| Message ID | 20170811201604.7v7txdmlf4knvdqf@mwanda (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
Texas Instruments Finland Oy, Porkkalankatu 22, 00180 Helsinki. Y-tunnus/Business ID: 0615521-4. Kotipaikka/Domicile: Helsinki On 11/08/17 23:16, Dan Carpenter wrote: > If the kmalloc() fails then we dereference "state" when we set > "state->zpos". > > Fixes: 3dfeb631a15d ("drm/omap: Rework the rotation-on-crtc hack") > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> > > diff --git a/drivers/gpu/drm/omapdrm/omap_crtc.c b/drivers/gpu/drm/omapdrm/omap_crtc.c > index 400d0d2f6790..cc85c16cbc2a 100644 > --- a/drivers/gpu/drm/omapdrm/omap_crtc.c > +++ b/drivers/gpu/drm/omapdrm/omap_crtc.c > @@ -589,8 +589,10 @@ omap_crtc_duplicate_state(struct drm_crtc *crtc) > current_state = to_omap_crtc_state(crtc->state); > > state = kmalloc(sizeof(*state), GFP_KERNEL); > - if (state) > - __drm_atomic_helper_crtc_duplicate_state(crtc, &state->base); > + if (!state) > + return NULL; > + > + __drm_atomic_helper_crtc_duplicate_state(crtc, &state->base); > > state->zpos = current_state->zpos; > state->rotation = current_state->rotation; > Thanks! Applied. Tomi
diff --git a/drivers/gpu/drm/omapdrm/omap_crtc.c b/drivers/gpu/drm/omapdrm/omap_crtc.c index 400d0d2f6790..cc85c16cbc2a 100644 --- a/drivers/gpu/drm/omapdrm/omap_crtc.c +++ b/drivers/gpu/drm/omapdrm/omap_crtc.c @@ -589,8 +589,10 @@ omap_crtc_duplicate_state(struct drm_crtc *crtc) current_state = to_omap_crtc_state(crtc->state); state = kmalloc(sizeof(*state), GFP_KERNEL); - if (state) - __drm_atomic_helper_crtc_duplicate_state(crtc, &state->base); + if (!state) + return NULL; + + __drm_atomic_helper_crtc_duplicate_state(crtc, &state->base); state->zpos = current_state->zpos; state->rotation = current_state->rotation;
If the kmalloc() fails then we dereference "state" when we set "state->zpos". Fixes: 3dfeb631a15d ("drm/omap: Rework the rotation-on-crtc hack") Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>