potential null pointer dereference in setup_cpuid_table

From: Colin King (gmail)
Date: Thu Jul 27 2023 - 10:22:58 EST

Next message: Alexandre Ghiti: "[PATCH v4 06/10] drivers: perf: Implement perf event mmap support in the legacy backend"
Previous message: Alexandre Ghiti: "[PATCH v4 05/10] riscv: Prepare for user-space perf event mmap support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

Static analysis with cppcheck found a potential null pointer dereference in function setup_cpuid_table in arch/x86/kernel/sev-shared.c as follows:

if (!cc_info || !cc_info->cpuid_phys || cc_info->cpuid_len < PAGE_SIZE)
sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_CPUID);

cpuid_table_fw = (const struct snp_cpuid_table *)cc_info->cpuid_phys;

cc_info is being null checked, so it's potentially null, however, the assignment to cpuid_table_fw is dereferencing cc_info. Either cc_info is never null and the null check is redundant, or there is a potential null pointer dereference.

Colin

Next message: Alexandre Ghiti: "[PATCH v4 06/10] drivers: perf: Implement perf event mmap support in the legacy backend"
Previous message: Alexandre Ghiti: "[PATCH v4 05/10] riscv: Prepare for user-space perf event mmap support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]