1. Patchew
  2. linux
  3. View series

[PATCH] fbdev: i740: Fix potential divide by zero

Alex Guo posted 1 patch 3 months, 3 weeks ago 
drivers/video/fbdev/i740fb.c | 4 ++++
1 file changed, 4 insertions(+)
[PATCH] fbdev: i740: Fix potential divide by zero
Posted by Alex Guo 3 months, 3 weeks ago 
Variable var->pixclock can be set by user. In case it equals to
zero, divide by zero would occur in 4 switch branches in
i740fb_decode_var.
Similar crashes have happened in other fbdev drivers. We fix this
by checking whether 'pixclock' is zero.

Similar commit: commit 16844e58704 ("video: fbdev: tridentfb:
Error out if 'pixclock' equals zero")

Signed-off-by: Alex Guo <alexguo1023@gmail.com>
---
 drivers/video/fbdev/i740fb.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/drivers/video/fbdev/i740fb.c b/drivers/video/fbdev/i740fb.c
index 9b74dae71472..861e9e397b4e 100644
--- a/drivers/video/fbdev/i740fb.c
+++ b/drivers/video/fbdev/i740fb.c
@@ -419,6 +419,10 @@ static int i740fb_decode_var(const struct fb_var_screeninfo *var,
 
 
 	bpp = var->bits_per_pixel;
+	if (!var->pixclock){
+		dev_err(info->device, "pixclock must not be zero\n");
+		return -EINVAL;
+	}
 	switch (bpp) {
 	case 1 ... 8:
 		bpp = 8;
-- 
2.34.1
Re: [PATCH] fbdev: i740: Fix potential divide by zero
Posted by David Laight 3 months, 3 weeks ago 
On Sat, 14 Jun 2025 01:18:37 -0400
Alex Guo <alexguo1023@gmail.com> wrote:

> Variable var->pixclock can be set by user. In case it equals to
> zero, divide by zero would occur in 4 switch branches in
> i740fb_decode_var.
> Similar crashes have happened in other fbdev drivers. We fix this
> by checking whether 'pixclock' is zero.

Doesn't it already hit the 'default' clause of the switch statement?

	David

> 
> Similar commit: commit 16844e58704 ("video: fbdev: tridentfb:
> Error out if 'pixclock' equals zero")
> 
> Signed-off-by: Alex Guo <alexguo1023@gmail.com>
> ---
>  drivers/video/fbdev/i740fb.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/drivers/video/fbdev/i740fb.c b/drivers/video/fbdev/i740fb.c
> index 9b74dae71472..861e9e397b4e 100644
> --- a/drivers/video/fbdev/i740fb.c
> +++ b/drivers/video/fbdev/i740fb.c
> @@ -419,6 +419,10 @@ static int i740fb_decode_var(const struct fb_var_screeninfo *var,
>  
>  
>  	bpp = var->bits_per_pixel;
> +	if (!var->pixclock){
> +		dev_err(info->device, "pixclock must not be zero\n");
> +		return -EINVAL;
> +	}
>  	switch (bpp) {
>  	case 1 ... 8:
>  		bpp = 8;

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.