[PATCH 09/16] drm/amd/display: Guard against invalid array access

[Qingqing Zhuo]

From: Aric Cyr <aric.cyr at amd.com>

[Why]
There are scenarios where no OPP is assigned to an OTG so its value is
0xF which is outside the size of the OPP array causing a potential
driver crash.

[How]
Change the assert to an early return to guard against access.  If
there's no OPP assigned already, then OTG will be blank anyways so no
functionality should be lost.

Signed-off-by: Aric Cyr <aric.cyr at amd.com>
Reviewed-by: Zhan Liu <Zhan.Liu at amd.com>
Acked-by: Qingqing Zhuo <qingqing.zhuo at amd.com>
---
 drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c b/drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c
index 26cac587c56b..223e314d26b4 100644
--- a/drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c
+++ b/drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hwseq.c
@@ -291,12 +291,20 @@ void dcn20_init_blank(
 
 	/* get the OPTC source */
 	tg->funcs->get_optc_source(tg, &num_opps, &opp_id_src0, &opp_id_src1);
-	ASSERT(opp_id_src0 < dc->res_pool->res_cap->num_opp);
+
+	if (opp_id_src0 >= dc->res_pool->res_cap->num_opp) {
+		ASSERT(false);
+		return;
+	}
 	opp = dc->res_pool->opps[opp_id_src0];
 
 	if (num_opps == 2) {
 		otg_active_width = otg_active_width / 2;
-		ASSERT(opp_id_src1 < dc->res_pool->res_cap->num_opp);
+
+		if (opp_id_src1 >= dc->res_pool->res_cap->num_opp) {
+			ASSERT(false);
+			return;
+		}
 		bottom_opp = dc->res_pool->opps[opp_id_src1];
 	}
 
-- 
2.17.1