[PATCH] drm/amdgpu: fix a possible null pointer dereference
Joshua Ashton
joshua at froggi.es
Sun Jun 23 12:22:09 UTC 2024
Maybe that wasn't you or whatever, but your last patch that did this got
some CVE assigned to it that didn't really make any sense, given this is
just a null deref that'd end up as an oops?
It can only happen if the kzalloc in drm_mode_create fails.
I imagine that the `continue` is not the best cause of action anyway,
it's probably not worth adding some broken connector with a bunch of
missing modes.
It's just going to make things appear more broken and be unexpected to
userspace.
Maybe this is some new thing that we do now I am out of the loop on...
- Joshie 🐸✨
On 6/23/24 10:20 AM, Joshua Ashton wrote:
> Are you planning on submitting a bogus CVE for this patch too?
>
> - Joshie 🐸✨
>
> On June 22, 2024 9:22:19 AM GMT+01:00, Ma Ke <make24 at iscas.ac.cn> wrote:
>> In amdgpu_connector_add_common_modes(), the return value of drm_cvt_mode()
>> is assigned to mode, which will lead to a NULL pointer dereference on
>> failure of drm_cvt_mode(). Add a check to avoid npd.
>>
>> Signed-off-by: Ma Ke <make24 at iscas.ac.cn>
>> ---
>> drivers/gpu/drm/amd/amdgpu/amdgpu_connectors.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_connectors.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_connectors.c
>> index 9caba10315a8..6cf946adb6fe 100644
>> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_connectors.c
>> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_connectors.c
>> @@ -458,6 +458,8 @@ static void amdgpu_connector_add_common_modes(struct drm_encoder *encoder,
>> continue;
>>
>> mode = drm_cvt_mode(dev, common_modes[i].w, common_modes[i].h, 60, false, false, false);
>> + if (!mode)
>> + continue;
>> drm_mode_probed_add(connector, mode);
>> }
>> }
More information about the amd-gfx
mailing list