[PATCH v2] fbcon: Fix a NULL pointer dereference issue in fbcon_putcs

Qianqiang Liu qianqiang.liu at 163.com
Tue Sep 24 16:13:06 UTC 2024


syzbot has found a NULL pointer dereference bug in fbcon.

This issue is caused by ops->putcs being a NULL pointer.
We need to ensure it is initialized properly.

Reported-by: syzbot+3d613ae53c031502687a at syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=3d613ae53c031502687a
Tested-by: syzbot+3d613ae53c031502687a at syzkaller.appspotmail.com
Signed-off-by: Qianqiang Liu <qianqiang.liu at 163.com>
---
 Changes since v1:
 - Initialize ops->putcs by calling set_blitting_type()
---
 drivers/video/fbdev/core/fbcon.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/video/fbdev/core/fbcon.c b/drivers/video/fbdev/core/fbcon.c
index 2e093535884b..d9abae2516d8 100644
--- a/drivers/video/fbdev/core/fbcon.c
+++ b/drivers/video/fbdev/core/fbcon.c
@@ -861,6 +861,8 @@ static int set_con2fb_map(int unit, int newidx, int user)
 			return err;
 
 		fbcon_add_cursor_work(info);
+	} else if (vc) {
+		set_blitting_type(vc, info);
 	}
 
 	con2fb_map[unit] = newidx;
-- 
2.34.1



More information about the dri-devel mailing list