[Why] the func bios_parser_get_src_obj () is similar to
bios_parser_get_dst_obj () which is fixed by the
commit<a8f976473196>("drm/amd/display: Banch of smatch error and warning fixes
in DC").
the symbol 'id' is uninitialized and it is not checked before dereference
it,may lead to null pointer dereference.
[How] Initialized variable explicitly with NULL and add sanitizer.
Signed-off-by: estherbdf <603571...@qq.com>
---
drivers/gpu/drm/amd/display/dc/bios/bios_parser.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/amd/display/dc/bios/bios_parser.c
b/drivers/gpu/drm/amd/display/dc/bios/bios_parser.c
index 008d4d1..94c6cca 100644
--- a/drivers/gpu/drm/amd/display/dc/bios/bios_parser.c
+++ b/drivers/gpu/drm/amd/display/dc/bios/bios_parser.c
@@ -190,7 +190,7 @@ static enum bp_result bios_parser_get_src_obj(struct
dc_bios *dcb,
struct graphics_object_id *src_object_id)
{
uint32_t number;
- uint16_t *id;
+ uint16_t *id = NULL;
ATOM_OBJECT *object;
struct bios_parser *bp = BP_FROM_DCB(dcb);
@@ -206,7 +206,7 @@ static enum bp_result bios_parser_get_src_obj(struct
dc_bios *dcb,
number = get_src_obj_list(bp, object, &id);
- if (number <= index)
+ if (number <= index || !id)
return BP_RESULT_BADINPUT;
*src_object_id = object_id_from_bios_object_id(id[index]);
--
1.9.1
_______________________________________________
dri-devel mailing list
dri-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/dri-devel
