drm_edid_read returns NULL on error, so feeding it directly into
drm_edid_duplicate may lead to NULL pointer dereference. Add a check to
guard this.
Fixes: 6a17b4d1b52f ("drm/bridge: ps8640: Add a cache for EDID")
Signed-off-by: Pin-yen Lin <[email protected]>
---
drivers/gpu/drm/bridge/parade-ps8640.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/drivers/gpu/drm/bridge/parade-ps8640.c b/drivers/gpu/drm/bridge/parade-ps8640.c
index cddbfe91f75e..b823e55650b1 100644
--- a/drivers/gpu/drm/bridge/parade-ps8640.c
+++ b/drivers/gpu/drm/bridge/parade-ps8640.c
@@ -543,6 +543,7 @@ static struct edid *ps8640_bridge_get_edid(struct drm_bridge *bridge,
struct drm_connector *connector)
{
struct ps8640 *ps_bridge = bridge_to_ps8640(bridge);
+ struct device *dev = &ps_bridge->page[PAGE0_DP_CNTL]->dev;
bool poweroff = !ps_bridge->pre_enabled;
if (!ps_bridge->edid) {
@@ -574,6 +575,11 @@ static struct edid *ps8640_bridge_get_edid(struct drm_bridge *bridge,
connector->state->state);
}
+ if (!ps_bridge->edid) {
+ dev_err(dev, "Failed to get EDID\n");
+ return NULL;
+ }
+
return drm_edid_duplicate(ps_bridge->edid);
}
--
2.40.0.348.gf938b09366-goog
Hi,
On Thu, Mar 23, 2023 at 8:59 PM Pin-yen Lin <[email protected]> wrote:
>
> drm_edid_read returns NULL on error, so feeding it directly into
> drm_edid_duplicate may lead to NULL pointer dereference. Add a check to
> guard this.
>
> Fixes: 6a17b4d1b52f ("drm/bridge: ps8640: Add a cache for EDID")
> Signed-off-by: Pin-yen Lin <[email protected]>
> ---
>
> drivers/gpu/drm/bridge/parade-ps8640.c | 6 ++++++
> 1 file changed, 6 insertions(+)
Given that the other patch just landed and this is a straightforward
fix, I'm not doing the customary "delay" before landing and I've
pushed this to drm-misc-next:
14aed8ea48e2 drm/bridge: ps8640: Return NULL immediately when EDID read fail
If someone else had extra feedback on this it could always be handled
in a followon patch.
-Doug
On Fri, Mar 24, 2023 at 4:59 AM Pin-yen Lin <[email protected]> wrote:
>
> drm_edid_read returns NULL on error, so feeding it directly into
> drm_edid_duplicate may lead to NULL pointer dereference. Add a check to
> guard this.
>
> Fixes: 6a17b4d1b52f ("drm/bridge: ps8640: Add a cache for EDID")
> Signed-off-by: Pin-yen Lin <[email protected]>
> ---
>
> drivers/gpu/drm/bridge/parade-ps8640.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/drivers/gpu/drm/bridge/parade-ps8640.c b/drivers/gpu/drm/bridge/parade-ps8640.c
> index cddbfe91f75e..b823e55650b1 100644
> --- a/drivers/gpu/drm/bridge/parade-ps8640.c
> +++ b/drivers/gpu/drm/bridge/parade-ps8640.c
> @@ -543,6 +543,7 @@ static struct edid *ps8640_bridge_get_edid(struct drm_bridge *bridge,
> struct drm_connector *connector)
> {
> struct ps8640 *ps_bridge = bridge_to_ps8640(bridge);
> + struct device *dev = &ps_bridge->page[PAGE0_DP_CNTL]->dev;
> bool poweroff = !ps_bridge->pre_enabled;
>
> if (!ps_bridge->edid) {
> @@ -574,6 +575,11 @@ static struct edid *ps8640_bridge_get_edid(struct drm_bridge *bridge,
> connector->state->state);
> }
>
> + if (!ps_bridge->edid) {
> + dev_err(dev, "Failed to get EDID\n");
> + return NULL;
> + }
> +
> return drm_edid_duplicate(ps_bridge->edid);
> }
>
> --
> 2.40.0.348.gf938b09366-goog
>
Reviewed-by: Robert Foss <[email protected]>