[Intel-gfx] [PATCH 2/4] drm/i915: Fix possible null dereference in two debugfs functions

[Chris Wilson]

On Thu, Nov 19, 2015 at 04:57:29PM +0530, Namrta Salonie wrote:
> Found by static code analysis tool.
> 
> Signed-off-by: Namrta Salonie <namrta.salonie at intel.com>
> Signed-off-by: Deepak S <deepak.s at intel.com>
> ---
>  drivers/gpu/drm/i915/i915_debugfs.c |   19 +++++++++++++++----
>  1 file changed, 15 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/gpu/drm/i915/i915_debugfs.c b/drivers/gpu/drm/i915/i915_debugfs.c
> index a3b22bd..d1719e9 100644
> --- a/drivers/gpu/drm/i915/i915_debugfs.c
> +++ b/drivers/gpu/drm/i915/i915_debugfs.c
> @@ -1873,6 +1873,9 @@ static int i915_gem_framebuffer_info(struct seq_file *m, void *data)
>  	struct drm_i915_private *dev_priv = dev->dev_private;
>  
>  	ifbdev = dev_priv->fbdev;
> +	if (!ifbdev)

Just insert a block.

> @@ -3868,12 +3872,19 @@ static int pipe_crc_set_source(struct drm_device *dev, enum pipe pipe,
>  			       enum intel_pipe_crc_source source)
>  {
>  	struct drm_i915_private *dev_priv = dev->dev_private;
> -	struct intel_pipe_crc *pipe_crc = &dev_priv->pipe_crc[pipe];
> -	struct intel_crtc *crtc = to_intel_crtc(intel_get_crtc_for_pipe(dev,
> -									pipe));
> +	struct intel_pipe_crc *pipe_crc;
> +	struct intel_crtc *crtc;
>  	u32 val = 0; /* shut up gcc */
>  	int ret;
>  
> +	if ((pipe < PIPE_A) || (pipe >= I915_MAX_PIPES))
> +		return -EINVAL;

See display_crc_ctl_parse_pipe()
-Chris

-- 
Chris Wilson, Intel Open Source Technology Centre