From 1f48d17fee0cac95648ec34d13f038b27ef5c6ac Mon Sep 17 00:00:00 2001
From: Sanju Rakonde <srakonde@redhat.com>
Date: Tue, 17 Oct 2017 18:53:37 +0530
Subject: glusterd:Dereferencing the null pointer

Problem: When we reach at the out, iobref, iobuf, frame can be null.
for iobref, iobuf at out we are calling iobref_unref() and iobuf_unref()
respectively, which are using GF_VALIDATE_OR_GOTO(), so there won't be
null pointer dereference. But for frame without null checking we are
giving STACK_DESTROY(frame->root), causing null pointer dereference.

Fix: We are adding a line for null checking, we call the function
STACK_DESTROY(frame->root) only when frame is not null.

Change-Id: I6b466a35326a5509bcc510321c24a1d2cf41ca1a
BUG: 1502928
Signed-off-by: Sanju Rakonde <srakonde@redhat.com>
---
 glusterfsd/src/gf_attach.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/glusterfsd/src/gf_attach.c b/glusterfsd/src/gf_attach.c
index 05119e4f4ca..3f248292ddf 100644
--- a/glusterfsd/src/gf_attach.c
+++ b/glusterfsd/src/gf_attach.c
@@ -144,7 +144,8 @@ out:
 
         iobref_unref (iobref);
         iobuf_unref (iobuf);
-        STACK_DESTROY (frame->root);
+        if (frame)
+                STACK_DESTROY (frame->root);
 
         if (rpc_status != 0) {
                 fprintf (stderr, "got error %d on RPC\n", rpc_status);
-- 
cgit