Fix possible bad bit shift in dnode_next_offset_level()
fa468025859f
Actions

Description

Fix possible bad bit shift in dnode_next_offset_level()

031d7c2fe6afaa78943bd0a563b91fc84ace42d7 did not handle reverse
iteration, such that the original issue theoretically could still occur.

Note that contrary to the claim in the ZFS disk format specification
that a maximum of 6 levels are possible, 9 levels are possible with
recordsize=512 and and indirect block size of 16KB. In this unusual
configuration, span will be 65. The maximum size of span at 70 can be
reached at recordsize=16K and an indirect blocksize of 16KB.

When we are at this indirection level and are traversing backward, the
minimum value is start, but we cannot calculate that with 64-bit
arithmetic, so we avoid the calculation and instead rely on the earlier
statement that did *offset = start;.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Reported-by: Coverity (CID-1466214)
Closes #14618

Details

Provenance

Richard Yao <richard.yao@alumni.stonybrook.edu>	Authored on Mar 16 2023, 9:27 PM
GitHub <noreply@github.com>	Committed on Mar 16 2023, 9:27 PM

Parents

rG60cfd3bbc22c: QAT: Fix uninitialized seed in QAT compression

Branches

Unknown

Tags

Unknown

Event Timeline

GitHub <noreply@github.com> committed rGfa468025859f: Fix possible bad bit shift in dnode_next_offset_level() (authored by Richard Yao <richard.yao@alumni.stonybrook.edu>).Mar 16 2023, 9:27 PM

Changes (1)

Path

Size

module/

zfs/

dnode.c

rGfa468025859f

View Options