From 40c9163aa9f266c4ad3a0a5a68e0aae0c35e3e51 Mon Sep 17 00:00:00 2001 From: Garrett Wollman Date: Mon, 8 Aug 2011 23:59:17 -0400 Subject: [PATCH] libafs: crash in a more useful way if nchunks is zero In afs_CacheStoreDCaches(), if the parameter nchunks is zero, the main loop will not execute, leaving the XSTATS pointer unchanged, which will result in a null dereference in XSTATS_END_TIME. Instead assert that nchunks is nonzero, which will help the static analyzer and will also generate a more useful panic message should this error ever be encountered in operation. There is presently only one call site, and it may be the case that this condition can never be triggered. (While in the neighborhood, also avoid dereferencing tdc immediately before testing whether it is null.) Change-Id: Idf68f1306d3e09771425c62df139c1de11806c22 Found-by: clang static analyzer Reviewed-on: http://gerrit.openafs.org/5179 Reviewed-by: Derrick Brashear Tested-by: BuildBot --- src/afs/afs_fetchstore.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/afs/afs_fetchstore.c b/src/afs/afs_fetchstore.c index 7f85c73..16c0550 100644 --- a/src/afs/afs_fetchstore.c +++ b/src/afs/afs_fetchstore.c @@ -471,16 +471,19 @@ afs_CacheStoreDCaches(struct vcache *avc, struct dcache **dclist, afs_size_t bytesToXfer = 10000; /* # bytes to xfer */ #endif /* AFS_NOSTATS */ XSTATS_DECLS; + osi_Assert(nchunks != 0); for (i = 0; i < nchunks && !code; i++) { int stored = 0; struct dcache *tdc = dclist[i]; - afs_int32 size = tdc->f.chunkBytes; + afs_int32 size; + if (!tdc) { afs_warn("afs: missing dcache!\n"); storeallmissing++; continue; /* panic? */ } + size = tdc->f.chunkBytes; afs_Trace4(afs_iclSetp, CM_TRACE_STOREALL2, ICL_TYPE_POINTER, avc, ICL_TYPE_INT32, tdc->f.chunk, ICL_TYPE_INT32, tdc->index, ICL_TYPE_INT32, afs_inode2trace(&tdc->f.inode)); -- 1.9.4