Handle the case of m == NULL in m_copym().

This case should not happen, but actually does happen for the userland stack. See #160. The real fix for #160 is to figure out why there is an entry in the asoc->send_queue with chk->data == NULL. But I was not able to reproduce the problem locally. So this change will still panic(), if the code is compiled with INVARIANTS, but will not crash if build without it (for production).
sctplab · May 6, 2018 · d89882d · d89882d
1 parent c88620f
commit d89882d
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/usrsctplib/user_mbuf.c b/usrsctplib/user_mbuf.c
@@ -987,7 +987,13 @@ m_copym(struct mbuf *m, int off0, int len, int wait)
 
 	KASSERT(off >= 0, ("m_copym, negative off %d", off));
 	KASSERT(len >= 0, ("m_copym, negative len %d", len));
+	KASSERT(m != NULL, ("m_copym, m is NULL"));
 
+#if !defined(INVARIANTS)
+	if (m == NULL) {
+		return (NULL);
+	}
+#endif
 	if (off == 0 && m->m_flags & M_PKTHDR)
 		copyhdr = 1;
 	while (off > 0) {