From 0bdb8713be40abfe963d9ef625dbb67961068840 Mon Sep 17 00:00:00 2001
From: Randall Spangler <rspangler@chromium.org>
Date: Wed, 7 Mar 2018 21:06:15 -0800
Subject: [PATCH] crossystem: Fix null pointer dereference on VMs

Check the result of VbSharedDataRead() before dereferencing it.

BUG=chromium:789276,chromium:819695
BRANCH=none
TEST=make runtests

Change-Id: I1b1cc90bdc2fca61a9aad6b02e8b7e1f6a919797
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/954712
Commit-Ready: Keith Haddow <haddowk@chromium.org>
Reviewed-by: Keith Haddow <haddowk@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
---
 host/lib/crossystem.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/host/lib/crossystem.c b/host/lib/crossystem.c
index 38c9ed6ec9..148e793e93 100644
--- a/host/lib/crossystem.c
+++ b/host/lib/crossystem.c
@@ -104,7 +104,7 @@ int vb2_get_nv_storage(enum vb2_nv_param param)
 	/* TODO: locking around NV access */
 	if (!vnc_read) {
 		memset(&cached_ctx, 0, sizeof(cached_ctx));
-		if (sh->flags & VBSD_NVDATA_V2)
+		if (sh && sh->flags & VBSD_NVDATA_V2)
 			cached_ctx.flags |= VB2_CONTEXT_NVDATA_V2;
 		if (0 != vb2_read_nv_storage(&cached_ctx))
 			return -1;
@@ -126,7 +126,7 @@ int vb2_set_nv_storage(enum vb2_nv_param param, int value)
 
 	/* TODO: locking around NV access */
 	memset(&ctx, 0, sizeof(ctx));
-	if (sh->flags & VBSD_NVDATA_V2)
+	if (sh && sh->flags & VBSD_NVDATA_V2)
 		ctx.flags |= VB2_CONTEXT_NVDATA_V2;
 	if (0 != vb2_read_nv_storage(&ctx))
 		return -1;