If mdp5_cfg_init fails because of an unknown major version, a null pointer
dereference occurs. This is because the caller of init expects error
pointers, but init returns NULL on error. Fix this by returning the
expected values on error.
Fixes: 2e362e1772b8 (drm/msm/mdp5: introduce mdp5_cfg module)
Signed-off-by: Jeffrey Hugo <[email protected]>
---
drivers/gpu/drm/msm/disp/mdp5/mdp5_cfg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/msm/disp/mdp5/mdp5_cfg.c b/drivers/gpu/drm/msm/disp/mdp5/mdp5_cfg.c
index ea8f7d7daf7f..52e23780fce1 100644
--- a/drivers/gpu/drm/msm/disp/mdp5/mdp5_cfg.c
+++ b/drivers/gpu/drm/msm/disp/mdp5/mdp5_cfg.c
@@ -721,7 +721,7 @@ struct mdp5_cfg_handler *mdp5_cfg_init(struct mdp5_kms *mdp5_kms,
if (cfg_handler)
mdp5_cfg_destroy(cfg_handler);
- return NULL;
+ return ERR_PTR(ret);
}
static struct mdp5_cfg_platform *mdp5_get_config(struct platform_device *dev)
--
2.17.1
On Wed 01 May 09:14 PDT 2019, Jeffrey Hugo wrote:
> If mdp5_cfg_init fails because of an unknown major version, a null pointer
> dereference occurs. This is because the caller of init expects error
> pointers, but init returns NULL on error. Fix this by returning the
> expected values on error.
>
> Fixes: 2e362e1772b8 (drm/msm/mdp5: introduce mdp5_cfg module)
Reviewed-by: Bjorn Andersson <[email protected]>
> Signed-off-by: Jeffrey Hugo <[email protected]>
> ---
> drivers/gpu/drm/msm/disp/mdp5/mdp5_cfg.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/msm/disp/mdp5/mdp5_cfg.c b/drivers/gpu/drm/msm/disp/mdp5/mdp5_cfg.c
> index ea8f7d7daf7f..52e23780fce1 100644
> --- a/drivers/gpu/drm/msm/disp/mdp5/mdp5_cfg.c
> +++ b/drivers/gpu/drm/msm/disp/mdp5/mdp5_cfg.c
> @@ -721,7 +721,7 @@ struct mdp5_cfg_handler *mdp5_cfg_init(struct mdp5_kms *mdp5_kms,
> if (cfg_handler)
> mdp5_cfg_destroy(cfg_handler);
>
> - return NULL;
> + return ERR_PTR(ret);
> }
>
> static struct mdp5_cfg_platform *mdp5_get_config(struct platform_device *dev)
> --
> 2.17.1
>