[PATCH] omapdrm: fix missing check on list iterator

Sat, 26 Mar 2022 22:33:58 -0700 

The bug is here:
        bus_flags = connector->display_info.bus_flags;

The list iterator 'connector-' will point to a bogus position containing
HEAD if the list is empty or no element is found. This case must
be checked before any use of the iterator, otherwise it will lead
to a invalid memory access.

To fix this bug, add an check. Use a new value 'iter' as the list
iterator, while use the old value 'connector' as a dedicated variable
to point to the found element.

Cc: sta...@vger.kernel.org
Fixes: ("drm/omap: Add support for drm_panel")
Signed-off-by: Xiaomeng Tong <xiam0nd.t...@gmail.com>
---
 drivers/gpu/drm/omapdrm/omap_encoder.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/drivers/gpu/drm/omapdrm/omap_encoder.c 
b/drivers/gpu/drm/omapdrm/omap_encoder.c
index 4dd05bc732da..d648ab4223b1 100644
--- a/drivers/gpu/drm/omapdrm/omap_encoder.c
+++ b/drivers/gpu/drm/omapdrm/omap_encoder.c
@@ -76,14 +76,16 @@ static void omap_encoder_mode_set(struct drm_encoder 
*encoder,
        struct omap_encoder *omap_encoder = to_omap_encoder(encoder);
        struct omap_dss_device *output = omap_encoder->output;
        struct drm_device *dev = encoder->dev;
-       struct drm_connector *connector;
+       struct drm_connector *connector = NULL, *iter;
        struct drm_bridge *bridge;
        struct videomode vm = { 0 };
        u32 bus_flags;
 
-       list_for_each_entry(connector, &dev->mode_config.connector_list, head) {
-               if (connector->encoder == encoder)
+       list_for_each_entry(iter, &dev->mode_config.connector_list, head) {
+               if (iter->encoder == encoder) {
+                       connector = iter;
                        break;
+               }
        }
 
        drm_display_mode_to_videomode(adjusted_mode, &vm);
@@ -106,8 +108,10 @@ static void omap_encoder_mode_set(struct drm_encoder 
*encoder,
                omap_encoder_update_videomode_flags(&vm, bus_flags);
        }
 
-       bus_flags = connector->display_info.bus_flags;
-       omap_encoder_update_videomode_flags(&vm, bus_flags);
+       if (connector) {
+               bus_flags = connector->display_info.bus_flags;
+               omap_encoder_update_videomode_flags(&vm, bus_flags);
+       }
 
        /* Set timings for all devices in the display pipeline. */
        dss_mgr_set_timings(output, &vm);
-- 
2.17.1

Reply via email to