| Message ID | 20250226083731.3584509-1-make24@iscas.ac.cn (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | [v2] drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params | expand |
Reviewed-by: Alex Hung <alex.hung@amd.com> On 2/26/25 01:37, Ma Ke wrote: > Null pointer dereference issue could occur when pipe_ctx->plane_state > is null. The fix adds a check to ensure 'pipe_ctx->plane_state' is not > null before accessing. This prevents a null pointer dereference. > > Found by code review. > > Cc: stable@vger.kernel.org > Fixes: 3be5262e353b ("drm/amd/display: Rename more dc_surface stuff to plane_state") > Signed-off-by: Ma Ke <make24@iscas.ac.cn> > --- > Changes in v2: > - modified the patch as suggestions. > --- > drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/drivers/gpu/drm/amd/display/dc/core/dc_resource.c b/drivers/gpu/drm/amd/display/dc/core/dc_resource.c > index 520a34a42827..a45037cb4cc0 100644 > --- a/drivers/gpu/drm/amd/display/dc/core/dc_resource.c > +++ b/drivers/gpu/drm/amd/display/dc/core/dc_resource.c > @@ -1455,7 +1455,8 @@ bool resource_build_scaling_params(struct pipe_ctx *pipe_ctx) > DC_LOGGER_INIT(pipe_ctx->stream->ctx->logger); > > /* Invalid input */ > - if (!plane_state->dst_rect.width || > + if (!plane_state || > + !plane_state->dst_rect.width || > !plane_state->dst_rect.height || > !plane_state->src_rect.width || > !plane_state->src_rect.height) {
Applied. Thanks! Alex On Wed, Feb 26, 2025 at 2:04 PM Alex Hung <alex.hung@amd.com> wrote: > > Reviewed-by: Alex Hung <alex.hung@amd.com> > > On 2/26/25 01:37, Ma Ke wrote: > > Null pointer dereference issue could occur when pipe_ctx->plane_state > > is null. The fix adds a check to ensure 'pipe_ctx->plane_state' is not > > null before accessing. This prevents a null pointer dereference. > > > > Found by code review. > > > > Cc: stable@vger.kernel.org > > Fixes: 3be5262e353b ("drm/amd/display: Rename more dc_surface stuff to plane_state") > > Signed-off-by: Ma Ke <make24@iscas.ac.cn> > > --- > > Changes in v2: > > - modified the patch as suggestions. > > --- > > drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 3 ++- > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > diff --git a/drivers/gpu/drm/amd/display/dc/core/dc_resource.c b/drivers/gpu/drm/amd/display/dc/core/dc_resource.c > > index 520a34a42827..a45037cb4cc0 100644 > > --- a/drivers/gpu/drm/amd/display/dc/core/dc_resource.c > > +++ b/drivers/gpu/drm/amd/display/dc/core/dc_resource.c > > @@ -1455,7 +1455,8 @@ bool resource_build_scaling_params(struct pipe_ctx *pipe_ctx) > > DC_LOGGER_INIT(pipe_ctx->stream->ctx->logger); > > > > /* Invalid input */ > > - if (!plane_state->dst_rect.width || > > + if (!plane_state || > > + !plane_state->dst_rect.width || > > !plane_state->dst_rect.height || > > !plane_state->src_rect.width || > > !plane_state->src_rect.height) { >
diff --git a/drivers/gpu/drm/amd/display/dc/core/dc_resource.c b/drivers/gpu/drm/amd/display/dc/core/dc_resource.c index 520a34a42827..a45037cb4cc0 100644 --- a/drivers/gpu/drm/amd/display/dc/core/dc_resource.c +++ b/drivers/gpu/drm/amd/display/dc/core/dc_resource.c @@ -1455,7 +1455,8 @@ bool resource_build_scaling_params(struct pipe_ctx *pipe_ctx) DC_LOGGER_INIT(pipe_ctx->stream->ctx->logger); /* Invalid input */ - if (!plane_state->dst_rect.width || + if (!plane_state || + !plane_state->dst_rect.width || !plane_state->dst_rect.height || !plane_state->src_rect.width || !plane_state->src_rect.height) {
Null pointer dereference issue could occur when pipe_ctx->plane_state is null. The fix adds a check to ensure 'pipe_ctx->plane_state' is not null before accessing. This prevents a null pointer dereference. Found by code review. Cc: stable@vger.kernel.org Fixes: 3be5262e353b ("drm/amd/display: Rename more dc_surface stuff to plane_state") Signed-off-by: Ma Ke <make24@iscas.ac.cn> --- Changes in v2: - modified the patch as suggestions. --- drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)