Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1756161AbcKKO34 (ORCPT <rfc822;w@1wt.eu>);
        Fri, 11 Nov 2016 09:29:56 -0500
Received: from foss.arm.com ([217.140.101.70]:44458 "EHLO foss.arm.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751821AbcKKO3z (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 11 Nov 2016 09:29:55 -0500
Date: Fri, 11 Nov 2016 14:29:52 +0000
From: Liviu Dudau <liviu.dudau@arm.com>
To: Emil Velikov <emil.l.velikov@gmail.com>
Cc: Shailendra Verma <shailendra.v@samsung.com>, vidushi.koul@samsung.com,
        "Linux-Kernel@Vger. Kernel. Org" <linux-kernel@vger.kernel.org>,
        ML dri-devel <dri-devel@lists.freedesktop.org>,
        Mali DP Maintainers <malidp@foss.arm.com>,
        Shailendra Verma <shailendra.capricorn@gmail.com>
Subject: Re: [PATCH] Gpu: drm: arm: - Fix possible dereference of NULL
Message-ID: <20161111142952.GK10219@e106497-lin.cambridge.arm.com>
References: <1478853968-25169-1-git-send-email-shailendra.v@samsung.com>
 <20161111105601.GJ10219@e106497-lin.cambridge.arm.com>
 <CACvgo51RKA=paWQ+2xmRJjdKqBLs0MRcdRQpxup0ieAa5eSMFw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CACvgo51RKA=paWQ+2xmRJjdKqBLs0MRcdRQpxup0ieAa5eSMFw@mail.gmail.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1778
Lines: 55

On Fri, Nov 11, 2016 at 01:58:46PM +0000, Emil Velikov wrote:
> On 11 November 2016 at 10:56, Liviu Dudau <liviu.dudau@arm.com> wrote:
> > Hi Shailendra,
> >
> > On Fri, Nov 11, 2016 at 02:16:08PM +0530, Shailendra Verma wrote:
> >> From: "Shailendra Verma" <shailendra.v@samsung.com>
> >>
> >> There is possible dereference of NULL pointer if kmalloc fails.
> >
> > You could add: ... when the function returns. From the patch itself it is
> > not clear where the problem is.
> >
> As the function returns we have "return &state->base;" Since base is
> at offset 0 there will be no deref and the compiler will return NULL.
> Not sure if that's 100% legal, though.
> 
> >> ---
> >>  drivers/gpu/drm/arm/malidp_planes.c |    3 +++
> >>  1 file changed, 3 insertions(+)
> >>
> >> diff --git a/drivers/gpu/drm/arm/malidp_planes.c b/drivers/gpu/drm/arm/malidp_planes.c
> >> index 82c193e..f769398 100644
> >> --- a/drivers/gpu/drm/arm/malidp_planes.c
> >> +++ b/drivers/gpu/drm/arm/malidp_planes.c
> >> @@ -54,6 +54,9 @@ struct drm_plane_state *malidp_duplicate_plane_state(struct drm_plane *plane)
> >>               return NULL;
> >>
> >>       state = kmalloc(sizeof(*state), GFP_KERNEL);
> >> +     if (!state)
> >> +             return NULL;
> >> +
> >>       if (state) {
> Might want to drop this line - as-is things read quite weird ?

I've already done that in the patched that I've queued in my tree, I just need to push
it to the public tree.

... now if that server would be online when I need it .... :(

Best regards,
Liviu

> 
> Either way, not my driver - so don't read too much into the above ;-)
> Emil

-- 
====================
| I would like to |
| fix the world,  |
| but they're not |
| giving me the   |
 \ source code!  /
  ---------------
    ¯\_(ツ)_/¯