Pointer nv_encoder could be dereferenced at nouveau_connector.c
in case it's equal to NULL by jumping to goto label.
This patch adds a NULL-check to avoid it.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 3195c5f9784a ("drm/nouveau: set encoder for lvds")
Signed-off-by: Natalia Petrova <[email protected]>
---
drivers/gpu/drm/nouveau/nouveau_connector.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c
index 43a9d1e1cf71..90ba6d0a9c80 100644
--- a/drivers/gpu/drm/nouveau/nouveau_connector.c
+++ b/drivers/gpu/drm/nouveau/nouveau_connector.c
@@ -729,7 +729,8 @@ nouveau_connector_detect_lvds(struct drm_connector *connector, bool force)
#endif
nouveau_connector_set_edid(nv_connector, edid);
- nouveau_connector_set_encoder(connector, nv_encoder);
+ if (nv_encoder)
+ nouveau_connector_set_encoder(connector, nv_encoder);
return status;
}
--
2.34.1
Nice catch!
Reviewed-by: Lyude Paul <[email protected]>
Will push upstream
On Fri, 2023-05-12 at 13:33 +0300, Natalia Petrova wrote:
> Pointer nv_encoder could be dereferenced at nouveau_connector.c
> in case it's equal to NULL by jumping to goto label.
> This patch adds a NULL-check to avoid it.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Fixes: 3195c5f9784a ("drm/nouveau: set encoder for lvds")
> Signed-off-by: Natalia Petrova <[email protected]>
> ---
> drivers/gpu/drm/nouveau/nouveau_connector.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c
> index 43a9d1e1cf71..90ba6d0a9c80 100644
> --- a/drivers/gpu/drm/nouveau/nouveau_connector.c
> +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c
> @@ -729,7 +729,8 @@ nouveau_connector_detect_lvds(struct drm_connector *connector, bool force)
> #endif
>
> nouveau_connector_set_edid(nv_connector, edid);
> - nouveau_connector_set_encoder(connector, nv_encoder);
> + if (nv_encoder)
> + nouveau_connector_set_encoder(connector, nv_encoder);
> return status;
> }
>
--
Cheers,
Lyude Paul (she/her)
Software Engineer at Red Hat