[PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes
Lyude Paul
lyude at redhat.com
Tue Jun 25 19:11:41 UTC 2024
Reviewed-by: Lyude Paul <lyude at redhat.com>
I will push this and the other patch that you sent upstream in just a
moment, thanks!
On Tue, 2024-06-25 at 16:10 +0800, Ma Ke wrote:
> In nv17_tv_get_hd_modes(), the return value of drm_mode_duplicate()
> is
> assigned to mode, which will lead to a possible NULL pointer
> dereference
> on failure of drm_mode_duplicate(). The same applies to
> drm_cvt_mode().
> Add a check to avoid null pointer dereference.
>
> Cc: stable at vger.kernel.org
> Signed-off-by: Ma Ke <make24 at iscas.ac.cn>
> ---
> drivers/gpu/drm/nouveau/dispnv04/tvnv17.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
> b/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
> index 670c9739e5e1..9c3dc9a5bb46 100644
> --- a/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
> +++ b/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
> @@ -258,6 +258,8 @@ static int nv17_tv_get_hd_modes(struct
> drm_encoder *encoder,
> if (modes[i].hdisplay == output_mode->hdisplay &&
> modes[i].vdisplay == output_mode->vdisplay) {
> mode = drm_mode_duplicate(encoder->dev,
> output_mode);
> + if (!mode)
> + continue;
> mode->type |= DRM_MODE_TYPE_PREFERRED;
>
> } else {
> @@ -265,6 +267,8 @@ static int nv17_tv_get_hd_modes(struct
> drm_encoder *encoder,
> modes[i].vdisplay, 60,
> false,
> (output_mode->flags &
>
> DRM_MODE_FLAG_INTERLACE), false);
> + if (!mode)
> + continue;
> }
>
> /* CVT modes are sometimes unsuitable... */
--
Cheers,
Lyude Paul (she/her)
Software Engineer at Red Hat
More information about the dri-devel
mailing list