From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jean-Christophe PLAGNIOL-VILLARD Date: Fri, 01 Nov 2013 11:10:20 +0000 Subject: Re: [PATCH v2] efifb: prevent null-deref when iterating dmi_list Message-Id: <20131101111020.GD18477@ns203013.ovh.net> List-Id: References: <1380732056-5387-1-git-send-email-dh.herrmann@gmail.com> <20131031104549.GZ18477@ns203013.ovh.net> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: David Herrmann Cc: "linux-fbdev@vger.kernel.org" , James Bates , linux-kernel , Tomi Valkeinen , James Bates On 17:17 Thu 31 Oct , David Herrmann wrote: > Hi > > On Thu, Oct 31, 2013 at 11:45 AM, Jean-Christophe PLAGNIOL-VILLARD > wrote: > > On 18:40 Wed 02 Oct , David Herrmann wrote: > >> The dmi_list array is initialized using gnu designated initializers, and > >> therefore may contain fewer explicitly defined entries as there are > >> elements in it. This is because the enum above with M_xyz constants > >> contains more items than the designated initializer. Those elements not > >> explicitly initialized are implicitly set to 0. > >> > >> Now efifb_setup() loops through all these array elements, and performs > >> a strcmp on each item. For non explicitly initialized elements this will > >> be a null pointer: > >> > >> This patch swaps the check order in the if statement, thus checks first > >> whether dmi_list[i].base is null. > >> > >> Signed-off-by: James Bates > >> Signed-off-by: David Herrmann > > > > with the simpleDRM arriving next merge I'm wondering if we need to keep it? > > SimpleDRM is not coming next merge-window. It's basically finished, > but I'm still working on the user-space side as its KMS api is highly > reduced compared to fully-featured DRM/KMS drivers. Maybe 3.13 will > work out. do you have a git tree for the simpleDRM that I can pull? > > Anyhow, this patch is still needed as it fixes a serious bug for simplefb. ok > > Thanks > David