Bug 1439236: exit early if m_copym gets called with null ptr
Cheery-picked upstream commit:
https://github.com/sctplab/usrsctp/commit/d89882d04900c80860874b5eb389b3ed3a0bca3d
MozReview-Commit-ID: 36bYbfIaqEz
--- a/netwerk/sctp/src/user_mbuf.c
+++ b/netwerk/sctp/src/user_mbuf.c
@@ -982,16 +982,23 @@ m_copym(struct mbuf *m, int off0, int le
{
struct mbuf *n, **np;
int off = off0;
struct mbuf *top;
int copyhdr = 0;
KASSERT(off >= 0, ("m_copym, negative off %d", off));
KASSERT(len >= 0, ("m_copym, negative len %d", len));
+ KASSERT(m != NULL, ("m_copym, m is NULL"));
+
+#if !defined(INVARIANTS)
+ if (m == NULL) {
+ return (NULL);
+ }
+#endif
if (off == 0 && m->m_flags & M_PKTHDR)
copyhdr = 1;
while (off > 0) {
KASSERT(m != NULL, ("m_copym, offset > size of mbuf chain"));
if (off < m->m_len)
break;
off -= m->m_len;