Received: by 2002:a05:7412:98c1:b0:fa:551:50a7 with SMTP id kc1csp383561rdb; Fri, 5 Jan 2024 13:13:54 -0800 (PST) X-Google-Smtp-Source: AGHT+IGHGomWgP0nFFSlrGMM3nluGfJlNPbeS1q+eilRv7GwsB7Q0OGpiYalS1PcPRpKXE1pio1v X-Received: by 2002:a05:620a:6406:b0:781:560e:9027 with SMTP id pz6-20020a05620a640600b00781560e9027mr1286qkn.156.1704489233838; Fri, 05 Jan 2024 13:13:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704489233; cv=none; d=google.com; s=arc-20160816; b=VsdKUGWwBlET9jyQvADQ5MJVQfFDjXNLfVwpXIL5il/kGsn7tnuuMY5oV8JUeU1bCk KrhiGkV/035TQZYhYN2q9lYEuPhcZ9d3kasiKDakzYf0xWZJPl5y0sqDFASHTzRH61/4 w9nE2211WD+puazC/R6PBSPVVu5wHuViqk3j6FpWA/x1oQqCT2BrqL79swsmsPFopp3P d+CaiEtjrL7mgenz7RcWWEnbfAikBNdPjIxK8OrVKO6y50JumT8eijv4RLePtwVDsVtz o3idEe/vB+1iFGg3YK9ezmGoUEzmow9asdN3p/MO9JRs9no0P8ss9ph+oTdFur9zp2zN 9pkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:content-language:in-reply-to:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature:dkim-filter; bh=FlEa4522VZdZ1YxHNtrr3RlZjAu47jub/SKcUbhgne0=; fh=lw4Yk9rMLnVKvQQtxUHiO7CIzRVSaV/QkZT52WRxIos=; b=UcJ66tgfh7sOqbvTEKmlwJK/vVUGIDO8+V+NUxeV4LALg02se/hhp/f93M3DfkDif3 ykLHw/yU9ePaA0gJ+71F15Zj7MoVQQ2gjPR8cwNGeIjku848qNlQLwNq9G1aNqrWFZUH ab3fW6Fi4DBVh/O1mHs2dtRPze9e4z/kjQ1mXvN4/GGS9Mc0WRfCrkmfaXxlKUQCe/3L bWhdCZPFrizUYDCnYlWHawxs+7rK90DQ//l5bZLQSKjitEQHcKUFbE3XiwAu+dekXv+D rqENlLgHGe1CwojATkD0IehrWKSuw86JrsCdP9T2OvYOnfRSOcXWqnuLvsGBaWBdKFs5 s0QA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ispras.ru header.s=default header.b=elURLvWM; spf=pass (google.com: domain of linux-kernel+bounces-18360-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-18360-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ispras.ru Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id d30-20020a05620a205e00b00781d394544fsi2504365qka.714.2024.01.05.13.13.53 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jan 2024 13:13:53 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-18360-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@ispras.ru header.s=default header.b=elURLvWM; spf=pass (google.com: domain of linux-kernel+bounces-18360-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-18360-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ispras.ru Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 8C0291C2371D for ; Fri, 5 Jan 2024 21:13:53 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B1E022E3E8; Fri, 5 Jan 2024 21:13:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=ispras.ru header.i=@ispras.ru header.b="elURLvWM" X-Original-To: linux-kernel@vger.kernel.org Received: from mail.ispras.ru (mail.ispras.ru [83.149.199.84]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 61C8735890 for ; Fri, 5 Jan 2024 21:13:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=ispras.ru Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=ispras.ru Received: from [192.168.1.114] (unknown [185.145.125.130]) by mail.ispras.ru (Postfix) with ESMTPSA id A64A440F1DF8; Fri, 5 Jan 2024 21:13:28 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 mail.ispras.ru A64A440F1DF8 