From: Peter Dinda <pdinda@northwestern.edu>
Date: Tue, 1 Sep 2015 19:11:36 +0000 (-0500)
Subject: Cleanup and sanity-checking of explicit null derefs (Coverity static analysis)
X-Git-Url: http://v3vee.org/palacios/gitweb/gitweb.cgi?p=palacios.git;a=commitdiff_plain;h=3e937e5468169b8183a22a90f6d07ff370abde0c

Cleanup and sanity-checking of explicit null derefs (Coverity static analysis)
---

diff --git a/palacios/src/palacios/mmu/vmm_shdw_pg_tlb_32pae.h b/palacios/src/palacios/mmu/vmm_shdw_pg_tlb_32pae.h
index d5e75a1..dd2f88b 100644
--- a/palacios/src/palacios/mmu/vmm_shdw_pg_tlb_32pae.h
+++ b/palacios/src/palacios/mmu/vmm_shdw_pg_tlb_32pae.h
@@ -73,7 +73,7 @@ static inline int handle_shadow_pagefault_32pae(struct guest_info * info, addr_t
     PrintDebug(info->vm_info, info, "32 bit PAE shadow paging page fault handler: %p\n", (void*)fault_addr);
     PrintDebug(info->vm_info, info, "Handling PDP fault\n");
     
-    if (v3_gpa_to_hva(info, guest_cr3, (addr_t*)guest_pdp) ==  -1) {
+    if (v3_gpa_to_hva(info, guest_cr3, (addr_t*)&guest_pdp) ==  -1) {
         PrintError(info->vm_info, info, "Invalid Guest PDPE Address: 0x%p\n", (void *)guest_cr3);
         return -1;
         
diff --git a/palacios/src/palacios/vmm.c b/palacios/src/palacios/vmm.c
index b0e973f..dbb1b8d 100644
--- a/palacios/src/palacios/vmm.c
+++ b/palacios/src/palacios/vmm.c
@@ -750,6 +750,8 @@ int v3_move_vm_mem(struct v3_vm_info * vm, void *gpa, int target_cpu) {
     }
 
     // Note, assumes virtual contiguity in the host OS... 
+    // A null deref here can only happen if the host does not provide the
+    // physical_to_virtual functions or if they do not work
     memcpy(V3_VAddr((void*)new_hpa), V3_VAddr((void*)(reg->host_addr)), num_pages*PAGE_SIZE);
 
     old_hpa = (void*)(reg->host_addr);
diff --git a/palacios/src/palacios/vmm_debug.c b/palacios/src/palacios/vmm_debug.c
index c2401e8..85bd8d2 100644
--- a/palacios/src/palacios/vmm_debug.c
+++ b/palacios/src/palacios/vmm_debug.c
@@ -406,17 +406,21 @@ void v3_print_backtrace(struct guest_info * core) {
 		tmp_ptr += 3; // pass over symbol type
 
 		if (sym_offset > rip_val) {
-		    char * end_ptr = strchr(sym_ptr, '\n');
-
-		    if (end_ptr) {
-			*end_ptr = 0; // null terminate symbol...
+		    if (sym_ptr) {
+			char * end_ptr = strchr(sym_ptr, '\n');
+			
+			if (end_ptr) {
+			    *end_ptr = 0; // null terminate symbol...
+			}
+			sym_name = sym_ptr;
+		    } else {
+			sym_name = NULL;
 		    }
-
-		    sym_name = sym_ptr;
 		    break;
 		}
 
 		sym_ptr = tmp_ptr;
+
 		{ 
 		    char * end_ptr2 = strchr(tmp_ptr, '\n');
 
diff --git a/palacios/src/palacios/vmm_mem.c b/palacios/src/palacios/vmm_mem.c
index ac91eeb..238fdc5 100644
--- a/palacios/src/palacios/vmm_mem.c
+++ b/palacios/src/palacios/vmm_mem.c
@@ -524,7 +524,7 @@ static struct v3_mem_region * get_next_mem_region( struct v3_vm_info * vm, uint1
     }
 
 
-    if (parent->guest_start > guest_addr) {
+    if (!parent || parent->guest_start > guest_addr) {
 	return parent;
     } else if (parent->guest_end < guest_addr) {
 	struct rb_node * node = &(parent->tree_node);