s3 : smbd : Protect all possible code paths from fsp->op == NULL.

In changes to come this will be possible for an INTERNAL_OPEN_ONLY.
The protection was already in place for some code paths, this
makes the coverage compete.

Bug 10564 - Lock order violation and file lost

https://bugzilla.samba.org/show_bug.cgi?id=10564

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

1 files changed, 14 insertions, 2 deletions

diff --git a/source3/locking/brlock.c b/source3/locking/brlock.c
index ac22ba44d9..e0e042d91b 100644
--- a/source3/locking/brlock.c
+++ b/source3/locking/brlock.c
@@ -1563,12 +1563,18 @@ void brl_close_fnum(struct messaging_context *msg_ctx,
 bool brl_mark_disconnected(struct files_struct *fsp)
 {
 	uint32_t tid = fsp->conn->cnum;
-	uint64_t smblctx = fsp->op->global->open_persistent_id;
+	uint64_t smblctx;
 	uint64_t fnum = fsp->fnum;
 	unsigned int i;
 	struct server_id self = messaging_server_id(fsp->conn->sconn->msg_ctx);
 	struct byte_range_lock *br_lck = NULL;
 
+	if (fsp->op == NULL) {
+		return false;
+	}
+
+	smblctx = fsp->op->global->open_persistent_id;
+
 	if (!fsp->op->global->durable) {
 		return false;
 	}
@@ -1623,12 +1629,18 @@ bool brl_mark_disconnected(struct files_struct *fsp)
 bool brl_reconnect_disconnected(struct files_struct *fsp)
 {
 	uint32_t tid = fsp->conn->cnum;
-	uint64_t smblctx = fsp->op->global->open_persistent_id;
+	uint64_t smblctx;
 	uint64_t fnum = fsp->fnum;
 	unsigned int i;
 	struct server_id self = messaging_server_id(fsp->conn->sconn->msg_ctx);
 	struct byte_range_lock *br_lck = NULL;
 
+	if (fsp->op == NULL) {
+		return false;
+	}
+
+	smblctx = fsp->op->global->open_persistent_id;
+
 	if (!fsp->op->global->durable) {
 		return false;
 	}