| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4ea5f2579f802e886eab057cc2635e91766ac45a.camel@mediatek.com>
Date: Mon, 12 Jun 2023 09:10:40 +0000
From: CK Hu (胡俊光) <ck.hu@...iatek.com>
To: Jason-JH Lin (林睿祥)
<Jason-JH.Lin@...iatek.com>,
"chunkuang.hu@...nel.org" <chunkuang.hu@...nel.org>,
"angelogioacchino.delregno@...labora.com"
<angelogioacchino.delregno@...labora.com>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Singo Chang (張興國)
<Singo.Chang@...iatek.com>,
"linux-mediatek@...ts.infradead.org"
<linux-mediatek@...ts.infradead.org>,
Jason-ch Chen (陳建豪)
<Jason-ch.Chen@...iatek.com>,
Shawn Sung (宋孝謙)
<Shawn.Sung@...iatek.com>,
Nancy Lin (林欣螢) <Nancy.Lin@...iatek.com>,
"dri-devel@...ts.freedesktop.org" <dri-devel@...ts.freedesktop.org>,
Project_Global_Chrome_Upstream_Group
<Project_Global_Chrome_Upstream_Group@...iatek.com>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>,
"matthias.bgg@...il.com" <matthias.bgg@...il.com>,
Rex-BC Chen (陳柏辰)
<Rex-BC.Chen@...iatek.com>
Subject: Re: [PATCH 5/5] drm/mediatek: Fix dereference before null check
Hi, Jason:
On Fri, 2023-04-07 at 14:46 +0800, Jason-JH.Lin wrote:
> Null-checking state suggests that it may be null, but it has already
> been dereferenced on drm_atomic_get_new_plane_state(state, plane).
>
> The parameter state will never be NULL currently, so just remove the
> state is NULL flow in this function.
>
> Signed-off-by: Jason-JH.Lin <jason-jh.lin@...iatek.com>
> Fixes: 5ddb0bd4ddc3 ("drm/atomic: Pass the full state to planes async
> atomic check and update")
> ---
> drivers/gpu/drm/mediatek/mtk_drm_plane.c | 9 ++-------
> 1 file changed, 2 insertions(+), 7 deletions(-)
>
> diff --git a/drivers/gpu/drm/mediatek/mtk_drm_plane.c
> b/drivers/gpu/drm/mediatek/mtk_drm_plane.c
> index a1337f386bbf..e14b2920d242 100644
> --- a/drivers/gpu/drm/mediatek/mtk_drm_plane.c
> +++ b/drivers/gpu/drm/mediatek/mtk_drm_plane.c
> @@ -103,8 +103,7 @@ static void mtk_drm_plane_destroy_state(struct
> drm_plane *plane,
> static int mtk_plane_atomic_async_check(struct drm_plane *plane,
> struct drm_atomic_state *state)
> {
> - struct drm_plane_state *new_plane_state =
> drm_atomic_get_new_plane_state(state,
> -
> plane);
> + struct drm_plane_state *new_plane_state =
> drm_atomic_get_new_plane_state(state, plane);
This is not related to this patch, so move to another patch.
Regards,
CK
> struct drm_crtc_state *crtc_state;
> int ret;
>
> @@ -122,11 +121,7 @@ static int mtk_plane_atomic_async_check(struct
> drm_plane *plane,
> if (ret)
> return ret;
>
> - if (state)
> - crtc_state = drm_atomic_get_existing_crtc_state(state,
> - new_pla
> ne_state->crtc);
> - else /* Special case for asynchronous cursor updates. */
> - crtc_state = new_plane_state->crtc->state;
> + crtc_state = drm_atomic_get_existing_crtc_state(state,
> new_plane_state->crtc);
>
> return drm_atomic_helper_check_plane_state(plane->state,
> crtc_state,
> DRM_PLANE_NO_SCALING
> ,
Powered by blists - more mailing lists