1. Patchew
  2. linux
  3. View series

[PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes

Ma Ke posted 1 patch 1 year, 5 months ago 
drivers/gpu/drm/nouveau/dispnv04/tvnv17.c | 2 ++
1 file changed, 2 insertions(+)
[PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
Posted by Ma Ke 1 year, 5 months ago 
In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is
assigned to mode, which will lead to a possible NULL pointer dereference
on failure of drm_mode_duplicate(). Add a check to avoid npd.

Cc: stable@vger.kernel.org
Signed-off-by: Ma Ke <make24@iscas.ac.cn>
---
 drivers/gpu/drm/nouveau/dispnv04/tvnv17.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c b/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
index 670c9739e5e1..4a08e61f3336 100644
--- a/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
+++ b/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
@@ -209,6 +209,8 @@ static int nv17_tv_get_ld_modes(struct drm_encoder *encoder,
 		struct drm_display_mode *mode;
 
 		mode = drm_mode_duplicate(encoder->dev, tv_mode);
+		if (!mode)
+			continue;
 
 		mode->clock = tv_norm->tv_enc_mode.vrefresh *
 			mode->htotal / 1000 *
-- 
2.25.1
Re: [PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
Posted by Lyude Paul 1 year, 5 months ago 
Reviewed-by: Lyude Paul <lyude@redhat.com>

On Tue, 2024-06-25 at 16:18 +0800, Ma Ke wrote:
> In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate()
> is
> assigned to mode, which will lead to a possible NULL pointer
> dereference
> on failure of drm_mode_duplicate(). Add a check to avoid npd.
> 
> Cc: stable@vger.kernel.org
> Signed-off-by: Ma Ke <make24@iscas.ac.cn>
> ---
>  drivers/gpu/drm/nouveau/dispnv04/tvnv17.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
> b/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
> index 670c9739e5e1..4a08e61f3336 100644
> --- a/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
> +++ b/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
> @@ -209,6 +209,8 @@ static int nv17_tv_get_ld_modes(struct
> drm_encoder *encoder,
>  		struct drm_display_mode *mode;
>  
>  		mode = drm_mode_duplicate(encoder->dev, tv_mode);
> +		if (!mode)
> +			continue;
>  
>  		mode->clock = tv_norm->tv_enc_mode.vrefresh *
>  			mode->htotal / 1000 *

-- 
Cheers,
 Lyude Paul (she/her)
 Software Engineer at Red Hat
Re: [PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
Posted by Markus Elfring 1 year, 5 months ago 
> In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is
> assigned to mode, which will lead to a possible NULL pointer dereference
> on failure of drm_mode_duplicate(). Add a check to avoid npd.

Can a wording approach (like the following) be a better change description?

  A null pointer is stored in the local variable “mode” after a call
  of the function “drm_mode_duplicate” failed. This pointer was used
  in a subsequent statement where an undesirable dereference will
  be performed then.
  Thus add a corresponding return value check.


> Cc: stable@vger.kernel.org

Would you like to add the tag “Fixes” accordingly?


How do you think about to use a summary phrase like
“Prevent null pointer dereference in nv17_tv_get_ld_modes()”?


Regards,
Markus
Re: [PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
Posted by Greg KH 1 year, 5 months ago 
On Tue, Jun 25, 2024 at 03:43:37PM +0200, Markus Elfring wrote:
> > In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is
> > assigned to mode, which will lead to a possible NULL pointer dereference
> > on failure of drm_mode_duplicate(). Add a check to avoid npd.
> 
> Can a wording approach (like the following) be a better change description?
> 
>   A null pointer is stored in the local variable “mode” after a call
>   of the function “drm_mode_duplicate” failed. This pointer was used
>   in a subsequent statement where an undesirable dereference will
>   be performed then.
>   Thus add a corresponding return value check.
> 
> 
> > Cc: stable@vger.kernel.org
> 
> Would you like to add the tag “Fixes” accordingly?
> 
> 
> How do you think about to use a summary phrase like
> “Prevent null pointer dereference in nv17_tv_get_ld_modes()”?
> 
> 
> Regards,
> Markus
> 
Hi,

This is the semi-friendly patch-bot of Greg Kroah-Hartman.

Markus, you seem to have sent a nonsensical or otherwise pointless
review comment to a patch submission on a Linux kernel developer mailing
list.  I strongly suggest that you not do this anymore.  Please do not
bother developers who are actively working to produce patches and
features with comments that, in the end, are a waste of time.

Patch submitter, please ignore Markus's suggestion; you do not need to
follow it at all.  The person/bot/AI that sent it is being ignored by
almost all Linux kernel maintainers for having a persistent pattern of
behavior of producing distracting and pointless commentary, and
inability to adapt to feedback.  Please feel free to also ignore emails
from them.

thanks,

greg k-h's patch email bot

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.