From mboxrd@z Thu Jan  1 00:00:00 1970
From: teigland@sourceware.org <teigland@sourceware.org>
Date: 14 Aug 2007 17:05:11 -0000
Subject: [Cluster-devel] cluster/cman-kernel/src sm_message.c
Message-ID: <20070814170511.7131.qmail@sourceware.org>
List-Id: <cluster-devel.redhat.com>
To: cluster-devel.redhat.com
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

CVSROOT:	/cvs/cluster
Module name:	cluster
Branch: 	RHEL4
Changes by:	teigland at sourceware.org	2007-08-14 17:05:10

Modified files:
	cman-kernel/src: sm_message.c 

Log message:
	bz 199433: NULL pointer dereference in cman:process_messages for cmirror
	
	Adds a check for a null message, and if it finds one, prints an error
	and ignores it instead of oopsing.  This may help us get further in
	discovering the real problem.  Ignoring the null message will probably
	lead to a hang of some kind, which is better and easier to debug than
	an oopsed machine.

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/cman-kernel/src/sm_message.c.diff?cvsroot=cluster&only_with_tag=RHEL4&r1=1.4.2.3&r2=1.4.2.4

--- cluster/cman-kernel/src/Attic/sm_message.c	2006/12/01 20:40:00	1.4.2.3
+++ cluster/cman-kernel/src/Attic/sm_message.c	2007/08/14 17:05:10	1.4.2.4
@@ -726,6 +726,14 @@
 
 		if (!re)
 			break;
+
+		if (!re->msg) {
+			log_print("process_messages: NULL msg re %p len %d "
+				  "nodeid %d", re, re->len, re->nodeid);
+			kfree(re);
+			continue;
+		}
+
 		process_message(re->msg, re->nodeid);
 		kfree(re->msg);
 		kfree(re);