[PATCH] drm/komeda: Handle NULL pointer access code path in error case

Fri Nov 27 15:52:01 UTC 2020

On 27/11/2020 11:00, carsten.haitzler at foss.arm.com wrote:
> From: Carsten Haitzler <carsten.haitzler at arm.com>
> 
> komeda_component_get_old_state() technically can return a NULL
> pointer. komeda_compiz_set_input() even warns when this happens, but
> then proceeeds to use that NULL pointer tocompare memory content there
> agains the new sate to see if it changed. In this case, it's better to
> assume that the input changed as there is no old state to compare
> against and thus assume the changes happen anyway.
> 
> Signed-off-by: Carsten Haitzler <carsten.haitzler at arm.com>
> ---
>   drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c | 3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c
> index 8f32ae7c25d0..e8b1e15312d8 100644
> --- a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c
> +++ b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c
> @@ -707,7 +707,8 @@ komeda_compiz_set_input(struct komeda_compiz *compiz,
>   	WARN_ON(!old_st);
>   
>   	/* compare with old to check if this input has been changed */
> -	if (memcmp(&(to_compiz_st(old_st)->cins[idx]), cin, sizeof(*cin)))
> +	if (!old_st ||
> +	    memcmp(&(to_compiz_st(old_st)->cins[idx]), cin, sizeof(*cin)))
>   		c_st->changed_active_inputs |= BIT(idx);

Even better, you can move the WARN_ON into the if:

	if (WARN_ON(!old_st) || ...

Either way:

Reviewed-by: Steven Price <steven.price at arm.com>

Steve

>   
>   	komeda_component_add_input(c_st, &dflow->input, idx);
> 