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ispras.ru; s=default; t=1704489208; bh=FlEa4522VZdZ1YxHNtrr3RlZjAu47jub/SKcUbhgne0=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=elURLvWM2R+W2sXvbnDz4yjHrY16N8IpFq79W7EMGRzvJoEc8dMrCRctSn9sjd0+U /woxhCucAlP8rtdCMojyX0PLD0O7WYXL1/+YZoyTSc244W6+kLdA4+9UngmQis0J9r 3gDjd+wITq/RuM4RGxvSF+N+t0Nj6UZ/ClSeD2HE= Subject: Re: [PATCH] tvnv17.c: Adding a NULL pointer check. To: Andrey Shumilin , Karol Herbst Cc: Lyude Paul , Danilo Krummrich , David Airlie , Daniel Vetter , Maxime Ripard , Thomas Zimmermann , =?UTF-8?Q?Noralf_Tr=c3=b8nnes?= , Jani Nikula , dri-devel@lists.freedesktop.org, nouveau@lists.freedesktop.org, linux-kernel@vger.kernel.org, "lvc-project@linuxtesting.org" References: <20231116065159.37876-1-shum.sdl@nppct.ru> From: Alexey Khoroshilov Message-ID: <5609ce98-9bbb-29f4-0c4c-a4d3654152f7@ispras.ru> Date: Fri, 5 Jan 2024 21:33:07 +0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 In-Reply-To: <20231116065159.37876-1-shum.sdl@nppct.ru> Content-Type: text/plain; charset=utf-8 Content-Language: ru-RU Content-Transfer-Encoding: 7bit > Subject: tvnv17.c: Adding a NULL pointer check. As $ git log --oneline drivers/gpu/drm/nouveau/dispnv04/tvnv17.c 874ee2d67fc9 drm/nouveau: Remove unnecessary include statements for drm_crtc_helper.h 80ed86d4b6d7 drm/connector: Rename drm_mode_create_tv_properties 1fd4a5a36f9f drm/connector: Rename legacy TV property 09838c4efe9a drm/nouveau/kms: Search for encoders' connectors properly 2574c809d7c0 drm/nouveau/kms/nv04-nv4x: Use match_string() helper to simplify the code ... shows, a better prefix should be drm/nouveau: and there should not be a dot at the end. e.g. drm/nouveau: Avoid NPE in nv17_tv_get_XX_modes() On 16.11.2023 09:51, Andrey Shumilin wrote: > It is possible to dereference a null pointer if drm_mode_duplicate() returns NULL. I would suggest to add a little bit more details: drm_mode_duplicate() may return NULL in case of error, e.g. if memory allocation fails. It leads to NULL pointer dereference in nv17_tv_get_ld_modes() and nv17_tv_get_hd_modes(), since they do not check if drm_mode_duplicate() succeeds. Otherwise, looks good. Reviewed-by: Alexey Khoroshilov > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > Signed-off-by: Andrey Shumilin > --- > drivers/gpu/drm/nouveau/dispnv04/tvnv17.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c b/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c > index 670c9739e5e1..1f0c5f4a5fd2 100644 > --- a/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c > +++ b/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c > @@ -209,7 +209,8 @@ static int nv17_tv_get_ld_modes(struct drm_encoder *encoder, > struct drm_display_mode *mode; > > mode = drm_mode_duplicate(encoder->dev, tv_mode); > - > + if (mode == NULL) > + continue; > mode->clock = tv_norm->tv_enc_mode.vrefresh * > mode->htotal / 1000 * > mode->vtotal / 1000; > @@ -258,6 +259,8 @@ static int nv17_tv_get_hd_modes(struct drm_encoder *encoder, > if (modes[i].hdisplay == output_mode->hdisplay && > modes[i].vdisplay == output_mode->vdisplay) { > mode = drm_mode_duplicate(encoder->dev, output_mode); > + if (mode == NULL) > + continue; > mode->type |= DRM_MODE_TYPE_PREFERRED; > > } else { >