From 54fb5d3e6b538f2d6d04309af4008001789aca13 Mon Sep 17 00:00:00 2001 From: Chunwei Chen Date: Thu, 17 Aug 2017 17:06:04 -0700 Subject: [PATCH] Fix zfs_ioc_pool_sync should not use fnvlist Use fnvlist on user input would allow user to easily panic zfs. Signed-off-by: Chunwei Chen --- module/zfs/zfs_ioctl.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/module/zfs/zfs_ioctl.c b/module/zfs/zfs_ioctl.c index 9f32d00ac27b..b51b3b79c40e 100644 --- a/module/zfs/zfs_ioctl.c +++ b/module/zfs/zfs_ioctl.c @@ -5983,20 +5983,26 @@ static int zfs_ioc_pool_sync(const char *pool, nvlist_t *innvl, nvlist_t *onvl) { int err; - boolean_t force; + boolean_t force = B_FALSE; spa_t *spa; if ((err = spa_open(pool, &spa, FTAG)) != 0) return (err); - force = fnvlist_lookup_boolean_value(innvl, "force"); + if (innvl) { + if (nvlist_lookup_boolean_value(innvl, "force", &force) != 0) { + err = SET_ERROR(EINVAL); + goto out; + } + } + if (force) { spa_config_enter(spa, SCL_CONFIG, FTAG, RW_WRITER); vdev_config_dirty(spa->spa_root_vdev); spa_config_exit(spa, SCL_CONFIG, FTAG); } txg_wait_synced(spa_get_dsl(spa), 0); - +out: spa_close(spa, FTAG); return (err);