From: Egbert Eich Date: Wed, 30 Nov 2005 14:32:59 +0000 (+0100) Subject: [PATCH] SiS DRM: Fix possible NULL dereference X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=c801147c5a103eec864afee348c4ee3fdb0f380c;p=GitHub%2FLineageOS%2Fandroid_kernel_samsung_universal7580.git [PATCH] SiS DRM: Fix possible NULL dereference This fixes a NULL pointer reference in DRM. The SiS driver tries to allocate a big chunk of memory, but the return value is never checked. Reported in Novell bugzilla #132271: https://bugzilla.novell.com/show_bug.cgi?id=132271 Signed-off-by: Takashi Iwai Signed-off-by: Linus Torvalds --- diff --git a/drivers/char/drm/drm_context.c b/drivers/char/drm/drm_context.c index bdd168d88f4..bd958d69a2a 100644 --- a/drivers/char/drm/drm_context.c +++ b/drivers/char/drm/drm_context.c @@ -432,7 +432,10 @@ int drm_addctx(struct inode *inode, struct file *filp, if (ctx.handle != DRM_KERNEL_CONTEXT) { if (dev->driver->context_ctor) - dev->driver->context_ctor(dev, ctx.handle); + if (!dev->driver->context_ctor(dev, ctx.handle)) { + DRM_DEBUG( "Running out of ctxs or memory.\n"); + return -ENOMEM; + } } ctx_entry = drm_alloc(sizeof(*ctx_entry), DRM_MEM_CTXLIST);