28
index 2 is out of range for type 'mzap_ent_phys_t [1]'
The fix is straightforward; simply convert this field to a flex member.
Sponsored-by: TrueNAS
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Rob Norris <rob.norris@truenas.com>
Closes #18550
This commit is contained in:
@@ -62,8 +62,9 @@ typedef struct mzap_phys {
|
|||||||
uint64_t mz_salt;
|
uint64_t mz_salt;
|
||||||
uint64_t mz_normflags;
|
uint64_t mz_normflags;
|
||||||
uint64_t mz_pad[5];
|
uint64_t mz_pad[5];
|
||||||
mzap_ent_phys_t mz_chunk[1];
|
|
||||||
/* actually variable size depending on block size */
|
/* actually variable size depending on block size */
|
||||||
|
mzap_ent_phys_t mz_chunk[];
|
||||||
} mzap_phys_t;
|
} mzap_phys_t;
|
||||||
|
|
||||||
typedef struct mzap_ent {
|
typedef struct mzap_ent {
|
||||||
|
|||||||
Reference in New Issue
Block a user