From 2419672f4c96ca678a95d0f733f44d3ee036b5c8 Mon Sep 17 00:00:00 2001 From: Dan Carpenter Date: Fri, 11 Aug 2017 23:16:06 +0300 Subject: [PATCH] drm/omap: Potential NULL deref in omap_crtc_duplicate_state() If the kmalloc() fails then we dereference "state" when we set "state->zpos". Fixes: 3dfeb631a15d ("drm/omap: Rework the rotation-on-crtc hack") Signed-off-by: Dan Carpenter Signed-off-by: Tomi Valkeinen --- drivers/gpu/drm/omapdrm/omap_crtc.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/omapdrm/omap_crtc.c b/drivers/gpu/drm/omapdrm/omap_crtc.c index 400d0d2f6790..cc85c16cbc2a 100644 --- a/drivers/gpu/drm/omapdrm/omap_crtc.c +++ b/drivers/gpu/drm/omapdrm/omap_crtc.c @@ -589,8 +589,10 @@ omap_crtc_duplicate_state(struct drm_crtc *crtc) current_state = to_omap_crtc_state(crtc->state); state = kmalloc(sizeof(*state), GFP_KERNEL); - if (state) - __drm_atomic_helper_crtc_duplicate_state(crtc, &state->base); + if (!state) + return NULL; + + __drm_atomic_helper_crtc_duplicate_state(crtc, &state->base); state->zpos = current_state->zpos; state->rotation = current_state->rotation; -- 2.20.1