[PATCH] drm/msm/adreno/a5xx_debugfs: fix potential NULL pointer dereference
From: Gustavo A. R. Silva
Date: Fri Feb 02 2018 - 07:32:45 EST
_minor_ is being dereferenced before it is null checked, hence there
is a potential null pointer dereference. Fix this by moving the pointer
dereference after _minor_ has been null checked.
Fixes: 024ad8df763f ("drm/msm: add a5xx specific debugfs")
Signed-off-by: Gustavo A. R. Silva <garsilva@xxxxxxxxxxxxxx>
---
I wonder if a better solution for this would be to WARN_ON in case _minor_
happens to be NULL and return -EINVAL, instead of just returning zero.
Something like:
struct drm_device *dev;
if (WARN_ON(!minor)
return -EINVAL;
dev = minor->dev;
What do you think?
Thanks
drivers/gpu/drm/msm/adreno/a5xx_debugfs.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/msm/adreno/a5xx_debugfs.c b/drivers/gpu/drm/msm/adreno/a5xx_debugfs.c
index 6b27941..059ec7d 100644
--- a/drivers/gpu/drm/msm/adreno/a5xx_debugfs.c
+++ b/drivers/gpu/drm/msm/adreno/a5xx_debugfs.c
@@ -159,13 +159,15 @@ DEFINE_SIMPLE_ATTRIBUTE(reset_fops, NULL, reset_set, "%llx\n");
int a5xx_debugfs_init(struct msm_gpu *gpu, struct drm_minor *minor)
{
- struct drm_device *dev = minor->dev;
+ struct drm_device *dev;
struct dentry *ent;
int ret;
if (!minor)
return 0;
+ dev = minor->dev;
+
ret = drm_debugfs_create_files(a5xx_debugfs_list,
ARRAY_SIZE(a5xx_debugfs_list),
minor->debugfs_root, minor);
--
2.7.4