Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932559AbcKVRfz (ORCPT ); Tue, 22 Nov 2016 12:35:55 -0500 Received: from mail-yw0-f194.google.com ([209.85.161.194]:33932 "EHLO mail-yw0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932277AbcKVRfy (ORCPT ); Tue, 22 Nov 2016 12:35:54 -0500 MIME-Version: 1.0 In-Reply-To: <20161122173157.GD31595@intel.com> References: <20161122164106.31852-1-Liviu.Dudau@arm.com> <20161122165017.GC31595@intel.com> <20161122173157.GD31595@intel.com> From: Rob Clark Date: Tue, 22 Nov 2016 12:35:53 -0500 Message-ID: Subject: Re: [PATCH] drm: check for NULL parameter in exported drm_get_format_name() function. To: =?UTF-8?B?VmlsbGUgU3lyasOkbMOk?= Cc: Liviu Dudau , Jani Nikula , Daniel Vetter , Eric Engestrom , LKML , DRI devel Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by mail.home.local id uAMHa049015883 Content-Length: 2474 Lines: 74 On Tue, Nov 22, 2016 at 12:31 PM, Ville Syrjälä wrote: > On Tue, Nov 22, 2016 at 12:23:59PM -0500, Rob Clark wrote: >> On Tue, Nov 22, 2016 at 11:50 AM, Ville Syrjälä >> wrote: >> > On Tue, Nov 22, 2016 at 04:41:06PM +0000, Liviu Dudau wrote: >> >> drm_get_format_name() de-references the buf parameter without checking >> >> if the pointer was not NULL. Given that the function is EXPORT-ed, lets >> >> sanitise the parameters before proceeding. >> >> >> >> Fixes: b3c11ac267d461d3d5 ("drm: move allocation out of drm_get_format_name()) >> >> Cc: Eric Engestrom >> >> Cc: Rob Clark >> >> Cc: Jani Nikula >> >> Cc: Daniel Vetter >> >> >> >> Signed-off-by: Liviu Dudau >> >> --- >> >> drivers/gpu/drm/drm_fourcc.c | 3 +++ >> >> 1 file changed, 3 insertions(+) >> >> >> >> diff --git a/drivers/gpu/drm/drm_fourcc.c b/drivers/gpu/drm/drm_fourcc.c >> >> index 90d2cc8..0a3ff0b 100644 >> >> --- a/drivers/gpu/drm/drm_fourcc.c >> >> +++ b/drivers/gpu/drm/drm_fourcc.c >> >> @@ -85,6 +85,9 @@ EXPORT_SYMBOL(drm_mode_legacy_fb_format); >> >> */ >> >> const char *drm_get_format_name(uint32_t format, struct drm_format_name_buf *buf) >> >> { >> >> + if (!buf) >> >> + return NULL; >> >> + >> > >> > Seems rather pointless to me. Why would you ever pass NULL to this guy? >> >> perhaps BUG_ON(!buf)... > > And how does that differ from just buf->foo? it gets you a file and line # in the error splat.. not that drm_get_format_name() is such a big function that it would be difficult to decipher the null deref crash, but if we added anything it should be BUG_ON() to make it clear that passing null isn't a caller error. BR, -R >> >> BR, >> -R >> >> >> snprintf(buf->str, sizeof(buf->str), >> >> "%c%c%c%c %s-endian (0x%08x)", >> >> printable_char(format & 0xff), >> >> -- >> >> 2.10.2 >> >> >> >> _______________________________________________ >> >> dri-devel mailing list >> >> dri-devel@lists.freedesktop.org >> >> https://lists.freedesktop.org/mailman/listinfo/dri-devel >> > >> > -- >> > Ville Syrjälä >> > Intel OTC >> > _______________________________________________ >> > dri-devel mailing list >> > dri-devel@lists.freedesktop.org >> > https://lists.freedesktop.org/mailman/listinfo/dri-devel > > -- > Ville Syrjälä > Intel OTC