| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <8517da06-3010-4356-b5df-d9a14454feec@web.de> Date: Tue, 25 Jun 2024 15:43:37 +0200 From: Markus Elfring <Markus.Elfring@....de> To: Ma Ke <make24@...as.ac.cn>, nouveau@...ts.freedesktop.org, dri-devel@...ts.freedesktop.org, Daniel Vetter <daniel@...ll.ch>, Danilo Krummrich <dakr@...hat.com>, David Airlie <airlied@...il.com>, Karol Herbst <kherbst@...hat.com>, Lyude Paul <lyude@...hat.com> Cc: stable@...r.kernel.org, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes > In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is > assigned to mode, which will lead to a possible NULL pointer dereference > on failure of drm_mode_duplicate(). Add a check to avoid npd. Can a wording approach (like the following) be a better change description? A null pointer is stored in the local variable “mode” after a call of the function “drm_mode_duplicate” failed. This pointer was used in a subsequent statement where an undesirable dereference will be performed then. Thus add a corresponding return value check. > Cc: stable@...r.kernel.org Would you like to add the tag “Fixes” accordingly? How do you think about to use a summary phrase like “Prevent null pointer dereference in nv17_tv_get_ld_modes()”? Regards, Markus
Powered by blists - more mailing lists