Hi Gary, The only case I see where MDS can return NCSCC_RC_SUCCESS and still sndrsp.o_rsp is NULL is in the case of Timeouts. In this case the fix might avoid the core, but the core problem will still be there and it might affect other flows or services also I think the better solution is to return NCSCC_RC_REQ_TIMOUT from the MDS and let the Application handle it
Thanks, Ravi -----Original Message----- From: Gary Lee [mailto:gary....@dektech.com.au] Sent: Thursday, March 01, 2018 11:02 AM To: hans.nordeb...@ericsson.com; ravisekhar.ko...@oracle.com; minh.c...@dektech.com.au Cc: opensaf-devel@lists.sourceforge.net; Gary Lee <gary....@dektech.com.au> Subject: [PATCH 1/1] amf: do not dereference null pointer [#2791] Callers of ava_mds_send() assume *o_msg is not null, if the return code is NCSCC_RC_SUCCESS. --- src/amf/agent/ava_mds.cc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/amf/agent/ava_mds.cc b/src/amf/agent/ava_mds.cc index 440885332..cd139365d 100644 --- a/src/amf/agent/ava_mds.cc +++ b/src/amf/agent/ava_mds.cc @@ -378,6 +378,10 @@ uint32_t ava_mds_send(AVA_CB *cb, AVSV_NDA_AVA_MSG *i_msg, /* retrieve the response */ *o_msg = (AVSV_NDA_AVA_MSG *)mds_info.info.svc_send.info.sndrsp.o_rsp; mds_info.info.svc_send.info.sndrsp.o_rsp = 0; + if (*o_msg == nullptr) { + LOG_ER("No response received"); + rc = NCSCC_RC_FAILURE; + } } } else /* just a 'normal' send */ -- 2.14.1 ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Opensaf-devel mailing list Opensaf-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/opensaf-devel
