[COMMIT master] KVM: fix segment_base() error checking

Avi Kivity Thu, 25 Feb 2010 06:45:34 -0800

From: Gleb Natapov <g...@redhat.com>

fix segment_base() to properly check for null segment selector and
avoid accessing NULL pointer if ldt selector in null.


Signed-off-by: Gleb Natapov <g...@redhat.com>
Signed-off-by: Avi Kivity <a...@redhat.com>

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 5e20805..d5e8437 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -229,7 +229,7 @@ unsigned long segment_base(u16 selector)
        unsigned long table_base;
        unsigned long v;
 
-       if (selector == 0)
+       if (!(selector & ~3))
                return 0;
 
        native_store_gdt(&gdt);
@@ -238,6 +238,8 @@ unsigned long segment_base(u16 selector)
        if (selector & 4) {           /* from ldt */
                u16 ldt_selector = kvm_read_ldt();
 
+               if (!(ldt_selector & ~3))
+                       return 0;
                table_base = segment_base(ldt_selector);
        }
        d = (struct desc_struct *)(table_base + (selector & ~7));
--
To unsubscribe from this list: send the line "unsubscribe kvm-commits" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[COMMIT master] KVM: fix segment_base() error checking

Reply via email to