From 1d392e2970fb5b1d2f8cf2904e7b7e5d32a21882 Mon Sep 17 00:00:00 2001
From: Sheetal Pamecha <sheetal.pamecha08@gmail.com>
Date: Mon, 1 Oct 2018 17:02:09 +0530
Subject: features/bit-rot: NULL pointer deferencing clang fix

Problem: local could be NULL

Added condition checks to address this issue

Updates: bz#1622665

Change-Id: I7be7dacc5386a77441385240b43f22d85074b69d
Signed-off-by: Sheetal Pamecha <sheetal.pamecha08@gmail.com>
---
 .../features/bit-rot/src/stub/bit-rot-stub-messages.h    |  2 +-
 xlators/features/bit-rot/src/stub/bit-rot-stub.c         | 16 ++++++++++++----
 2 files changed, 13 insertions(+), 5 deletions(-)

(limited to 'xlators/features/bit-rot')

diff --git a/xlators/features/bit-rot/src/stub/bit-rot-stub-messages.h b/xlators/features/bit-rot/src/stub/bit-rot-stub-messages.h
index cccc3b9c599..0e22f74f9cf 100644
--- a/xlators/features/bit-rot/src/stub/bit-rot-stub-messages.h
+++ b/xlators/features/bit-rot/src/stub/bit-rot-stub-messages.h
@@ -39,6 +39,6 @@ GLFS_MSGID(BITROT_STUB, BRS_MSG_NO_MEMORY, BRS_MSG_SET_EVENT_FAILED,
            BRS_MSG_BAD_HANDLE_DIR_NULL, BRS_MSG_BAD_OBJ_THREAD_FAIL,
            BRS_MSG_BAD_OBJ_DIR_CLOSE_FAIL, BRS_MSG_LINK_FAIL,
            BRS_MSG_BAD_OBJ_UNLINK_FAIL, BRS_MSG_DICT_SET_FAILED,
-           BRS_MSG_PATH_GET_FAILED);
+           BRS_MSG_PATH_GET_FAILED, BRS_MSG_NULL_LOCAL);
 
 #endif /* !_BITROT_STUB_MESSAGES_H_ */
diff --git a/xlators/features/bit-rot/src/stub/bit-rot-stub.c b/xlators/features/bit-rot/src/stub/bit-rot-stub.c
index 2f5cc2b18dd..c6c9b6aafce 100644
--- a/xlators/features/bit-rot/src/stub/bit-rot-stub.c
+++ b/xlators/features/bit-rot/src/stub/bit-rot-stub.c
@@ -1588,6 +1588,11 @@ br_stub_getxattr_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
 
     local = frame->local;
     frame->local = NULL;
+    if (!local) {
+        op_ret = -1;
+        op_errno = EINVAL;
+        goto unwind;
+    }
     inode = local->u.context.inode;
 
     op_ret = -1;
@@ -1654,10 +1659,8 @@ delkeys:
 
 unwind:
     STACK_UNWIND_STRICT(getxattr, frame, op_ret, op_errno, xattr, xdata);
-    if (local) {
-        br_stub_cleanup_local(local);
-        br_stub_dealloc_local(local);
-    }
+    br_stub_cleanup_local(local);
+    br_stub_dealloc_local(local);
     return 0;
 }
 
@@ -3086,6 +3089,11 @@ br_stub_unlink_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
     if (op_ret < 0)
         goto unwind;
 
+    if (!local) {
+        gf_msg(this->name, GF_LOG_WARNING, 0, BRS_MSG_NULL_LOCAL,
+               "local is NULL");
+        goto unwind;
+    }
     inode = local->u.context.inode;
     if (!IA_ISREG(inode->ia_type))
         goto unwind;
-- 
cgit