libceph: do not dereference a NULL bio pointer
authorIlya Dryomov <ilya.dryomov@inktank.com>
Wed, 5 Feb 2014 13:19:55 +0000 (15:19 +0200)
committerSage Weil <sage@inktank.com>
Fri, 7 Feb 2014 19:37:07 +0000 (11:37 -0800)
Commit f38a5181d9f3 ("ceph: Convert to immutable biovecs") introduced
a NULL pointer dereference, which broke rbd in -rc1.  Fix it.

Cc: Kent Overstreet <kmo@daterainc.com>
Signed-off-by: Ilya Dryomov <ilya.dryomov@inktank.com>
Reviewed-by: Sage Weil <sage@inktank.com>
net/ceph/messenger.c

index 0e478a0f4204b72ed19ae49c349d632cda009e02..30efc5c186222c64ea3d7d21b194f8ce9f4e0f47 100644 (file)
@@ -840,9 +840,13 @@ static bool ceph_msg_data_bio_advance(struct ceph_msg_data_cursor *cursor,
 
        if (!cursor->bvec_iter.bi_size) {
                bio = bio->bi_next;
-               cursor->bvec_iter = bio->bi_iter;
+               cursor->bio = bio;
+               if (bio)
+                       cursor->bvec_iter = bio->bi_iter;
+               else
+                       memset(&cursor->bvec_iter, 0,
+                              sizeof(cursor->bvec_iter));
        }
-       cursor->bio = bio;
 
        if (!cursor->last_piece) {
                BUG_ON(!cursor->resid);