On Sun, 27 Mar 2022 at 08:39, Xiaomeng Tong <xiam0nd.tong@xxxxxxxxx> wrote: > > The bug is here: > return encoder; > > The list iterator value 'encoder' will *always* be set and non-NULL > by drm_for_each_encoder_mask(), so it is incorrect to assume that the > iterator value will be NULL if the list is empty or no element found. > Otherwise it will bypass some NULL checks and lead to invalid memory > access passing the check. > > To fix this bug, just return 'encoder' when found, otherwise return > NULL. > Isn't this covered by the upcoming list* iterator rework [1] or is this another iterator glitch? IMHO we should be looking at fixing the implementation and not the hundreds of users through the kernel. HTH -Emil [1] https://lwn.net/Articles/887097/
