From ad7cfa94e61217ee46b52bdf0704cd2aeca127a9 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Sat, 17 Nov 2012 21:44:52 -0500 Subject: [PATCH] Windows: buf_CleanLocked protect against NULL bp->userp The cm_buf_t.userp field should never be NULL if the CM_BUF_DIRTY flag is set but apparently it sometimes is. cm_BufWrite() requires that the userp parameter be non-NULL. Otherwise, an assertion fails and afsd_service.exe panics. If bp->userp is NULL, use cm_rootUserp. The worst that will happen is the write will fail due to an access denied error. Reviewed-on: http://gerrit.openafs.org/8475 Tested-by: BuildBot Reviewed-by: Jeffrey Altman Tested-by: Jeffrey Altman (cherry picked from commit f436fe03c80e21b6a58a6de962070841e00791ef) Change-Id: I33f5e73509cc2c6517ae4bf4214011383a341411 Reviewed-on: http://gerrit.openafs.org/8649 Tested-by: BuildBot Reviewed-by: Jeffrey Altman --- src/WINNT/afsd/cm_buf.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/WINNT/afsd/cm_buf.c b/src/WINNT/afsd/cm_buf.c index 3c07f20bc8..9b0a5e5086 100644 --- a/src/WINNT/afsd/cm_buf.c +++ b/src/WINNT/afsd/cm_buf.c @@ -765,9 +765,8 @@ afs_uint32 buf_CleanLocked(cm_scache_t *scp, cm_buf_t *bp, cm_req_t *reqp, * to determine if it is appropriate to fill a full chunk of data * when storing to the file server. */ - code = (*cm_buf_opsp->Writep)(scp, &offset, - bp->dirty_length, - flags, bp->userp, reqp); + code = (*cm_buf_opsp->Writep)(scp, &offset, bp->dirty_length, flags, + bp->userp ? bp->userp : cm_rootUserp, reqp); osi_Log3(buf_logp, "buf_CleanLocked I/O on scp 0x%p buf 0x%p, done=%d", scp, bp, code); } lock_ObtainMutex(&bp->mx);