From 23c7a47f6b65005ed78086b176e0ca7b42494467 Mon Sep 17 00:00:00 2001
From: Sanju Rakonde <srakonde@redhat.com>
Date: Wed, 18 Oct 2017 08:06:24 +0530
Subject: glusterfsd: Dereferencing the null pointer

Problem: When control reaches to out, one of (iobref, iobuf, frame) can
be null.for iobref, iobuf iobref_unref() and iobuf_unref() functions
are called respectively, which are using GF_VALIDATE_OR_GOTO(), so
there won't be null pointer dereference. But for frame without null
checking STACK_DESTROY(frame->root) is called causing null pointer
dereference.

Fix: adding a line for null checking, the function
STACK_DESTROY(frame->root) is called only when frame is not null.

Change-Id: I3a6684c11fb7b694b81d6ad4fec3bced5562ad88
BUG: 1505370
Signed-off-by: Sanju Rakonde <srakonde@redhat.com>
(cherry picked from commit 87bd25b64ae34cce95e87e724acfeab4c13d60a4)
---
 glusterfsd/src/gf_attach.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'glusterfsd')

diff --git a/glusterfsd/src/gf_attach.c b/glusterfsd/src/gf_attach.c
index 05119e4f4ca..3f248292ddf 100644
--- a/glusterfsd/src/gf_attach.c
+++ b/glusterfsd/src/gf_attach.c
@@ -144,7 +144,8 @@ out:
 
         iobref_unref (iobref);
         iobuf_unref (iobuf);
-        STACK_DESTROY (frame->root);
+        if (frame)
+                STACK_DESTROY (frame->root);
 
         if (rpc_status != 0) {
                 fprintf (stderr, "got error %d on RPC\n", rpc_status);
-- 
cgit