Skip to content

Commit

Permalink
rbd: Clear ceph_msg->bio_iter for retransmitted message
Browse files Browse the repository at this point in the history 
The bug can cause NULL pointer dereference in write_partial_msg_pages

Signed-off-by: Zheng Yan <zheng.z.yan@intel.com>
Reviewed-by: Alex Elder <elder@inktank.com>
  • Loading branch information
Yan, Zheng authored and Alex Elder committed Jun 7, 2012
1 parent 8921d11 commit 4364352
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions net/ceph/messenger.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -649,6 +649,10 @@ static void prepare_write_message(struct ceph_connection *con)
m->hdr.seq = cpu_to_le64(++con->out_seq);
m->needs_out_seq = false;
}
#ifdef CONFIG_BLOCK
else
m->bio_iter = NULL;
#endif

dout("prepare_write_message %p seq %lld type %d len %d+%d+%d %d pgs\n",
m, con->out_seq, le16_to_cpu(m->hdr.type),
Expand Down

0 comments on commit 4364352

Please sign in to comment.