[PATCH] fbdev: atmel_lcdfb: Fix potential NULL dereference

[Alexandre Belloni]

On 24/07/2025 03:56:45+0100, Salah Triki wrote:
> of_match_device() returns NULL in case of failure, so check its return
> value before casting and accessing to data field in order to prevent NULL
> dereference.
> 
> Signed-off-by: Salah Triki <salah.triki at gmail.com>
> ---
>  drivers/video/fbdev/atmel_lcdfb.c | 8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/video/fbdev/atmel_lcdfb.c b/drivers/video/fbdev/atmel_lcdfb.c
> index 9dfbc5310210..b1017ac9c73b 100644
> --- a/drivers/video/fbdev/atmel_lcdfb.c
> +++ b/drivers/video/fbdev/atmel_lcdfb.c
> @@ -922,6 +922,7 @@ static int atmel_lcdfb_of_init(struct atmel_lcdfb_info *sinfo)
>  	struct device *dev = &sinfo->pdev->dev;
>  	struct device_node *np =dev->of_node;
>  	struct device_node *display_np;
> +	const struct of_device_id *match;
>  	struct atmel_lcdfb_power_ctrl_gpio *og;
>  	bool is_gpio_power = false;
>  	struct fb_videomode fb_vm;
> @@ -930,8 +931,11 @@ static int atmel_lcdfb_of_init(struct atmel_lcdfb_info *sinfo)
>  	int ret;
>  	int i;
>  
> -	sinfo->config = (struct atmel_lcdfb_config*)
> -		of_match_device(atmel_lcdfb_dt_ids, dev)->data;
> +	match = of_match_device(atmel_lcdfb_dt_ids, dev);
> +	if (!match)
> +		return -ENODEV;

This is dead code, it will never happen because atmel_lcdfb_of_init is only
called from atmel_lcdfb_probe which will only be called when there is a match.

> +
> +	sinfo->config = (struct atmel_lcdfb_config *)match->data;
>  
>  	display_np = of_parse_phandle(np, "display", 0);
>  	if (!display_np) {
> -- 
> 2.43.0
> 

-- 
Alexandre Belloni, co-owner and COO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com