[PATCH] Kernel crash triggered by con2fb

From: Petr Vandrovec (vandrove@vc.cvut.cz)
Date: Thu Apr 24 2003 - 16:50:33 EST

Next message: Felipe Alfaro Solana: "Re: 2.5.68 kernel no initrd"
Previous message: Bill Davidsen: "Re: IEEE-1394 problem on init [ was Re: Linux 2.4.21-rc1 ]"
Next in thread: James Simmons: "Re: [PATCH] Kernel crash triggered by con2fb"
Reply: James Simmons: "Re: [PATCH] Kernel crash triggered by con2fb"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi James,
  it is not nice that anybody can crash my kernel by
doing con2fb with unallocated VT.
                                Thanks,
                                        Petr Vandrovec
                                        vandrove@vc.cvut.cz

diff -urN linux-2.5.68-c1216.dist/drivers/video/console/fbcon.c linux-2.5.68-c1216.fb/drivers/video/console/fbcon.c
--- linux-2.5.68-c1216.dist/drivers/video/console/fbcon.c 2003-04-24 19:35:16.000000000 +0200
+++ linux-2.5.68-c1216.fb/drivers/video/console/fbcon.c 2003-04-24 23:37:24.000000000 +0200
@@ -294,13 +294,17 @@
  * Maps a virtual console @unit to a frame buffer device
  * @newidx.
  */
-void set_con2fb_map(int unit, int newidx)
+int set_con2fb_map(int unit, int newidx)
{
         struct vc_data *vc = vc_cons[unit].d;

+ if (!vc) {
+ return -ENODEV;
+ }
         con2fb_map[unit] = newidx;
         fbcon_is_default = (vc->vc_sw == &fb_con) ? 1 : 0;
         take_over_console(&fb_con, unit, unit, fbcon_is_default);
+ return 0;
}

/*
diff -urN linux-2.5.68-c1216.dist/drivers/video/console/fbcon.h linux-2.5.68-c1216.fb/drivers/video/console/fbcon.h
--- linux-2.5.68-c1216.dist/drivers/video/console/fbcon.h 2003-04-24 19:35:21.000000000 +0200
+++ linux-2.5.68-c1216.fb/drivers/video/console/fbcon.h 2003-04-24 23:37:04.000000000 +0200
@@ -38,7 +38,7 @@

/* drivers/video/console/fbcon.c */
extern char con2fb_map[MAX_NR_CONSOLES];
-extern void set_con2fb_map(int unit, int newidx);
+extern int set_con2fb_map(int unit, int newidx);

     /*
      * Attribute Decoding
diff -urN linux-2.5.68-c1216.dist/drivers/video/fbmem.c linux-2.5.68-c1216.fb/drivers/video/fbmem.c
--- linux-2.5.68-c1216.dist/drivers/video/fbmem.c 2003-04-24 19:33:03.000000000 +0200
+++ linux-2.5.68-c1216.fb/drivers/video/fbmem.c 2003-04-24 23:36:48.000000000 +0200
@@ -1035,7 +1035,7 @@
                 if (!registered_fb[con2fb.framebuffer])
                     return -EINVAL;
                 if (con2fb.console != 0)
- set_con2fb_map(con2fb.console-1, con2fb.framebuffer);
+ return set_con2fb_map(con2fb.console-1, con2fb.framebuffer);
                 else
                         fb_console_init();
                 return 0;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Felipe Alfaro Solana: "Re: 2.5.68 kernel no initrd"
Previous message: Bill Davidsen: "Re: IEEE-1394 problem on init [ was Re: Linux 2.4.21-rc1 ]"
Next in thread: James Simmons: "Re: [PATCH] Kernel crash triggered by con2fb"
Reply: James Simmons: "Re: [PATCH] Kernel crash triggered by con2fb"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Apr 30 2003 - 22:00:18 EST