[igt-dev] [PATCH i-g-t v2] lib/igt_kms: Fix memory corruption
Daniel Stone
daniels at collabora.com
Fri Oct 27 16:37:23 UTC 2023
Hi Vignesh,
On 27/10/2023 15:40, Vignesh Raman wrote:
> In crosvm, the kernel reports 16 for count_crtcs, which exceeds
> IGT_MAX_PIPES set to 8. The function igt_display_require allocates
> memory for IGT_MAX_PIPES members of igt_pipe_t structures, but then
> writes into it based on the count_crtcs reported by the kernel,
> resulting in memory corruption.
To make this robust against future changes (32 CRTCs seems totally
fanciful, but so did 16 a while ago), this needs to also be robust
against count_crtcs exceeding IGT_NUM_PIPES, along the lines of your
previous change.
Cheers, Daniel
More information about the igt-dev
mailing list