From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jani Nikula Subject: Re: [PATCH] drm_edid-load: Fix a missing-check bug in drm_load_edid_firmware() Date: Fri, 24 May 2019 21:02:59 +0300 Message-ID: <87pno7n31o.fsf@intel.com> References: <20190522123920.GB6772@zhanggen-UX430UQ> <87o93u7d3s.fsf@intel.com> <20190524023222.GA5302@zhanggen-UX430UQ> Mime-Version: 1.0 Content-Type: text/plain Return-path: In-Reply-To: <20190524023222.GA5302@zhanggen-UX430UQ> Sender: linux-kernel-owner@vger.kernel.org To: Gen Zhang , maarten.lankhorst@linux.intel.com, maxime.ripard@bootlin.com Cc: dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org List-Id: dri-devel@lists.freedesktop.org On Fri, 24 May 2019, Gen Zhang wrote: > In drm_load_edid_firmware(), fwstr is allocated by kstrdup(). And fwstr > is dereferenced in the following codes. However, memory allocation > functions such as kstrdup() may fail and returns NULL. Dereferencing > this null pointer may cause the kernel go wrong. Thus we should check > this kstrdup() operation. > Further, if kstrdup() returns NULL, we should return ERR_PTR(-ENOMEM) to > the caller site. > > Signed-off-by: Gen Zhang > Reviewed-by: Jani Nikula Pushed to drm-misc-next, thanks for the patch. BR, Jani. > --- > diff --git a/drivers/gpu/drm/drm_edid_load.c b/drivers/gpu/drm/drm_edid_load.c > index a491509..a0e107a 100644 > --- a/drivers/gpu/drm/drm_edid_load.c > +++ b/drivers/gpu/drm/drm_edid_load.c > @@ -290,6 +290,8 @@ struct edid *drm_load_edid_firmware(struct drm_connector *connector) > * the last one found one as a fallback. > */ > fwstr = kstrdup(edid_firmware, GFP_KERNEL); > + if (!fwstr) > + return ERR_PTR(-ENOMEM); > edidstr = fwstr; > > while ((edidname = strsep(&edidstr, ","))) { > --- -- Jani Nikula, Intel Open Source Graphics Center