2023-12-11 14:44:32

by Chun-Kuang Hu

Subject: Re: [PATCH 1/1] drm/mediatek: Fix access violation in mtk_drm_crtc_dma_dev_get

Hi, Stuart:

Stuart Lee <[email protected]> 於 2023年11月10日 週五 上午9:29寫道：
>
> Add error handling to check NULL input in
> mtk_drm_crtc_dma_dev_get function.
>
> While display path is not configured correctly, none of crtc is
> established. So the caller of mtk_drm_crtc_dma_dev_get may pass
> input parameter *crtc as NULL, Which may cause coredump when
> we try to get the container of NULL pointer.

Applied to mediatek-drm-fixes [1], thanks.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/chunkuang.hu/linux.git/log/?h=mediatek-drm-fixes

Regards,
Chun-Kuang.

>
> Fixes: cb1d6bcca542 ("drm/mediatek: Add dma dev get function")
> Signed-off-by: Stuart Lee <[email protected]>
> Cc: [email protected]
> ---
> drivers/gpu/drm/mediatek/mtk_drm_crtc.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/mediatek/mtk_drm_crtc.c b/drivers/gpu/drm/mediatek/mtk_drm_crtc.c
> index c277b9fae950..047c9a31d306 100644
> --- a/drivers/gpu/drm/mediatek/mtk_drm_crtc.c
> +++ b/drivers/gpu/drm/mediatek/mtk_drm_crtc.c
> @@ -921,7 +921,14 @@ static int mtk_drm_crtc_init_comp_planes(struct drm_device *drm_dev,
>
> struct device *mtk_drm_crtc_dma_dev_get(struct drm_crtc *crtc)
> {
> - struct mtk_drm_crtc *mtk_crtc = to_mtk_crtc(crtc);
> + struct mtk_drm_crtc *mtk_crtc = NULL;
> +
> + if (!crtc)
> + return NULL;
> +
> + mtk_crtc = to_mtk_crtc(crtc);
> + if (!mtk_crtc)
> + return NULL;
>
> return mtk_crtc->dma_dev;
> }
> --
> 2.18.0
>