[Freedreno] [PATCH] drm/msm/adreno/a5xx_debugfs: fix potential NULL pointer dereference

Gustavo A. R. Silva garsilva at embeddedor.com
Fri Feb 2 12:32:23 UTC 2018


_minor_ is being dereferenced before it is null checked, hence there
is a potential null pointer dereference. Fix this by moving the pointer
dereference after _minor_ has been null checked.

Fixes: 024ad8df763f ("drm/msm: add a5xx specific debugfs")
Signed-off-by: Gustavo A. R. Silva <garsilva at embeddedor.com>
---

I wonder if a better solution for this would be to WARN_ON in case _minor_
happens to be NULL and return -EINVAL, instead of just returning zero.

Something like:

struct drm_device *dev;

if (WARN_ON(!minor)
	return -EINVAL;

dev = minor->dev;

What do you think?

Thanks


 drivers/gpu/drm/msm/adreno/a5xx_debugfs.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/msm/adreno/a5xx_debugfs.c b/drivers/gpu/drm/msm/adreno/a5xx_debugfs.c
index 6b27941..059ec7d 100644
--- a/drivers/gpu/drm/msm/adreno/a5xx_debugfs.c
+++ b/drivers/gpu/drm/msm/adreno/a5xx_debugfs.c
@@ -159,13 +159,15 @@ DEFINE_SIMPLE_ATTRIBUTE(reset_fops, NULL, reset_set, "%llx\n");
 
 int a5xx_debugfs_init(struct msm_gpu *gpu, struct drm_minor *minor)
 {
-	struct drm_device *dev = minor->dev;
+	struct drm_device *dev;
 	struct dentry *ent;
 	int ret;
 
 	if (!minor)
 		return 0;
 
+	dev = minor->dev;
+
 	ret = drm_debugfs_create_files(a5xx_debugfs_list,
 			ARRAY_SIZE(a5xx_debugfs_list),
 			minor->debugfs_root, minor);
-- 
2.7.4



More information about the Freedreno mailing list