Question about possible NULL Pointer Dereference in hx83102_get_modes()
Maxime Ripard
mripard at kernel.org
Thu Oct 10 07:31:49 UTC 2024
Hi,
On Wed, Oct 09, 2024 at 02:38:22PM GMT, Zichen Xie wrote:
> Dear Developers for DRM PANEL DRIVERS,
>
> We are developing a static analyzer for Linux Kernel, and we are
> curious about the function drm_mode_duplicate() in
> hx83102_get_modes().
> https://elixir.bootlin.com/linux/v6.12-rc2/source/drivers/gpu/drm/panel/panel-himax-hx83102.c#L567
>
> ```
>
> struct drm_display_mode *mode;
>
> mode = drm_mode_duplicate(connector->dev, m);
>
> mode->type = DRM_MODE_TYPE_DRIVER | DRM_MODE_TYPE_PREFERRED;
>
> ```
>
> drm_mode_duplicate() will return NULL if it fails to allocate memory,
> so NULL check is necessary for this function.
> Directly accessing 'mode->type' may lead to NULL Pointer Dereference.
Yes and no. drm_mode_create uses kzalloc to create the new mode
structure, and any kmalloc (GFP, really) allocations below 8 pages
cannot fail.
So, from an API standpoint, you're right. From a practical one, it won't
change anything.
Maxime
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 273 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/dri-devel/attachments/20241010/0436d68c/attachment.sig>
More information about the dri-devel
mailing list