From ba4b22f52d164941a6ac10b2a27f62ea7e0c3caa Mon Sep 17 00:00:00 2001
From: DatanoiseTV <6614616+DatanoiseTV@users.noreply.github.com>
Date: Fri, 8 May 2026 21:32:47 +0200
Subject: [PATCH] mesh: null-check getMeshNode in handleFromRadio

NodeDB::getMeshNode returns nullptr legitimately under heap pressure
(see NodeDB::isFull and updateFrom early-out paths). The condition at
MeshService.cpp:97 dereferenced the result directly to read has_user,
so every received decoded packet from a new node could crash on a
device near pool exhaustion. Restructure with an init-statement so the
node is fetched once and the rest of the predicate short-circuits on
null.
---
 src/mesh/MeshService.cpp | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/mesh/MeshService.cpp b/src/mesh/MeshService.cpp
index 952a6d2be37..f02257231c9 100644
--- a/src/mesh/MeshService.cpp
+++ b/src/mesh/MeshService.cpp
@@ -94,8 +94,9 @@ int MeshService::handleFromRadio(const meshtastic_MeshPacket *mp)
         mp->decoded.portnum == meshtastic_PortNum_TELEMETRY_APP && mp->decoded.request_id > 0) {
         LOG_DEBUG("Received telemetry response. Skip sending our NodeInfo");
         //  ignore our request for its NodeInfo
-    } else if (mp->which_payload_variant == meshtastic_MeshPacket_decoded_tag && !nodeDB->getMeshNode(mp->from)->has_user &&
-               nodeInfoModule && !isPreferredRebroadcaster && !nodeDB->isFull()) {
+    } else if (auto *senderNode = (mp->which_payload_variant == meshtastic_MeshPacket_decoded_tag) ? nodeDB->getMeshNode(mp->from)
+                                                                                                  : nullptr;
+               senderNode && !senderNode->has_user && nodeInfoModule && !isPreferredRebroadcaster && !nodeDB->isFull()) {
         if (airTime->isTxAllowedChannelUtil(true)) {
             const int8_t hopsUsed = getHopsAway(*mp, config.lora.hop_limit);
             if (hopsUsed > (int32_t)(config.lora.hop_limit + 2)) {