From 40144c099557ef8da1e819421f7df5f211a5622d Mon Sep 17 00:00:00 2001
From: eillon <yezhenyu2@huawei.com>
Date: Mon, 14 Feb 2022 15:42:43 +0800
Subject: [PATCH] seabios: add check to avoid dereference NULL pointer

alloc_find_lowest() may return NULL, check it.
---
 qemu.spec                                     |  6 +++-
 ...ck-to-avoid-dereference-NULL-pointer.patch | 36 +++++++++++++++++++
 2 files changed, 41 insertions(+), 1 deletion(-)
 create mode 100644 seabios-add-check-to-avoid-dereference-NULL-pointer.patch

diff --git a/qemu.spec b/qemu.spec
index fca91e3..e90e750 100644
--- a/qemu.spec
+++ b/qemu.spec
@@ -1,6 +1,6 @@
 Name: qemu
 Version: 6.2.0
-Release: 14
+Release: 15
 Epoch: 2
 Summary: QEMU is a generic and open source machine emulator and virtualizer
 License: GPLv2 and BSD and MIT and CC-BY-SA-4.0
@@ -168,6 +168,7 @@ Patch0155: qmp-add-command-to-query-used-memslots-of-vhost-net-.patch
 Patch0156: vhost-user-scsi-add-support-for-SPDK-hot-upgrade.patch
 Patch0157: i6300esb-watchdog-bugfix-Add-a-runstate-transition.patch
 Patch0158: bugfix-irq-Avoid-covering-object-refcount-of-qemu_ir.patch
+Patch0159: seabios-add-check-to-avoid-dereference-NULL-pointer.patch
 
 BuildRequires: flex
 BuildRequires: gcc
@@ -612,6 +613,9 @@ getent passwd qemu >/dev/null || \
 %endif
 
 %changelog
+* Mon Feb 14 2022 eillon <yezhenyu2@huawei.com>
+- seabios: add check to avoid dereference NULL pointer
+
 * Sat Feb 12 2022 Chen Qun <kuhn.chenqun@huawei.com>
 - bugfix: irq: Avoid covering object refcount of qemu_irq
 
diff --git a/seabios-add-check-to-avoid-dereference-NULL-pointer.patch b/seabios-add-check-to-avoid-dereference-NULL-pointer.patch
new file mode 100644
index 0000000..6c94c46
--- /dev/null
+++ b/seabios-add-check-to-avoid-dereference-NULL-pointer.patch
@@ -0,0 +1,36 @@
+From e6b133311a7a5a618b48c6f38e3c3bb9e9a395c9 Mon Sep 17 00:00:00 2001
+From: eillon <yezhenyu2@huawei.com>
+Date: Mon, 14 Feb 2022 15:35:28 +0800
+Subject: [PATCH] seabios: add check to avoid dereference NULL pointer
+
+alloc_find_lowest() may return NULL, check it.
+
+Signed-off-by: eillon <yezhenyu2@huawei.com>
+---
+ roms/seabios/src/malloc.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/roms/seabios/src/malloc.c b/roms/seabios/src/malloc.c
+index 5827a6523..99fa3b7e0 100644
+--- a/roms/seabios/src/malloc.c
++++ b/roms/seabios/src/malloc.c
+@@ -544,10 +544,12 @@ malloc_prepboot(void)
+ 
+     // Clear unused f-seg ram.
+     struct allocinfo_s *info = alloc_find_lowest(&ZoneFSeg);
+-    u32 size = info->range_end - info->range_start;
+-    memset(memremap(info->range_start, size), 0, size);
+-    dprintf(1, "Space available for UMB: %x-%x, %x-%x\n"
+-            , RomEnd, base, info->range_start, info->range_end);
++    if (info) {
++        u32 size = info->range_end - info->range_start;
++        memset(memremap(info->range_start, size), 0, size);
++        dprintf(1, "Space available for UMB: %x-%x, %x-%x\n"
++                , RomEnd, base, info->range_start, info->range_end);
++    }
+ 
+     // We should not give back unused high ram, to support some special
+     // guest OS, like oracle linux series.
+-- 
+2.27.0
+
-- 
Gitee