freebsd-nq/lib/libzfs/common
Andriy Gapon f728d00c4d 6314 buffer overflow in dsl_dataset_name
illumos/illumos-gate@9adfa60d48
9adfa60d48

https://www.illumos.org/issues/6314
  Callers of dsl_dataset_name pass a buffer of size ZFS_MAXNAMELEN, but
  dsl_dataset_name copies the datasets' name PLUS the snapshot name to it,
  resulting in a max of 2 * ZFS_MAXNAMELEN + '@'.

Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Prakash Surya <prakash.surya@delphix.com>
Reviewed by: Igor Kozhukhov <ikozhukhov@gmail.com>
Approved by: Dan McDonald <danmcd@omniti.com>
Author: Matthew Ahrens <mahrens@delphix.com>
2016-07-12 12:01:54 +00:00
..
sys 5312 libzfs should be decoupled from kernel's zfs_context.h 2014-12-06 00:17:25 +00:00
libzfs_changelist.c 6314 buffer overflow in dsl_dataset_name 2016-07-12 12:01:54 +00:00
libzfs_config.c 4521 zfstest is trying to execute evil "zfs unmount -a" 2016-07-12 11:58:04 +00:00
libzfs_dataset.c 6314 buffer overflow in dsl_dataset_name 2016-07-12 12:01:54 +00:00
libzfs_diff.c 6314 buffer overflow in dsl_dataset_name 2016-07-12 12:01:54 +00:00
libzfs_fru.c
libzfs_impl.h 6314 buffer overflow in dsl_dataset_name 2016-07-12 12:01:54 +00:00
libzfs_import.c 6872 zfs libraries should not allow uninitialized variables 2016-07-12 11:59:25 +00:00
libzfs_iter.c 6314 buffer overflow in dsl_dataset_name 2016-07-12 12:01:54 +00:00
libzfs_mount.c 6314 buffer overflow in dsl_dataset_name 2016-07-12 12:01:54 +00:00
libzfs_pool.c 6314 buffer overflow in dsl_dataset_name 2016-07-12 12:01:54 +00:00
libzfs_sendrecv.c 6314 buffer overflow in dsl_dataset_name 2016-07-12 12:01:54 +00:00
libzfs_status.c
libzfs_util.c 6931 lib/libzfs: cleanup gcc warnings 2016-07-12 12:00:31 +00:00
libzfs.h 6314 buffer overflow in dsl_dataset_name 2016-07-12 12:01:54 +00:00