[PATCH 11/12] xf86drm: Validate function return value

Praveen Paneri <praveen.paneri@xxxxxxxxx> · Thu, 2 Apr 2015 14:02:26 +0530

Return value of drmHashCreate() and drmGetEntry() functions
can be NULL. It should be validated before being used.

Signed-off-by: Praveen Paneri <praveen.paneri@xxxxxxxxx>
---
 xf86drm.c | 24 +++++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

diff --git a/xf86drm.c b/xf86drm.c
index 373113b..d3a002a 100644
--- a/xf86drm.c
+++ b/xf86drm.c
@@ -178,20 +178,25 @@ static unsigned long drmGetKeyFromFd(int fd)
 drmHashEntry *drmGetEntry(int fd)
 {
     unsigned long key = drmGetKeyFromFd(fd);
-    void          *value;
+    void          *value = NULL;
     drmHashEntry  *entry;
 
     if (!drmHashTable)
 	drmHashTable = drmHashCreate();
 
-    if (drmHashLookup(drmHashTable, key, &value)) {
+    if (drmHashTable && drmHashLookup(drmHashTable, key, &value)) {
 	entry           = drmMalloc(sizeof(*entry));
 	if (!entry)
 	    return NULL;
 	entry->fd       = fd;
 	entry->f        = NULL;
 	entry->tagTable = drmHashCreate();
-	drmHashInsert(drmHashTable, key, entry);
+	if (entry->tagTable) {
+		drmHashInsert(drmHashTable, key, entry);
+	} else {
+		drmFree(entry);
+		entry = NULL;
+	}
     } else {
 	entry = value;
     }
@@ -1219,6 +1224,8 @@ int drmClose(int fd)
 {
     unsigned long key    = drmGetKeyFromFd(fd);
     drmHashEntry  *entry = drmGetEntry(fd);
+    if(!entry)
+	return -ENOMEM;
 
     drmHashDestroy(entry->tagTable);
     entry->fd       = 0;
@@ -2258,6 +2265,8 @@ int drmGetInterruptFromBusID(int fd, int busnum, int devnum, int funcnum)
 int drmAddContextTag(int fd, drm_context_t context, void *tag)
 {
     drmHashEntry  *entry = drmGetEntry(fd);
+    if (!entry)
+        return -ENOMEM;
 
     if (drmHashInsert(entry->tagTable, context, tag)) {
 	drmHashDelete(entry->tagTable, context);
@@ -2270,13 +2279,18 @@ int drmDelContextTag(int fd, drm_context_t context)
 {
     drmHashEntry  *entry = drmGetEntry(fd);
 
-    return drmHashDelete(entry->tagTable, context);
+    if (entry)
+	return drmHashDelete(entry->tagTable, context);
+    return -ENOMEM;
 }
 
 void *drmGetContextTag(int fd, drm_context_t context)
 {
-    drmHashEntry  *entry = drmGetEntry(fd);
     void          *value;
+    drmHashEntry  *entry = drmGetEntry(fd);
+
+    if (!entry)
+        return NULL;
 
     if (drmHashLookup(entry->tagTable, context, &value))
 	return NULL;
-- 
1.9.1

_______________________________________________
Intel-gfx mailing list
Intel-gfx@xxxxxxxxxxxxxxxxxxxxx
http://lists.freedesktop.org/mailman/listinfo/intel-gfx








