[EDT][PATCh 1/1]mdfld_dsi_pkg_sender.c : Fix Possible NULL Pointer dereference

[Maninder Singh]

EP-AA9D1F29B02341529D96C06444D8471D

Hi,

There is NULL pointer check for sender after dereferencing sender in __read_panel_data as below:-
struct drm_device *dev = sender->dev;
...
if (!sender || !data || !len)

And from codeflow

mdfld_dsi_get_panel_status --> mdfld_dsi_read_mcs  --> __read_panel_data 
In mdfld_dsi_get_panel_status  & mdfld_dsi_read_mcs there is already a same check.

-----------Cut------------
 if (!sender || !data || !len) {
        DRM_ERROR("Invalid parameters\n");
        return -EINVAL;
    }
return __read_panel_data(sender, MIPI_DSI_DCS_READ, &cmd, 1,
                data, len, hs);
--------------------Cut-----------
So either we can remove this check from __read_panel_data ,
or if we want to have defensive code then below change should be included.

Subject: [PATCH 1/1] mdfld_dsi_pkg_sender.c : Initialize dev struct after NULL check of sender

Signed-off-by: Maninder Singh <maninder1.s at samsung.com>
Reviewed-By: Vaneet Narang <v.narang at samsung.com>
---
 drivers/gpu/drm/gma500/mdfld_dsi_pkg_sender.c |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/drivers/gpu/drm/gma500/mdfld_dsi_pkg_sender.c b/drivers/gpu/drm/gma500/mdfld_dsi_pkg_sender.c
index 6b43ae3..6f2b2c9 100644
--- a/drivers/gpu/drm/gma500/mdfld_dsi_pkg_sender.c
+++ b/drivers/gpu/drm/gma500/mdfld_dsi_pkg_sender.c
@@ -520,7 +520,7 @@ static int __read_panel_data(struct mdfld_dsi_pkg_sender *sender, u8 data_type,
 			u8 *data, u16 len, u32 *data_out, u16 len_out, bool hs)
 {
 	unsigned long flags;
-	struct drm_device *dev = sender->dev;
+	struct drm_device *dev;
 	int i;
 	u32 gen_data_reg;
 	int retry = MDFLD_DSI_READ_MAX_COUNT;
@@ -530,6 +530,8 @@ static int __read_panel_data(struct mdfld_dsi_pkg_sender *sender, u8 data_type,
 		return -EINVAL;
 	}
 
+	dev = sender->dev;
+
 	/**
 	 * do reading.
 	 * 0) send out generic read request
-- 
1.7.1

Thanks
Maninder