Here's another fix for a potential NULL-deref. x86cpuidFind can return NULL, yet this caller would dereference that pointer (via x86cpuidMatchMasked) without first checking. From: Jim Meyering <meyering(a)redhat.com&gt; Date: Mon, 17 May 2010 14:06:13 +0200 Subject: [PATCH] x86ModelHasFeature: avoid NULL-dereference for unmatched CPU "feature" * src/cpu/cpu_x86.c (x86ModelHasFeature): Do not dereference the pointer returned by x86cpuidFind without first ensuring it is non-NULL. --- src/cpu/cpu_x86.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c index 633eb69..f7473bf 100644 --- a/src/cpu/cpu_x86.c +++ b/src/cpu/cpu_x86.c @@ -602,31 +602,31 @@ x86ModelMergeFeature(struct x86_model *model, static bool x86ModelHasFeature(struct x86_model *model, const struct x86_feature *feature) { unsigned int i; struct cpuX86cpuid *cpuid; struct cpuX86cpuid *model_cpuid; if (feature == NULL) return false; for (i = 0; i < feature->ncpuid; i++) { cpuid = feature->cpuid + i; model_cpuid = x86cpuidFind(model->cpuid, model->ncpuid, cpuid->function); - if (!x86cpuidMatchMasked(model_cpuid, cpuid)) + if (!model_cpuid || !x86cpuidMatchMasked(model_cpuid, cpuid)) return false; } return true; } static struct x86_model * x86ModelFromCPU(const virCPUDefPtr cpu, const struct x86_map *map, int policy) { struct x86_model *model = NULL; int i; -- 1.7.1.250.g7d1e8