[PATCH libdrm] intel: avoid null pointer dereference
Eric Engestrom
eric.engestrom at imgtec.com
Fri Feb 3 10:57:05 UTC 2017
On Thursday, 2017-02-02 23:57:29 +0100, Thomas Hindoe Paaboel Andersen wrote:
> Introduced in 028715ee
>
> Move the dereference after the null check.
Fixes: 028715ee707469189505 ("intel: Avoid the need for most overflow
checks by using a scratch page.")
Reviewed-by: Eric Engestrom <eric.engestrom at imgtec.com>
> ---
> intel/intel_decode.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/intel/intel_decode.c b/intel/intel_decode.c
> index 803d202..2721ffd 100644
> --- a/intel/intel_decode.c
> +++ b/intel/intel_decode.c
> @@ -3899,7 +3899,7 @@ drm_intel_decode(struct drm_intel_decode *ctx)
> int ret;
> unsigned int index = 0;
> uint32_t devid;
> - int size = ctx->base_count * 4;
> + int size;
> void *temp;
>
> if (!ctx)
> @@ -3909,6 +3909,7 @@ drm_intel_decode(struct drm_intel_decode *ctx)
> * the batchbuffer. This lets us avoid a bunch of length
> * checking in statically sized packets.
> */
> + size = ctx->base_count * 4;
> temp = malloc(size + 4096);
> memcpy(temp, ctx->base_data, size);
> memset((char *)temp + size, 0xd0, 4096);
> --
> 2.9.3
>
More information about the dri-devel
mailing list