[PATCH v2] fbmon: prevent division by zero in fb_videomode_from_videomode()
Helge Deller
deller at gmx.de
Fri Mar 15 08:44:08 UTC 2024
On 3/5/24 14:51, Roman Smirnov wrote:
> The expression htotal * vtotal can have a zero value on
> overflow.
I'm not sure if thos always results in zero in kernel on overflow.
Might be architecture-depended too, but let's assume it
can become zero, ....
> It is necessary to prevent division by zero like in
> fb_var_to_videomode().
>
> Found by Linux Verification Center (linuxtesting.org) with Svace.
>
> Signed-off-by: Roman Smirnov <r.smirnov at omp.ru>
> Reviewed-by: Sergey Shtylyov <s.shtylyov at omp.ru>
> ---
> V1 -> V2: Replaced the code of the first version with a check.
>
> drivers/video/fbdev/core/fbmon.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/video/fbdev/core/fbmon.c b/drivers/video/fbdev/core/fbmon.c
> index 79e5bfbdd34c..b137590386da 100644
> --- a/drivers/video/fbdev/core/fbmon.c
> +++ b/drivers/video/fbdev/core/fbmon.c
> @@ -1344,7 +1344,7 @@ int fb_videomode_from_videomode(const struct videomode *vm,
> vtotal = vm->vactive + vm->vfront_porch + vm->vback_porch +
> vm->vsync_len;
> /* prevent division by zero */
> - if (htotal && vtotal) {
> + if (htotal && vtotal && (vm->pixelclock / htotal >= vtotal)) {
why don't you then simply check for
if .. ((htotal * vtotal) == 0) ...
instead?
Helge
> fbmode->refresh = vm->pixelclock / (htotal * vtotal);
> /* a mode must have htotal and vtotal != 0 or it is invalid */
> } else {
More information about the dri-devel
mailing list