virtio-gpu: fix a missing check to avoid NULL dereference

jira VULN-69525
cve CVE-2022-50181
commit-author Xiaomeng Tong <[email protected]>
commit bd63f11

'cache_ent' could be set NULL inside virtio_gpu_cmd_get_capset()
and it will lead to a NULL dereference by a lately use of it
(i.e., ptr = cache_ent->caps_cache). Fix it with a NULL check.

Fixes: 62fb7a5 ("virtio-gpu: add 3d/virgl support")
	Signed-off-by: Xiaomeng Tong <[email protected]>
	Reviewed-by: Chia-I Wu <[email protected]>
Link: http://patchwork.freedesktop.org/patch/msgid/[email protected]

[ kraxel: minor codestyle fixup ]

	Signed-off-by: Gerd Hoffmann <[email protected]>
(cherry picked from commit bd63f11)
	Signed-off-by: Jonathan Maple <[email protected]>

Author: PlaidCat

drivers/gpu/drm/virtio/virtgpu_ioctl.c

@@ -579,8 +579,10 @@ static int virtio_gpu_get_caps_ioctl(struct drm_device *dev,
 	spin_unlock(&vgdev->display_info_lock);
 
 	/* not in cache - need to talk to hw */
-	virtio_gpu_cmd_get_capset(vgdev, found_valid, args->cap_set_ver,
-				  &cache_ent);
+	ret = virtio_gpu_cmd_get_capset(vgdev, found_valid, args->cap_set_ver,
+					&cache_ent);
+	if (ret)
+		return ret;
 	virtio_gpu_notify(vgdev);
 
 copy_exit: