[PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld

Linux kernel -stable discussions
 help / color / mirror / Atom feed

* [PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
@ 2024-06-25  8:18 Ma Ke
  2024-06-25 13:43 ` Markus Elfring
  2024-06-25 19:11 ` Lyude Paul
  0 siblings, 2 replies; 4+ messages in thread
From: Ma Ke @ 2024-06-25  8:18 UTC (permalink / raw)
  To: kherbst, lyude, dakr, airlied, daniel, make24
  Cc: dri-devel, nouveau, linux-kernel, stable

In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is
assigned to mode, which will lead to a possible NULL pointer dereference
on failure of drm_mode_duplicate(). Add a check to avoid npd.

Cc: stable@vger.kernel.org
Signed-off-by: Ma Ke <make24@iscas.ac.cn>
---
 drivers/gpu/drm/nouveau/dispnv04/tvnv17.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c b/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
index 670c9739e5e1..4a08e61f3336 100644
--- a/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
+++ b/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
@@ -209,6 +209,8 @@ static int nv17_tv_get_ld_modes(struct drm_encoder *encoder,
 		struct drm_display_mode *mode;
 
 		mode = drm_mode_duplicate(encoder->dev, tv_mode);
+		if (!mode)
+			continue;
 
 		mode->clock = tv_norm->tv_enc_mode.vrefresh *
 			mode->htotal / 1000 *
-- 
2.25.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
  2024-06-25  8:18 [PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes Ma Ke
@ 2024-06-25 13:43 ` Markus Elfring
  2024-06-25 14:30   ` Greg KH
  2024-06-25 19:11 ` Lyude Paul
  1 sibling, 1 reply; 4+ messages in thread
From: Markus Elfring @ 2024-06-25 13:43 UTC (permalink / raw)
  To: Ma Ke, nouveau, dri-devel, Daniel Vetter, Danilo Krummrich,
	David Airlie, Karol Herbst, Lyude Paul
  Cc: stable, LKML

> In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is
> assigned to mode, which will lead to a possible NULL pointer dereference
> on failure of drm_mode_duplicate(). Add a check to avoid npd.

Can a wording approach (like the following) be a better change description?

  A null pointer is stored in the local variable “mode” after a call
  of the function “drm_mode_duplicate” failed. This pointer was used
  in a subsequent statement where an undesirable dereference will
  be performed then.
  Thus add a corresponding return value check.

> Cc: stable@vger.kernel.org

Would you like to add the tag “Fixes” accordingly?

How do you think about to use a summary phrase like
“Prevent null pointer dereference in nv17_tv_get_ld_modes()”?

Regards,
Markus

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
  2024-06-25 13:43 ` Markus Elfring
@ 2024-06-25 14:30   ` Greg KH
  0 siblings, 0 replies; 4+ messages in thread
From: Greg KH @ 2024-06-25 14:30 UTC (permalink / raw)
  To: Markus Elfring
  Cc: Ma Ke, nouveau, dri-devel, Daniel Vetter, Danilo Krummrich,
	David Airlie, Karol Herbst, Lyude Paul, stable, LKML

On Tue, Jun 25, 2024 at 03:43:37PM +0200, Markus Elfring wrote:
> > In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is
> > assigned to mode, which will lead to a possible NULL pointer dereference
> > on failure of drm_mode_duplicate(). Add a check to avoid npd.
> 
> Can a wording approach (like the following) be a better change description?
> 
>   A null pointer is stored in the local variable “mode” after a call
>   of the function “drm_mode_duplicate” failed. This pointer was used
>   in a subsequent statement where an undesirable dereference will
>   be performed then.
>   Thus add a corresponding return value check.
> 
> 
> > Cc: stable@vger.kernel.org
> 
> Would you like to add the tag “Fixes” accordingly?
> 
> 
> How do you think about to use a summary phrase like
> “Prevent null pointer dereference in nv17_tv_get_ld_modes()”?
> 
> 
> Regards,
> Markus
> 
Hi,

This is the semi-friendly patch-bot of Greg Kroah-Hartman.

Markus, you seem to have sent a nonsensical or otherwise pointless
review comment to a patch submission on a Linux kernel developer mailing
list.  I strongly suggest that you not do this anymore.  Please do not
bother developers who are actively working to produce patches and
features with comments that, in the end, are a waste of time.

Patch submitter, please ignore Markus's suggestion; you do not need to
follow it at all.  The person/bot/AI that sent it is being ignored by
almost all Linux kernel maintainers for having a persistent pattern of
behavior of producing distracting and pointless commentary, and
inability to adapt to feedback.  Please feel free to also ignore emails
from them.

thanks,

greg k-h's patch email bot

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
  2024-06-25  8:18 [PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes Ma Ke
  2024-06-25 13:43 ` Markus Elfring
@ 2024-06-25 19:11 ` Lyude Paul
  1 sibling, 0 replies; 4+ messages in thread
From: Lyude Paul @ 2024-06-25 19:11 UTC (permalink / raw)
  To: Ma Ke, kherbst, dakr, airlied, daniel
  Cc: dri-devel, nouveau, linux-kernel, stable

Reviewed-by: Lyude Paul <lyude@redhat.com>

On Tue, 2024-06-25 at 16:18 +0800, Ma Ke wrote:
> In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate()
> is
> assigned to mode, which will lead to a possible NULL pointer
> dereference
> on failure of drm_mode_duplicate(). Add a check to avoid npd.
> 
> Cc: stable@vger.kernel.org
> Signed-off-by: Ma Ke <make24@iscas.ac.cn>
> ---
>  drivers/gpu/drm/nouveau/dispnv04/tvnv17.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
> b/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
> index 670c9739e5e1..4a08e61f3336 100644
> --- a/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
> +++ b/drivers/gpu/drm/nouveau/dispnv04/tvnv17.c
> @@ -209,6 +209,8 @@ static int nv17_tv_get_ld_modes(struct
> drm_encoder *encoder,
>  		struct drm_display_mode *mode;
>  
>  		mode = drm_mode_duplicate(encoder->dev, tv_mode);
> +		if (!mode)
> +			continue;
>  
>  		mode->clock = tv_norm->tv_enc_mode.vrefresh *
>  			mode->htotal / 1000 *

-- 
Cheers,
 Lyude Paul (she/her)
 Software Engineer at Red Hat


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2024-06-25 19:11 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-06-25  8:18 [PATCH] drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes Ma Ke
2024-06-25 13:43 ` Markus Elfring
2024-06-25 14:30   ` Greg KH
2024-06-25 19:11 ` Lyude Paul

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox