var->pixclock can be assigned to zero by user. Without
proper check, divide by zero would occur when invoking
macro PICOS2KHZ in au1200fb_fb_check_var.
Error out if var->pixclock is zero.
Signed-off-by: Wei Chen <[email protected]>
---
drivers/video/fbdev/au1200fb.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/video/fbdev/au1200fb.c b/drivers/video/fbdev/au1200fb.c
index 81c315454428..b6b22fa4a8a0 100644
--- a/drivers/video/fbdev/au1200fb.c
+++ b/drivers/video/fbdev/au1200fb.c
@@ -1040,6 +1040,9 @@ static int au1200fb_fb_check_var(struct fb_var_screeninfo *var,
u32 pixclock;
int screen_size, plane;
+ if (!var->pixclock)
+ return -EINVAL;
+
plane = fbdev->plane;
/* Make sure that the mode respect all LCD controller and
--
2.25.1
Hi,
thanks for looking through these drivers.
Am 15.03.23 um 10:22 schrieb Wei Chen:
> var->pixclock can be assigned to zero by user. Without
> proper check, divide by zero would occur when invoking
> macro PICOS2KHZ in au1200fb_fb_check_var.
>
> Error out if var->pixclock is zero.
>
> Signed-off-by: Wei Chen <[email protected]>
> ---
> drivers/video/fbdev/au1200fb.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/video/fbdev/au1200fb.c b/drivers/video/fbdev/au1200fb.c
> index 81c315454428..b6b22fa4a8a0 100644
> --- a/drivers/video/fbdev/au1200fb.c
> +++ b/drivers/video/fbdev/au1200fb.c
> @@ -1040,6 +1040,9 @@ static int au1200fb_fb_check_var(struct fb_var_screeninfo *var,
> u32 pixclock;
> int screen_size, plane;
>
> + if (!var->pixclock)
> + return -EINVAL;
> +
Instead of the whale-a-mole approach of fixing individual drivers, could
this be solved by testing in fb_set_var [1] and fb_try_mode.? [2]
Best regards
Thomas
[1]
https://elixir.bootlin.com/linux/latest/source/drivers/video/fbdev/core/fbmem.c#L958
[2]
https://elixir.bootlin.com/linux/latest/source/drivers/video/fbdev/core/modedb.c#L567
> plane = fbdev->plane;
>
> /* Make sure that the mode respect all LCD controller and
--
Thomas Zimmermann
Graphics Driver Developer
SUSE Software Solutions Germany GmbH
Maxfeldstr. 5, 90409 Nürnberg, Germany
(HRB 36809, AG Nürnberg)
Geschäftsführer: Ivo Totev
Dear Thomas,
Thank you for the kind advice.
In fact, I notice there was a discussion regarding whether to put the
check in each individual driver or solve this problem as a whole as
you suggested. The conclusion is that it is better to keep the check per
driver rather than in the caller.
Related discussions are here:
https://lore.kernel.org/all/[email protected]/
https://lore.kernel.org/all/[email protected]/
https://lore.kernel.org/all/[email protected]/
Thanks,
Wei
------ Original Message ------
From "Thomas Zimmermann" <[email protected]>
To "Wei Chen" <[email protected]>; [email protected]
Cc [email protected]; [email protected];
[email protected]
Date 2023/3/15 18:25:52
Subject Re: [PATCH] fbdev: au1200fb: Fix potential divide by zero
On Wed, 15 Mar 2023 at 18:25, Thomas Zimmermann <[email protected]> wrote:
>
> Hi,
>
> thanks for looking through these drivers.
>
> Am 15.03.23 um 10:22 schrieb Wei Chen:
> > var->pixclock can be assigned to zero by user. Without
> > proper check, divide by zero would occur when invoking
> > macro PICOS2KHZ in au1200fb_fb_check_var.
> >
> > Error out if var->pixclock is zero.
> >
> > Signed-off-by: Wei Chen <[email protected]>
> > ---
> > drivers/video/fbdev/au1200fb.c | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/drivers/video/fbdev/au1200fb.c b/drivers/video/fbdev/au1200fb.c
> > index 81c315454428..b6b22fa4a8a0 100644
> > --- a/drivers/video/fbdev/au1200fb.c
> > +++ b/drivers/video/fbdev/au1200fb.c
> > @@ -1040,6 +1040,9 @@ static int au1200fb_fb_check_var(struct fb_var_screeninfo *var,
> > u32 pixclock;
> > int screen_size, plane;
> >
> > + if (!var->pixclock)
> > + return -EINVAL;
> > +
>
> Instead of the whale-a-mole approach of fixing individual drivers, could
> this be solved by testing in fb_set_var [1] and fb_try_mode.? [2]
>
> Best regards
> Thomas
>
> [1]
> https://elixir.bootlin.com/linux/latest/source/drivers/video/fbdev/core/fbmem.c#L958
> [2]
> https://elixir.bootlin.com/linux/latest/source/drivers/video/fbdev/core/modedb.c#L567
>
> > plane = fbdev->plane;
> >
> > /* Make sure that the mode respect all LCD controller and
>
> --
> Thomas Zimmermann
> Graphics Driver Developer
> SUSE Software Solutions Germany GmbH
> Maxfeldstr. 5, 90409 Nürnberg, Germany
> (HRB 36809, AG Nürnberg)
> Geschäftsführer: Ivo Totev