From 32ddf88547f921b33dd93473883928051faab950 Mon Sep 17 00:00:00 2001
From: Joe Gorse <jhgorse@gmail.com>
Date: Thu, 6 Jul 2017 15:47:24 -0400
Subject: [PATCH] LINUX: afs_create infinite fetchStatus loop

For a file in a directory with the CStatd bit cleared, we can get
an infinite fetchStatus loop.

In afs_create(), afs_getDCache() may return NULL due to an error.
If unchecked it will loop which may produce multiple fetchStatus()
calls to the fileserver.

Credit: Yadav Yadavendra for identifying and analysing this issue.

Change-Id: Iecd77d49a5f3e8bb629396c57246736b39aa935f
Reviewed-on: https://gerrit.openafs.org/12651
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
---
 src/afs/VNOPS/afs_vnop_create.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/afs/VNOPS/afs_vnop_create.c b/src/afs/VNOPS/afs_vnop_create.c
index 30eaa7b1e..fe37eed36 100644
--- a/src/afs/VNOPS/afs_vnop_create.c
+++ b/src/afs/VNOPS/afs_vnop_create.c
@@ -131,6 +131,15 @@ afs_create(OSI_VC_DECL(adp), char *aname, struct vattr *attrs,
     }
 
     tdc = afs_GetDCache(adp, (afs_size_t) 0, treq, &offset, &len, 1);
+
+    /** Prevent multiple fetchStatus calls to fileserver when afs_GetDCache()
+      * returns NULL for an error condition
+      */
+    if (!tdc) {
+      code = EIO;
+      goto done;
+    }
+
     ObtainWriteLock(&adp->lock, 135);
     if (tdc)
 	ObtainSharedLock(&tdc->lock, 630);
-- 
2.39.5