[Nouveau] [PATCH] bios: fix a potential NULL deref in the PROM shadowing function
Martin Peres
martin.peres at free.fr
Tue May 27 02:15:57 PDT 2014
Le 03/04/2014 22:12, Martin Peres a écrit :
> Reported-by: Dan Carpenter <dan.carpenter at oracle.com>
> Signed-off-by: Martin Peres <martin.peres at free.fr>
> ---
> nvkm/subdev/bios/base.c | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/nvkm/subdev/bios/base.c b/nvkm/subdev/bios/base.c
> index 3de7d81..5f8643d 100644
> --- a/nvkm/subdev/bios/base.c
> +++ b/nvkm/subdev/bios/base.c
> @@ -183,10 +183,11 @@ nouveau_bios_shadow_prom(struct nouveau_bios *bios)
> goto out;
>
> bios->data = kmalloc(bios->size, GFP_KERNEL);
> - if (bios->data) {
> - for (i = 0; i < bios->size; i += 4)
> - ((u32 *)bios->data)[i/4] = nv_rd32(bios, 0x300000 + i);
> - }
> + if (!bios->data)
> + goto out;
> +
> + for (i = 0; i < bios->size; i += 4)
> + ((u32 *)bios->data)[i/4] = nv_rd32(bios, 0x300000 + i);
>
> /* check the PCI record header */
> pcir = nv_ro16(bios, 0x0018);
>
This patch never got reviewed or pushed. It should also be sent as a fix
for the next 3.15 rc, if possible.
More information about the Nouveau
mailing list