On Tue, Feb 10, 2026 at 12:24:36PM +0100, Oliver Steffen wrote:
According to the documentation we are supposed to do a null-pointer
check on the buffers returned by igvm_get_buffer() (part of the IGVM C
library).
Add these checks in the IGVM backend.
Signed-off-by: Oliver Steffen <[email protected]>
---
backends/igvm.c | 86 ++++++++++++++++++++++++++++++++-----------------
1 file changed, 56 insertions(+), 30 deletions(-)
diff --git a/backends/igvm.c b/backends/igvm.c
index b01a19ba46..049cb36891 100644
--- a/backends/igvm.c
+++ b/backends/igvm.c
@@ -152,9 +152,17 @@ static int qigvm_handler(QIgvm *ctx, uint32_t type, Error
**errp)
(int)header_handle);
return -1;
}
- header_data = igvm_get_buffer(ctx->file, header_handle) +
- sizeof(IGVM_VHS_VARIABLE_HEADER);
- result = handlers[handler].handler(ctx, header_data, errp);
+ header_data = igvm_get_buffer(ctx->file, header_handle);
+ if (header_data != NULL) {
+ header_data += sizeof(IGVM_VHS_VARIABLE_HEADER);
+ result = handlers[handler].handler(ctx, header_data, errp);
+ } else {
+ error_setg(errp,
+ "IGVM: No buffer for handle %d: "
+ "(type 0x%X)",
+ header_handle, type);
+ result = -1;
+ }
igvm_free_buffer(ctx->file, header_handle);
return result;
}
@@ -316,7 +324,13 @@ static int qigvm_process_mem_region(QIgvm *ctx, unsigned
start_index,
return -1;
}
data = igvm_get_buffer(ctx->file, data_handle);
- memcpy(®ion[page_index * page_size], data, data_size);
+ if (data != NULL) {
+ memcpy(®ion[page_index * page_size], data, data_size);
+ } else {
+ error_setg(errp, "IGVM: No buffer for handle %d: ",
data_handle);
+ igvm_free_buffer(ctx->file, data_handle);
+ return -1;
+ }
igvm_free_buffer(ctx->file, data_handle);
}
}
@@ -426,6 +440,11 @@ static int qigvm_directive_vp_context(QIgvm *ctx, const
uint8_t *header_data,
}
data = (uint8_t *)igvm_get_buffer(ctx->file, data_handle);
+ if (data == NULL) {
+ error_setg(errp, "IGVM: No buffer for handle %d: ", data_handle);
+ result = -1;
+ goto exit;
+ }
if (ctx->machine_state->cgs) {
result = ctx->cgsc->set_guest_state(
@@ -441,6 +460,7 @@ static int qigvm_directive_vp_context(QIgvm *ctx, const
uint8_t *header_data,
result = -1;
}
+exit:
igvm_free_buffer(ctx->file, data_handle);
if (result < 0) {
return result;
@@ -778,33 +798,39 @@ static int qigvm_supported_platform_compat_mask(QIgvm
*ctx, Error **errp)
}
platform =
(IGVM_VHS_SUPPORTED_PLATFORM *)(igvm_get_buffer(ctx->file,
- header_handle)
+
- sizeof(
- IGVM_VHS_VARIABLE_HEADER));
- if ((platform->platform_type == IGVM_PLATFORM_TYPE_SEV_ES) &&
- ctx->machine_state->cgs) {
- if (ctx->cgsc->check_support(
- CGS_PLATFORM_SEV_ES, platform->platform_version,
- platform->highest_vtl, platform->shared_gpa_boundary))
{
- compatibility_mask_sev_es = platform->compatibility_mask;
- }
- } else if ((platform->platform_type == IGVM_PLATFORM_TYPE_SEV) &&
- ctx->machine_state->cgs) {
- if (ctx->cgsc->check_support(
- CGS_PLATFORM_SEV, platform->platform_version,
- platform->highest_vtl, platform->shared_gpa_boundary))
{
- compatibility_mask_sev = platform->compatibility_mask;
+
header_handle));
+ if (platform != NULL) {
on a second thought: if you have to send a v2, what about reversing
if and else? With an early return, we can remove the else clause entirely.
+ platform = (IGVM_VHS_SUPPORTED_PLATFORM *)((void *)platform
+ +
sizeof(IGVM_VHS_VARIABLE_HEADER));
+ if ((platform->platform_type == IGVM_PLATFORM_TYPE_SEV_ES) &&
+ ctx->machine_state->cgs) {
+ if (ctx->cgsc->check_support(
+ CGS_PLATFORM_SEV_ES, platform->platform_version,
+ platform->highest_vtl,
platform->shared_gpa_boundary)) {
+ compatibility_mask_sev_es =
platform->compatibility_mask;
+ }
+ } else if ((platform->platform_type == IGVM_PLATFORM_TYPE_SEV)
&&
+ ctx->machine_state->cgs) {
+ if (ctx->cgsc->check_support(
+ CGS_PLATFORM_SEV, platform->platform_version,
+ platform->highest_vtl,
platform->shared_gpa_boundary)) {
+ compatibility_mask_sev = platform->compatibility_mask;
+ }
+ } else if ((platform->platform_type ==
+ IGVM_PLATFORM_TYPE_SEV_SNP) &&
+ ctx->machine_state->cgs) {
+ if (ctx->cgsc->check_support(
+ CGS_PLATFORM_SEV_SNP, platform->platform_version,
+ platform->highest_vtl,
platform->shared_gpa_boundary)) {
+ compatibility_mask_sev_snp =
platform->compatibility_mask;
+ }
+ } else if (platform->platform_type ==
IGVM_PLATFORM_TYPE_NATIVE) {
+ compatibility_mask = platform->compatibility_mask;
}
- } else if ((platform->platform_type ==
- IGVM_PLATFORM_TYPE_SEV_SNP) &&
- ctx->machine_state->cgs) {
- if (ctx->cgsc->check_support(
- CGS_PLATFORM_SEV_SNP, platform->platform_version,
- platform->highest_vtl, platform->shared_gpa_boundary))
{
- compatibility_mask_sev_snp = platform->compatibility_mask;
- }
- } else if (platform->platform_type == IGVM_PLATFORM_TYPE_NATIVE) {
- compatibility_mask = platform->compatibility_mask;
+ } else {
+ error_setg(errp, "IGVM: No buffer for handle %d: ",
header_handle);
+ igvm_free_buffer(ctx->file, header_handle);
+ return -1;
}
igvm_free_buffer(ctx->file, header_handle);
}
--
2.53.0
