In drm_universal_plane_init(), if 'format_count' is larger than 64, no
cleanup is executed, leading to memory/resource leaks. To fix this issue,
perform cleanup work before returning -EINVAL.
Signed-off-by: Wenwen Wang
---
drivers/gpu/drm/drm_plane.c | 5 -
1 file changed, 4
In qxl_bo_create(), the temporary 'bo' is allocated through kzalloc().
However, it is not deallocated in the following execution if ttm_bo_init()
fails, leading to a memory leak bug. To fix this issue, free 'bo' before
returning the error.
Signed-off-by: Wenwen Wang
---
In psb_driver_load(), if gma_backlight_init() fails, no cleanup is
executed, leading to memory/resource leaks. To fix this issue, go to the
'out_err' label to perform the cleanup work.
Signed-off-by: Wenwen Wang
---
drivers/gpu/drm/gma500/psb_drv.c | 2 +-
1 file changed, 1 inser
bels.
Signed-off-by: Wenwen Wang
---
drivers/gpu/drm/gma500/mdfld_dsi_output.c | 11 +--
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/drivers/gpu/drm/gma500/mdfld_dsi_output.c
b/drivers/gpu/drm/gma500/mdfld_dsi_output.c
index 03023fa..0cf4121 100644
--- a/drivers/gpu/drm/gma50
; label.
Signed-off-by: Wenwen Wang
---
drivers/gpu/drm/gma500/mdfld_dsi_output.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/gma500/mdfld_dsi_output.c
b/drivers/gpu/drm/gma500/mdfld_dsi_output.c
index 03023fa..ab9e935 100644
--- a/drivers/gpu/drm/gma50
to a memory leak bug.
To fix the above issue, free 'fences' before go to the 'err' label.
Signed-off-by: Wenwen Wang
---
drivers/dma-buf/sync_file.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/dma-buf/sync_file.c b/drivers/dma-buf/syn
Hello,
Can anyone please confirm this bug? Thanks!
Wenwen
On Fri, Oct 19, 2018 at 3:39 PM Wenwen Wang wrote:
>
> In sisfb_find_rom(), the official pci ROM is checked to see whether it
> contains the expected value at specific locations. This is done by firstly
> mapping the rom
ng for loop
also has a similar issue.
To avoid the above issue, this patch firstly copies the content of the rom
and then performs the checks on the copied version. If all the checks are
satisfied, the copied version will then be returned.
Signed-off-by: Wenwen Wang
---
drivers/v
ng so, the attacker can supply compromised VBIOS, which can
cause undefined behavior of the kernel and introduce potential security
issues.
This patch rewrites the header in 'adev->bios' using the header acquired in
the first copy.
Signed-off-by: Wenwen Wang
---
drivers/gpu/drm/amd
in 'rdev->bios' can
have unexpected values. This can cause undefined behavior of the kernel
and introduce potential security risk, if the device can be controlled by
attackers.
This patch rewrites the first two bytes of 'rdev->bios' after
memcpy_fromio() with expected
rs.
This patch avoids the above issue by rewriting the first two bytes of
'rdev->bios' after memcpy_fromio() with expected values.
Signed-off-by: Wenwen Wang
---
drivers/gpu/drm/radeon/radeon_bios.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/gpu/drm/radeon/radeon
11 matches
Mail list logo
