From 0c7e59f01e7e0a7a05c4388b8f7f5e1e994d0e21 Mon Sep 17 00:00:00 2001
From: Yonghua Huang <yonghua.huang@intel.com>
Date: Thu, 11 Oct 2018 23:31:19 +0800
Subject: [PATCH] hv: fix NULL pointer dereference in
 "hcall_set_vm_memory_regions()"

'target_vm' returned from 'get_vm_from_vmid()' maybe NULL,
 passing to 'is_vm0()' without check.

Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
---
 hypervisor/common/hypercall.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hypervisor/common/hypercall.c b/hypervisor/common/hypercall.c
index f911a8b01..bd8eb33d1 100644
--- a/hypervisor/common/hypercall.c
+++ b/hypervisor/common/hypercall.c
@@ -535,6 +535,10 @@ int32_t hcall_set_vm_memory_regions(struct vm *vm, uint64_t param)
 	}
 
 	target_vm = get_vm_from_vmid(set_regions.vmid);
+	if (target_vm == NULL) {
+		return -EINVAL;
+	}
+
 	if (is_vm0(target_vm)) {
 		pr_err("%s: Targeting to service vm", __func__);
 		return -EFAULT;