In omap_lcd_interrupts(), the pointer omap_lcd is dereferenced before
being check if it is valid, which may lead to NULL pointer dereference.
So move the assignment to surface after checking that the omap_lcd is valid.
Reported-by: Euler Robot <euler.ro...@huawei.com>
Signed-off-by: Alex Chen <alex.c...@huawei.com>
---
hw/display/omap_lcdc.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/display/omap_lcdc.c b/hw/display/omap_lcdc.c
index fa4a381db6..2941c5c67c 100644
--- a/hw/display/omap_lcdc.c
+++ b/hw/display/omap_lcdc.c
@@ -78,7 +78,7 @@ static void omap_lcd_interrupts(struct omap_lcd_panel_s *s)
static void omap_update_display(void *opaque)
{
struct omap_lcd_panel_s *omap_lcd = (struct omap_lcd_panel_s *) opaque;
- DisplaySurface *surface = qemu_console_surface(omap_lcd->con);
+ DisplaySurface *surface;
draw_line_func draw_line;
int size, height, first, last;
int width, linesize, step, bpp, frame_offset;
@@ -89,6 +89,7 @@ static void omap_update_display(void *opaque)
return;
}
+ surface = qemu_console_surface(omap_lcd->con);
frame_offset = 0;
if (omap_lcd->plm != 2) {
cpu_physical_memory_read(
--
2.19.1
