From: Carsten Haitzler Date: Fri, 27 Nov 2020 11:00:54 +0000 (+0000) Subject: drm/komeda: Handle NULL pointer access code path in error case X-Git-Tag: accepted/tizen/unified/20230118.172025~8178^2~1^2~1 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=a24cf238c771a1d3f0dc68b9f2b62c6d23359026;p=platform%2Fkernel%2Flinux-rpi.git drm/komeda: Handle NULL pointer access code path in error case komeda_component_get_old_state() technically can return a NULL pointer. komeda_compiz_set_input() even warns when this happens, but then proceeeds to use that NULL pointer to compare memory content there agains the new state to see if it changed. In this case, it's better to assume that the input changed as there is no old state to compare against and thus assume the changes happen anyway. Signed-off-by: Carsten Haitzler Reviewed-by: Steven Price Acked-by: Liviu Dudau [Applied small spelling fixes and fix suggested by Steven Price] Signed-off-by: Liviu Dudau Link: https://patchwork.freedesktop.org/patch/msgid/20201127110054.133686-1-carsten.haitzler@foss.arm.com --- diff --git a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c index 8f32ae7..5c08511 100644 --- a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c +++ b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c @@ -704,10 +704,10 @@ komeda_compiz_set_input(struct komeda_compiz *compiz, cin->layer_alpha = dflow->layer_alpha; old_st = komeda_component_get_old_state(&compiz->base, drm_st); - WARN_ON(!old_st); /* compare with old to check if this input has been changed */ - if (memcmp(&(to_compiz_st(old_st)->cins[idx]), cin, sizeof(*cin))) + if (WARN_ON(!old_st) || + memcmp(&(to_compiz_st(old_st)->cins[idx]), cin, sizeof(*cin))) c_st->changed_active_inputs |= BIT(idx); komeda_component_add_input(c_st, &dflow->input, idx);