On 11/19/2012 02:14 PM, Tomi Valkeinen wrote:
> On 2012-11-19 07:10, Tushar Behera wrote:
>> If display is NULL, display->output would lead to kernel panic.
>>
>> Signed-off-by: Tushar Behera <tushar.behera@xxxxxxxxxx>
>> ---
>> drivers/video/omap2/omapfb/omapfb-ioctl.c | 2 +-
>> 1 files changed, 1 insertions(+), 1 deletions(-)
>>
>> diff --git a/drivers/video/omap2/omapfb/omapfb-ioctl.c b/drivers/video/omap2/omapfb/omapfb-ioctl.c
>> index 55a39be..532a31b 100644
>> --- a/drivers/video/omap2/omapfb/omapfb-ioctl.c
>> +++ b/drivers/video/omap2/omapfb/omapfb-ioctl.c
>> @@ -787,7 +787,7 @@ int omapfb_ioctl(struct fb_info *fbi, unsigned int cmd, unsigned long arg)
>>
>> case OMAPFB_WAITFORVSYNC:
>> DBG("ioctl WAITFORVSYNC\n");
>> - if (!display && !display->output && !display->output->manager) {
>> + if (!display || !display->output || !display->output->manager) {
>> r = -EINVAL;
>> break;
>> }
>>
>
> Thanks, good catch. However, the patch description is not very good.
I agree.
> If you agree with the change, I'll apply the patch with the description:
>
Please go ahead with the description that you have written here.
>
> OMAPFB: Fix possible null pointer dereferencing
>
> Commit 952cbaaa9b8beacc425f9aedf370468cbb737a2c (OMAPFB: Change
> dssdev->manager references) added checks for OMAPFB_WAITFORVSYNC ioctl
> to verify that the display, output and overlay manager exist. However,
> the code erroneously uses && for each part, which means that
> OMAPFB_WAITFORVSYNC may crash the kernel if no display, output or
> manager is associated with the framebuffer.
>
> This patch fixes the issue by using ||.
>
>
> Tomi
>
>
Thanks.
--
Tushar Behera
--
To unsubscribe from this list: send the line "unsubscribe linux-omap" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
