From c801147c5a103eec864afee348c4ee3fdb0f380c Mon Sep 17 00:00:00 2001
From: Egbert Eich <eich@suse.de>
Date: Wed, 30 Nov 2005 15:32:59 +0100
Subject: [PATCH] SiS DRM: Fix possible NULL dereference

This fixes a NULL pointer reference in DRM.  The SiS driver tries to
allocate a big chunk of memory, but the return value is never checked.

Reported in Novell bugzilla #132271:
  https://bugzilla.novell.com/show_bug.cgi?id=132271

Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
---
 drivers/char/drm/drm_context.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'drivers/char/drm/drm_context.c')

diff --git a/drivers/char/drm/drm_context.c b/drivers/char/drm/drm_context.c
index bdd168d88f49..bd958d69a2ac 100644
--- a/drivers/char/drm/drm_context.c
+++ b/drivers/char/drm/drm_context.c
@@ -432,7 +432,10 @@ int drm_addctx(struct inode *inode, struct file *filp,
 
 	if (ctx.handle != DRM_KERNEL_CONTEXT) {
 		if (dev->driver->context_ctor)
-			dev->driver->context_ctor(dev, ctx.handle);
+			if (!dev->driver->context_ctor(dev, ctx.handle)) {
+				DRM_DEBUG( "Running out of ctxs or memory.\n");
+				return -ENOMEM;
+			}
 	}
 
 	ctx_entry = drm_alloc(sizeof(*ctx_entry), DRM_MEM_CTXLIST);
-- 
cgit v1.2.3-59-g8ed1b