virtio-gpu: fix a missing check to avoid NULL dereference

'cache_ent' could be set NULL inside virtio_gpu_cmd_get_capset()
and it will lead to a NULL dereference by a lately use of it
(i.e., ptr = cache_ent->caps_cache). Fix it with a NULL check.

Fixes: f8b6285be2964 ("virtio-gpu: add 3d/virgl support")
Signed-off-by: Xiaomeng Tong <xiam0nd.tong@gmail.com>
Reviewed-by: Chia-I Wu <olvaffe@gmail.com>
Link: http://patchwork.freedesktop.org/patch/msgid/20220327050945.1614-1-xiam0nd.tong@gmail.com
[ kraxel: minor codestyle fixup ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

diff --git a/drivers/gpu/drm/virtio/virtgpu_ioctl.c b/drivers/gpu/drm/virtio/virtgpu_ioctl.c
index f8d83358d2a0f2c838cfbe9c147ef9ea1a2fa354..9b2702116f93e7dbf29ff169dab2f3fd4ca0c081 100644 (file)
--- a/drivers/gpu/drm/virtio/virtgpu_ioctl.c
+++ b/drivers/gpu/drm/virtio/virtgpu_ioctl.c
@@ -580,8 +580,10 @@ static int virtio_gpu_get_caps_ioctl(struct drm_device *dev,
        spin_unlock(&vgdev->display_info_lock);
 
        /* not in cache - need to talk to hw */
-       virtio_gpu_cmd_get_capset(vgdev, found_valid, args->cap_set_ver,
-                                 &cache_ent);
+       ret = virtio_gpu_cmd_get_capset(vgdev, found_valid, args->cap_set_ver,
+                                       &cache_ent);
+       if (ret)
+               return ret;
        virtio_gpu_notify(vgdev);
 
 copy_exit: